A few weeks ago my computer was infected with malware and other bad things.
Through the help of Essexboy, we were able to remove most of it, if not all of it.

Now, every time I run my spyware, virus, adaware removal programs, they keep finding these three things time after time.
-Trojan.Downloader-NewJuan/VM
-Adware.Vundo Variant
-Adware.Tracking Cookie

If you need, I can post the logs for them.
Also, I'm guessing as a result of one of those things, IE has been making pop ups even though I use Mozilla.
Thanks for taking your time out to read this.

Hi again Oliver what have you been doing

Lets see what you have first

Download Rooter.exe to your desktop

1. Doubleclick it to start the tool.
2. A Notepad file containing the report will open, also found at %systemdrive%(usually C:)\Rooter.txt. Copy and paste it with your OTLI log.

THEN

• Download OTListIt2 to your desktop.
• Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
• When the window appears, underneath Output at the top change it to Minimal Output.
• Check the boxes beside LOP Check and Purity Check.
• Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  
  • When the scan completes, it will open two notepad windows. OTListIt.Txt and Extras.Txt. These are saved in the same location as OTListIt2.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply.

I've been doing homework as of late, need to study for a test tomorrow.
 Rooter.txt ( 3.39K ) Number of downloads: 25

 OTListIt.Txt ( 104.32K ) Number of downloads: 28

 Extras.Txt ( 42.46K ) Number of downloads: 261

The logs

Microsoft Windows XP Home Edition (5.1.2600) Service Pack 3

C:\ [Fixed] - NTFS - (Total:152625 Mo/Free:1847 Mo)
D:\ [CD-Rom] (Total:0 Mo/Free:0 Mo)
E:\ [CD-Rom] (Total:0 Mo/Free:0 Mo)
F:\ [CD-Rom] (Total:0 Mo/Free:0 Mo)
G:\ [Fixed] - NTFS - (Total:305242 Mo/Free:3479 Mo)
I:\ [Removable] (Total:0 Mo/Free:0 Mo)
J:\ [Removable] (Total:0 Mo/Free:0 Mo)
K:\ [Removable] (Total:0 Mo/Free:0 Mo)
L:\ [Removable] (Total:0 Mo/Free:0 Mo)

Tue 03/24/2009|20:17

----------------------\\ Processes..

--Locked-- [System Process]
---------- System
---------- \SystemRoot\System32\smss.exe
---------- \??\C:\WINDOWS\system32\csrss.exe
---------- \??\C:\WINDOWS\system32\winlogon.exe
---------- C:\WINDOWS\system32\services.exe
---------- C:\WINDOWS\system32\lsass.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\WINDOWS\System32\svchost.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
---------- C:\WINDOWS\system32\spoolsv.exe
---------- C:\WINDOWS\system32\netdde.exe
---------- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
---------- C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
---------- C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
---------- C:\Program Files\Bonjour\mDNSResponder.exe
---------- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
---------- C:\WINDOWS\system32\PSIService.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
---------- C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
---------- C:\WINDOWS\System32\alg.exe
---------- C:\WINDOWS\System32\svchost.exe
---------- C:\Program Files\Common Files\Symantec Shared\ccApp.exe
---------- C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
---------- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
---------- C:\WINDOWS\system32\rundll32.exe
---------- C:\Program Files\AIM\aim.exe
---------- C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
---------- C:\Program Files\WiFiConnector\NintendoWFCReg.exe
---------- C:\Program Files\Mozilla Firefox\firefox.exe
---------- C:\Program Files\iTunes\iTunes.exe
---------- C:\Program Files\Last.fm\LastFM.exe
---------- C:\Program Files\iPod\bin\iPodService.exe
---------- C:\Program Files\Last.fm\LastFMHelper.exe
---------- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceHelper.exe
---------- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\distnoted.exe
---------- C:\WINDOWS\system32\taskmgr.exe
---------- C:\WINDOWS\explorer.exe
---------- C:\Program Files\Internet Explorer\iexplore.exe
---------- C:\WINDOWS\system32\cmd.exe
---------- C:\Rooter$\RK.exe

----------------------\\ Search..

----------------------\\ ROOTKIT !!


----------------------\\ Cracks & Keygens..

C:\DOCUME~1\Owner\Local Settings\Temporary Internet Files\Content.IE5\QBOFSYAF\joell ortiz - crack a brooklyn bottle freestyle - rapradar[1].com.mp3
C:\DOCUME~1\Owner\Local Settings\Temporary Internet Files\Content.IE5\QBOFSYAF\joell%20ortiz%20-%20crack%20a%20brooklyn%20bottle%20freestyle%20-%20rapradar.com[1].htm


1 - "C:\Rooter$\Rooter_1.txt" - Tue 03/24/2009|20:21

----------------------\\ Scan completed at 20:21
OTListIt logfile created on: 3/24/2009 8:40:19 PM - Run 1
OTListIt2 by OldTimer - Version 2.0.7.1 Folder = C:\Documents and Settings\Owner\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

502.73 Mb Total Physical Memory | 221.67 Mb Available Physical Memory | 44.09% Memory free
1.20 Gb Paging File | 0.65 Gb Available in Paging File | 54.36% Paging File free
Paging file location(s): C:\pagefile.sys 756 1512;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149.05 Gb Total Space | 21.82 Gb Free Space | 14.64% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
Drive G: | 298.09 Gb Total Space | 219.40 Gb Free Space | 73.60% Space Free | Partition Type: NTFS
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: YOUR-96FC0AA548
Current User Name: Owner
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Output = Minimal
File Age = 30 Days
Company Name Whitelist: On

========== Processes (SafeList) ==========

PRC - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe (Symantec Corporation)
PRC - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Program Files\Grisoft\AVG Free\avgamsvr.exe (GRISOFT, s.r.o.)
PRC - C:\Program Files\Grisoft\AVG Free\avgupsvc.exe (GRISOFT, s.r.o.)
PRC - C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
PRC - C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe (Microsoft Corporation)
PRC - C:\WINDOWS\system32\PSIService.exe ()
PRC - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe (Webroot Software, Inc.)
PRC - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe (Symantec Corporation)
PRC - C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
PRC - C:\Program Files\Grisoft\AVG Free\avgcc.exe (GRISOFT, s.r.o.)
PRC - C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
PRC - C:\Program Files\AIM\aim.exe (America Online, Inc.)
PRC - C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
PRC - C:\Program Files\WiFiConnector\NintendoWFCReg.exe ()
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\Last.fm\LastFM.exe (Last.fm)
PRC - C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.)
PRC - C:\Program Files\Last.fm\LastFMHelper.exe (Last.fm)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
PRC - C:\Documents and Settings\Owner\Desktop\OTListIt2.exe (OldTimer Tools)

========== Win32 Services (SafeList) ==========

SRV - (Apple Mobile Device [Auto | Running]) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (aspnet_state [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (Microsoft Corporation)
SRV - (Avg7Alrt [Auto | Running]) -- C:\Program Files\Grisoft\AVG Free\avgamsvr.exe (GRISOFT, s.r.o.)
SRV - (Avg7UpdSvc [Auto | Running]) -- C:\Program Files\Grisoft\AVG Free\avgupsvc.exe (GRISOFT, s.r.o.)
SRV - (Bonjour Service [Auto | Running]) -- C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
SRV - (ccEvtMgr [On_Demand | Stopped]) -- C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe (Symantec Corporation)
SRV - (ccPwdSvc [On_Demand | Stopped]) -- C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe (Symantec Corporation)
SRV - (ccSetMgr [Auto | Running]) -- C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe (Symantec Corporation)
SRV - (clr_optimization_v2.0.50727_32 [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (FontCache3.0.0.0 [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation)
SRV - (helpsvc [Auto | Running]) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)
SRV - (IDriverT [On_Demand | Stopped]) -- C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe (Macrovision Corporation)
SRV - (idsvc [Unknown | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe (Microsoft Corporation)
SRV - (iPod Service [On_Demand | Running]) -- C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.)
SRV - (Macromedia Licensing Service [On_Demand | Stopped]) -- C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe ()
SRV - (MSCSPTISRV [On_Demand | Stopped]) -- C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe (Sony Corporation)
SRV - (navapsvc [On_Demand | Stopped]) -- C:\Program Files\Norton AntiVirus\navapsvc.exe (Symantec Corporation)
SRV - (NetTcpPortSharing [Auto | Running]) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe (Microsoft Corporation)
SRV - (PACSPTISVR [On_Demand | Stopped]) -- C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe ()
SRV - (ProtexisLicensing [Auto | Running]) -- C:\WINDOWS\system32\PSIService.exe ()
SRV - (SAVScan [On_Demand | Stopped]) -- C:\Program Files\Norton AntiVirus\SAVScan.exe (Symantec Corporation)
SRV - (SBService [Auto | Stopped]) -- C:\Program Files\Common Files\Symantec Shared\Script Blocking\SBServ.exe (Symantec Corporation)
SRV - (SNDSrvc [On_Demand | Stopped]) -- C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe (Symantec Corporation)
SRV - (SonicStage Back-End Service [On_Demand | Stopped]) -- C:\Program Files\Common Files\Sony Shared\AVLib\SsBeSvc.exe (Sony Corporation)
SRV - (SPTISRV [On_Demand | Stopped]) -- C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe (Sony Corporation)
SRV - (SSScsiSV [On_Demand | Stopped]) -- C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe (Sony Corporation)
SRV - (SymWSC [Auto | Running]) -- C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe (Symantec Corporation)
SRV - (WebrootSpySweeperService [Auto | Running]) -- C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe (Webroot Software, Inc.)
SRV - (WMPNetworkSvc [On_Demand | Stopped]) -- C:\Program Files\Windows Media Player\WMPNetwk.exe (Microsoft Corporation)

========== Driver Services (SafeList) ==========

DRV - (Avg7Core [System | Running]) -- C:\WINDOWS\System32\Drivers\avg7core.sys (GRISOFT, s.r.o.)
DRV - (Avg7RsW [System | Running]) -- C:\WINDOWS\System32\Drivers\avg7rsw.sys (GRISOFT, s.r.o.)
DRV - (Avg7RsXP [System | Running]) -- C:\WINDOWS\System32\Drivers\avg7rsxp.sys (GRISOFT, s.r.o.)
DRV - (AvgClean [System | Running]) -- C:\WINDOWS\System32\Drivers\avgclean.sys (GRISOFT, s.r.o.)
DRV - (d347bus [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\d347bus.sys ( )
DRV - (d347prt [Boot | Running]) -- C:\WINDOWS\System32\Drivers\d347prt.sys ( )
DRV - (E100B [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\e100b325.sys (Intel Corporation)
DRV - (ENUM1394 [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\enum1394.sys (Microsoft Corporation)
DRV - (GEARAspiWDM [On_Demand | Running]) -- C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV - (HdAudAddService [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\HdAudio.sys (Windows ® Server 2003 DDK provider)
DRV - (HDAudBus [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\HDAudBus.sys (Windows ® Server 2003 DDK provider)
DRV - (HSFHWBS2 [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\HSFHWBS2.sys (Conexant Systems, Inc.)
DRV - (HSF_DP [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\HSF_DP.sys (Conexant Systems, Inc.)
DRV - (ialm [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\ialmnt5.sys (Intel Corporation)
DRV - (IntcAzAudAddService [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (mdmxsdk [Auto | Running]) -- C:\WINDOWS\System32\DRIVERS\mdmxsdk.sys (Conexant)
DRV - (MREMPR5 [On_Demand | Stopped]) -- C:\Program Files\Common Files\Motive\MREMPR5.sys (Motive, Inc.)
DRV - (MRENDIS5 [On_Demand | Stopped]) -- C:\Program Files\Common Files\Motive\MRENDIS5.sys (Motive, Inc.)
DRV - (MxlW2k [On_Demand | Running]) -- C:\WINDOWS\System32\drivers\MxlW2k.sys (MusicMatch, Inc.)
DRV - (NAVENG [On_Demand | Stopped]) -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20050422.017\NAVENG.SYS (Symantec Corporation)
DRV - (NAVEX15 [On_Demand | Stopped]) -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20050422.017\NAVEX15.SYS (Symantec Corporation)
DRV - (pfc [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\pfc.sys (Padus, Inc.)
DRV - (Ptilink [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\ptilink.sys (Parallel Technologies, Inc.)
DRV - (PxHelp20 [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\PxHelp20.sys (Sonic Solutions)
DRV - (QCDonner [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\OVCD.sys (Microsoft Corporation)
DRV - (RimUsb [On_Demand | Stopped]) -- C:\WINDOWS\System32\Drivers\RimUsb.sys (Research In Motion Limited)
DRV - (RimVSerPort [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\RimSerial.sys (Research in Motion Ltd)
DRV - (ROOTMODEM [On_Demand | Running]) -- C:\WINDOWS\System32\Drivers\RootMdm.sys (Microsoft Corporation)
DRV - (RT25USBAP [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\rt25usbap.sys (Ralink Technology Inc.)
DRV - (SASDIFSV [System | Running]) -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASENUM [On_Demand | Running]) -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS ( SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASKUTIL [System | Running]) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SAVRT [On_Demand | Stopped]) -- C:\Program Files\Norton AntiVirus\SAVRT.SYS (Symantec Corporation)
DRV - (SAVRTPEL [System | Running]) -- C:\Program Files\Norton AntiVirus\SAVRTPEL.SYS (Symantec Corporation)
DRV - (Secdrv [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
DRV - (SSFS0BB9 [Boot | Running]) -- C:\WINDOWS\SYSTEM32\Drivers\SSFS0BB9.SYS (Webroot Software Inc (www.webroot.com))
DRV - (SSHRMD [Boot | Running]) -- C:\WINDOWS\SYSTEM32\Drivers\SSHRMD.SYS (Webroot Software Inc (www.webroot.com))
DRV - (SSIDRV [Boot | Running]) -- C:\WINDOWS\SYSTEM32\Drivers\SSIDRV.SYS (Webroot Software Inc (www.webroot.com))
DRV - (SSKBFD [On_Demand | Running]) -- C:\WINDOWS\System32\Drivers\sskbfd.sys (Webroot Software Inc (www.webroot.com))
DRV - (StillCam [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\serscan.sys (Microsoft Corporation)
DRV - (SunkFilt [On_Demand | Running]) -- C:\WINDOWS\System32\Drivers\sunkfilt.sys (Alcor Micro Corp.)
DRV - (SunkFilt39 [On_Demand | Stopped]) -- C:\WINDOWS\System32\Drivers\sunkfilt39.sys (Alcor Micro Corp.)
DRV - (SymEvent [On_Demand | Running]) -- C:\Program Files\Symantec\SYMEVENT.SYS (Symantec Corporation)
DRV - (SYMREDRV [On_Demand | Stopped]) -- C:\WINDOWS\System32\Drivers\SYMREDRV.SYS (Symantec Corporation)
DRV - (SYMTDI [System | Running]) -- C:\WINDOWS\System32\Drivers\SYMTDI.SYS (Symantec Corporation)
DRV - (USBAAPL [On_Demand | Stopped]) -- C:\WINDOWS\System32\Drivers\usbaapl.sys (Apple, Inc.)
DRV - (winachsf [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\HSF_CNXT.sys (Conexant Systems, Inc.)

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.gateway.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?p...ER}&ar=home
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.gateway.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://start.mozilla.org/firefox?client=firefox-a&rls=org.mozilla:en-US:official"

FF - HKLM\software\mozilla\Mozilla Firefox 3.0.7\extensions\\Components: C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS [2009/03/10 19:43:42 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.7\extensions\\Plugins: C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS [2009/03/10 07:27:11 | 00,000,000 | ---D | M]

[2008/06/18 01:07:57 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\mozilla\Extensions
[2008/06/18 01:07:57 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/03/24 10:49:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\mozilla\Firefox\Profiles\100rtuou.Default User\extensions
[2005/12/08 11:04:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\mozilla\Firefox\Profiles\100rtuou.Default User\extensions\{00D4154F-96D3-41ff-8E8E-113596D8670B}
[2007/01/28 23:19:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\mozilla\Firefox\Profiles\100rtuou.Default User\extensions\{051ce736-d132-4374-9d36-eb192ef3110c}
[2005/12/08 11:03:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\mozilla\Firefox\Profiles\100rtuou.Default User\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2005/12/08 11:03:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\mozilla\Firefox\Profiles\100rtuou.Default User\extensions\{9f08cb5a-76b1-4bcf-aff9-90e1a5d60b1e}
[2005/12/08 11:03:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\mozilla\Firefox\Profiles\100rtuou.Default User\extensions\{9w50je7w-8zc1-4wcg-bxg9-90m1q5d41c3z}
[2007/01/28 23:16:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\mozilla\Firefox\Profiles\100rtuou.Default User\extensions\{a8dd47cf-239f-48c4-8379-e6b4cbafdcfa}
[2008/06/18 01:08:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\mozilla\Firefox\Profiles\100rtuou.Default User\extensions\{AE93811A-5C9A-4d34-8462-F7B864FC4696}
[2005/12/08 11:04:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\mozilla\Firefox\Profiles\100rtuou.Default User\extensions\{d650973c-0444-4ac7-9d00-19e3613c83b9}
[2004/12/29 20:08:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\mozilla\Firefox\Profiles\7jf6t5x7.default\extensions
[2004/12/29 20:08:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\mozilla\Firefox\Profiles\7jf6t5x7.default\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/03/13 16:56:34 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009/03/10 07:27:11 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/03/10 07:27:05 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009/03/10 07:27:06 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2008/12/24 11:00:32 | 00,001,394 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom.xml
[2008/12/24 11:00:32 | 00,002,193 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\answers.xml
[2008/12/24 11:00:32 | 00,001,534 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml
[2008/12/24 11:00:32 | 00,002,343 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay.xml
[2008/12/24 11:00:33 | 00,001,706 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2008/12/24 11:00:33 | 00,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia.xml
[2008/12/24 11:00:33 | 00,000,792 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo.xml

O1 HOSTS File: (27 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (UberButton Class) - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (Yahoo!)
O2 - BHO: (YahooTaggedBM Class) - {65D886A2-7CA7-479B-BB95-14D1EFB7946A} - C:\Program Files\Yahoo!\Common\YIeTagBm.dll (Yahoo! Inc.)
O2 - BHO: (no name) - {73ce85d6-e1fc-49c2-b10e-44c48b49d508} - C:\WINDOWS\system32\oqtgle.dll ()
O2 - BHO: (no name) - {aaaea97a-8445-4a6a-83bd-f7ddc917a081} - C:\WINDOWS\system32\woheluba.dll ()
O2 - BHO: (CNavExtBho Class) - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll (Symantec Corporation)
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - Reg Error: Key error. File not found
O3 - HKLM\..\Toolbar: (Veoh Web Player Video Finder) - {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - C:\Program Files\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll (Veoh Networks Inc)
O3 - HKLM\..\Toolbar: (Norton AntiVirus) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Veoh Browser Plug-in) - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll (Veoh Networks Inc)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - Reg Error: Key error. File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - Reg Error: Key error. File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [5417482f] rundll32.exe "C:\WINDOWS\system32\pezeyuyi.dll",b ()
O4 - HKLM..\Run: [AVG7_CC] "C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe" /STARTUP (GRISOFT, s.r.o.)
O4 - HKLM..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" (Symantec Corporation)
O4 - HKLM..\Run: [CPM57247bb3] Rundll32.exe "C:\WINDOWS\system32\gulobimu.dll",a ()
O4 - HKLM..\Run: [kamulizebi] Rundll32.exe "C:\WINDOWS\system32\wofomobu.dll",s ()
O4 - HKLM..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime (Apple Inc.)
O4 - HKLM..\Run: [Symantec NetDriver Monitor] "C:\PROGRA~1\SYMNET~1\SNDMon.exe" /Consumer (Symantec Corporation)
O4 - HKLM..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot (RealNetworks, Inc.)
O4 - HKCU..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl File not found
O4 - HKCU..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background (Microsoft Corporation)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Run Registration Tool.lnk = C:\Program Files\WiFiConnector\NintendoWFCReg.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (Yahoo!)
O9 - Extra Button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe (America Online, Inc.)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [mdnsNSP] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: 26 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\yinsthelper.dll (YInstStarter Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab (Java Plug-in 1.5.0_02)
O16 - DPF: {CAFEEFAC-0014-0002-0000-ABCDEFFEDCBA} http://java.sun.com/products/plugin/autodl...indows-i586.cab (Java Plug-in 1.4.2)
O16 - DPF: {CAFEEFAC-0015-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab (Java Plug-in 1.5.0_01)
O16 - DPF: {CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab (Java Plug-in 1.5.0_02)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O18 - Protocol\Handler\cdo {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (C:\WINDOWS\system32\padopomu.dll) - C:\WINDOWS\system32\padopomu.dll ()
O20 - AppInit_DLLs: (zygwtq.dll) - File not found
O20 - AppInit_DLLs: (c:\windows\system32\ruvaluno.dll) - c:\windows\system32\ruvaluno.dll File not found
O20 - AppInit_DLLs: (c:\windows\system32\namiviko.dll) - c:\windows\system32\namiviko.dll File not found
O20 - AppInit_DLLs: (c:\windows\system32\refemope.dll) - c:\windows\system32\refemope.dll File not found
O20 - AppInit_DLLs: (oqtgle.dll) - C:\WINDOWS\system32\oqtgle.dll ()
O20 - AppInit_DLLs: (c:\windows\system32\gulobimu.dll) - c:\windows\system32\gulobimu.dll ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - C:\WINDOWS\system32\igfxsrvc.dll (Intel Corporation)
O20 - Winlogon\Notify\WRNotifier: DllName - WRLogonNTF.dll - C:\WINDOWS\system32\WRLogonNTF.dll (Webroot Software, Inc.)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - Autorun File - C:\AUTOEXEC.BAT () - [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found

========== Files/Folders - Created Within 30 Days ==========

[1 C:\WINDOWS\*.tmp files]
[2009/03/24 20:35:40 | 00,499,200 | ---- | C] (OldTimer Tools) -- C:\DOCUME~1\Owner\Desktop\OTListIt2.exe
[2009/03/24 20:17:44 | 00,000,000 | ---D | C] -- C:\Rooter$
[2009/03/24 20:17:29 | 00,267,612 | ---- | C] () -- C:\DOCUME~1\Owner\Desktop\Rooter.exe
[2009/03/24 15:36:43 | 00,000,000 | ---D | C] -- C:\DOCUME~1\Owner\Desktop\Jake_One_Presents-White_Van_Music-2CD-2008
[2009/03/24 13:38:28 | 16,569,6946 | ---- | C] () -- C:\DOCUME~1\Owner\Desktop\J1_Presents-White_Van_Music-2CD-2008.rar
[2009/03/24 13:34:54 | 75,019,004 | ---- | C] () -- C:\DOCUME~1\Owner\Desktop\Black_Milk-Tronic.zip
[2009/03/24 10:37:08 | 00,082,608 | -HS- | C] () -- C:\WINDOWS\System32\gezokije.dll
[2009/03/24 10:35:55 | 00,129,024 | -HS- | C] () -- C:\WINDOWS\System32\oqtgle.dll
[2009/03/24 10:35:21 | 52,722,0736 | -HS- | C] () -- C:\hiberfil.sys
[2009/03/23 11:48:55 | 01,791,448 | -HS- | C] () -- C:\WINDOWS\System32\iyuyezep.ini
[2009/03/23 00:17:33 | 00,002,482 | ---- | C] () -- C:\DOCUME~1\Owner\Desktop\teenager.rtf
[2009/03/22 23:48:16 | 01,791,430 | -HS- | C] () -- C:\WINDOWS\System32\olatasud.ini
[2009/03/22 18:55:40 | 23,009,880 | ---- | C] () -- C:\DOCUME~1\Owner\Desktop\003._Batman_-_The_Killing_Joke.cbr
[2009/03/22 11:48:12 | 01,791,160 | -HS- | C] () -- C:\WINDOWS\System32\unodigel.ini
[2009/03/21 20:22:55 | 00,000,000 | ---D | C] -- C:\DOCUME~1\Owner\Desktop\Saigon & Statik Selektah-All In A Days Work-(www.goatalbums.blogspot.com)
[2009/03/21 20:06:31 | 01,791,169 | -HS- | C] () -- C:\WINDOWS\System32\isubidub.ini
[2009/03/21 19:34:09 | 00,000,000 | ---D | C] -- C:\DOCUME~1\Owner\Desktop\New Folder (5)
[2009/03/21 19:31:07 | 64,412,035 | ---- | C] () -- C:\DOCUME~1\Owner\Desktop\Saigon & Statik Selektah-All In A Days Work-(www.goatalbums.blogspot.com).rar
[2009/03/21 19:23:25 | 44,009,774 | ---- | C] () -- C:\DOCUME~1\Owner\Desktop\Brother_Ali-The_Truth_Is_Here_EP-2009-C4.zip
[2009/03/21 15:40:36 | 30,494,456 | ---- | C] () -- C:\DOCUME~1\Owner\Desktop\Deadpool_-_Game__of_Death__OneShot___2009___Minutemen-DizzyRoses_.cbr
[2009/03/21 15:30:24 | 07,933,948 | ---- | C] () -- C:\DOCUME~1\Owner\Desktop\brooklynsuperclean.mp3
[2009/03/21 15:19:04 | 05,224,660 | ---- | C] () -- C:\DOCUME~1\Owner\Desktop\Joe_Budden-Hottest_in_Da_Hood-2dope.mp3
[2009/03/21 15:14:23 | 04,789,478 | ---- | C] () -- C:\DOCUME~1\Owner\Desktop\01 wale - chillin feat. lady gaga mastered main.mp3
[2009/03/20 20:37:54 | 06,111,799 | ---- | C] () -- C:\DOCUME~1\Owner\Desktop\Charles_Hamilton-More_C_Food-2dope.mp3
[2009/03/20 17:40:38 | 03,371,426 | ---- | C] () -- C:\DOCUME~1\Owner\Desktop\heyjoe_leak_street-l2.mp3
[2009/03/20 12:18:40 | 00,000,000 | ---D | C] -- C:\DOCUME~1\Owner\Desktop\VA-Doo_Wop_And_Funkmaster_Flex-Face_Off_(OnSMASH)-1997
[2009/03/20 11:37:17 | 11,833,5881 | ---- | C] () -- C:\DOCUME~1\Owner\Desktop\VA-Doo_Wop_And_Funkmaster_Flex-Face_Off__OnSMASH_-1997.zip
[2009/03/18 23:38:12 | 02,008,899 | ---- | C] () -- C:\DOCUME~1\Owner\Desktop\joell ortiz - crack a brooklyn bottle freestyle - rapradar.com.mp3
[2009/03/17 20:53:15 | 00,515,435 | ---- | C] () -- C:\DOCUME~1\Owner\Desktop\evenifitrains_1280x1024.zip
[2009/03/17 07:33:34 | 03,529,257 | ---- | C] () -- C:\DOCUME~1\Owner\Desktop\02 Lark On My Go-Kart _Dirty_.mp3
[2009/03/17 01:04:54 | 00,019,968 | ---- | C] () -- C:\DOCUME~1\Owner\Desktop\Kelsey Powers.doc
[2009/03/17 01:01:55 | 00,023,040 | ---- | C] () -- C:\DOCUME~1\Owner\Desktop\Table of Contents.doc
[2009/03/17 00:39:42 | 06,016,472 | ---- | C] () -- C:\DOCUME~1\Owner\Desktop\slaughterhouse-wack_mcs-2dope.mp3
[2009/03/15 23:05:58 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2009/03/15 23:05:48 | 00,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2009/03/15 23:05:47 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\SUPERAntiSpyware.com
[2009/03/15 23:05:25 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2009/03/15 23:05:18 | 00,000,000 | ---D | C] -- C:\Program Files\SpywareBlaster
[2009/03/15 23:02:37 | 00,000,000 | ---D | C] -- C:\DOCUME~1\Owner\Desktop\Fix Computer Shit
[2009/03/15 11:29:32 | 00,005,593 | ---- | C] () -- C:\DOCUME~1\Owner\Desktop\Giggly.Giggly.part3.rar
[2009/03/15 11:29:30 | 54,391,148 | ---- | C] () -- C:\DOCUME~1\Owner\Desktop\Giggly.Giggly.part3.rar.part
[2009/03/14 23:05:38 | 20,971,5200 | ---- | C] () -- C:\DOCUME~1\Owner\Desktop\Giggly.Giggly.part2.rar
[2009/03/14 22:11:18 | 20,971,5200 | ---- | C] () -- C:\DOCUME~1\Owner\Desktop\Giggly.Giggly.part1.rar
[2009/03/14 16:30:12 | 00,370,368 | ---- | C] () -- C:\DOCUME~1\Owner\Desktop\video(2).mp4.sfk
[2009/03/14 16:30:01 | 00,000,000 | ---D | C] -- C:\DOCUME~1\Owner\Desktop\f
[2009/03/14 15:18:08 | 13,673,327 | ---- | C] () -- C:\DOCUME~1\Owner\Desktop\video(2).mp4
[2009/03/13 20:49:40 | 00,002,208 | ---- | C] () -- C:\DOCUME~1\Owner\My Documents\Document cries of a dog.rtf
[2009/03/13 16:56:03 | 00,000,000 | ---D | C] -- C:\DOCUME~1\Owner\Desktop\GooredFixBackups
[2009/03/12 17:59:06 | 03,932,214 | ---- | C] () -- C:\DOCUME~1\Owner\Desktop\untitled.bmp
[2009/03/12 17:48:42 | 00,047,104 | ---- | C] () -- C:\DOCUME~1\Owner\Desktop\Size and Shape.doc
[2009/03/12 17:32:12 | 00,024,576 | ---- | C] () -- C:\DOCUME~1\Owner\Desktop\lux chart.doc
[2009/03/12 17:31:41 | 00,013,824 | ---- | C] () -- C:\DOCUME~1\Owner\Desktop\lux.xls
[2009/03/12 14:04:50 | 00,047,160 | ---- | C] () -- C:\DOCUME~1\Owner\Desktop\LuxembourgPartitionsMap_english.jpg
[2009/03/11 15:14:08 | 00,000,000 | -HSD | C] -- C:\RECYCLER
[2009/03/11 14:48:30 | 00,000,000 | ---D | C] -- C:\WINDOWS\temp
[2009/03/11 14:38:33 | 00,000,211 | ---- | C] () -- C:\Boot.bak
[2009/03/11 14:38:27 | 00,260,272 | ---- | C] () -- C:\cmldr
[2009/03/11 14:38:22 | 00,000,000 | ---D | C] -- C:\cmdcons
[2009/03/10 19:15:32 | 00,001,875 | ---- | C] () -- C:\DOCUME~1\Owner\My Documents\otment.rtf
[2009/03/10 00:15:21 | 11,469,9154 | ---- | C] () -- C:\DOCUME~1\Owner\Desktop\CSDRAMABIG.zip
[2009/03/09 19:10:24 | 00,000,000 | ---D | C] -- C:\DOCUME~1\Owner\Desktop\New Folder (4)
[2009/03/05 23:17:41 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2009/03/05 22:44:59 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\Malwarebytes
[2009/03/05 22:44:57 | 00,015,504 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/03/05 22:44:55 | 00,038,496 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/03/05 22:44:54 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/03/05 22:44:54 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2009/03/05 22:42:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2009/03/05 22:40:10 | 00,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2009/03/05 22:28:40 | 00,000,000 | ---D | C] -- C:\DOCUME~1\Owner\Desktop\New Folder
[2009/03/05 22:22:39 | 00,100,727 | ---- | C] () -- C:\DOCUME~1\Owner\Desktop\Preparation.rtf
[2009/03/04 19:06:42 | 00,002,148 | ---- | C] () -- C:\WINDOWS\System32\wpa.dbl
[2009/03/02 16:07:57 | 00,002,909 | ---- | C] () -- C:\DOCUME~1\Owner\Desktop\Documen2t.rtf
[2009/03/01 12:08:19 | 00,000,000 | ---D | C] -- C:\DOCUME~1\Owner\Desktop\iphone photos
[2009/02/28 22:10:06 | 00,055,840 | ---- | C] () -- C:\DOCUME~1\Owner\Desktop\n632050061_5874285_274768.jpg
[2009/02/27 18:31:02 | 03,168,086 | ---- | C] () -- C:\DOCUME~1\Owner\Desktop\2zgf8ra.gif
[2009/02/25 11:07:18 | 02,300,798 | ---- | C] () -- C:\DOCUME~1\Owner\Desktop\killa.gif

========== Files - Modified Within 30 Days ==========

[121 C:\WINDOWS\System32\*.tmp files]
[1 C:\WINDOWS\*.tmp files]
[2009/03/24 20:48:04 | 00,011,168 | -H-- | M] () -- C:\WINDOWS\System32\nefideja
[2009/03/24 20:35:41 | 00,499,200 | ---- | M] (OldTimer Tools) -- C:\DOCUME~1\Owner\Desktop\OTListIt2.exe
[2009/03/24 20:17:30 | 00,267,612 | ---- | M] () -- C:\DOCUME~1\Owner\Desktop\Rooter.exe
[2009/03/24 18:19:32 | 00,000,364 | ---- | M] () -- C:\WINDOWS\tasks\Symantec NetDetect.job
[2009/03/24 14:26:36 | 16,569,6946 | ---- | M] () -- C:\DOCUME~1\Owner\Desktop\J1_Presents-White_Van_Music-2CD-2008.rar
[2009/03/24 13:46:54 | 75,019,004 | ---- | M] () -- C:\DOCUME~1\Owner\Desktop\Black_Milk-Tronic.zip
[2009/03/24 13:37:23 | 01,791,448 | -HS- | M] () -- C:\WINDOWS\System32\iyuyezep.ini
[2009/03/24 11:54:50 | 00,008,192 | -HS- | M] () -- C:\WINDOWS\Thumbs.db
[2009/03/24 11:54:49 | 00,000,049 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2009/03/24 10:37:09 | 00,082,608 | -HS- | M] () -- C:\WINDOWS\System32\gezokije.dll
[2009/03/24 10:35:54 | 00,129,024 | -HS- | M] (Lextek International) -- C:\WINDOWS\System32\butabefu.dll
[2009/03/24 10:35:54 | 00,129,024 | -HS- | M] () -- C:\WINDOWS\System32\oqtgle.dll
[2009/03/24 10:35:54 | 00,094,208 | -HS- | M] () -- C:\WINDOWS\System32\gulobimu.dll
[2009/03/24 10:35:51 | 00,002,148 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/03/24 10:35:50 | 00,000,502 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.ics
[2009/03/24 10:35:26 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/03/24 10:35:23 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/03/24 10:35:21 | 52,722,0736 | -HS- | M] () -- C:\hiberfil.sys
[2009/03/23 20:06:09 | 05,224,660 | ---- | M] () -- C:\DOCUME~1\Owner\Desktop\Joe_Budden-Hottest_in_Da_Hood-2dope.mp3
[2009/03/23 11:48:55 | 01,791,430 | -HS- | M] () -- C:\WINDOWS\System32\olatasud.ini
[2009/03/23 11:48:14 | 00,090,112 | -HS- | M] () -- C:\WINDOWS\System32\pezeyuyi.dll
[2009/03/23 00:17:35 | 00,002,482 | ---- | M] () -- C:\DOCUME~1\Owner\Desktop\teenager.rtf
[2009/03/22 23:48:19 | 01,791,160 | -HS- | M] () -- C:\WINDOWS\System32\unodigel.ini
[2009/03/22 18:58:13 | 23,009,880 | ---- | M] () -- C:\DOCUME~1\Owner\Desktop\003._Batman_-_The_Killing_Joke.cbr
[2009/03/21 23:33:57 | 01,791,169 | -HS- | M] () -- C:\WINDOWS\System32\isubidub.ini
[2009/03/21 19:37:15 | 64,412,035 | ---- | M] () -- C:\DOCUME~1\Owner\Desktop\Saigon & Statik Selektah-All In A Days Work-(www.goatalbums.blogspot.com).rar
[2009/03/21 19:28:47 | 44,009,774 | ---- | M] () -- C:\DOCUME~1\Owner\Desktop\Brother_Ali-The_Truth_Is_Here_EP-2009-C4.zip
[2009/03/21 15:44:45 | 30,494,456 | ---- | M] () -- C:\DOCUME~1\Owner\Desktop\Deadpool_-_Game__of_Death__OneShot___2009___Minutemen-DizzyRoses_.cbr
[2009/03/21 15:31:30 | 07,933,948 | ---- | M] () -- C:\DOCUME~1\Owner\Desktop\brooklynsuperclean.mp3
[2009/03/21 15:15:08 | 04,789,478 | ---- | M] () -- C:\DOCUME~1\Owner\Desktop\01 wale - chillin feat. lady gaga mastered main.mp3
[2009/03/20 22:16:10 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2009/03/20 20:39:11 | 06,111,799 | ---- | M] () -- C:\DOCUME~1\Owner\Desktop\Charles_Hamilton-More_C_Food-2dope.mp3
[2009/03/20 17:45:09 | 03,371,426 | ---- | M] () -- C:\DOCUME~1\Owner\Desktop\heyjoe_leak_street-l2.mp3
[2009/03/20 17:45:05 | 02,008,899 | ---- | M] () -- C:\DOCUME~1\Owner\Desktop\joell ortiz - crack a brooklyn bottle freestyle - rapradar.com.mp3
[2009/03/20 11:49:45 | 11,833,5881 | ---- | M] () -- C:\DOCUME~1\Owner\Desktop\VA-Doo_Wop_And_Funkmaster_Flex-Face_Off__OnSMASH_-1997.zip
[2009/03/18 22:29:35 | 00,195,584 | ---- | M] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/03/17 23:52:58 | 06,016,472 | ---- | M] () -- C:\DOCUME~1\Owner\Desktop\slaughterhouse-wack_mcs-2dope.mp3
[2009/03/17 20:53:21 | 00,515,435 | ---- | M] () -- C:\DOCUME~1\Owner\Desktop\evenifitrains_1280x1024.zip
[2009/03/17 07:33:53 | 03,529,257 | ---- | M] () -- C:\DOCUME~1\Owner\Desktop\02 Lark On My Go-Kart _Dirty_.mp3
[2009/03/17 01:04:54 | 00,019,968 | ---- | M] () -- C:\DOCUME~1\Owner\Desktop\Kelsey Powers.doc
[2009/03/17 01:01:55 | 00,023,040 | ---- | M] () -- C:\DOCUME~1\Owner\Desktop\Table of Contents.doc
[2009/03/15 11:52:40 | 00,005,593 | ---- | M] () -- C:\DOCUME~1\Owner\Desktop\Giggly.Giggly.part3.rar
[2009/03/15 11:48:44 | 54,391,148 | ---- | M] () -- C:\DOCUME~1\Owner\Desktop\Giggly.Giggly.part3.rar.part
[2009/03/14 23:28:04 | 20,971,5200 | ---- | M] () -- C:\DOCUME~1\Owner\Desktop\Giggly.Giggly.part2.rar
[2009/03/14 22:41:53 | 20,971,5200 | ---- | M] () -- C:\DOCUME~1\Owner\Desktop\Giggly.Giggly.part1.rar
[2009/03/14 16:30:25 | 00,370,368 | ---- | M] () -- C:\DOCUME~1\Owner\Desktop\video(2).mp4.sfk
[2009/03/14 15:20:31 | 13,673,327 | ---- | M] () -- C:\DOCUME~1\Owner\Desktop\video(2).mp4
[2009/03/14 14:18:18 | 00,537,648 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/03/14 14:03:57 | 00,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2009/03/13 20:49:41 | 00,002,208 | ---- | M] () -- C:\DOCUME~1\Owner\My Documents\Document cries of a dog.rtf
[2009/03/12 18:29:00 | 00,047,104 | ---- | M] () -- C:\DOCUME~1\Owner\Desktop\Size and Shape.doc
[2009/03/12 17:59:07 | 03,932,214 | ---- | M] () -- C:\DOCUME~1\Owner\Desktop\untitled.bmp
[2009/03/12 17:32:13 | 00,024,576 | ---- | M] () -- C:\DOCUME~1\Owner\Desktop\lux chart.doc
[2009/03/12 17:32:01 | 00,013,824 | ---- | M] () -- C:\DOCUME~1\Owner\Desktop\lux.xls
[2009/03/12 14:05:00 | 00,047,160 | ---- | M] () -- C:\DOCUME~1\Owner\Desktop\LuxembourgPartitionsMap_english.jpg
[2009/03/12 13:16:55 | 00,000,733 | ---- | M] () -- C:\WINDOWS\win.ini
[2009/03/12 13:16:55 | 00,000,281 | RHS- | M] () -- C:\boot.ini
[2009/03/12 13:16:55 | 00,000,253 | ---- | M] () -- C:\WINDOWS\system.ini
[2009/03/10 19:15:32 | 00,001,875 | ---- | M] () -- C:\DOCUME~1\Owner\My Documents\otment.rtf
[2009/03/10 02:27:58 | 11,469,9154 | ---- | M] () -- C:\DOCUME~1\Owner\Desktop\CSDRAMABIG.zip
[2009/03/09 20:04:49 | 00,522,530 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/03/09 20:04:49 | 00,441,954 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/03/09 20:04:49 | 00,071,512 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009/03/09 14:39:19 | 04,568,104 | ---- | M] () -- C:\DOCUME~1\Owner\Desktop\brian 003.jpg
[2009/03/08 21:20:01 | 04,251,886 | -H-- | M] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\IconCache.db
[2009/03/08 21:00:42 | 00,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2009/03/05 21:33:42 | 00,100,727 | ---- | M] () -- C:\DOCUME~1\Owner\Desktop\Preparation.rtf
[2009/03/02 16:07:58 | 00,002,909 | ---- | M] () -- C:\DOCUME~1\Owner\Desktop\Documen2t.rtf
[2009/02/28 22:10:08 | 00,055,840 | ---- | M] () -- C:\DOCUME~1\Owner\Desktop\n632050061_5874285_274768.jpg
[2009/02/27 18:31:11 | 03,168,086 | ---- | M] () -- C:\DOCUME~1\Owner\Desktop\2zgf8ra.gif
[2009/02/25 11:07:23 | 02,300,798 | ---- | M] () -- C:\DOCUME~1\Owner\Desktop\killa.gif
[2009/02/23 20:03:48 | 00,000,192 | ---- | M] () -- C:\WINDOWS\winamp.ini

========== LOP Check ==========

[2009/03/15 23:05:58 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Application Data
[2009/01/12 21:19:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[2004/08/19 21:35:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2005/01/23 13:48:51 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AOL
[2007/09/17 22:54:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple
[2007/09/17 22:56:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple Computer
[2009/03/23 20:37:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG7
[2007/10/28 18:57:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Corel
[2004/08/19 21:40:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CyberLink
[2005/06/16 10:01:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Grisoft
[2007/10/13 10:50:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Last.fm
[2005/01/24 23:00:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Macrovision
[2009/03/05 22:44:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2007/05/26 15:00:08 | 00,000,000 | --SD | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2007/04/18 22:52:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Motive
[2004/08/19 21:37:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Pure Networks
[2005/01/06 19:17:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\QuickTime
[2009/02/15 21:17:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Skype
[2008/11/01 18:41:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sony
[2007/02/10 23:20:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sony Corporation
[2009/03/15 23:05:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2004/08/19 21:43:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Symantec
[2009/03/23 20:47:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2004/08/19 21:37:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2008/03/05 02:53:31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Webroot
[2006/05/30 13:34:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[2005/09/11 10:19:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\yahoo!
[2005/09/11 10:41:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
[2009/03/15 23:05:47 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Owner\Application Data
[2008/10/05 01:13:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Adobe
[2004/12/31 01:19:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\AdobeUM
[2004/12/29 20:14:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Aim
[2005/01/23 13:48:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\AOL
[2007/12/20 20:47:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Apple Computer
[2006/07/18 16:22:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\ArcSoft
[2005/10/23 10:03:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\AVG7
[2009/03/19 17:20:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Azureus
[2007/05/12 22:50:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Blackberry Desktop
[2007/10/28 19:02:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Corel
[2009/01/25 19:34:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\CVS
[2004/08/19 21:56:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\CyberLink
[2007/09/29 00:04:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\cYo
[2006/01/21 17:54:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Google
[2005/01/31 15:20:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Help
[2004/08/19 21:16:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Identities
[2005/05/31 15:31:31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Lavasoft
[2005/11/27 03:02:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Macromedia
[2009/03/05 22:44:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Malwarebytes
[2008/04/19 10:49:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Media Player Classic
[2007/09/29 00:06:51 | 00,000,000 | --SD | M] -- C:\Documents and Settings\Owner\Application Data\Microsoft
[2007/04/18 22:46:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Motive
[2008/06/18 01:07:57 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Mozilla
[2006/10/01 21:44:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Opera
[2008/11/28 21:39:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Publish Providers
[2008/03/23 13:34:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Real
[2007/05/12 22:51:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Research In Motion
[2006/10/09 19:56:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Samsung
[2009/03/14 14:39:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Skype
[2009/03/14 14:39:18 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\skypePM
[2008/12/27 07:28:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Sony
[2007/02/10 23:30:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Sony Corporation
[2008/02/21 20:22:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Sony Setup
[2004/08/19 21:46:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Sun
[2009/03/15 23:05:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\SUPERAntiSpyware.com
[2004/08/19 21:43:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Symantec
[2005/01/09 11:50:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Syntrillium
[2005/05/24 20:35:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Talkback
[2004/12/31 10:28:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Template
[2006/10/09 19:30:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Temporary
[2006/10/09 19:30:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\TransRender
[2005/11/25 22:47:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\vlc
[2005/06/16 09:40:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Webroot
[2006/07/16 16:26:31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Yahoo!
[2005/01/31 15:28:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Yahoo! Messenger
[2004/08/19 21:37:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\You've Got Pictures Screensaver
[2009/03/20 22:16:10 | 00,000,284 | ---- | M] () -- C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
[2004/08/04 08:00:00 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\desktop.ini
[2009/03/24 10:35:26 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT
[2009/03/24 18:19:32 | 00,000,364 | ---- | M] () -- C:\WINDOWS\Tasks\Symantec NetDetect.job

========== Purity Check ==========


========== Alternate Data Streams ==========

@Alternate Data Stream - 98 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:9AEE100C
@Alternate Data Stream - 189 bytes -> C:\DOCUME~1\Owner\Desktop\Deadpool_-_Game__of_Death__OneShot___2009___Minutemen-DizzyRoses_.cbr:ComicRackInfo
@Alternate Data Stream - 189 bytes -> C:\DOCUME~1\Owner\Desktop\003._Batman_-_The_Killing_Joke.cbr:ComicRackInfo
@Alternate Data Stream - 168 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:8927A071
@Alternate Data Stream - 120 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34
@Alternate Data Stream - 114 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:94A19129
@Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:888AFB86
< End of report >
OTListIt Extras logfile created on: 3/24/2009 8:40:19 PM - Run 1
OTListIt2 by OldTimer - Version 2.0.7.1 Folder = C:\Documents and Settings\Owner\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

502.73 Mb Total Physical Memory | 221.67 Mb Available Physical Memory | 44.09% Memory free
1.20 Gb Paging File | 0.65 Gb Available in Paging File | 54.36% Paging File free
Paging file location(s): C:\pagefile.sys 756 1512;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149.05 Gb Total Space | 21.82 Gb Free Space | 14.64% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
Drive G: | 298.09 Gb Total Space | 219.40 Gb Free Space | 73.60% Space Free | Partition Type: NTFS
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: YOUR-96FC0AA548
Current User Name: Owner
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Output = Minimal
File Age = 30 Days
Company Name Whitelist: On

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 1
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL File not found
C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL File not found
C:\Program Files\America Online 9.0\waol.exe:*:Enabled:AOL File not found
C:\Program Files\AIM\aim.exe:*:Enabled:AOL Instant Messenger (America Online, Inc.)
%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire (Lime Wire, LLC)
C:\Program Files\Soulseek\slsk.exe:*:Enabled:SoulSeek Client (SoulSeek)
C:\Program Files\BitTorrent\btdownloadgui.exe:*:Enabled:btdownloadgui ()
C:\Program Files\QuickTime\QuickTimePlayer.exe:*:Enabled:QuickTime Player (Apple Inc.)
C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger (Microsoft Corporation)
C:\Program Files\Yahoo!\Messenger\YPager.exe:*:Enabled:Yahoo! Messenger ()
C:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server (Yahoo! Inc.)
C:\Program Files\Java\jre1.5.0_01\bin\javaw.exe:*:Enabled:Java™ 2 Platform Standard Edition binary (Sun Microsystems, Inc.)
C:\Program Files\Java\jre1.5.0_02\bin\javaw.exe:*:Enabled:Java™ 2 Platform Standard Edition binary (Sun Microsystems, Inc.)
C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test (Microsoft Corporation)
C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox (Mozilla Corporation)
C:\Program Files\AIM\aim.exe:*:Enabled:AOL Instant Messenger (America Online, Inc.)
C:\Program Files\Real\RealPlayer\realplay.exe:*:Enabled:RealPlayer (RealNetworks, Inc.)
C:\Program Files\Java\j2re1.4.2\bin\javaw.exe:*:Disabled:javaw ()
C:\StubInstaller.exe:*:Disabled:LimeWire swarmed installer (LimeWire)
C:\Program Files\Azureus\Azureus.exe:*:Enabled:Azureus (Aelitis)
C:\Program Files\Windows Media Player\wmplayer.exe:*:Enabled:Windows Media Player (Microsoft Corporation)
C:\Program Files\Last.fm\LastFM.exe:*:Enabled:LastFM (Last.fm)
C:\Program Files\Grisoft\AVG Free\avginet.exe:*:Enabled:avginet.exe (GRISOFT, s.r.o.)
C:\Program Files\Grisoft\AVG Free\avgamsvr.exe:*:Enabled:avgamsvr.exe (GRISOFT, s.r.o.)
C:\Program Files\Grisoft\AVG Free\avgcc.exe:*:Enabled:avgcc.exe (GRISOFT, s.r.o.)
%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 (Microsoft Corporation)
C:\Program Files\Veoh Networks\Veoh\VeohClient.exe:*:Enabled:Veoh Client (Veoh Networks)
C:\Program Files\WiFiConnector\DEVREMOVE.exe:*:Enabled:DEVREMOVE.exe ()
C:\Program Files\WiFiConnector\SoftAPUninst.exe:*:Enabled:Uninstall Nintendo Wi-Fi USB Connector Registration Tool ()
C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour (Apple Inc.)
C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes (Apple Inc.)
C:\Program Files\WiFiConnector\NintendoWFCReg.exe:LocalSubNet:Enabled:Nintendo Wi-Fi USB Connector ()
C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe:*:Enabled:Veoh Web Player (Veoh Networks)
C:\WINDOWS\system32\mmc.exe:*:Disabled:Microsoft Management Console (Microsoft Corporation)
C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype (Skype Technologies S.A.)
C:\WINDOWS\explorer.exe:*:Enabled:Explorer (Microsoft Corporation)
C:\Program Files\Grisoft\AVG Free\avgupsvc.exe:*:Enabled:avgupsvc (GRISOFT, s.r.o.)
C:\WINDOWS\system32\dwwin.exe:*:Enabled:dwwin (Microsoft Corporation)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0405E51E-9582-4207-8F38-AC44201D3808}" = VeohTV BETA
"{084709F7-38C5-4609-B55F-2417939315EB}" = Adobe Premiere Pro
"{12665B01-3F3A-4433-B179-9D8E352D7547}" = Try Corel Snapfire muvee autoProducer add on
"{15095BF3-A3D7-4DDF-B193-3A496881E003}" = Microsoft .NET Framework 3.0
"{1526D87C-A955-4FAB-BF18-697BA457E352}" = Norton WMI Update
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1D643CD7-4DD6-11D7-A4E0-000874180BB3}" = Microsoft Money 2004
"{23BE930B-6AC4-4D0D-B5C3-03062A2BF2A3}" = OpenMG AAC Add-on Module 1.0.00
"{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D}" = Skype™ 4.0
"{25EF00BE-F17B-11D6-88EA-000476CD2443}" = Verizon Online
"{28845BF9-1BC0-4DBF-B9DA-57DAC589F6C5}" = BlackBerry v4.2.0 for the 8100 Series Wireless Handheld
"{2A0E8EB8-85C9-461A-B0C1-0DB7C21FA89A}" = SonicStage Simple Burner 1.0
"{318AB667-3230-41B5-A617-CB3BF748D371}" = iTunes
"{3248F0A8-6813-11D6-A77B-00B0D0150010}" = J2SE Runtime Environment 5.0 Update 1
"{3248F0A8-6813-11D6-A77B-00B0D0150020}" = J2SE Runtime Environment 5.0 Update 2
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3D047C15-C859-45F7-81CE-F2681778069B}" = iPod for Windows 2006-01-10
"{3DE5E7D4-7B88-403C-A3FD-2017A8240C5B}" = Google Earth
"{3DED3A72-61A8-4B87-98A5-EF0BC8038AA0}" = DAEMON Tools
"{416D80BA-6F6D-4672-B7CF-F54DA2F80B44}" = Microsoft Works
"{43A9F944-0398-425E-9E22-201F65FE0CCA}" = QuickCam
"{45EBDA59-D33B-433A-956E-B2F236468B56}" = MUSICMATCH® Jukebox
"{491DD792-AD81-429C-9EB4-86DD3D22E333}" = Windows Communication Foundation
"{49FC50FC-F965-40D9-89B4-CBFF80941033}" = Windows Movie Maker 2.0
"{5F0C7588-DC73-4465-8BAB-21813C1EC047}" = PDF Manual NW-E000 Series
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6E66ECBD-FCA7-4AE1-A8C5-1CA78BEEB057}" = Multimedia Keyboard Driver
"{7148F0A8-6813-11D6-A77B-00B0D0142000}" = Java 2 Runtime Environment, SE v1.4.2
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{738179D8-3D76-4AFF-A7BE-AEF3B4370CB4}" = Opera 9.02
"{76EFFC7C-17A6-479D-9E47-8E658C1695AE}" = Windows Backup Utility
"{76F8CB2B-6516-4E1E-B6F1-AED4ABDB4B0A}_is1" = Spy Sweeper
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX
"{7D1B85BD-AA07-48B8-808D-67A4067FC6BD}" = Windows Workflow Foundation
"{7D564241-C246-4C34-A7E5-918C7D4E892D}" = BlackBerry Desktop Software 4.2.1
"{81EED1A1-AE78-4B11-BE47-C6AE9F5E87F1}" = Digital Media Reader
"{870815CA-6B60-47B6-88DD-A67F42D2F03E}" = GPL MPEG-1/2 DirectShow Decoder Filter
"{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}" = Bonjour
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel® Graphics Media Accelerator Driver
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8C64E145-54BA-11D6-91B1-00500462BE80}" = Microsoft Money 2004 System Pack
"{90280409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional with FrontPage
"{97E038E1-41AD-4C93-BCDC-6A2394AEE352}" = Vegas Movie Studio Platinum 9.0
"{A0EB195B-5876-48E6-879D-33D4B2102610}" = SonicStage 4.3
"{A6E2D0B7-FED2-42D9-95DA-F3662D1AD468}" = SIGamp for Windows Media Player
"{AC76BA86-7AD7-1033-7B44-000000000001}" = Adobe Reader 6.0
"{B3CFD1BB-4ED2-4F3F-AD23-ACD12F21E62B}" = Samsung PC Studio for SGH-D807
"{B508B3F1-A24A-32C0-B310-85786919EF28}" = Microsoft .NET Framework 2.0 Service Pack 1
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B83C18C7-FBCD-4799-BA62-37B98FD2EB5F}" = BlackBerry v4.2.0 for the 8100 Series Wireless Handheld
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{BCE72AED-3332-4863-9567-C5DCB9052CA2}" = Netflix Movie Viewer
"{C6F5B6CF-609C-428E-876F-CA83176C021B}" = Norton AntiVirus 2004
"{CA0A1E54-CE0F-4366-B09C-A87B61DC5633}" = Symantec Network Drivers Update
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CCD663AE-610D-4BDF-AAB0-E914B044527D}" = OpenMG Secure Module 4.7.00
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Free Edition
"{D050D7362D214723AD585B541FFB6C11}" = DivX Content Uploader
"{D327AFC9-7BAA-473A-8319-6EB7A0D40138}" = Symantec Script Blocking Installer
"{D6414CC7-F215-467F-88B1-546ED863F35B}" = CC_ccStart
"{DBA8B9E1-C6FF-4624-9598-73D3B41A0903}" = Microsoft Picture It! Photo Premium 9
"{DC367608-64A7-4BF7-92F4-8BAA25BA02DB}" = ccCommon
"{E47EE8FB-ACC0-4608-859C-4E2851B18A6A}" = SymNet
"{E5EE9939-259F-4DE2-8023-5C49E16A4F43}" = Norton AntiVirus Parent MSI
"{EC4455AB-F155-4CC1-A4C5-88F3777F9886}" = Apple Mobile Device Support
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F958CA02-BB40-4007-894B-258729456EE4}" = QuickTime
"{FC37ABD0-2108-4beb-B010-1254E0662B5A}" = MSRedist
"{FD6C6B7F-5696-48C5-A601-2EE9E50C3D46}" = WD Firewire HID Driver
"AC3Filter" = AC3Filter (remove only)
"Ad-Aware SE Personal" = Ad-Aware SE Personal
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Photoshop 7.0" = Adobe Photoshop 7.0
"AOL Instant Messenger" = AOL Instant Messenger
"Applian FLV Player2.0.24" = Applian FLV Player
"AVG7Uninstall" = AVG Free Edition
"AviSynth" = AviSynth 2.5
"Azureus" = Azureus
"BigFix" = BigFix
"BitTorrent" = BitTorrent 3.4.2
"BlackBerry_{7D564241-C246-4C34-A7E5-918C7D4E892D}" = BlackBerry Desktop Software 4.2.1
"CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200014F1" = SoftV92 Data Fax Modem with SmartCP
"Combined Community Codec Pack_is1" = Combined Community Codec Pack 2008-01-24
"ComicRack" = ComicRack v0.9.54
"Cool Edit Pro 2.0" = Cool Edit Pro 2.0
"ERUNT_is1" = ERUNT 1.1j
"FLAC" = FLAC Installer 1.1.2a (remove only)
"Google Video Uploader" = Google Video Uploader
"HijackThis" = HijackThis 2.0.2
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"InstallShield_{0405E51E-9582-4207-8F38-AC44201D3808}" = VeohTV BETA
"InstallShield_{23BE930B-6AC4-4D0D-B5C3-03062A2BF2A3}" = OpenMG AAC Add-on Module 1.0.00
"InstallShield_{3D047C15-C859-45F7-81CE-F2681778069B}" = iPod for Windows 2006-01-10
"InstallShield_{81EED1A1-AE78-4B11-BE47-C6AE9F5E87F1}" = Digital Media Reader
"InstallShield_{CCD663AE-610D-4BDF-AAB0-E914B044527D}" = OpenMG Secure Module 4.7.00
"LastFM_is1" = Last.fm 1.3.2.13
"LimeWire" = LimeWire 4.16.6
"LiveReg" = LiveReg (Symantec Corporation)
"LiveUpdate" = LiveUpdate 2.6 (Symantec Corporation)
"Macromedia Shockwave Player" = Macromedia Shockwave Player
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.0" = Microsoft .NET Framework 3.0
"mIRC" = mIRC
"Mozilla Firefox (3.0.7)" = Mozilla Firefox (3.0.7)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Nero - Burning Rom!UninstallKey" = Nero OEM
"Nero BurnRights!UninstallKey" = Nero BurnRights
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"OpenMG HotFix4.7-07-13-22-01" = OpenMG Limited Patch 4.7-07-14-05-01
"PictureIt_v9" = Microsoft Picture It! Photo Premium 9
"PROSet" = Intel® PRO Network Adapters and Drivers
"RealPlayer 6.0" = RealPlayer
"Registry Mechanic_is1" = Registry Mechanic 4.0
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"Soulseek" = SoulSeek Client 155
"SpywareBlaster_is1" = SpywareBlaster 4.1
"StreetPlugin" = Learn2 Player (Uninstall Only)
"SUPER ©" = SUPER © Version 2007.bld.23 (July 4, 2007)
"Super Screen Recorder_is1" = Super Screen Recorder 3.0
"SymSetup.{C6F5B6CF-609C-428E-876F-CA83176C021B}" = Norton AntiVirus 2004 (Symantec Corporation)
"Veoh Web Player Beta" = Veoh Web Player Beta
"Verizon Online Help and Support" = Verizon Online Help and Support
"Videora iPod Converter" = Videora iPod Converter 3.04
"ViewpointMediaPlayer" = Viewpoint Media Player
"VLC media player" = VideoLAN VLC media player 0.8.2
"VobSub" = VobSub v2.23 (Remove Only)
"Vodafone 804SS USB driver" = Vodafone 804SS USB driver Software
"Waves Native Gold Bundle v3.01" = Waves Native Gold Bundle v3.01
"WIC" = Windows Imaging Component
"WiFiConnector" = Nintendo Wi-Fi USB Connector Registration Tool
"Winamp" = Winamp (remove only)
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR archiver
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Customizations" = Yahoo! extras
"Yahoo! Internet Mail" = Yahoo! Internet Mail
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Toolbar" = Yahoo! Toolbar
"YInstHelper" = Yahoo! Install Manager
"YojO99sfv_is1" = All In One

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 3/9/2009 8:23:17 PM | Computer Name = YOUR-96FC0AA548 | Source = AVG7 | ID = 100
Description = 2009-03-10 00:23:17,265 YOUR-96FC0AA548 [001724:001740] ERROR 000
AVG7.AM service module run failed: Error 0x80040154

Error - 3/11/2009 4:32:06 PM | Computer Name = YOUR-96FC0AA548 | Source = Application Hang | ID = 1002
Description = Hanging application firefox.exe, version 1.9.0.3334, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 3/11/2009 4:32:10 PM | Computer Name = YOUR-96FC0AA548 | Source = Application Hang | ID = 1002
Description = Hanging application firefox.exe, version 1.9.0.3334, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 3/13/2009 8:57:17 PM | Computer Name = YOUR-96FC0AA548 | Source = Application Error | ID = 1000
Description = Faulting application aim.exe, version 5.9.3861.0, faulting module
unknown, version 0.0.0.0, fault address 0x1221254f.

Error - 3/15/2009 10:04:17 PM | Computer Name = YOUR-96FC0AA548 | Source = Application Error | ID = 1000
Description = Faulting application aim.exe, version 5.9.3861.0, faulting module
unknown, version 0.0.0.0, fault address 0x1221254f.

Error - 3/21/2009 8:21:00 PM | Computer Name = YOUR-96FC0AA548 | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 6.0.2900.5512, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 3/24/2009 2:23:37 PM | Computer Name = YOUR-96FC0AA548 | Source = Application Hang | ID = 1002
Description = Hanging application explorer.exe, version 6.0.2900.5512, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 3/24/2009 3:34:56 PM | Computer Name = YOUR-96FC0AA548 | Source = Application Hang | ID = 1002
Description = Hanging application explorer.exe, version 6.0.2900.5512, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 3/24/2009 3:34:56 PM | Computer Name = YOUR-96FC0AA548 | Source = Application Hang | ID = 1002
Description = Hanging application explorer.exe, version 6.0.2900.5512, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 3/24/2009 3:34:58 PM | Computer Name = YOUR-96FC0AA548 | Source = Application Hang | ID = 1002
Description = Hanging application explorer.exe, version 6.0.2900.5512, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

[ System Events ]
Error - 3/23/2009 9:21:10 PM | Computer Name = YOUR-96FC0AA548 | Source = Service Control Manager | ID = 7001
Description = The DHCP Client service depends on the NetBT service which failed
to start because of the following error: %%31

Error - 3/23/2009 9:21:10 PM | Computer Name = YOUR-96FC0AA548 | Source = Service Control Manager | ID = 7001
Description = The DNS Client service depends on the TCP/IP Protocol Driver service
which failed to start because of the following error: %%31

Error - 3/23/2009 9:21:10 PM | Computer Name = YOUR-96FC0AA548 | Source = Service Control Manager | ID = 7001
Description = The TCP/IP NetBIOS Helper service depends on the AFD service which
failed to start because of the following error: %%31

Error - 3/23/2009 9:21:10 PM | Computer Name = YOUR-96FC0AA548 | Source = Service Control Manager | ID = 7001
Description = The Apple Mobile Device service depends on the TCP/IP Protocol Driver
service which failed to start because of the following error: %%31

Error - 3/23/2009 9:21:10 PM | Computer Name = YOUR-96FC0AA548 | Source = Service Control Manager | ID = 7001
Description = The Bonjour Service service depends on the TCP/IP Protocol Driver
service which failed to start because of the following error: %%31

Error - 3/23/2009 9:21:10 PM | Computer Name = YOUR-96FC0AA548 | Source = Service Control Manager | ID = 7001
Description = The IPSEC Services service depends on the IPSEC driver service which
failed to start because of the following error: %%31

Error - 3/23/2009 9:21:10 PM | Computer Name = YOUR-96FC0AA548 | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
AFD Avg7Core Avg7RsW Avg7RsXP Fips intelppm IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss SASDIFSV
SASKUTIL
SAVRTPEL
SYMTDI
Tcpip

Error - 3/24/2009 12:40:08 AM | Computer Name = YOUR-96FC0AA548 | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service EventSystem
with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 3/24/2009 11:51:04 AM | Computer Name = YOUR-96FC0AA548 | Source = DCOM | ID = 10005
Description = DCOM got error "%1058" attempting to start the service wuauserv with
arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}

Error - 3/24/2009 1:30:38 PM | Computer Name = YOUR-96FC0AA548 | Source = DCOM | ID = 10010
Description = The server {0002DF01-0000-0000-C000-000000000046} did not register
with DCOM within the required timeout.


< End of report >

Hi I notice you still have AVG 7 it is now on version 8 I recommend that you update ASAP

Run OTList2.exe

• Under the Custom Scans/Fixes box at the bottom, paste in the following
  
  CODE
  :OTLI
  O2 - BHO: (no name) - {73ce85d6-e1fc-49c2-b10e-44c48b49d508} - C:\WINDOWS\system32\oqtgle.dll ()
  O2 - BHO: (no name) - {aaaea97a-8445-4a6a-83bd-f7ddc917a081} - C:\WINDOWS\system32\woheluba.dll ()
  O4 - HKLM..\Run: [5417482f] rundll32.exe "C:\WINDOWS\system32\pezeyuyi.dll",b ()
  O4 - HKLM..\Run: [CPM57247bb3] Rundll32.exe "C:\WINDOWS\system32\gulobimu.dll",a ()
  O4 - HKLM..\Run: [kamulizebi] Rundll32.exe "C:\WINDOWS\system32\wofomobu.dll",s ()
  O20 - AppInit_DLLs: (C:\WINDOWS\system32\padopomu.dll) - C:\WINDOWS\system32\padopomu.dll ()
  O20 - AppInit_DLLs: (zygwtq.dll) - File not found
  O20 - AppInit_DLLs: (c:\windows\system32\ruvaluno.dll) - c:\windows\system32\ruvaluno.dll File not found
  O20 - AppInit_DLLs: (c:\windows\system32\namiviko.dll) - c:\windows\system32\namiviko.dll File not found
  O20 - AppInit_DLLs: (c:\windows\system32\refemope.dll) - c:\windows\system32\refemope.dll File not found
  O20 - AppInit_DLLs: (oqtgle.dll) - C:\WINDOWS\system32\oqtgle.dll ()
  O20 - AppInit_DLLs: (c:\windows\system32\gulobimu.dll) - c:\windows\system32\gulobimu.dll ()
  
  :Files
  C:\WINDOWS\System32\gezokije.dll
  C:\WINDOWS\System32\oqtgle.dll
  C:\WINDOWS\System32\iyuyezep.ini
  C:\WINDOWS\System32\olatasud.ini
  C:\WINDOWS\System32\unodigel.ini
  C:\WINDOWS\System32\isubidub.ini
  C:\WINDOWS\System32\nefideja
  C:\WINDOWS\System32\iyuyezep.ini
  C:\WINDOWS\System32\gezokije.dll
  C:\WINDOWS\System32\butabefu.dll
  C:\WINDOWS\System32\oqtgle.dll
  C:\WINDOWS\System32\gulobimu.dll
  C:\WINDOWS\System32\pezeyuyi.dll
  
  :Commands
  [purity]
  [emptytemp]
  [start explorer]
  [Reboot]
• Then click the Run Fix button at the top
• Let the program run unhindered, reboot when it is done
• Then post a new OTL2 log ( don't check the boxes beside LOP Check or Purity this time )

THEN

Please download Malwarebytes' Anti-Malware from Here or Here

Double Click mbam-setup.exe to install the application.

• Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
• If an update is found, it will download and install the latest version.
• Once the program has loaded, select "Perform Quick Scan", then click Scan.
• The scan may take some time to finish,so please be patient.
• When the scan is complete, click OK, then Show Results to view the results.
• Make sure that everything is checked, and click Remove Selected.
• When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
• The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
• Copy&Paste the entire report in your next reply.

Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediately.

I ran into a problem after I upgraded to AVG 8. AVG then alerted me about a Trojan virus that keeps occurring on my computer and asked me if I wanted to remove it. I said yes but it told me removing it could cause harm or crash my computer. I tried to remove it anyways. I opened OTList2 and copy/paste what you posted. Otlist2 finished scanning but froze and didn't create th log. So I ctrl alt del and ended OTlist2 and then the log appeared. I read briefly and saw that it said that some files failed to be moved. I then restarted my computer and when I did it got stuck on the screen that comes up before I put my password in. The screen is blue, says microsoft windows xp and has the windows logo above it.

I don't know what went wrong, I feel like I'm back to square one and like a failure.......what can I do to fix this problem? Sorry for being such a hassle, Essexboy. ; (

This post has been edited by oliver amaya: Mar 26 2009, 03:58 PM

Can you get to the safe mode screen and select Last Known Good

What file did AVG say was infected

I am able to start in safe mode and start it under Last Known Good Config, but it couldn't get me pass the same blue Microsoft screen.
As far as AVG, if my memory serves me right, it was the same one as before that super antispyware found. System32 folder?
Should I try safe mode but differently? or is there something else I should do?
Ah, I just tried starting in safe mode(home edition) and still got stuck on the start up menu. if you want I can take a picture of the screen and post it.

This post has been edited by oliver amaya: Mar 26 2009, 05:17 PM

You may have to do a repair instal as it looks like AVG has knocked out a system file

What is a repair instal?
I've been trying a few different things and searching on google and I came across Recovery Console. Can you tell me about this and the chances of it working: I see that I need a CD for it, would that be avaliable at bestbuy? And does this erase my computer memory? It's called a hard drive right?

This post has been edited by oliver amaya: Mar 26 2009, 06:17 PM

Do you have a windows cd ?

Details about a repair install are here

If you can recall the name of the file AVG deleted we may be able to use the recovery console

I don't, well as far as I know, have a Windows XP CD. I guess I'll have to look for it, but is there any other way I can get this Windows XP CD w/ out having it? Maybe burning the program onto a blank CD, is that one of my options? When I get home today I well search through my room extensively!

One second; I'm going to guess at which files they were b/c I'm pretty sure it was the same "vundo" and "trojan" ones anit malware and SASpyware found, so by my guess they should be in the same place as before seeing as the OTList didn't go through all the way.
Truth be told, and I'm sorry to say, but it's almost impossible for me to remember which file it was. The best I can do is give some files that I think may be the ones that were removed, but I purely base that on how familiar the files look.

C:\WINDOWS\System32\svchost.exe
Perhaps:
DRV - (d347bus [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\d347bus.sys ( )
DRV - (d347prt [Boot | Running]) -- C:\WINDOWS\System32\Drivers\d347prt.sys ( )

I'm going to ask on Yahoo Questions "The Deletion of which System32 file could cause...ect"
Hopefully I get a good answer.

But yes, lets say I don't have a Windows XP CD what would my next step be?

C:\WINDOWS\System32\svchost.exe - you need this one to run your system

Can you borrow a windows cd ?

I'm still looking into which file it could be.
I'm going to ask my friends if they have that. Is there anything specific on the CD's appearence that I can tell them it looks like?
One of them says he may, "is it a CD w/ windows XP program on it?" That's what he's asking.

No you will need the windows operating system disc.

What is the make and model of your computer - is it a laptop or desktop?