just to add, if you could give me a list of all the tools i am likely to need and i can DL the installers onto a flash to use when i get home. i wont be able to DL anything at home for now. thanx
EDIT(today 5/11/11)** so sas removed 207 cookies and another 3 trojan infections, still couldnt get online so i ran dr web which also found a further 3 when i did a deep scan(took 4 hours but the quick scan returned nothing first), although 1 of them was an installer for graboid so i'm not sure if that was a false p or what. i have just installed an update copy of mbam onto my flash(dont know why i didnt think off it before) so i will try again with that when i get home. i've been surprised that mbam hasn't found anything as it usually does, but then it is 4 months out of date but then so is the infection. i've scanned with all the others again but none of them have found anything further so far. the machine will still not get online, it just shows the no modem connected symbol and no sim symbol. i will do another otl before i come back tomorrow and post a current log as things may have changed since the one i did yesterday.
thanks again.
EDIT(5/12/11)** just thought i'd post an up to date otl and i will put the sas log too, so you can see what infections it found.
SAS 1:SUPERAntiSpyware Scan Log
http://www.superantispyware.comGenerated 05/10/2011 at 09:58 AM
Application Version : 4.52.1000
Core Rules Database Version : 7015
Trace Rules Database Version: 4827
Scan type : Complete Scan
Total Scan Time : 00:11:14
Memory items scanned : 402
Memory threats detected : 0
Registry items scanned : 5690
Registry threats detected : 6
File items scanned : 5
File threats detected : 1
Trojan.Agent/Gen
HKLM\System\ControlSet001\Services\utezmtyx
C:\WINDOWS\SYSTEM32\DRIVERS\UTEZMTYX.SYS
HKLM\System\ControlSet001\Enum\Root\LEGACY_utezmtyx
HKLM\System\ControlSet003\Services\utezmtyx
HKLM\System\ControlSet003\Enum\Root\LEGACY_utezmtyx
HKLM\System\CurrentControlSet\Services\utezmtyx
HKLM\System\CurrentControlSet\Enum\Root\LEGACY_utezmtyx
SAS2:SUPERAntiSpyware Scan Log
http://www.superantispyware.comGenerated 05/10/2011 at 04:43 PM
Application Version : 4.52.1000
Core Rules Database Version : 7015
Trace Rules Database Version: 4827
Scan type : Complete Scan
Total Scan Time : 00:56:15
Memory items scanned : 388
Memory threats detected : 0
Registry items scanned : 5685
Registry threats detected : 0
File items scanned : 21718
File threats detected : 210
Adware.Tracking Cookie
.advertising.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.atdmt.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.imrworldwide.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.imrworldwide.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.atdmt.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.mediaplex.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.revsci.net [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.invitemedia.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
ad.yieldmanager.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.lfstmedia.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.uk.at.atwola.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.uk.at.atwola.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.lfstmedia.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.adbrite.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.youporn.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.youporn.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.ero-advertising.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.youporn.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.youporn.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
ads.youporn.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.youporn.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.youporn.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.scarleteen.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.scarleteen.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.scarleteen.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.scarleteen.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
ad.yieldmanager.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.adserver.adtechus.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.kontera.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.apmebf.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.ru4.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.ru4.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.ru4.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.ru4.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.tacoda.at.atwola.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.tacoda.at.atwola.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.tacoda.at.atwola.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.tacoda.at.atwola.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.tacoda.at.atwola.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.advertising.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.at.atwola.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.at.atwola.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.richmedia.yahoo.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.adinterax.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.adinterax.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.overture.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.interclick.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.interclick.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.bs.serving-sys.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.serving-sys.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.serving-sys.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.serving-sys.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.serving-sys.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.xiti.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.estat.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.adtech.de [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.ru4.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.actionporn.info [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
rts.pgmediaserve.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
rts.pgmediaserve.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
rts.pgmediaserve.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.partypoker.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.adultfriendfinder.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
ads.zeusclicks.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
ads.crakmedia.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.advertising.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
ad.yieldmanager.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.invitemedia.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.adbrite.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.adbrite.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.adbrite.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
ads.ventivmedia.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.adultfriendfinder.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.adultadworld.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.adultadworld.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.adultadworld.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.adultadworld.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.adultadworld.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.nextag.co.uk [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.nextag.co.uk [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.stats.imagereverb.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.stats.imagereverb.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.stats.imagereverb.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.stats.imagereverb.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.stats.imagereverb.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.ero-advertising.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.ero-advertising.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.ero-advertising.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.ero-advertising.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.stats.imagereverb.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.adultfriendfinder.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.adultfriendfinder.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.adultfriendfinder.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.adultfriendfinder.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.adultfriendfinder.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.adultfriendfinder.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.adultfriendfinder.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.adultfriendfinder.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.adultfriendfinder.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.invitemedia.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
ad.yieldmanager.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.beachstreetmedia.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.serving-sys.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
fidelity.rotator.hadj7.adjuggler.net [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.specificclick.net [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.specificclick.net [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.specificclick.net [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.specificclick.net [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.stats.complex.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.stats.complex.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.stats.complex.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.content.yieldmanager.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.content.yieldmanager.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.pro-market.net [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
counters.gigya.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
s05.flagcounter.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.media6degrees.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.revsci.net [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.adviva.net [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.adviva.net [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.zedo.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.zedo.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.zedo.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.yadro.ru [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.questionmarket.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.questionmarket.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.kantarmedia.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.kantarmedia.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.revsci.net [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.adfarm1.adition.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
adfarm1.adition.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.click2sell.eu [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.ru4.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.mediaplex.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.mediaplex.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.mediabrandsww.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
user.lucidmedia.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.adecn.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
ad.yieldmanager.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.adbrite.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.adxpose.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.doubleclick.net [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.yieldmanager.net [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.adbrite.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.invitemedia.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.invitemedia.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.zedo.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.zedo.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.fastclick.net [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.virginmedia.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
www.virginmedia.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
www.virginmedia.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.virginmedia.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.revsci.net [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
www.virginmedia.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.flavourmediagroup.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.flavourmediagroup.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.flavourmediagroup.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
www.flavourmediagroup.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.collective-media.net [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.collective-media.net [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.collective-media.net [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.collective-media.net [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.collective-media.net [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.media6degrees.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.collective-media.net [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.tribalfusion.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.media6degrees.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.media6degrees.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.media6degrees.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.media6degrees.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.serving-sys.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.serving-sys.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.bs.serving-sys.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.advertising.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.advertising.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.advertising.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.advertising.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.virginmedia.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.virginmedia.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.revsci.net [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.revsci.net [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.revsci.net [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.revsci.net [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.virginmedia.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
ad.yieldmanager.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.zedo.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.zedo.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.zedo.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.statcounter.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.invitemedia.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.invitemedia.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.invitemedia.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.invitemedia.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.fastclick.net [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.fastclick.net [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.fastclick.net [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.adbrite.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.adbrite.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.adbrite.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.etargetnet.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.toplist.sk [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
ad.yieldmanager.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
ad.yieldmanager.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
ad.yieldmanager.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
ad.yieldmanager.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
sk.search.etargetnet.com [ C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
Trojan.Agent/Gen
C:\SYSTEM VOLUME INFORMATION\_RESTORE{B1345870-9C57-4F74-84F2-0A7BFF5F33FC}\RP239\A0131690.SYS
Trojan.Vundo-Variant/F
C:\WINDOWS\SYSTEM32\AZIPCONTMN.DLL
C:\WINDOWS\SYSTEM32\SYSFOLDERAZIPCNT.DLL
OTL:OTL logfile created on: 5/12/2011 9:33:18 AM - Run 3
OTL by OldTimer - Version 3.2.4.1 Folder = C:\Documents and Settings\jhn barrett\Desktop\Virus Removal Tools
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
251.00 Mb Total Physical Memory | 63.00 Mb Available Physical Memory | 25.00% Memory free
610.00 Mb Paging File | 415.00 Mb Available in Paging File | 68.00% Paging File free
Paging file location(s): C:\pagefile.sys 372 744 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37.25 Gb Total Space | 14.65 Gb Free Space | 39.32% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 3.91 Gb Total Space | 2.96 Gb Free Space | 75.58% Space Free | Partition Type: FAT32
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: J-C4E7983211AD4
Current User Name: jhn barrett
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan
========== Processes (SafeList) ========== PRC - [2011/05/05 03:42:04 | 002,424,192 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
PRC - [2011/04/19 03:25:12 | 003,460,784 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2011/04/19 03:25:10 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2010/07/18 00:34:41 | 000,202,256 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
PRC - [2010/06/03 10:50:58 | 001,144,104 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
PRC - [2010/05/04 18:44:08 | 000,570,880 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\jhn barrett\Desktop\Virus Removal Tools\OTL.exe
PRC - [2008/11/10 06:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/04/14 10:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2004/07/02 02:23:32 | 000,067,584 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXE
========== Modules (SafeList) ========== MOD - [2011/04/19 03:25:09 | 000,199,792 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\snxhk.dll
MOD - [2010/08/24 02:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2010/05/04 18:44:08 | 000,570,880 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\jhn barrett\Desktop\Virus Removal Tools\OTL.exe
MOD - [2008/04/14 10:10:20 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
========== Win32 Services (SafeList) ========== SRV - [2011/04/19 03:25:10 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2008/11/10 06:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
========== Driver Services (SafeList) ========== DRV - [2011/04/19 03:17:46 | 000,441,176 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011/04/19 03:17:34 | 000,307,288 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswSP.sys -- (aswSP)
DRV - [2011/04/19 03:16:18 | 000,049,240 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011/04/19 03:16:06 | 000,102,488 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2011/04/19 03:13:21 | 000,025,432 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011/04/19 03:13:02 | 000,030,680 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2011/04/19 03:12:58 | 000,019,544 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010/05/11 04:41:30 | 000,067,656 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010/03/27 05:07:02 | 000,032,768 | ---- | M] (AnchorFree Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\taphss.sys -- (taphss)
DRV - [2010/02/18 04:25:48 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2009/04/10 15:58:02 | 000,105,344 | ---- | M] (Onda Communication) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ONDAusbser6k.sys -- (ONDAusbser6k)
DRV - [2009/04/10 15:58:02 | 000,105,344 | ---- | M] (Onda Communication) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ONDAusbnmea.sys -- (ONDAusbnmea)
DRV - [2009/04/10 15:58:02 | 000,105,344 | ---- | M] (Onda Communication) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ONDAusbmdm6k.sys -- (ONDAusbmdm6k)
DRV - [2009/03/25 15:29:52 | 000,130,432 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2008/01/17 16:50:34 | 000,100,864 | ---- | M] (ZTE Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ZTEusbser6k.sys -- (ZTEusbser6k)
DRV - [2008/01/17 16:50:34 | 000,100,864 | ---- | M] (ZTE Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ZTEusbnmea.sys -- (ZTEusbnmea)
DRV - [2008/01/17 16:50:34 | 000,100,864 | ---- | M] (ZTE Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ZTEusbmdm6k.sys -- (ZTEusbmdm6k)
DRV - [2006/02/22 02:32:04 | 000,143,904 | ---- | M] (Winbond Electronics Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\W33ND.SYS -- (W33ND)
DRV - [2004/08/04 08:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2004/07/22 22:50:16 | 001,268,234 | R--- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2004/07/01 22:49:00 | 000,626,977 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2004/02/24 18:08:52 | 000,400,384 | R--- | M] (Sensaura) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXSENS.SYS -- (ALCXSENS)
DRV - [2003/02/26 22:38:40 | 000,037,888 | ---- | M] (Winbond Electronics Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wbfirdma.sys -- (WBFIRDMA)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKCU\..\URLSearchHook: {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - C:\Program Files\DVDVideoSoft\tbDVDV.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ========== FF - prefs.js..browser.search.defaultthis.engineName: " "
FF - prefs.js..browser.search.defaulturl: "
http://search.condui...={searchTerms}"FF - prefs.js..browser.search.param.yahoo-fr: "chrf-ytbm"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "chrf-ytbm"
FF - prefs.js..browser.search.param.yahoo-type: "${8}"
FF - prefs.js..browser.search.selectedEngine: " "
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.1.5
FF - prefs.js..extensions.enabledItems:
[email protected]:1.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems:
[email protected]:1.0
FF - prefs.js..extensions.enabledItems:
[email protected]:1.5.2
FF - prefs.js..extensions.enabledItems: {00bf7b9c-acd2-4080-bea8-b1c41987070f}:2.6.0.15
FF - prefs.js..extensions.enabledItems:
[email protected]:1.0
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.1.20091029021655
FF - prefs.js..extensions.enabledItems:
[email protected]:1.10.01
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems:
[email protected]:3.2.5.2
FF - prefs.js..extensions.enabledItems: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}:3.2.5.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems:
[email protected]:20110101
FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010/07/18 00:40:08 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\
[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011/05/09 20:11:27 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\K-Meleon\Extensions\\Plugins: C:\Program Files\K-Meleon\Plugins [2010/07/18 00:41:46 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\K-Meleon\Extensions\\Components: C:\Program Files\K-Meleon\Components [2010/07/18 09:31:37 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/10/28 00:00:05 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/11/02 20:27:21 | 000,000,000 | ---D | M]
[2010/04/14 09:52:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jhn barrett\Application Data\Mozilla\Extensions
[2010/04/08 11:42:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jhn barrett\Application Data\Mozilla\Extensions\
[email protected][2011/05/11 16:04:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jhn barrett\Application Data\Mozilla\Firefox\Profiles\i34ihir7.default\extensions
[2010/05/19 19:14:29 | 000,000,000 | ---D | M] (TranslatorBar 1 Toolbar) -- C:\Documents and Settings\jhn barrett\Application Data\Mozilla\Firefox\Profiles\i34ihir7.default\extensions\{00bf7b9c-acd2-4080-bea8-b1c41987070f}
[2010/10/25 17:37:44 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\jhn barrett\Application Data\Mozilla\Firefox\Profiles\i34ihir7.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2009/12/11 21:47:13 | 000,000,000 | ---D | M] (uTorrentBar Community Toolbar) -- C:\Documents and Settings\jhn barrett\Application Data\Mozilla\Firefox\Profiles\i34ihir7.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}
[2010/04/25 02:58:25 | 000,000,000 | ---D | M] (Hotspot Shield Toolbar) -- C:\Documents and Settings\jhn barrett\Application Data\Mozilla\Firefox\Profiles\i34ihir7.default\extensions\{c95a4e8e-816d-4655-8c79-d736da1adb6d}
[2009/12/11 21:47:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jhn barrett\Application Data\Mozilla\Firefox\Profiles\i34ihir7.default\extensions\
[email protected][2010/10/29 01:18:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jhn barrett\Application Data\Mozilla\Firefox\Profiles\i34ihir7.default\extensions\
[email protected][2010/05/04 15:21:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jhn barrett\Application Data\Mozilla\Firefox\Profiles\i34ihir7.default\extensions\
[email protected][2010/07/22 07:17:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jhn barrett\Application Data\Mozilla\Firefox\Profiles\i34ihir7.default\extensions\
[email protected][2010/05/26 07:03:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jhn barrett\Application Data\Mozilla\Firefox\Profiles\i34ihir7.default\extensions\
[email protected][2009/12/11 21:47:13 | 000,000,863 | ---- | M] () -- C:\Documents and Settings\jhn barrett\Application Data\Mozilla\Firefox\Profiles\i34ihir7.default\searchplugins\conduit.xml
[2011/05/11 16:04:34 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/04/18 06:10:16 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/11/11 01:14:10 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2010/12/17 00:29:59 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011/05/07 18:05:13 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2010/11/12 17:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
O1 HOSTS File: ([2010/04/08 06:03:14 | 000,000,789 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll File not found
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (AVG Security Toolbar BHO) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll File not found
O2 - BHO: (DVDVideoSoft Toolbar) - {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - C:\Program Files\DVDVideoSoft\tbDVDV.dll (Conduit Ltd.)
O2 - BHO: (Yontoo Layers) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo Layers Client\YontooIEClient.dll (Yontoo Technology, Inc.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Show Xmlbar Toolbar) - {6B896ADB-4A82-46e2-858C-13134782CE34} - C:\Program Files\Xmlbar\Tudou Downloader\IEBar\xbietb.dll (Xmlbar.com)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll File not found
O3 - HKLM\..\Toolbar: (DVDVideoSoft Toolbar) - {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - C:\Program Files\DVDVideoSoft\tbDVDV.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll File not found
O3 - HKCU\..\Toolbar\WebBrowser: (DVDVideoSoft Toolbar) - {E9911EC6-1BCC-40B0-9993-E0EEA7F6953F} - C:\Program Files\DVDVideoSoft\tbDVDV.dll (Conduit Ltd.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKCU..\Run: [KasperskyPasswordManager] C:\DOCUME~1\JHNBAR~1\LOCALS~1\Temp\Rar$EX06.652\Kaspersky.Password.Manager.4.0.0.133.Eng\stpass.exe File not found
O4 - HKCU..\Run: [msnmsgr] C:\Program Files\Windows Live\Messenger\msnmsgr.exe File not found
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - HKLM..\RunOnce: [AvgUninstallURL] C:\WINDOWS\System32\cmd.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 36
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = FF FF FF FF [binary data]
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O9 - Extra Button: Run TudouDownloader - {612F6E5C-B314-4bab-93D1-D266AAFBE700} - C:\Program Files\Xmlbar\Tudou Downloader\TudouDownloader(xmlbar).exe (Xmlbar.com, Inc.)
O9 - Extra 'Tools' menuitem : Tudou Downloader - {612F6E5C-B314-4bab-93D1-D266AAFBE700} - C:\Program Files\Xmlbar\Tudou Downloader\TudouDownloader(xmlbar).exe (Xmlbar.com, Inc.)
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8}
http://go.microsoft....k/?linkid=58813 (Office Genuine Advantage Validation Tool)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700}
http://go.microsoft....k/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3}
http://www.update.mi...b?1273029714116 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O20 - Winlogon\Notify\igfxtcui: DllName - C:\documents and settings\all users\application data\jhn barrett\UpdateLogon.dll - C:\documents and settings\all users\application data\jhn barrett\UpdateLogon.dll File not found
O24 - Desktop WallPaper: C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\jhn barrett\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/03/21 03:29:50 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2010/03/26 09:02:30 | 000,000,000 | RHSD | M] - C:\autorun.inf -- [ NTFS ]
O33 - MountPoints2\{28e18500-bfa8-11df-aaa1-0040d0726735}\Shell - "" = AutoRun
O33 - MountPoints2\{28e18500-bfa8-11df-aaa1-0040d0726735}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{28e18500-bfa8-11df-aaa1-0040d0726735}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- File not found
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\AutoRun.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 90 Days ========== [2011/05/11 16:26:28 | 000,000,000 | ---D | C] -- C:\Program Files\Sophos
[2011/05/11 16:06:19 | 000,000,000 | ---D | C] -- C:\Avenger
[2011/05/11 15:58:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\jhn barrett\Application Data\SPE
[2011/05/11 15:47:11 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/05/11 15:46:54 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/05/11 15:41:25 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/05/11 02:22:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\jhn barrett\Desktop\Virus Removal Tool
[2011/05/09 20:12:39 | 000,019,544 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2011/05/09 20:12:38 | 000,307,288 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2011/05/09 20:12:32 | 000,025,432 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2011/05/09 20:12:31 | 000,441,176 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2011/05/09 20:12:31 | 000,049,240 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2011/05/09 20:12:30 | 000,102,488 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2011/05/09 20:12:30 | 000,096,344 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2011/05/09 20:12:28 | 000,030,680 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2011/05/09 20:11:21 | 000,040,112 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2011/05/09 20:11:20 | 000,199,304 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2011/05/09 20:10:45 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2011/05/09 20:10:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2011/05/09 16:23:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\jhn barrett\Application Data\SUPERAntiSpyware.com
[2011/05/09 16:23:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2011/05/09 16:23:02 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2011/05/08 06:22:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2011/05/07 18:46:59 | 000,100,864 | ---- | C] (ZTE Corporation) -- C:\WINDOWS\System32\drivers\ZTEusbser6k.sys
[2011/05/07 18:46:59 | 000,100,864 | ---- | C] (ZTE Corporation) -- C:\WINDOWS\System32\drivers\ZTEusbnmea.sys
[2011/05/07 18:46:59 | 000,100,864 | ---- | C] (ZTE Corporation) -- C:\WINDOWS\System32\drivers\ZTEusbmdm6k.sys
[2011/05/07 18:46:19 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\SupportApp
[2011/05/07 18:46:15 | 000,000,000 | ---D | C] -- C:\Program Files\ZTE Mobile Connection
[2011/05/07 18:46:06 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2011/05/07 18:05:10 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2011/05/07 18:05:09 | 000,000,000 | ---D | C] -- C:\Config.Msi
[2011/05/07 12:18:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\SupportApp(2)
[2011/05/07 12:18:15 | 000,000,000 | ---D | C] -- C:\Program Files\InstallShield Installation Information(2)
[2011/03/01 18:30:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NOS
[2011/02/28 20:24:18 | 000,000,000 | ---D | C] -- C:\a5d3f12fc97f2c0c1c6f10f66abb
[2011/02/28 18:29:34 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java(2)
[2011/02/28 18:11:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\McAfee
[1 C:\Documents and Settings\jhn barrett\*.tmp files -> C:\Documents and Settings\jhn barrett\*.tmp -> ]
========== Files - Modified Within 90 Days ========== [2011/05/12 09:30:37 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/05/12 09:30:36 | 000,000,290 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-220523388-507921405-1343024091-1004.job
[2011/05/12 09:30:36 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2011/05/12 09:30:02 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/05/12 09:28:40 | 007,340,032 | ---- | M] () -- C:\Documents and Settings\jhn barrett\ntuser.dat
[2011/05/12 09:28:40 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\jhn barrett\ntuser.ini
[2011/05/12 09:04:05 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/05/12 03:57:07 | 000,021,775 | ---- | M] () -- C:\Documents and Settings\jhn barrett\.recently-used.xbel
[2011/05/11 21:46:32 | 000,041,034 | ---- | M] () -- C:\Documents and Settings\jhn barrett\Application Data\wklnhst.dat
[2011/05/11 15:47:12 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/05/11 01:27:03 | 000,020,480 | ---- | M] () -- C:\Documents and Settings\jhn barrett\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/05/10 19:45:05 | 000,000,298 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-220523388-507921405-1343024091-1004.job
[2011/05/09 22:19:21 | 000,217,145 | ---- | M] () -- C:\Documents and Settings\jhn barrett\Desktop\kaspres.jpg
[2011/05/09 20:12:40 | 000,001,689 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2011/05/09 20:12:30 | 000,002,625 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2011/05/09 16:23:26 | 000,001,678 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011/05/09 15:42:58 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2011/05/07 18:46:47 | 000,001,617 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\ZTE Mobile Connection.lnk
[2011/05/07 18:19:39 | 000,433,800 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/05/07 18:19:38 | 000,068,232 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/05/07 18:19:34 | 000,510,402 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2011/05/07 18:08:43 | 000,191,384 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/05/07 18:01:19 | 005,284,890 | -H-- | M] () -- C:\Documents and Settings\jhn barrett\Local Settings\Application Data\IconCache.db
[2011/05/07 13:14:56 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/04/19 03:25:12 | 000,040,112 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2011/04/19 03:25:10 | 000,199,304 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2011/04/19 03:17:46 | 000,441,176 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2011/04/19 03:17:34 | 000,307,288 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2011/04/19 03:16:18 | 000,049,240 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2011/04/19 03:16:06 | 000,102,488 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2011/04/19 03:16:02 | 000,096,344 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2011/04/19 03:13:21 | 000,025,432 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2011/04/19 03:13:02 | 000,030,680 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2011/04/19 03:12:58 | 000,019,544 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2011/03/01 12:43:52 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/03/01 00:18:41 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[1 C:\Documents and Settings\jhn barrett\*.tmp files -> C:\Documents and Settings\jhn barrett\*.tmp -> ]
========== Files Created - No Company Name ========== [2011/05/12 03:57:07 | 000,021,775 | ---- | C] () -- C:\Documents and Settings\jhn barrett\.recently-used.xbel
[2011/05/11 15:47:12 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/05/09 22:19:20 | 000,217,145 | ---- | C] () -- C:\Documents and Settings\jhn barrett\Desktop\kaspres.jpg
[2011/05/09 20:12:40 | 000,001,689 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2011/05/09 16:23:26 | 000,001,678 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011/05/07 18:46:14 | 000,001,617 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\ZTE Mobile Connection.lnk
[2011/03/01 14:15:28 | 000,000,290 | ---- | C] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-220523388-507921405-1343024091-1004.job
[2010/11/26 08:15:21 | 000,075,264 | ---- | C] () -- C:\WINDOWS\System32\ztvunacev2.dll
[2010/11/26 08:15:19 | 000,156,160 | ---- | C] () -- C:\WINDOWS\System32\ztvunrar3.dll
[2010/11/26 08:14:58 | 000,178,176 | ---- | C] () -- C:\WINDOWS\System32\7-zip32.dll
[2010/04/22 02:43:03 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2010/04/08 22:38:40 | 000,015,944 | ---- | C] () -- C:\WINDOWS\System32\drivers\hitmanpro35.sys
[2010/03/21 07:45:13 | 000,000,025 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2010/03/21 04:01:00 | 000,155,648 | R--- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
[2009/08/04 01:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.DLL
[2009/03/03 21:18:04 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\RtNicProp32.dll
========== LOP Check ========== [2010/03/25 11:15:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2011/05/09 20:10:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2010/04/28 04:28:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar
[2010/04/11 10:12:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FileCure
[2010/04/09 07:57:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Hitman Pro
[2011/05/09 17:13:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\jhn barrett
[2010/10/23 23:10:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2011/05/08 05:39:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Tarma Installer
[2011/05/09 15:33:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/04/06 22:18:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jhn barrett\Application Data\1&1
[2010/05/25 10:38:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jhn barrett\Application Data\Facebook
[2011/05/12 03:57:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jhn barrett\Application Data\gtk-2.0
[2010/03/21 04:38:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jhn barrett\Application Data\K-Meleon
[2010/03/24 16:08:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jhn barrett\Application Data\Participatory Culture Foundation
[2011/05/11 15:58:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jhn barrett\Application Data\SPE
[2010/03/21 09:44:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jhn barrett\Application Data\Template
[2010/04/30 05:03:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jhn barrett\Application Data\Tudou Downloader(xmlbar)
========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34
< End of report >
Edited by jhnb, 12 May 2011 - 04:27 AM.
This topic is locked
OTL.Txt 62.98KB
127 downloads
Sign In
Create Account
