OTL.txt below
OTL logfile created on: 7/23/2012 2:51:29 PM - Run 1
OTL by OldTimer - Version 3.2.54.0 Folder = C:\Users\User\Desktop
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1014.12 Mb Total Physical Memory | 199.16 Mb Available Physical Memory | 19.64% Memory free
1.99 Gb Paging File | 0.77 Gb Available in Paging File | 38.91% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 148.95 Gb Total Space | 80.96 Gb Free Space | 54.36% Space Free | Partition Type: NTFS
Unable to calculate disk information.
Drive G: | 973.17 Mb Total Space | 902.91 Mb Free Space | 92.78% Space Free | Partition Type: FAT
Computer Name: USER-PC | User Name: User | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012/07/23 14:50:49 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\User\Desktop\OTL.exe
PRC - [2012/07/03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware 2\mbamservice.exe
PRC - [2012/07/03 13:46:44 | 000,462,920 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware 2\mbamgui.exe
PRC - [2012/04/01 17:04:00 | 000,634,880 | ---- | M] () -- C:\Program Files\HTC\HTC Sync 3.0\htcUPCTLoader.exe
PRC - [2012/03/23 14:25:24 | 000,087,040 | ---- | M] () -- C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
PRC - [2011/06/23 23:22:20 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2010/12/10 15:03:48 | 000,143,696 | ---- | M] (Novatel Wireless Inc.) -- C:\Program Files\Novatel Wireless\Verizon\Drivers\VZWMSConfig.exe
PRC - [2010/11/30 13:20:36 | 000,997,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2010/11/20 07:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010/11/20 07:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010/11/11 12:26:42 | 000,206,360 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
PRC - [2010/11/11 12:26:40 | 000,011,736 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
PRC - [2010/06/03 19:04:02 | 000,216,064 | ---- | M] (Novatel Wireless Inc.) -- C:\Program Files\Novatel Wireless\Verizon\Drivers\NWHelper_001.exe
PRC - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2007/07/20 18:13:26 | 001,180,952 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\QuickSet\quickset.exe
PRC - [2007/07/20 18:11:12 | 000,390,424 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\QuickSet\NicConfigSvc.exe
PRC - [2006/11/15 14:16:00 | 001,298,432 | ---- | M] (Cambridge Silicon Radio) -- C:\Program Files\CSR\Vista Profile Pack\BtHidUi.exe
PRC - [2006/11/15 14:16:00 | 001,212,416 | ---- | M] (Cambridge Silicon Radio) -- C:\Program Files\CSR\Vista Profile Pack\HidSw.exe
PRC - [2006/11/07 17:26:52 | 000,127,488 | ---- | M] (CSR, plc) -- C:\Program Files\CSR\Vista Profile Pack\BthFilterHelper.exe
PRC - [2006/09/09 05:10:22 | 000,040,960 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint\hidfind.exe
PRC - [2006/09/09 05:06:08 | 000,040,960 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint\ApntEx.exe
PRC - [2006/09/09 04:54:30 | 000,042,544 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint\ApMsgFwd.exe
PRC - [2006/09/09 04:19:46 | 000,151,552 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint\Apoint.exe
========== Modules (No Company Name) ==========
MOD - [2012/05/30 20:06:48 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012/05/30 20:06:30 | 001,242,512 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2012/04/01 17:04:00 | 001,515,520 | ---- | M] () -- C:\Program Files\HTC\HTC Sync 3.0\Maps\R66Api.dll
MOD - [2012/04/01 17:04:00 | 000,634,880 | ---- | M] () -- C:\Program Files\HTC\HTC Sync 3.0\htcUPCTLoader.exe
MOD - [2012/04/01 17:04:00 | 000,559,244 | ---- | M] () -- C:\Program Files\HTC\HTC Sync 3.0\sqlite3.7.dll
MOD - [2012/04/01 17:04:00 | 000,516,599 | ---- | M] () -- C:\Program Files\HTC\HTC Sync 3.0\sqlite3.dll
MOD - [2012/04/01 17:04:00 | 000,385,024 | ---- | M] () -- C:\Program Files\HTC\HTC Sync 3.0\htcDetect.dll
MOD - [2012/04/01 17:04:00 | 000,172,032 | ---- | M] () -- C:\Program Files\HTC\HTC Sync 3.0\htcDetectLegend.dll
MOD - [2012/04/01 17:04:00 | 000,151,552 | ---- | M] () -- C:\Program Files\HTC\HTC Sync 3.0\htcDisk.dll
MOD - [2012/04/01 17:04:00 | 000,103,936 | ---- | M] () -- C:\Program Files\HTC\HTC Sync 3.0\OutputLog.dll
MOD - [2012/04/01 17:04:00 | 000,094,208 | ---- | M] () -- C:\Program Files\HTC\HTC Sync 3.0\fdHttpd.dll
MOD - [2012/03/26 16:21:41 | 006,610,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\10c0fcb63849b96dc15a4ed30fd357f1\System.Data.ni.dll
MOD - [2012/03/26 16:20:32 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\9866d1f6178e1cde25642f1ac293ff8d\System.Xml.ni.dll
MOD - [2012/03/26 16:20:08 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\e620323cacb5b6bfd93fd28d263440e4\System.Configuration.ni.dll
MOD - [2012/03/26 16:19:59 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\faf4e8730ecbd07570111bb7c3b20565\System.ni.dll
MOD - [2011/10/19 08:59:45 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a1a82db68b3badc7c27ea1f6579d22c5\mscorlib.ni.dll
MOD - [2010/11/04 20:58:05 | 002,927,616 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
========== Win32 Services (SafeList) ==========
SRV - [2012/07/03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware 2\mbamservice.exe -- (MBAMService)
SRV - [2012/04/04 00:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Stopped] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/03/23 14:25:24 | 000,087,040 | ---- | M] () [Auto | Running] -- C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe -- (PassThru Service)
SRV - [2011/04/04 23:15:05 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2010/12/10 15:03:48 | 000,143,696 | ---- | M] (Novatel Wireless Inc.) [Auto | Running] -- C:\Program Files\Novatel Wireless\Verizon\Drivers\VZWMSConfig.exe -- (VZWConfigService)
SRV - [2010/11/11 12:26:42 | 000,206,360 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv)
SRV - [2010/11/11 12:26:40 | 000,011,736 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV - [2010/06/03 19:04:02 | 000,216,064 | ---- | M] (Novatel Wireless Inc.) [Auto | Running] -- C:\Program Files\Novatel Wireless\Verizon\Drivers\NWHelper_001.exe -- (NWVZHelper)
SRV - [2009/07/13 20:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/13 20:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/07/13 20:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2007/07/20 18:11:12 | 000,390,424 | ---- | M] (Dell Inc.) [Auto | Running] -- C:\Program Files\Dell\QuickSet\NicConfigSvc.exe -- (nicconfigsvc)
SRV - [2006/11/07 17:26:52 | 000,127,488 | ---- | M] (CSR, plc) [Auto | Running] -- C:\Program Files\CSR\Vista Profile Pack\BthFilterHelper.exe -- (BthFilterHelper)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\tsusbhub.sys -- (tsusbhub)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\synth3dvsc.sys -- (Synth3dVsc)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\SynasUSB.sys -- (SynasUSB)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\User\AppData\Local\Temp\catchme.sys -- (catchme)
DRV - [2012/07/03 13:46:44 | 000,022,344 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2010/12/10 16:04:32 | 000,231,424 | ---- | M] (Novatel Wireless Inc) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NWADIenum.sys -- (NWADI)
DRV - [2010/11/20 07:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010/11/20 07:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010/11/20 07:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010/11/20 05:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 05:21:14 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2010/11/20 04:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/11/20 04:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010/11/20 04:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010/10/24 21:25:38 | 000,054,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2010/10/24 21:25:38 | 000,043,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\MpNWMon.sys -- (MpNWMon)
DRV - [2010/06/23 11:24:58 | 000,023,040 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\htcnprot.sys -- (htcnprot)
DRV - [2009/10/27 00:54:24 | 000,025,088 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ANDROIDUSB.sys -- (HTCAND32)
DRV - [2009/09/09 17:19:16 | 000,069,664 | ---- | M] (O2Micro) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\oz776.sys -- (guardian2)
DRV - [2009/07/13 19:56:07 | 000,265,088 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BrSerIb.sys -- (BrSerIb) Brother MFC Serial Interface Driver(WDM)
DRV - [2009/07/13 18:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009/07/13 17:53:33 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BrUsbSIb.sys -- (BrUsbSIb) Brother MFC Serial USB Driver(WDM)
DRV - [2008/08/11 04:03:22 | 000,091,136 | ---- | M] (ZOOM) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\zmhhpau.sys -- (ZMHHPAudioSrv)
DRV - [2006/11/06 22:13:36 | 000,013,824 | ---- | M] (CSR, plc) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\BthFilt.sys -- (BTHFILT)
DRV - [2006/10/11 19:02:00 | 000,031,744 | ---- | M] (CSR, plc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\csrbcxp.sys -- (CSRBC)
DRV - [2006/07/28 11:03:44 | 000,139,776 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-274320595-3248779322-254929564-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
https://mail.google.com/mail/u/0/?shva=1#inbox
IE - HKU\S-1-5-21-274320595-3248779322-254929564-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
IE - HKU\S-1-5-21-274320595-3248779322-254929564-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 6D C3 B6 F0 07 F4 CB 01 [binary data]
IE - HKU\S-1-5-21-274320595-3248779322-254929564-1000\..\SearchScopes,DefaultScope = {F94014A8-170C-46DE-AB0A-06149F698F28}
IE - HKU\S-1-5-21-274320595-3248779322-254929564-1000\..\SearchScopes\{F94014A8-170C-46DE-AB0A-06149F698F28}: "URL" =
http://www.google.com/search?q={sea...startIndex={startIndex?}&startPage={startPage}
IE - HKU\S-1-5-21-274320595-3248779322-254929564-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-274320595-3248779322-254929564-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\User\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\User\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\User\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\User\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/04/19 11:10:27 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
[2012/04/19 11:11:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\User\AppData\Roaming\mozilla\Extensions
[2012/05/07 11:50:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\60rqpgq4.default\extensions
[2012/04/19 11:10:27 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/03/12 23:39:39 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012/03/12 23:38:32 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/03/12 23:38:32 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml
O1 HOSTS File: ([2009/06/10 16:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [BtHidUi] C:\Program Files\CSR\Vista Profile Pack\BtHidUi.exe (Cambridge Silicon Radio)
O4 - HKLM..\Run: [HTC Sync Loader] C:\Program Files\HTC\HTC Sync 3.0\htcUPCTLoader.exe ()
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware 2\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-274320595-3248779322-254929564-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-274320595-3248779322-254929564-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-274320595-3248779322-254929564-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-274320595-3248779322-254929564-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKU\S-1-5-21-274320595-3248779322-254929564-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O9 - Extra Button: TabPlayer - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - \tp.exe File not found
O9 - Extra 'Tools' menuitem : Tools Menu Item - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - \tp.exe File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab (Java Plug-in 10.3.0)
O16 - DPF: {CAFEEFAC-0017-0000-0003-ABCDEFFEDCBA}
http://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab (Java Plug-in 1.7.0_03)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab (Java Plug-in 1.7.0_03)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7151EAFE-0796-46B0-8F0E-5FD657CC94DB}: DhcpNameServer = 192.168.1.254
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 16:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2012/07/23 15:48:24 | 000,000,000 | ---D | C] -- C:\FRST
[2012/07/23 14:50:40 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Users\User\Desktop\OTL.exe
[2012/07/23 14:13:20 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2012/07/23 14:12:02 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012/07/23 13:59:39 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012/07/23 13:59:39 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012/07/23 13:59:39 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012/07/23 13:59:29 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/07/23 13:58:58 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2012/07/23 13:56:43 | 004,583,914 | R--- | C] (Swearware) -- C:\Users\User\Desktop\ComboFix.exe
[2012/07/22 20:39:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/07/22 20:39:25 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012/07/22 20:39:25 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware 2
[2012/07/22 20:38:42 | 010,652,120 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\User\Desktop\mbam-setup-1.62.0.1300.exe
[2012/07/22 20:27:28 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2012/07/21 14:23:35 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{6D026D35-D369-11E1-8270-B8AC6F996F26}
[2012/07/21 14:07:04 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Malwarebytes
[2012/07/21 14:04:22 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012/07/21 14:04:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/07/21 13:54:18 | 000,000,000 | ---D | C] -- C:\Users\User\Desktop\my kill
[2012/07/21 11:31:51 | 000,000,000 | -HSD | C] -- C:\Windows\System32\%APPDATA%
[2012/07/21 11:28:05 | 000,000,000 | ---D | C] -- C:\ProgramData\036DFF590009EDE70303F307F875EF7E
[2012/07/21 11:27:23 | 000,056,320 | -H-- | C] (FRISK Software International) -- C:\Windows\System32\cofiHost.dll
[2012/07/20 19:28:05 | 000,000,000 | ---D | C] -- C:\Users\User\Documents\NWA Cycle Rentals
[2012/07/10 07:15:00 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\Apple Computer
[2012/07/10 07:14:59 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Apple Computer
[2012/07/10 07:14:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012/07/10 07:14:39 | 000,000,000 | ---D | C] -- C:\Windows\System32\DRVSTORE
[2012/07/10 07:13:15 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012/07/10 07:12:50 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2012/07/10 07:12:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2012/07/10 07:12:50 | 000,000,000 | ---D | C] -- C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2012/07/10 07:11:37 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\Apple
[2012/07/10 07:11:30 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
[2012/07/10 07:10:34 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2012/07/10 07:10:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2012/07/10 07:09:59 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2012/06/27 00:04:59 | 000,000,000 | ---D | C] -- C:\Config.Msi
========== Files - Modified Within 30 Days ==========
[2012/07/23 14:50:49 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\User\Desktop\OTL.exe
[2012/07/23 14:45:27 | 000,620,364 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/07/23 14:45:27 | 000,105,546 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/07/23 14:40:05 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/07/23 14:40:02 | 000,000,878 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/07/23 14:38:12 | 000,001,989 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2012/07/23 14:26:14 | 000,014,416 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/07/23 14:26:14 | 000,014,416 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/07/23 14:18:48 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/07/23 14:18:37 | 797,536,256 | -HS- | M] () -- C:\hiberfil.sys
[2012/07/23 14:11:01 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-274320595-3248779322-254929564-1000UA.job
[2012/07/23 13:57:27 | 004,583,914 | R--- | M] (Swearware) -- C:\Users\User\Desktop\ComboFix.exe
[2012/07/22 20:39:34 | 000,001,081 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/07/22 20:34:28 | 010,652,120 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\User\Desktop\mbam-setup-1.62.0.1300.exe
[2012/07/21 13:51:36 | 002,117,152 | ---- | M] () -- C:\Users\User\Desktop\my kill.zip
[2012/07/21 11:27:23 | 000,056,320 | -H-- | M] (FRISK Software International) -- C:\Windows\System32\cofiHost.dll
[2012/07/12 13:11:10 | 000,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-274320595-3248779322-254929564-1000Core.job
[2012/07/10 07:27:35 | 000,187,432 | -H-- | M] () -- C:\Windows\System32\mlfcache.dat
[2012/07/10 07:14:49 | 000,001,753 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012/07/05 15:05:42 | 000,381,423 | ---- | M] () -- C:\Users\User\Documents\IMAG0542.jpg
[2012/07/05 10:58:02 | 001,224,461 | ---- | M] () -- C:\Users\User\Documents\IMAG0541.jpg
[2012/07/05 10:57:46 | 001,130,127 | ---- | M] () -- C:\Users\User\Documents\IMAG0540.jpg
[2012/07/05 10:55:48 | 001,199,589 | ---- | M] () -- C:\Users\User\Documents\IMAG0539.jpg
[2012/07/05 10:55:34 | 001,457,157 | ---- | M] () -- C:\Users\User\Documents\IMAG0538.jpg
[2012/07/05 09:50:10 | 001,745,052 | ---- | M] () -- C:\Users\User\Documents\IMAG0537.jpg
[2012/07/03 13:46:44 | 000,022,344 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012/07/02 11:23:02 | 001,282,236 | ---- | M] () -- C:\Users\User\Documents\IMAG0531.jpg
[2012/07/02 11:22:32 | 001,218,415 | ---- | M] () -- C:\Users\User\Documents\IMAG0530.jpg
[2012/07/02 11:22:20 | 001,223,114 | ---- | M] () -- C:\Users\User\Documents\IMAG0529.jpg
[2012/07/02 11:22:04 | 001,264,856 | ---- | M] () -- C:\Users\User\Documents\IMAG0528.jpg
[2012/07/02 11:20:26 | 001,216,301 | ---- | M] () -- C:\Users\User\Documents\IMAG0527.jpg
[2012/07/02 11:20:00 | 001,161,125 | ---- | M] () -- C:\Users\User\Documents\IMAG0526.jpg
[2012/07/02 11:19:42 | 001,238,067 | ---- | M] () -- C:\Users\User\Documents\IMAG0525.jpg
========== Files Created - No Company Name ==========
[2012/07/23 14:38:12 | 000,001,989 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2012/07/23 14:38:11 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2012/07/23 13:59:39 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012/07/23 13:59:39 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012/07/23 13:59:39 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012/07/23 13:59:39 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012/07/23 13:59:39 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012/07/22 20:39:34 | 000,001,081 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/07/21 13:51:30 | 002,117,152 | ---- | C] () -- C:\Users\User\Desktop\my kill.zip
[2012/07/10 07:27:35 | 000,187,432 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat
[2012/07/10 07:14:49 | 000,001,753 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012/07/10 07:11:31 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2012/07/06 18:28:14 | 008,882,333 | ---- | C] () -- C:\Users\User\Documents\VIDEO0007.3gp
[2012/07/06 18:28:13 | 005,760,237 | ---- | C] () -- C:\Users\User\Documents\VIDEO0003.3gp
[2012/07/06 18:28:13 | 004,708,122 | ---- | C] () -- C:\Users\User\Documents\VIDEO0004.3gp
[2012/07/06 18:28:13 | 003,849,479 | ---- | C] () -- C:\Users\User\Documents\VIDEO0006.3gp
[2012/07/06 18:28:13 | 003,272,565 | ---- | C] () -- C:\Users\User\Documents\VIDEO0005.3gp
[2012/07/06 18:28:12 | 010,516,924 | ---- | C] () -- C:\Users\User\Documents\VIDEO0002.3gp
[2012/07/06 18:28:11 | 010,689,148 | ---- | C] () -- C:\Users\User\Documents\VIDEO0001.3gp
[2012/07/06 18:28:11 | 001,745,052 | ---- | C] () -- C:\Users\User\Documents\IMAG0537.jpg
[2012/07/06 18:28:11 | 001,457,157 | ---- | C] () -- C:\Users\User\Documents\IMAG0538.jpg
[2012/07/06 18:28:11 | 001,224,461 | ---- | C] () -- C:\Users\User\Documents\IMAG0541.jpg
[2012/07/06 18:28:11 | 001,199,589 | ---- | C] () -- C:\Users\User\Documents\IMAG0539.jpg
[2012/07/06 18:28:11 | 001,130,127 | ---- | C] () -- C:\Users\User\Documents\IMAG0540.jpg
[2012/07/06 18:28:11 | 000,381,423 | ---- | C] () -- C:\Users\User\Documents\IMAG0542.jpg
[2012/07/06 18:28:10 | 001,282,236 | ---- | C] () -- C:\Users\User\Documents\IMAG0531.jpg
[2012/07/06 18:28:10 | 001,264,856 | ---- | C] () -- C:\Users\User\Documents\IMAG0528.jpg
[2012/07/06 18:28:10 | 001,223,114 | ---- | C] () -- C:\Users\User\Documents\IMAG0529.jpg
[2012/07/06 18:28:10 | 001,218,415 | ---- | C] () -- C:\Users\User\Documents\IMAG0530.jpg
[2012/07/06 18:28:10 | 001,216,301 | ---- | C] () -- C:\Users\User\Documents\IMAG0527.jpg
[2012/07/06 18:28:10 | 001,161,125 | ---- | C] () -- C:\Users\User\Documents\IMAG0526.jpg
[2012/07/06 18:28:09 | 001,238,067 | ---- | C] () -- C:\Users\User\Documents\IMAG0525.jpg
[2011/11/07 14:29:15 | 000,068,345 | ---- | C] () -- C:\Users\User\RenewalInvoiceReport 2012.pdf
[2011/10/19 09:20:47 | 000,000,045 | ---- | C] () -- C:\Windows\System32\SYNSOPOS.exe.cfg
[2011/10/18 22:18:59 | 000,060,358 | ---- | C] () -- C:\Windows\System32\ZoomH4Unin.exe
[2011/10/14 16:33:12 | 000,002,892 | ---- | C] () -- C:\Windows\System32\audcon.sys
[2011/10/14 16:25:07 | 000,086,016 | ---- | C] () -- C:\Windows\System32\SYNSOPOS.exe
[2011/10/08 12:01:00 | 000,000,632 | RHS- | C] () -- C:\Users\User\ntuser.pol
[2011/07/04 14:43:01 | 000,087,552 | ---- | C] () -- C:\Windows\System32\cpwmon2k.dll
[2011/04/05 20:44:13 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe
[2011/04/05 20:42:35 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
========== LOP Check ==========
[2012/05/24 10:23:31 | 000,000,000 | ---D | M] -- C:\Users\Kiddos\AppData\Roaming\HTC
[2011/04/04 23:22:27 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\CSR
[2012/05/03 08:20:15 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\HTC
[2011/12/26 23:33:35 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\HTC.388BC06ACDAB6261375BCE37FBA2E023C0D7EE34.1
[2012/04/23 00:58:48 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Outlook
[2011/10/14 16:35:36 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Steinberg
[2012/06/12 10:07:07 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\uTorrent
[2012/03/26 16:22:50 | 000,015,386 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
< End of report >