Here's the OTL log Thanks john z
OTL logfile created on: 6/26/2011 5:14:54 PM - Run 4
OTL by OldTimer - Version 3.2.24.1 Folder = C:\Documents and Settings\Home User\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
735.48 Mb Total Physical Memory | 326.02 Mb Available Physical Memory | 44.33% Memory free
1.38 Gb Paging File | 1.05 Gb Available in Paging File | 75.89% Paging File free
Paging file location(s): C:\pagefile.sys 720 1440 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37.26 Gb Total Space | 21.84 Gb Free Space | 58.62% Space Free | Partition Type: NTFS
Computer Name: HOME-B2BC004AA3 | User Name: Home User | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ========== PRC - [2011/06/25 15:39:43 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Home User\Desktop\OTL.exe
PRC - [2011/06/25 09:21:55 | 000,362,496 | ---- | M] () -- C:\WINDOWS\system32\bcsa.exe
PRC - [2011/06/07 05:13:20 | 000,140,952 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\1.3.21.57\GoogleCrashHandler.exe
PRC - [2011/05/10 07:10:58 | 003,459,712 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2011/05/10 07:10:57 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
========== Modules (SafeList) ========== MOD - [2011/06/25 15:39:43 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Home User\Desktop\OTL.exe
MOD - [2011/05/10 07:10:55 | 000,199,792 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\snxhk.dll
MOD - [2010/08/23 11:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
========== Win32 Services (SafeList) ========== SRV - File not found [Auto | Running] -- -- (WMP54GSSVC)
SRV - [2011/05/10 07:10:57 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
========== Driver Services (SafeList) ========== DRV - [2011/06/14 12:22:58 | 000,041,424 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\ImmunetProtect.sys -- (ImmunetProtectDriver)
DRV - [2011/06/14 12:22:58 | 000,031,184 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\ImmunetSelfProtect.sys -- (ImmunetSelfProtectDriver)
DRV - [2011/06/10 08:14:19 | 000,098,392 | ---- | M] (Sunbelt Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\SBREDrv.sys -- (SBRE)
DRV - [2011/05/10 07:03:54 | 000,441,176 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011/05/10 07:03:44 | 000,307,928 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011/05/10 07:02:37 | 000,049,240 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011/05/10 07:02:25 | 000,102,616 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2011/05/10 06:59:56 | 000,025,432 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011/05/10 06:59:37 | 000,030,808 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2011/05/10 06:59:35 | 000,019,544 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2008/02/25 13:54:56 | 000,105,088 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2005/11/25 15:39:06 | 000,203,776 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\vinyl97.sys -- (VIAudio) Vinyl AC'97 Audio Controller (WDM)
DRV - [2004/12/22 02:32:12 | 000,369,024 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2004/08/03 17:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2004/01/06 22:25:50 | 000,432,384 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sisgrp.sys -- (SiS315)
DRV - [2003/10/02 16:25:48 | 000,011,264 | R--- | M] (Silicon Integrated Systems Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\srvkp.sys -- (SiSkp)
DRV - [2003/09/25 23:15:32 | 000,015,872 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\GTNDIS5.sys -- (GTNDIS5)
DRV - [2003/01/13 10:43:56 | 000,030,720 | R--- | M] (Silicon Integrated Systems Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\SISAGPX.sys -- (sisagp)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.yahoo.com/IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ========== FF - prefs.js..browser.search.defaultengine: ""
FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.defaulturl: "http://search.babylon.com/web/{searchTerms}?babsrc=browsersearch&AF=17164"
FF - prefs.js..browser.search.order.1: ""
FF - prefs.js..browser.search.selectedEngine: ""
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://us.mg204.mail.yahoo.com/dc/launch?.partner=sbc&.gx=1&.rand=22cnf1hj8vtoi"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems:
jqs@sun.com:1.0
FF - prefs.js..network.proxy.type: 0
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.17\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/06/25 08:55:40 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.17\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/06/25 08:55:39 | 000,000,000 | ---D | M]
[2011/03/13 10:43:44 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Home User\Application Data\Mozilla\Extensions
[2011/06/25 09:13:59 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Home User\Application Data\Mozilla\Firefox\Profiles\esu596dt.default\extensions
[2011/06/11 08:59:50 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Home User\Application Data\Mozilla\Firefox\Profiles\esu596dt.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/06/09 14:08:16 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Home User\Application Data\Mozilla\Firefox\Profiles\esu596dt.default\extensions\ffxtlbr@babylon.com
[2011/06/14 08:30:47 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/01/12 12:19:51 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2010/08/20 15:59:26 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2010/11/12 19:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2011/03/31 22:54:59 | 000,002,226 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml
O1 HOSTS File: ([2011/06/23 15:51:04 | 000,000,916 | RH-- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 184.95.59.211
www.google.comO1 - Hosts: 184.95.59.212 search.yahoo.com
O1 - Hosts: 184.95.59.212
www.bing.comO2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - File not found
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll (Google Inc.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [cftmon] C:\WINDOWS\system32\bcsa.exe ()
O4 - HKCU..\Run: [SpybotSD TeaTimer] File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - File not found
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700}
http://download.microsoft.com/download/ ... ontrol.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {6218F7B5-0D3A-48BA-AE4C-49DCFA63D400}
http://www.myheritage.com/Genoogle/Comp ... eQuery.dll (CSEQueryObject Object)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3}
http://www.update.microsoft.com/microso ... 6929235375 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_23)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/08/20 15:47:22 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ========== [2011/06/26 16:57:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Home User\Start Menu\Programs\Revo Uninstaller
[2011/06/26 16:57:41 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group
[2011/06/26 16:56:21 | 002,616,384 | ---- | C] (VS Revo Group Ltd.) -- C:\Documents and Settings\Home User\Desktop\revosetup.exe
[2011/06/25 22:14:13 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/06/25 15:39:37 | 000,579,072 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Home User\Desktop\OTL.exe
[2011/06/25 14:48:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Home User\Local Settings\Application Data\Screentime
[2011/06/25 10:17:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Home User\Application Data\vmntemplate
[2011/06/25 10:02:58 | 001,441,584 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Home User\Desktop\ziz.com.exe
[2011/06/25 10:01:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Home User\Desktop\tdsskiller
[2011/06/25 09:31:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\CSC
[2011/06/25 09:14:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\appmgmt
[2011/06/22 15:59:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Real
[2011/06/21 11:50:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\SxsCaPendDel
[2011/06/14 13:21:34 | 000,000,000 | ---D | C] -- C:\Program Files\PC Tools Security
[2011/06/14 13:21:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2011/06/14 13:06:49 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2011/06/14 13:06:49 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2011/06/14 12:49:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Google Earth
[2011/06/14 12:38:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Picasa 3
[2011/06/14 12:26:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Home User\Application Data\Immunet
[2011/06/14 12:24:46 | 000,031,184 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\WINDOWS\System32\drivers\ImmunetSelfProtect.sys
[2011/06/14 12:23:44 | 000,041,424 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\WINDOWS\System32\drivers\ImmunetProtect.sys
[2011/06/14 12:21:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Home User\My Documents\My Google Gadgets
[2011/06/14 12:11:30 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\WebM Project
[2011/06/14 12:10:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Google Updater
[2011/06/14 12:09:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Google Updater
[2011/06/14 08:16:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2011/06/12 10:24:50 | 001,437,488 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Home User\Desktop\tds.com.exe
[2011/06/11 21:25:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\Sun
[2011/06/11 21:25:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Sun
[2011/06/11 12:33:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Home User\Application Data\Auslogics
[2011/06/11 12:26:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SystemSpeedBooster
[2011/06/11 12:26:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Home User\Application Data\SystemSpeedBooster
[2011/06/11 12:20:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Home User\Application Data\SystemOptimizeExpert
[2011/06/11 12:20:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SystemOptimizeExpert
[2011/06/11 12:06:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Home User\Desktop\PICTURES
[2011/06/11 08:03:35 | 000,441,176 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2011/06/10 22:38:06 | 000,000,000 | ---D | C] -- C:\Program Files\Singlesnet
[2011/06/10 22:38:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Singlesnet
[2011/06/10 15:53:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Macromedia
[2011/06/10 15:52:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Adobe
[2011/06/10 14:37:05 | 000,068,976 | ---- | C] (G Data Software) -- C:\WINDOWS\System32\drivers\GRD.sys
[2011/06/10 14:33:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Home User\Desktop\DOCUMENTS
[2011/06/10 14:30:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Home User\Desktop\PROGRAMS installed
[2011/06/10 13:29:38 | 000,051,400 | ---- | C] (G Data Software AG) -- C:\WINDOWS\System32\drivers\GDTdiIcpt.sys
[2011/06/10 13:29:38 | 000,029,640 | ---- | C] (G Data Software AG) -- C:\WINDOWS\System32\drivers\GDNdisIc.sys
[2011/06/10 13:29:24 | 000,062,024 | ---- | C] (G Data Software AG) -- C:\WINDOWS\System32\drivers\MiniIcpt.sys
[2011/06/10 13:29:24 | 000,033,480 | ---- | C] (G Data Software AG) -- C:\WINDOWS\System32\drivers\GDBehave.sys
[2011/06/10 13:26:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\G DATA
[2011/06/10 13:26:45 | 000,000,000 | ---D | C] -- C:\Program Files\Lavasoft
[2011/06/10 13:26:45 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\G Data
[2011/06/10 13:25:55 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$
[2011/06/10 13:19:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Home User\Local Settings\Application Data\Downloaded Installations
[2011/06/10 08:14:23 | 000,098,392 | ---- | C] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys
[2011/06/10 08:08:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DRVSTORE
[2011/06/10 08:08:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Lavasoft
[2011/06/09 13:58:02 | 000,000,000 | ---D | C] -- C:\Program Files\Yontoo Layers Runtime
[2011/06/09 13:57:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Tarma Installer
========== Files - Modified Within 30 Days ========== [2011/06/26 17:20:17 | 000,000,892 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/06/26 17:18:05 | 000,000,226 | ---- | M] () -- C:\WINDOWS\System32\winset.ini
[2011/06/26 17:12:01 | 000,000,888 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/06/26 17:11:57 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/06/26 17:11:50 | 000,000,286 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1708537768-413027322-725345543-1003.job
[2011/06/26 17:11:41 | 000,000,868 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2011/06/26 17:11:11 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/06/26 16:57:42 | 000,000,917 | ---- | M] () -- C:\Documents and Settings\Home User\Desktop\Revo Uninstaller.lnk
[2011/06/26 16:56:27 | 002,616,384 | ---- | M] (VS Revo Group Ltd.) -- C:\Documents and Settings\Home User\Desktop\revosetup.exe
[2011/06/26 16:53:07 | 000,000,356 | ---- | M] () -- C:\WINDOWS\tasks\Windows Codec Update Service.job
[2011/06/26 09:25:18 | 000,000,994 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1708537768-413027322-725345543-1003UA.job
[2011/06/25 22:00:08 | 000,000,000 | ---- | M] () -- C:\install.rdf
[2011/06/25 21:58:21 | 000,013,422 | -HS- | M] () -- C:\Documents and Settings\Home User\Local Settings\Application Data\2702064725
[2011/06/25 21:51:46 | 000,013,430 | -HS- | M] () -- C:\Documents and Settings\Home User\Local Settings\Application Data\2271568364
[2011/06/25 21:51:46 | 000,013,430 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\2271568364
[2011/06/25 21:51:46 | 000,013,422 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\2702064725
[2011/06/25 15:39:43 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Home User\Desktop\OTL.exe
[2011/06/25 10:09:09 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/06/25 09:59:40 | 001,309,037 | ---- | M] () -- C:\Documents and Settings\Home User\Desktop\tdsskiller.zip
[2011/06/25 09:21:55 | 000,362,496 | ---- | M] () -- C:\WINDOWS\System32\bcsa.exe
[2011/06/24 05:26:31 | 000,000,942 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1708537768-413027322-725345543-1003Core.job
[2011/06/23 15:51:04 | 000,000,916 | RH-- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011/06/21 21:56:51 | 056,039,816 | ---- | M] () -- C:\Documents and Settings\Home User\Desktop\avira_antivir_personal_en.exe
[2011/06/21 21:38:01 | 000,139,264 | ---- | M] () -- C:\Documents and Settings\Home User\Desktop\RKUnhookerLE.EXE
[2011/06/21 21:24:40 | 000,513,016 | ---- | M] () -- C:\Documents and Settings\Home User\Desktop\issetup.exe
[2011/06/21 21:17:12 | 000,505,574 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/06/21 21:17:12 | 000,087,598 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/06/21 11:54:53 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/06/20 17:36:50 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2011/06/20 13:50:36 | 000,002,294 | ---- | M] () -- C:\Documents and Settings\Home User\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/06/20 13:50:33 | 000,002,316 | ---- | M] () -- C:\Documents and Settings\Home User\Desktop\Google Chrome.lnk
[2011/06/16 15:28:00 | 001,441,584 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Home User\Desktop\ziz.com.exe
[2011/06/14 13:36:42 | 000,649,458 | ---- | M] () -- C:\WINDOWS\System32\drivers\Cat.DB
[2011/06/14 13:15:03 | 000,001,734 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader X.lnk
[2011/06/14 12:49:39 | 000,001,915 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Earth.lnk
[2011/06/14 12:22:58 | 000,041,424 | ---- | M] (Windows (R) Codename Longhorn DDK provider) -- C:\WINDOWS\System32\drivers\ImmunetProtect.sys
[2011/06/14 12:22:58 | 000,031,184 | ---- | M] (Windows (R) Codename Longhorn DDK provider) -- C:\WINDOWS\System32\drivers\ImmunetSelfProtect.sys
[2011/06/14 12:08:26 | 001,402,880 | ---- | M] () -- C:\Documents and Settings\Home User\Desktop\HiJackThis.msi
[2011/06/12 10:24:59 | 001,437,488 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Home User\Desktop\tds.com.exe
[2011/06/11 08:03:35 | 000,002,626 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2011/06/10 22:38:18 | 000,000,831 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Start Singlesnet.lnk
[2011/06/10 14:37:05 | 000,068,976 | ---- | M] (G Data Software) -- C:\WINDOWS\System32\drivers\GRD.sys
[2011/06/10 13:29:39 | 000,029,640 | ---- | M] (G Data Software AG) -- C:\WINDOWS\System32\drivers\GDNdisIc.sys
[2011/06/10 13:29:38 | 000,051,400 | ---- | M] (G Data Software AG) -- C:\WINDOWS\System32\drivers\GDTdiIcpt.sys
[2011/06/10 13:29:24 | 000,062,024 | ---- | M] (G Data Software AG) -- C:\WINDOWS\System32\drivers\MiniIcpt.sys
[2011/06/10 13:29:24 | 000,033,480 | ---- | M] (G Data Software AG) -- C:\WINDOWS\System32\drivers\GDBehave.sys
[2011/06/10 12:44:54 | 000,000,439 | ---- | M] () -- C:\Documents and Settings\Home User\Desktop\Shortcut to Downloads.lnk
[2011/06/10 08:14:19 | 000,098,392 | ---- | M] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys
[2011/06/09 16:35:50 | 000,000,735 | ---- | M] () -- C:\WINDOWS\wininit.ini
========== Files Created - No Company Name ========== [2011/06/26 16:57:42 | 000,000,917 | ---- | C] () -- C:\Documents and Settings\Home User\Desktop\Revo Uninstaller.lnk
[2011/06/25 22:00:08 | 000,000,000 | ---- | C] () -- C:\install.rdf
[2011/06/25 14:48:11 | 009,322,498 | ---- | C] () -- C:\Documents and Settings\Home User\Desktop\lanoire_screensaver_pc.exe
[2011/06/25 09:52:57 | 001,309,037 | ---- | C] () -- C:\Documents and Settings\Home User\Desktop\tdsskiller.zip
[2011/06/25 09:42:29 | 000,013,430 | -HS- | C] () -- C:\Documents and Settings\Home User\Local Settings\Application Data\2271568364
[2011/06/25 09:41:26 | 000,013,416 | -HS- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\pslfh888qr6kqq7l08484432
[2011/06/25 09:21:17 | 000,013,430 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\2271568364
[2011/06/25 09:21:17 | 000,013,422 | -HS- | C] () -- C:\Documents and Settings\Home User\Local Settings\Application Data\2702064725
[2011/06/25 09:15:36 | 000,013,422 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\2702064725
[2011/06/25 09:15:34 | 000,362,496 | ---- | C] () -- C:\WINDOWS\System32\bcsa.exe
[2011/06/25 09:15:32 | 000,000,226 | ---- | C] () -- C:\WINDOWS\System32\winset.ini
[2011/06/25 09:15:21 | 000,015,158 | -HS- | C] () -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\pslfh888qr6kqq7l08484432
[2011/06/21 21:53:33 | 056,039,816 | ---- | C] () -- C:\Documents and Settings\Home User\Desktop\avira_antivir_personal_en.exe
[2011/06/21 21:38:01 | 000,139,264 | ---- | C] () -- C:\Documents and Settings\Home User\Desktop\RKUnhookerLE.EXE
[2011/06/21 21:24:37 | 000,513,016 | ---- | C] () -- C:\Documents and Settings\Home User\Desktop\issetup.exe
[2011/06/21 21:05:40 | 000,000,010 | ---- | C] () -- C:\Documents and Settings\NetworkService\Application Data\install
[2011/06/21 21:00:21 | 000,001,876 | ---- | C] () -- C:\Documents and Settings\NetworkService\Application Data\1.gif
[2011/06/21 20:57:55 | 000,000,011 | ---- | C] () -- C:\Documents and Settings\NetworkService\Application Data\ct_start
[2011/06/14 13:36:13 | 000,649,458 | ---- | C] () -- C:\WINDOWS\System32\drivers\Cat.DB
[2011/06/14 13:15:03 | 000,001,734 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader X.lnk
[2011/06/14 13:15:02 | 000,001,804 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader X.lnk
[2011/06/14 12:49:39 | 000,001,915 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Google Earth.lnk
[2011/06/14 12:09:50 | 000,000,868 | ---- | C] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2011/06/14 12:08:24 | 001,402,880 | ---- | C] () -- C:\Documents and Settings\Home User\Desktop\HiJackThis.msi
[2011/06/10 22:38:17 | 000,000,831 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Start Singlesnet.lnk
[2011/06/10 12:44:54 | 000,000,439 | ---- | C] () -- C:\Documents and Settings\Home User\Desktop\Shortcut to Downloads.lnk
[2011/06/09 16:35:49 | 000,000,735 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2011/05/07 10:37:59 | 000,000,480 | ---- | C] () -- C:\WINDOWS\eReg.dat
[2011/03/13 10:43:17 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2011/01/24 11:57:35 | 000,022,024 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2011/01/24 11:32:26 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\GTW32N50.dll
[2011/01/24 11:32:22 | 000,651,264 | ---- | C] () -- C:\WINDOWS\System32\libeay32.dll
[2011/01/24 11:32:22 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\ssleay32.dll
[2011/01/24 11:32:04 | 000,004,254 | ---- | C] () -- C:\WINDOWS\System32\WLAN.INI
[2011/01/22 19:12:06 | 000,815,104 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2011/01/22 19:12:05 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2011/01/22 11:31:23 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2011/01/22 09:56:07 | 000,005,120 | ---- | C] () -- C:\Documents and Settings\Home User\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/08/20 16:01:16 | 000,155,648 | R--- | C] () -- C:\WINDOWS\System32\TVModeLib.dll
[2010/08/20 16:01:16 | 000,034,915 | ---- | C] () -- C:\WINDOWS\System32\1_ssetup.ini
[2010/08/20 16:01:16 | 000,016,819 | ---- | C] () -- C:\WINDOWS\System32\sunistlog.ini
[2010/08/20 16:00:51 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\sis740.bin
[2010/08/20 16:00:51 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\sis650.bin
[2010/08/20 16:00:42 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\setuplib.dll
[2010/08/20 16:00:42 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\waitwnd.exe
[2010/08/20 15:59:42 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/08/20 15:50:58 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2010/08/20 10:07:16 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2010/08/20 09:55:43 | 000,267,008 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2008/05/26 22:59:42 | 000,018,904 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschematrivial.bin
[2008/05/26 22:59:40 | 000,106,605 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschema.bin
[2007/09/27 11:51:02 | 000,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/09/27 11:48:48 | 000,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/09/27 11:48:28 | 000,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2004/08/04 07:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004/08/04 07:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/04 07:00:00 | 000,505,574 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/04 07:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/04 07:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/04 07:00:00 | 000,087,598 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/04 07:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/04 07:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/04 07:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/04 07:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/08/04 07:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004/08/04 07:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
========== LOP Check ========== [2010/08/23 09:29:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2011/06/10 22:16:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\G DATA
[2011/01/22 10:20:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
[2011/01/24 12:41:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PCPitstop
[2011/06/11 12:21:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SystemOptimizeExpert
[2011/06/11 12:27:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SystemSpeedBooster
[2011/06/09 16:35:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Tarma Installer
[2011/06/21 22:43:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2011/03/31 22:55:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Home User\Application Data\Acapela Group
[2011/06/11 12:33:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Home User\Application Data\Auslogics
[2011/02/03 19:36:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Home User\Application Data\ElevatedDiagnostics
[2011/02/05 13:39:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Home User\Application Data\GetRightToGo
[2011/06/14 12:26:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Home User\Application Data\Immunet
[2011/02/05 14:03:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Home User\Application Data\OpenCandy
[2011/06/11 12:20:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Home User\Application Data\SystemOptimizeExpert
[2011/06/11 12:26:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Home User\Application Data\SystemSpeedBooster
[2011/05/07 12:02:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Home User\Application Data\Uniblue
[2011/06/25 10:17:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Home User\Application Data\vmntemplate
[2011/01/12 15:11:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Home User\Application Data\Windows Desktop Search
[2011/01/23 19:15:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Home User\Application Data\Windows Search
[2011/06/26 16:53:07 | 000,000,356 | ---- | M] () -- C:\WINDOWS\Tasks\Windows Codec Update Service.job
========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
< End of report >