OTL logfile created on: 5/10/2011 9:21:02 AM - Run 2
OTL by OldTimer - Version 3.2.4.1     Folder = C:\Documents and Settings\jhn barrett\Desktop\Virus Removal Tools
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
251.00 Mb Total Physical Memory | 40.00 Mb Available Physical Memory | 16.00% Memory free
610.00 Mb Paging File | 315.00 Mb Available in Paging File | 52.00% Paging File free
Paging file location(s): C:\pagefile.sys 372 744 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37.25 Gb Total Space | 14.38 Gb Free Space | 38.60% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 3.91 Gb Total Space | 3.45 Gb Free Space | 88.09% Space Free | Partition Type: FAT32
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: J-C4E7983211AD4
Current User Name: jhn barrett
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2011/05/05 03:42:04 | 002,424,192 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
PRC - [2011/04/19 03:25:12 | 003,460,784 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2011/04/19 03:25:10 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2010/07/18 00:34:41 | 000,202,256 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
PRC - [2010/06/03 10:50:58 | 001,144,104 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
PRC - [2010/05/04 18:44:08 | 000,570,880 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\jhn barrett\Desktop\Virus Removal Tools\OTL.exe
PRC - [2009/10/01 14:55:56 | 000,330,256 | ---- | M] (Kaspersky Lab) -- C:\Documents and Settings\jhn barrett\Desktop\Virus Removal Tool\setup_9.0.0.722_09.05.2011_13-39\setup_9.0.0.722_09.05.2011_13-39.exe
PRC - [2008/04/14 10:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2004/07/02 02:23:32 | 000,067,584 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXE
 
 
[color=#E56717]========== Modules (SafeList) ==========[/color]
 
MOD - [2011/04/19 03:25:09 | 000,199,792 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\snxhk.dll
MOD - [2010/08/24 02:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2010/05/04 18:44:08 | 000,570,880 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\jhn barrett\Desktop\Virus Removal Tools\OTL.exe
MOD - [2008/04/14 10:10:20 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
 
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV - [2011/04/19 03:25:10 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2008/11/10 06:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Stopped] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - [2011/04/19 03:17:46 | 000,441,176 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011/04/19 03:17:34 | 000,307,288 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswSP.sys -- (aswSP)
DRV - [2011/04/19 03:16:18 | 000,049,240 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011/04/19 03:16:06 | 000,102,488 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2011/04/19 03:13:21 | 000,025,432 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011/04/19 03:13:02 | 000,030,680 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2011/04/19 03:12:58 | 000,019,544 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010/05/11 04:41:30 | 000,067,656 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010/03/27 05:07:02 | 000,032,768 | ---- | M] (AnchorFree Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\taphss.sys -- (taphss)
DRV - [2010/03/26 08:23:39 | 000,007,168 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\utezmtyx.sys -- (utezmtyx)
DRV - [2010/02/18 04:25:48 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2009/10/22 13:54:18 | 000,037,392 | ---- | M] (Kaspersky Lab) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\58734332.sys -- (58734332)
DRV - [2009/10/09 23:31:10 | 000,315,408 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\5873433.sys -- (setup_9.0.0.722_09.05.2011_13-39drv)
DRV - [2009/09/25 17:59:42 | 000,128,016 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\58734331.sys -- (58734331)
DRV - [2009/04/10 15:58:02 | 000,105,344 | ---- | M] (Onda Communication) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ONDAusbser6k.sys -- (ONDAusbser6k)
DRV - [2009/04/10 15:58:02 | 000,105,344 | ---- | M] (Onda Communication) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ONDAusbnmea.sys -- (ONDAusbnmea)
DRV - [2009/04/10 15:58:02 | 000,105,344 | ---- | M] (Onda Communication) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ONDAusbmdm6k.sys -- (ONDAusbmdm6k)
DRV - [2009/03/25 15:29:52 | 000,130,432 | ---- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2008/01/17 16:50:34 | 000,100,864 | ---- | M] (ZTE Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ZTEusbser6k.sys -- (ZTEusbser6k)
DRV - [2008/01/17 16:50:34 | 000,100,864 | ---- | M] (ZTE Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ZTEusbnmea.sys -- (ZTEusbnmea)
DRV - [2008/01/17 16:50:34 | 000,100,864 | ---- | M] (ZTE Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ZTEusbmdm6k.sys -- (ZTEusbmdm6k)
DRV - [2006/02/22 02:32:04 | 000,143,904 | ---- | M] (Winbond Electronics Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\W33ND.SYS -- (W33ND)
DRV - [2004/08/04 08:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2004/07/22 22:50:16 | 001,268,234 | R--- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2004/07/01 22:49:00 | 000,626,977 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2004/02/24 18:08:52 | 000,400,384 | R--- | M] (Sensaura) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXSENS.SYS -- (ALCXSENS)
DRV - [2003/02/26 22:38:40 | 000,037,888 | ---- | M] (Winbond Electronics Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wbfirdma.sys -- (WBFIRDMA)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT2418376
IE - HKCU\..\URLSearchHook: {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - C:\Program Files\DVDVideoSoft\tbDVDV.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..browser.search.defaultthis.engineName: "  "
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2786678&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.param.yahoo-fr: "chrf-ytbm"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "chrf-ytbm"
FF - prefs.js..browser.search.param.yahoo-type: "${8}"
FF - prefs.js..browser.search.selectedEngine: "  "
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.1.5
FF - prefs.js..extensions.enabledItems: webmaster@keep-tube.com:1.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: searchrecs@veoh.com:1.5.2
FF - prefs.js..extensions.enabledItems: {00bf7b9c-acd2-4080-bea8-b1c41987070f}:2.6.0.15
FF - prefs.js..extensions.enabledItems: tineye@ideeinc.com:1.0
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.1.20091029021655
FF - prefs.js..extensions.enabledItems: plugin@yontoo.com:1.10.01
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.2.5.2
FF - prefs.js..extensions.enabledItems: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}:3.2.5.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
 
 
FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010/07/18 00:40:08 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011/05/09 20:11:27 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\K-Meleon\Extensions\\Plugins: C:\Program Files\K-Meleon\Plugins [2010/07/18 00:41:46 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\K-Meleon\Extensions\\Components: C:\Program Files\K-Meleon\Components [2010/07/18 09:31:37 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/10/28 00:00:05 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/11/02 20:27:21 | 000,000,000 | ---D | M]
 
[2010/04/14 09:52:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jhn barrett\Application Data\Mozilla\Extensions
[2010/04/08 11:42:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jhn barrett\Application Data\Mozilla\Extensions\mozswing@mozswing.org
[2011/05/07 18:03:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jhn barrett\Application Data\Mozilla\Firefox\Profiles\i34ihir7.default\extensions
[2010/05/19 19:14:29 | 000,000,000 | ---D | M] (TranslatorBar 1 Toolbar) -- C:\Documents and Settings\jhn barrett\Application Data\Mozilla\Firefox\Profiles\i34ihir7.default\extensions\{00bf7b9c-acd2-4080-bea8-b1c41987070f}
[2010/10/25 17:37:44 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\jhn barrett\Application Data\Mozilla\Firefox\Profiles\i34ihir7.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2009/12/11 21:47:13 | 000,000,000 | ---D | M] (uTorrentBar Community Toolbar) -- C:\Documents and Settings\jhn barrett\Application Data\Mozilla\Firefox\Profiles\i34ihir7.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}
[2010/04/25 02:58:25 | 000,000,000 | ---D | M] (Hotspot Shield Toolbar) -- C:\Documents and Settings\jhn barrett\Application Data\Mozilla\Firefox\Profiles\i34ihir7.default\extensions\{c95a4e8e-816d-4655-8c79-d736da1adb6d}
[2009/12/11 21:47:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jhn barrett\Application Data\Mozilla\Firefox\Profiles\i34ihir7.default\extensions\engine@conduit.com
[2010/10/29 01:18:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jhn barrett\Application Data\Mozilla\Firefox\Profiles\i34ihir7.default\extensions\plugin@yontoo.com
[2010/05/04 15:21:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jhn barrett\Application Data\Mozilla\Firefox\Profiles\i34ihir7.default\extensions\searchrecs@veoh.com
[2010/07/22 07:17:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jhn barrett\Application Data\Mozilla\Firefox\Profiles\i34ihir7.default\extensions\tineye@ideeinc.com
[2010/05/26 07:03:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jhn barrett\Application Data\Mozilla\Firefox\Profiles\i34ihir7.default\extensions\webmaster@keep-tube.com
[2009/12/11 21:47:13 | 000,000,863 | ---- | M] () -- C:\Documents and Settings\jhn barrett\Application Data\Mozilla\Firefox\Profiles\i34ihir7.default\searchplugins\conduit.xml
[2011/05/07 18:03:11 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/04/18 06:10:16 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/11/11 01:14:10 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2010/12/17 00:29:59 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011/05/07 18:05:13 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2010/11/12 17:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
 
O1 HOSTS File: ([2010/04/08 06:03:14 | 000,000,789 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 	127.0.0.1		localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll File not found
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (AVG Security Toolbar BHO) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll File not found
O2 - BHO: (DVDVideoSoft Toolbar) - {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - C:\Program Files\DVDVideoSoft\tbDVDV.dll (Conduit Ltd.)
O2 - BHO: (Yontoo Layers) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo Layers Client\YontooIEClient.dll (Yontoo Technology, Inc.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Show Xmlbar Toolbar) - {6B896ADB-4A82-46e2-858C-13134782CE34} - C:\Program Files\Xmlbar\Tudou Downloader\IEBar\xbietb.dll (Xmlbar.com)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll File not found
O3 - HKLM\..\Toolbar: (DVDVideoSoft Toolbar) - {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - C:\Program Files\DVDVideoSoft\tbDVDV.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll File not found
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKCU..\Run: [KasperskyPasswordManager] C:\DOCUME~1\JHNBAR~1\LOCALS~1\Temp\Rar$EX06.652\Kaspersky.Password.Manager.4.0.0.133.Eng\stpass.exe File not found
O4 - HKCU..\Run: [msnmsgr] C:\Program Files\Windows Live\Messenger\msnmsgr.exe File not found
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - HKLM..\RunOnce: [AvgUninstallURL] C:\WINDOWS\System32\cmd.exe (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\jhn barrett\Start Menu\Programs\Startup\setup_9.0.0.722_09.05.2011_13-39.lnk = C:\Documents and Settings\jhn barrett\Desktop\Virus Removal Tool\setup_9.0.0.722_09.05.2011_13-39\startup.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 36
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = FF FF FF FF  [binary data]
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: Run TudouDownloader - {612F6E5C-B314-4bab-93D1-D266AAFBE700} - C:\Program Files\Xmlbar\Tudou Downloader\TudouDownloader(xmlbar).exe (Xmlbar.com, Inc.)
O9 - Extra 'Tools' menuitem : Tudou Downloader - {612F6E5C-B314-4bab-93D1-D266AAFBE700} - C:\Program Files\Xmlbar\Tudou Downloader\TudouDownloader(xmlbar).exe (Xmlbar.com, Inc.)
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} http://go.microsoft.com/fwlink/?linkid=58813 (Office Genuine Advantage Validation Tool)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1273029714116 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O20 - Winlogon\Notify\igfxtcui: DllName - C:\documents and settings\all users\application data\jhn barrett\UpdateLogon.dll - C:\documents and settings\all users\application data\jhn barrett\UpdateLogon.dll File not found
O24 - Desktop WallPaper: C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/03/21 03:29:50 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2010/03/26 09:02:30 | 000,000,000 | RHSD | M] - C:\autorun.inf -- [ NTFS ]
O33 - MountPoints2\{28e18500-bfa8-11df-aaa1-0040d0726735}\Shell - "" = AutoRun
O33 - MountPoints2\{28e18500-bfa8-11df-aaa1-0040d0726735}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{28e18500-bfa8-11df-aaa1-0040d0726735}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2011/05/09 20:12:39 | 000,019,544 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2011/05/09 20:12:38 | 000,307,288 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2011/05/09 20:12:32 | 000,025,432 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2011/05/09 20:12:31 | 000,441,176 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2011/05/09 20:12:31 | 000,049,240 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2011/05/09 20:12:30 | 000,102,488 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2011/05/09 20:12:30 | 000,096,344 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2011/05/09 20:12:28 | 000,030,680 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2011/05/09 20:11:21 | 000,040,112 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2011/05/09 20:11:20 | 000,199,304 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2011/05/09 20:10:45 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2011/05/09 20:10:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2011/05/09 16:55:00 | 000,315,408 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\5873433.sys
[2011/05/09 16:55:00 | 000,128,016 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\58734331.sys
[2011/05/09 16:55:00 | 000,037,392 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\58734332.sys
[2011/05/09 16:54:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\jhn barrett\Desktop\Virus Removal Tool
[2011/05/09 16:23:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\jhn barrett\Application Data\SUPERAntiSpyware.com
[2011/05/09 16:23:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2011/05/09 16:23:02 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2011/05/09 15:36:30 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/05/09 15:36:24 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/05/09 15:36:23 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/05/08 06:22:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2011/05/08 06:21:51 | 001,071,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSCOMCTL.OCX
[2011/05/08 06:21:50 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSSTDFMT.DLL
[2011/05/07 18:46:59 | 000,100,864 | ---- | C] (ZTE Corporation) -- C:\WINDOWS\System32\drivers\ZTEusbser6k.sys
[2011/05/07 18:46:59 | 000,100,864 | ---- | C] (ZTE Corporation) -- C:\WINDOWS\System32\drivers\ZTEusbnmea.sys
[2011/05/07 18:46:59 | 000,100,864 | ---- | C] (ZTE Corporation) -- C:\WINDOWS\System32\drivers\ZTEusbmdm6k.sys
[2011/05/07 18:46:19 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\SupportApp
[2011/05/07 18:46:15 | 000,000,000 | ---D | C] -- C:\Program Files\ZTE Mobile Connection
[2011/05/07 18:46:06 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2011/05/07 18:05:10 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2011/05/07 18:05:09 | 000,000,000 | ---D | C] -- C:\Config.Msi
[2011/05/07 12:18:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\SupportApp(2)
[2011/05/07 12:18:15 | 000,000,000 | ---D | C] -- C:\Program Files\InstallShield Installation Information(2)
[1 C:\Documents and Settings\jhn barrett\*.tmp files -> C:\Documents and Settings\jhn barrett\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2011/05/10 09:14:33 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2011/05/10 09:12:50 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/05/10 09:11:29 | 007,340,032 | ---- | M] () -- C:\Documents and Settings\jhn barrett\ntuser.dat
[2011/05/10 09:11:29 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\jhn barrett\ntuser.ini
[2011/05/10 09:04:48 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/05/09 22:19:21 | 000,217,145 | ---- | M] () -- C:\Documents and Settings\jhn barrett\Desktop\kaspres.jpg
[2011/05/09 22:19:21 | 000,014,121 | ---- | M] () -- C:\Documents and Settings\jhn barrett\.recently-used.xbel
[2011/05/09 21:03:09 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/05/09 20:12:40 | 000,001,689 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2011/05/09 20:12:30 | 000,002,625 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2011/05/09 19:06:42 | 000,000,290 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-220523388-507921405-1343024091-1004.job
[2011/05/09 16:58:02 | 000,002,260 | ---- | M] () -- C:\Documents and Settings\jhn barrett\Start Menu\Programs\Startup\setup_9.0.0.722_09.05.2011_13-39.lnk
[2011/05/09 16:23:26 | 000,001,678 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011/05/09 15:42:58 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2011/05/09 15:41:30 | 000,020,480 | ---- | M] () -- C:\Documents and Settings\jhn barrett\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/05/09 15:36:32 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/05/08 19:09:00 | 000,058,904 | ---- | M] () -- C:\WINDOWS\System32\azipcontmn.dll
[2011/05/07 18:46:47 | 000,001,617 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\ZTE Mobile Connection.lnk
[2011/05/07 18:19:39 | 000,433,800 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/05/07 18:19:38 | 000,068,232 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/05/07 18:19:34 | 000,510,402 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2011/05/07 18:08:43 | 000,191,384 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/05/07 18:01:19 | 005,284,890 | -H-- | M] () -- C:\Documents and Settings\jhn barrett\Local Settings\Application Data\IconCache.db
[2011/05/07 13:14:56 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/04/19 03:25:12 | 000,040,112 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2011/04/19 03:25:10 | 000,199,304 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2011/04/19 03:17:46 | 000,441,176 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2011/04/19 03:17:34 | 000,307,288 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2011/04/19 03:16:18 | 000,049,240 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2011/04/19 03:16:06 | 000,102,488 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2011/04/19 03:16:02 | 000,096,344 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2011/04/19 03:13:21 | 000,025,432 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2011/04/19 03:13:02 | 000,030,680 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2011/04/19 03:12:58 | 000,019,544 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[1 C:\Documents and Settings\jhn barrett\*.tmp files -> C:\Documents and Settings\jhn barrett\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2011/05/09 22:19:21 | 000,014,121 | ---- | C] () -- C:\Documents and Settings\jhn barrett\.recently-used.xbel
[2011/05/09 22:19:20 | 000,217,145 | ---- | C] () -- C:\Documents and Settings\jhn barrett\Desktop\kaspres.jpg
[2011/05/09 20:12:40 | 000,001,689 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2011/05/09 16:58:03 | 000,002,260 | ---- | C] () -- C:\Documents and Settings\jhn barrett\Start Menu\Programs\Startup\setup_9.0.0.722_09.05.2011_13-39.lnk
[2011/05/09 16:23:26 | 000,001,678 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011/05/09 15:36:32 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/05/07 18:46:14 | 000,001,617 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\ZTE Mobile Connection.lnk
[2010/11/26 08:16:39 | 000,058,904 | ---- | C] () -- C:\WINDOWS\System32\sysfolderazipcnt.dll
[2010/11/26 08:16:36 | 000,058,904 | ---- | C] () -- C:\WINDOWS\System32\azipcontmn.dll
[2010/11/26 08:15:21 | 000,075,264 | ---- | C] () -- C:\WINDOWS\System32\ztvunacev2.dll
[2010/11/26 08:15:19 | 000,156,160 | ---- | C] () -- C:\WINDOWS\System32\ztvunrar3.dll
[2010/11/26 08:14:58 | 000,178,176 | ---- | C] () -- C:\WINDOWS\System32\7-zip32.dll
[2010/04/22 02:43:03 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2010/04/08 22:38:40 | 000,015,944 | ---- | C] () -- C:\WINDOWS\System32\drivers\hitmanpro35.sys
[2010/03/26 08:23:35 | 000,007,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\utezmtyx.sys
[2010/03/21 07:45:13 | 000,000,025 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2010/03/21 04:01:00 | 000,155,648 | R--- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
[2009/08/04 01:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.DLL
[2009/03/03 21:18:04 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\RtNicProp32.dll
 
[color=#E56717]========== Alternate Data Streams ==========[/color]
 
@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34
< End of report >