OTL logfile created on: 8/11/2012 4:04:05 PM - Run 1
OTL by OldTimer - Version 3.2.56.0 Folder = C:\Users\slammy\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.96 Gb Total Physical Memory | 1.71 Gb Available Physical Memory | 57.61% Memory free
7.36 Gb Paging File | 6.12 Gb Available in Paging File | 83.26% Paging File free
Paging file location(s): c:\pagefile.sys 4546 4546 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 139.24 Gb Total Space | 83.99 Gb Free Space | 60.32% Space Free | Partition Type: NTFS
Drive E: | 9.77 Gb Total Space | 4.54 Gb Free Space | 46.47% Space Free | Partition Type: NTFS
Computer Name: SAMMYLAPTOP | User Name: slammy | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012/08/11 15:27:30 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Slammy\Desktop\OTL.exe
PRC - [2012/03/26 17:08:12 | 000,931,200 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2012/03/26 17:03:40 | 000,011,552 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe
PRC - [2012/02/04 07:40:44 | 000,045,056 | ---- | M] (Intuit) -- c:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
PRC - [2012/01/03 08:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2010/10/12 09:45:37 | 001,324,384 | ---- | M] (Stardock Corporation) -- C:\Program Files\Dell\DellDock\DellDock.exe
PRC - [2010/04/05 16:46:08 | 000,288,040 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\Apoint.exe
PRC - [2010/03/23 13:22:26 | 000,049,152 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApntEx.exe
PRC - [2010/02/26 02:03:00 | 000,495,708 | ---- | M] (IDT, Inc.) -- C:\Program Files\IDT\WDM\sttray.exe
PRC - [2010/02/26 02:03:00 | 000,229,458 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_0145da1d\stacsv.exe
PRC - [2010/02/17 15:34:40 | 000,054,568 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApMsgFwd.exe
PRC - [2010/01/11 13:20:48 | 000,155,648 | ---- | M] (Stardock Corporation) -- C:\Program Files\Dell\DellDock\DockLogin.exe
PRC - [2009/04/15 01:46:04 | 000,481,280 | ---- | M] (Tamir Khason) -- C:\Program Files\SharpSoft\Vista Battery Saver\VistaBatterySaver.exe
PRC - [2009/04/10 23:27:38 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/03/03 02:43:08 | 000,081,920 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_0145da1d\AEstSrv.exe
PRC - [2009/01/31 22:43:30 | 000,049,250 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\hidfind.exe
========== Modules (No Company Name) ==========
MOD - [2012/06/18 00:30:50 | 015,881,728 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\MenuSkinning\3b5151bbd0e6de9d28585589bda695cd\MenuSkinning.ni.dll
MOD - [2012/06/18 00:30:41 | 001,711,616 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\2467a133aee73396c830b9b0a9c7ec0d\Microsoft.VisualBasic.ni.dll
MOD - [2012/06/18 00:30:32 | 000,284,160 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\VistaBridgeLibrary\4665c10b713844b5a2e77e5ed50f9cfe\VistaBridgeLibrary.ni.dll
MOD - [2012/06/18 00:30:31 | 002,584,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\DellDock\b46f17d6b131711060172ef5b72c71df\DellDock.ni.exe
MOD - [2012/06/18 00:30:29 | 000,291,840 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\MyDock.Util\8607754d59549e501cd716c679fd03ff\MyDock.Util.ni.dll
MOD - [2012/06/18 00:30:27 | 011,820,032 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\508b444db523c5cf20ff12c7f440837b\System.Web.ni.dll
MOD - [2012/06/18 00:17:18 | 012,433,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\f2691cfa7671cdc58179e56ba9227591\System.Windows.Forms.ni.dll
MOD - [2012/06/18 00:17:03 | 001,592,320 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\18f9789aa214c657113e676b3a9015aa\System.Drawing.ni.dll
MOD - [2012/06/01 18:15:28 | 000,998,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\f3d4d5fe5ab848fbfcf91a49960dc8ae\System.Management.ni.dll
MOD - [2012/06/01 18:15:20 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\846b9cf2756fdd15f704c9bab9c70b6f\System.Runtime.Remoting.ni.dll
MOD - [2012/06/01 18:15:00 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\bd76aaaa03ddc15d1840207b5a480644\System.Configuration.ni.dll
MOD - [2012/06/01 18:14:58 | 000,025,600 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\1b337cf9a031145849bc48c11b2cfe58\Accessibility.ni.dll
MOD - [2012/06/01 18:11:19 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d2630342a066a7cb9056d9eb6157687a\System.Xml.ni.dll
MOD - [2012/06/01 01:50:46 | 007,953,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\28d633338fc8d29f8af31935ef7d001b\System.ni.dll
MOD - [2012/06/01 01:50:32 | 011,492,352 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\af9c9e9d7e0523cd444f8b551baa9cbf\mscorlib.ni.dll
MOD - [2011/03/02 12:40:51 | 000,140,288 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2008/11/17 08:29:10 | 000,054,784 | ---- | M] () -- C:\Windows\System32\bcmwlrmt.dll
========== Win32 Services (SafeList) ==========
SRV - [2012/03/26 17:03:40 | 000,214,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV - [2012/03/26 17:03:40 | 000,011,552 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2012/02/04 07:40:44 | 000,045,056 | ---- | M] (Intuit) [Auto | Running] -- c:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe -- (QBCFMonitorService)
SRV - [2012/01/03 08:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2010/02/26 02:03:00 | 000,229,458 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_0145da1d\stacsv.exe -- (STacSV)
SRV - [2010/01/11 13:20:48 | 000,155,648 | ---- | M] (Stardock Corporation) [Auto | Running] -- C:\Program Files\Dell\DellDock\DockLogin.exe -- (DockLoginService)
SRV - [2009/07/23 22:10:38 | 000,061,440 | ---- | M] (Intuit Inc.) [On_Demand | Stopped] -- c:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe -- (QBFCService)
SRV - [2009/03/03 02:43:08 | 000,081,920 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_0145da1d\AEstSrv.exe -- (AESTFilters)
SRV - [2008/01/20 21:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | Boot | Stopped] -- system32\drivers\iastor.sys -- (iaStor)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ComboFix\catchme.sys -- (catchme)
DRV - [2012/08/11 15:44:01 | 000,029,904 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{3E0F4FA0-1783-459E-BDD0-F85D05E86899}\MpKslab090886.sys -- (MpKslab090886)
DRV - [2012/03/20 20:44:12 | 000,074,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2010/09/22 16:17:32 | 000,015,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rdpdispm.sys -- (RDPDISPM)
DRV - [2010/09/02 17:49:06 | 000,013,312 | ---- | M] (June Fabrics Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pneteth.sys -- (pneteth)
DRV - [2010/04/15 13:36:40 | 000,252,536 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2010/02/26 02:03:00 | 000,423,424 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2009/04/10 21:46:10 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usb8023.sys -- (USB_RNDIS)
DRV - [2009/04/10 21:42:54 | 000,031,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUSB)
DRV - [2008/11/17 08:29:08 | 000,018,424 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\bcm42rly.sys -- (BCM42RLY)
DRV - [2008/01/20 21:23:25 | 000,220,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express)
DRV - [2008/01/20 21:23:21 | 000,016,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV - [2006/11/02 02:36:43 | 002,028,032 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)
DRV - [2006/09/28 15:32:14 | 000,009,472 | ---- | M] (June Fabrics Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pnetmdm.sys -- (pnetmdm)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" =
http://www.google.com/search?q={sea...&oe={outputEncoding}&sourceid=ie7&rlz=1I7DKUS
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-846782583-1659375038-321502968-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = C:\Users\slammy\Desktop
IE - HKU\S-1-5-21-846782583-1659375038-321502968-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.com/
IE - HKU\S-1-5-21-846782583-1659375038-321502968-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-846782583-1659375038-321502968-1000\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-21-846782583-1659375038-321502968-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" =
http://www.google.com/search?q={sea...putEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKU\S-1-5-21-846782583-1659375038-321502968-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
O1 HOSTS File: ([2012/08/11 14:36:56 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [Intuit SyncManager] C:\Program Files\Common Files\Intuit\Sync\IntuitSyncManager.exe (Intuit Inc. All rights reserved.)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe (IDT, Inc.)
O4 - HKU\S-1-5-21-846782583-1659375038-321502968-1000..\Run: [VistaBatterySaver] C:\Program Files\SharpSoft\Vista Battery Saver\VistaBatterySaver.exe (Tamir Khason)
O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - Startup: C:\Users\slammy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-846782583-1659375038-321502968-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-846782583-1659375038-321502968-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.113.206.10 24.217.0.5 71.92.29.130
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2665BFDB-6A12-4B64-B31B-FFB73BB8D960}: DhcpNameServer = 68.113.206.10 24.217.0.5 71.92.29.130
O18 - Protocol\Handler\intu-help-qb3 {c5e479ea-0a65-4b05-8c6c-2fc8cc682eb4} - C:\Program Files\Intuit\QuickBooks 2010\HelpAsyncPluggableProtocol.dll (Intuit, Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\boombox_1920x1200.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\boombox_1920x1200.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 16:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2012/08/11 15:48:34 | 000,000,000 | ---D | C] -- C:\Users\slammy\AppData\Roaming\Malwarebytes
[2012/08/11 15:48:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/08/11 15:48:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/08/11 15:48:17 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012/08/11 15:48:17 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012/08/11 15:47:59 | 010,652,120 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\slammy\Desktop\mbam-setup-1.62.0.1300.exe
[2012/08/11 15:47:52 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Users\slammy\Desktop\OTL.exe
[2012/08/11 15:12:38 | 000,000,000 | ---D | C] -- C:\FRST
[2012/08/11 14:43:44 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2012/08/11 14:43:43 | 000,000,000 | ---D | C] -- C:\Users\slammy\AppData\Local\temp
[2012/08/11 14:38:24 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012/08/11 14:27:03 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012/08/11 14:27:03 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012/08/11 14:27:03 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012/08/11 14:27:00 | 000,000,000 | ---D | C] -- C:\ComboFix
[2012/08/11 14:26:57 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/08/11 14:26:30 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2012/08/11 14:23:19 | 000,000,000 | ---D | C] -- C:\Users\slammy\AppData\Local\{D3219952-47EC-4F34-B34F-9E4BD5A52CE6}
[2012/08/11 14:23:06 | 000,000,000 | ---D | C] -- C:\Users\slammy\AppData\Local\{07BF56E4-0461-47C5-B32A-C85EA9A619F2}
[2012/08/11 02:10:04 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2012/08/10 22:01:22 | 000,000,000 | ---D | C] -- C:\Users\slammy\AppData\Local\{A0AD0FDA-1BA1-450C-A6ED-CE4805D6AD00}
[2012/08/10 22:01:08 | 000,000,000 | ---D | C] -- C:\Users\slammy\AppData\Local\{AE77CC3B-94CF-44A9-B073-B12554291EC5}
[2012/08/05 19:31:23 | 000,000,000 | ---D | C] -- C:\Users\slammy\AppData\Local\{DEFAEDA8-605F-4D8F-84D8-45A0435C0B35}
[2012/08/05 19:31:09 | 000,000,000 | ---D | C] -- C:\Users\slammy\AppData\Local\{C2E83932-F32F-4D1D-8928-FB7F04A468EA}
[2012/08/03 15:49:52 | 000,000,000 | ---D | C] -- C:\Users\slammy\AppData\Local\{96828AE6-655C-4111-A54B-FC7DC45E6BBD}
[2012/08/03 15:49:40 | 000,000,000 | ---D | C] -- C:\Users\slammy\AppData\Local\{9407B296-49A1-436A-99A3-BE9BA2333014}
[2012/08/02 19:49:08 | 000,000,000 | ---D | C] -- C:\Users\slammy\AppData\Local\{9CFC2084-F7AF-4FEF-8CED-030AE3F80C1A}
[2012/08/02 19:48:46 | 000,000,000 | ---D | C] -- C:\Users\slammy\AppData\Local\{77650C92-F427-412E-8FE6-DE3E2AE65BA8}
[2012/08/02 07:48:19 | 000,000,000 | ---D | C] -- C:\Users\slammy\AppData\Local\{FE600656-1544-42E5-B3C1-024058755D38}
[2012/08/02 07:48:03 | 000,000,000 | ---D | C] -- C:\Users\slammy\AppData\Local\{B2A4DD7D-C50B-4803-B5F7-4BE819C0D894}
[2012/08/01 11:57:25 | 000,000,000 | ---D | C] -- C:\Users\slammy\AppData\Local\{B419E3A5-6A20-4FD3-B44B-542F95F34964}
[2012/08/01 11:57:07 | 000,000,000 | ---D | C] -- C:\Users\slammy\AppData\Local\{EC76A203-D0C3-4A77-BC8E-DC422D680B94}
[2012/07/31 23:37:20 | 000,000,000 | ---D | C] -- C:\Users\slammy\AppData\Local\{AA5DBF74-24FF-4004-A865-C1626B1BF298}
[2012/07/31 11:36:41 | 000,000,000 | ---D | C] -- C:\Users\slammy\AppData\Local\{8E6433A0-686F-46E6-A6C3-19065DD24005}
[2012/07/31 11:36:27 | 000,000,000 | ---D | C] -- C:\Users\slammy\AppData\Local\{159331AE-3643-4079-8A19-02DED5A94E4F}
[2012/07/30 22:20:54 | 000,000,000 | ---D | C] -- C:\Users\slammy\AppData\Local\{29D5ABC8-33EE-4A4B-B484-01DF5F6B4FB8}
[2012/07/30 10:20:17 | 000,000,000 | ---D | C] -- C:\Users\slammy\AppData\Local\{F05A302C-BCF1-4D43-B050-AB3A30A540D0}
[2012/07/30 10:20:00 | 000,000,000 | ---D | C] -- C:\Users\slammy\AppData\Local\{F22B3001-BC05-4B32-A065-1B7355CDD5FC}
[2012/07/29 12:07:57 | 000,000,000 | ---D | C] -- C:\Users\slammy\AppData\Local\{AC3BD8B3-4A82-42BE-8AD4-68FF1FAAC685}
[2012/07/29 12:07:43 | 000,000,000 | ---D | C] -- C:\Users\slammy\AppData\Local\{641DDA37-4C01-46F5-BEED-D90298353001}
[2012/07/20 08:16:06 | 000,000,000 | ---D | C] -- C:\Users\slammy\AppData\Local\{C37CEB8B-E731-4F68-880B-B9EEDAAA6FFA}
[2012/07/20 08:15:51 | 000,000,000 | ---D | C] -- C:\Users\slammy\AppData\Local\{27A67F9A-6834-416F-BE87-99983D76650D}
[2012/07/19 14:52:20 | 000,000,000 | ---D | C] -- C:\Users\slammy\AppData\Local\{F6E7BCD4-D596-47E2-9AC4-14E01938F730}
[2012/07/19 14:52:07 | 000,000,000 | ---D | C] -- C:\Users\slammy\AppData\Local\{5ECF5A32-0EBF-4A07-99A4-8718FBF2D762}
[2012/07/18 23:43:37 | 000,000,000 | ---D | C] -- C:\Users\slammy\AppData\Local\{ACA9FF47-C8F3-4D1D-9BA3-E495CA42CAA3}
[2012/07/18 23:43:17 | 000,000,000 | ---D | C] -- C:\Users\slammy\AppData\Local\{F15880ED-D9C1-48E2-8AB9-AD18DA26E324}
[2012/07/18 11:42:49 | 000,000,000 | ---D | C] -- C:\Users\slammy\AppData\Local\{299EEC4D-98CC-4A91-910D-134992D3EA9B}
[2012/07/18 11:42:33 | 000,000,000 | ---D | C] -- C:\Users\slammy\AppData\Local\{3AE6CB12-ED06-4B73-9800-51BFFDB79A3B}
[2012/07/17 11:17:38 | 000,000,000 | ---D | C] -- C:\Users\slammy\AppData\Local\{6B370060-A394-4E2D-B55A-B08BA38F05BD}
[2012/07/17 11:17:16 | 000,000,000 | ---D | C] -- C:\Users\slammy\AppData\Local\{F9236600-E5A1-45D9-9EDA-129D55FEF9C4}
[2012/07/16 23:16:51 | 000,000,000 | ---D | C] -- C:\Users\slammy\AppData\Local\{783DF1A1-E3E9-4B8B-B7C9-4E510240C3F0}
[2012/07/16 11:16:04 | 000,000,000 | ---D | C] -- C:\Users\slammy\AppData\Local\{3ED17D7F-8BBE-46A8-9F35-684BF854E353}
[2012/07/16 11:15:53 | 000,000,000 | ---D | C] -- C:\Users\slammy\AppData\Local\{39941FAA-1ABA-4837-B566-BF024A27C78F}
[2012/07/15 20:56:28 | 000,000,000 | -HSD | C] -- C:\Windows\System32\%APPDATA%
[2012/07/15 12:04:26 | 000,000,000 | ---D | C] -- C:\Users\slammy\AppData\Local\{B98E6E5D-6F91-4EAE-9AD2-9891C0646FEA}
[2012/07/15 12:03:50 | 000,000,000 | ---D | C] -- C:\Users\slammy\AppData\Local\{F69B395B-82A4-456A-9ACE-D2CDF386D817}
[2012/07/14 17:06:25 | 000,000,000 | ---D | C] -- C:\Users\slammy\AppData\Local\{47F020FB-FEE8-45E5-ACBD-A5150059AE18}
[2012/07/14 17:05:57 | 000,000,000 | ---D | C] -- C:\Users\slammy\AppData\Local\{DCE94A03-CF5B-4C37-8CB3-95DA47DA6339}
[2012/07/13 22:06:43 | 000,000,000 | ---D | C] -- C:\Users\slammy\AppData\Local\{DDEEE0F7-F798-4D10-BFD2-3DB56B91EE05}
[2012/07/13 22:06:07 | 000,000,000 | ---D | C] -- C:\Users\slammy\AppData\Local\{8A1B7B34-BB5D-456D-A61C-89D4516050CA}
[2012/07/13 09:38:44 | 000,000,000 | ---D | C] -- C:\Users\slammy\AppData\Local\{D2155C7D-D45C-415B-910D-23F12B81333D}
[2012/07/13 09:38:10 | 000,000,000 | ---D | C] -- C:\Users\slammy\AppData\Local\{3700BD2C-6B66-4D16-BCDD-2B593134351A}
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012/08/11 15:49:24 | 000,606,826 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/08/11 15:49:24 | 000,105,394 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/08/11 15:48:26 | 000,000,908 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/08/11 15:27:46 | 010,652,120 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\slammy\Desktop\mbam-setup-1.62.0.1300.exe
[2012/08/11 15:27:30 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\slammy\Desktop\OTL.exe
[2012/08/11 15:18:01 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/08/11 15:05:29 | 000,003,744 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/08/11 15:05:29 | 000,003,744 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/08/11 15:05:05 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore1cc9c027b1db267.job
[2012/08/11 15:04:47 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/08/11 14:36:56 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2012/08/11 13:13:46 | 000,002,243 | ---- | M] () -- C:\Windows\epplauncher.mif
[2012/08/11 11:23:50 | 000,000,680 | ---- | M] () -- C:\Users\slammy\AppData\Local\d3d9caps.dat
[2012/08/10 22:40:15 | 000,000,516 | ---- | M] () -- C:\Users\slammy\AppData\Roaming\wklnhst.dat
[2012/08/01 20:44:20 | 000,069,792 | ---- | M] () -- C:\Users\slammy\Desktop\Pic.jpg
[2012/07/15 01:37:38 | 000,443,459 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts.20120810-223925.backup
[2012/07/15 00:56:39 | 000,288,264 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012/07/14 22:19:19 | 006,660,096 | ---- | M] () -- C:\Users\slammy\Documents\Slammys Garage2 (Backup Jul 14,2012 10 19 PM).QBB
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012/08/11 15:48:26 | 000,000,908 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/08/11 14:27:03 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012/08/11 14:27:03 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012/08/11 14:27:03 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012/08/11 14:27:03 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012/08/11 14:27:03 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012/08/11 11:23:50 | 000,000,680 | ---- | C] () -- C:\Users\slammy\AppData\Local\d3d9caps.dat
[2012/08/11 02:10:36 | 000,001,828 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
[2012/08/01 20:44:48 | 000,069,792 | ---- | C] () -- C:\Users\slammy\Desktop\Pic.jpg
[2012/07/14 22:19:13 | 006,660,096 | ---- | C] () -- C:\Users\slammy\Documents\Slammys Garage2 (Backup Jul 14,2012 10 19 PM).QBB
[2009/03/03 05:59:28 | 000,000,516 | ---- | C] () -- C:\Users\slammy\AppData\Roaming\wklnhst.dat
[2009/03/03 03:30:57 | 000,019,456 | ---- | C] () -- C:\Users\slammy\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
========== LOP Check ==========
[2010/01/14 15:08:06 | 000,000,000 | ---D | M] -- C:\Users\slammy\AppData\Roaming\acccore
[2009/08/13 15:22:21 | 000,000,000 | ---D | M] -- C:\Users\slammy\AppData\Roaming\Image Zone Express
[2009/08/13 15:22:20 | 000,000,000 | ---D | M] -- C:\Users\slammy\AppData\Roaming\Printer Info Cache
[2009/03/03 06:04:05 | 000,000,000 | ---D | M] -- C:\Users\slammy\AppData\Roaming\Template
[2012/08/11 14:47:12 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
< End of report >