Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Security Hyjack


  • Please log in to reply

#1
dkfogel

dkfogel

    New Member

  • Member
  • Pip
  • 6 posts
I ran a scan using Malware and it showed 2 virus called security hyjack that could be removed by restarting computer. I've done that and they still show up. I ran the OTL scan and am attaching a copy. I have my laptop running very slow and continuously needing to be shutdown because of sites not responding. I need so much help figuring out how to make this better and remove anything that may be lurking on my system.

OTL logfile created on: 10/1/2012 7:13:56 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Denise\Desktop
Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.17037)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.94 Gb Total Physical Memory | 0.93 Gb Available Physical Memory | 47.90% Memory free
4.08 Gb Paging File | 2.73 Gb Available in Paging File | 66.99% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 103.38 Gb Total Space | 48.51 Gb Free Space | 46.93% Space Free | Partition Type: NTFS
Drive D: | 111.79 Gb Total Space | 111.56 Gb Free Space | 99.79% Space Free | Partition Type: NTFS
Drive E: | 8.41 Gb Total Space | 1.79 Gb Free Space | 21.23% Space Free | Partition Type: NTFS

Computer Name: DENISE-PC | User Name: Denise | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/10/01 19:13:36 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Denise\Desktop\OTL.scr
PRC - [2012/09/24 05:15:02 | 006,369,192 | ---- | M] (Systweak) -- C:\Program Files\Advanced System Protector\AdvancedSystemProtector.exe
PRC - [2012/09/21 18:33:14 | 000,690,096 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\Macromed\Flash\FlashUtil32_11_4_402_278_ActiveX.exe
PRC - [2012/08/30 12:00:58 | 000,668,512 | ---- | M] (Systweak Inc., (www.systweak.com)) -- C:\Program Files\Disk Speedup\DSUDefragSrv.exe
PRC - [2012/08/25 19:47:06 | 001,193,176 | ---- | M] () -- C:\Users\Denise\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
PRC - [2012/06/04 09:31:40 | 001,466,760 | ---- | M] (Garmin) -- C:\Program Files\Garmin\Lifetime Updater\GarminLifetime.exe
PRC - [2012/05/09 14:25:58 | 000,152,152 | ---- | M] (Microsoft Corporation) -- C:\Program Files\EMET\EMET_notifier.exe
PRC - [2011/03/01 18:00:26 | 001,813,808 | ---- | M] (ParetoLogic) -- C:\Program Files\ParetoLogic\FileCure\FileCure.exe
PRC - [2010/08/12 14:16:26 | 000,810,144 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
PRC - [2010/08/12 14:16:12 | 002,215,064 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
PRC - [2008/10/29 01:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2007/08/04 22:24:03 | 000,077,824 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre1.6.0\bin\jusched.exe
PRC - [2007/08/04 20:55:25 | 001,006,264 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2007/05/18 20:16:02 | 000,727,856 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2007/04/23 20:11:44 | 000,106,593 | ---- | M] () -- C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe
PRC - [2007/04/23 20:11:42 | 000,262,243 | ---- | M] () -- C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe
PRC - [2007/03/29 15:59:42 | 000,176,128 | ---- | M] (Starz Entertainment Group LLC) -- C:\Program Files\Vongo\VongoService.exe
PRC - [2007/03/29 15:59:42 | 000,073,728 | ---- | M] (Starz) -- C:\Program Files\Vongo\Tray.exe
PRC - [2006/12/23 20:05:20 | 000,143,360 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
PRC - [2006/12/23 20:04:42 | 000,905,216 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe


========== Modules (No Company Name) ==========

MOD - [2012/09/24 05:15:04 | 001,729,960 | ---- | M] () -- C:\Program Files\Advanced System Protector\aspsys.dll
MOD - [2012/08/25 19:47:06 | 001,193,176 | ---- | M] () -- C:\Users\Denise\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
MOD - [2012/07/24 23:33:14 | 000,886,272 | ---- | M] () -- C:\Program Files\Advanced System Protector\System.Data.SQLite.dll
MOD - [2011/12/17 12:42:55 | 000,391,680 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\8eca92a64c232f34b5b559625b022369\System.Xml.Linq.ni.dll
MOD - [2011/12/17 12:42:54 | 001,776,640 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\035910922f160d304fb834aae41f45a6\System.Xaml.ni.dll
MOD - [2011/12/17 12:41:02 | 000,264,704 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\SystemStatus\8e65238d561dc22325a9845f22c25c6a\SystemStatus.ni.dll
MOD - [2011/12/17 12:27:50 | 013,006,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\17e020ae92d7fab33bcc1c98b25019d0\System.Windows.Forms.ni.dll
MOD - [2011/12/17 12:27:30 | 001,651,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\dd57bc19f5807c6dbe8f88d4a23277f6\System.Drawing.ni.dll
MOD - [2011/12/17 12:26:47 | 000,450,048 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\3555f5f74c56fa92c0ab7a635af91bfa\PresentationFramework.Aero.ni.dll
MOD - [2011/12/17 12:26:40 | 017,629,184 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\7f91eecda3ff7ce478146b6458580c98\PresentationFramework.ni.dll
MOD - [2011/12/17 12:25:41 | 011,057,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\3963e9ce8d44f50e8367e92a8e3e42e6\PresentationCore.ni.dll
MOD - [2011/12/17 12:25:04 | 003,779,072 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\d17606e813f01376bd0def23726ecc62\WindowsBase.ni.dll
MOD - [2011/12/17 12:24:47 | 000,721,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Security\09a97525ae5583cc2685e2c39a3078bd\System.Security.ni.dll
MOD - [2011/12/17 12:24:27 | 005,571,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\e997d0200c25f7db6bd32313d50b729d\System.Xml.ni.dll
MOD - [2011/12/17 12:24:12 | 007,025,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\713647b987b140a17e3c4ffe4c721f85\System.Core.ni.dll
MOD - [2011/12/17 12:23:59 | 009,000,960 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\964da027ebca3b263a05cadb8eaa20a3\System.ni.dll
MOD - [2011/12/17 12:23:46 | 014,415,872 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\246f1a5abb686b9dcdf22d3505b08cea\mscorlib.ni.dll
MOD - [2011/07/30 17:39:06 | 000,098,304 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\HP.ActiveSupportLibrary\2.0.0.1__01a974bc1760f423\HP.ActiveSupportLibrary.dll
MOD - [2009/10/17 03:21:46 | 000,998,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\22e348e7fee20fcb2013d3dfe016ae8e\System.Management.ni.dll
MOD - [2009/10/17 03:20:49 | 002,295,296 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\a0522cb280c09b3441e1889502ca145a\System.Core.ni.dll
MOD - [2009/10/17 03:20:03 | 000,220,672 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\45dea14b1707153213603cc06629fe15\CustomMarshalers.ni.dll
MOD - [2009/10/17 03:19:24 | 000,019,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\RemotingClient\fe374fff86d0d2c17496a5b6506e247a\RemotingClient.ni.dll
MOD - [2009/10/17 03:19:21 | 000,090,624 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\MessagingServer\44153f35464f059683be145022bee0d0\MessagingServer.ni.dll
MOD - [2009/10/17 03:19:20 | 000,064,000 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\MessagingClients\7347e5410f49733b9b91e9e28fd9b1bb\MessagingClients.ni.dll
MOD - [2009/10/17 03:19:20 | 000,054,272 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\MessagingMessages\107fc7fa0ab5180adcef63c540a9cc38\MessagingMessages.ni.dll
MOD - [2009/10/17 03:19:20 | 000,017,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\MessagingInterface\948ed4e9d5c298d1772f6da4578c5b1e\MessagingInterface.ni.dll
MOD - [2009/10/17 03:19:19 | 001,843,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\HPAdvisor\f03dbf3b54ae0f85276188ad5520df53\HPAdvisor.ni.exe
MOD - [2009/10/17 03:19:19 | 000,087,040 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\InterfaceServices\c8db1282df5842a113648d30c62e7060\InterfaceServices.ni.dll
MOD - [2009/10/17 03:19:18 | 000,078,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\HPAdvisor.Common.Wi#\907161ad70e87b3140c0687ff8680aad\HPAdvisor.Common.Windows.ni.dll
MOD - [2009/10/17 03:19:16 | 000,058,880 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\CeeWrtier\dd6fb63fd8b0a9ece437d2bcde8272cb\CeeWrtier.ni.dll
MOD - [2009/10/17 03:19:16 | 000,048,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Content\6e25df8de120534778440d0c5f37ff4a\Content.ni.dll
MOD - [2009/10/17 03:19:15 | 000,072,192 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\BackWeb\4b3cb1e45e5f89fe9ea84a6c3c43dac0\BackWeb.ni.dll
MOD - [2009/10/17 03:18:46 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\ae77b2b91367f11d340cf3bf2428af59\System.ServiceProcess.ni.dll
MOD - [2009/10/17 03:18:43 | 001,801,216 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\1255d7783a4c6ac254a55fde7b30019b\System.Deployment.ni.dll
MOD - [2009/10/17 03:18:41 | 001,840,640 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\bc0741702f130a8a4ed9ad1f00bc4724\System.Web.Services.ni.dll
MOD - [2009/10/17 03:18:27 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\23281812ddf7a1fab881b5322e577ac4\System.Runtime.Remoting.ni.dll
MOD - [2009/10/17 03:18:25 | 000,627,712 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\ae383808b3f5ee9287358378f9a2cad3\System.EnterpriseServices.ni.dll
MOD - [2009/10/17 03:18:25 | 000,627,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\b98385fbfc00adacf4fd7896ba064032\System.Transactions.ni.dll
MOD - [2009/10/17 03:18:25 | 000,280,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\ae383808b3f5ee9287358378f9a2cad3\System.EnterpriseServices.Wrapper.dll
MOD - [2009/10/17 03:18:21 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\e6001d416f7c468334934a2c6a41c631\System.Configuration.ni.dll
MOD - [2009/10/17 03:17:00 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\7208ffa39630e9b923331f9df0947a12\System.Xml.ni.dll
MOD - [2009/10/17 03:16:42 | 012,430,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\1941d7639299344ae28fb6b23da65247\System.Windows.Forms.ni.dll
MOD - [2009/10/17 03:16:31 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6312464f64727a2a50d5ce3fd73ad1bb\System.Drawing.ni.dll
MOD - [2009/10/17 03:16:16 | 006,616,576 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\813556b5a2722045b0ea14467fd00227\System.Data.ni.dll
MOD - [2009/10/17 03:16:07 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\a122c56b60812fb5cbc2e941d4875a87\PresentationFramework.Aero.ni.dll
MOD - [2009/10/17 03:16:06 | 014,327,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\29eb51a21ce62ed759b162307bd65e32\PresentationFramework.ni.dll
MOD - [2009/10/17 03:15:46 | 012,216,320 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\dc8dccca85718096c895b74094e09e5a\PresentationCore.ni.dll
MOD - [2009/10/17 03:15:30 | 003,313,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\c049bc39cb33f7459936a689484285d6\WindowsBase.ni.dll
MOD - [2009/10/17 03:15:25 | 007,868,416 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\52e1ea3c7491e05cda766d7b3ce3d559\System.ni.dll
MOD - [2009/10/17 03:14:56 | 011,486,720 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\17f572b09facdc5fda9431558eb7a26e\mscorlib.ni.dll
MOD - [2008/07/27 13:19:30 | 000,113,664 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
MOD - [2008/07/27 13:00:27 | 000,261,632 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
MOD - [2008/07/27 13:00:26 | 002,933,248 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2008/07/27 13:00:23 | 000,069,120 | ---- | M] () -- C:\Windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
MOD - [2007/08/04 21:31:57 | 008,007,680 | ---- | M] () -- C:\Windows\assembly\GAC\Microsoft.mshtml\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.mshtml.dll
MOD - [2007/05/18 19:06:24 | 000,126,976 | ---- | M] () -- C:\Program Files\WIDCOMM\Bluetooth Software\BTKeyInd.dll
MOD - [2007/05/18 18:54:16 | 000,389,120 | ---- | M] () -- C:\Windows\System32\btwhidcs.dll
MOD - [2007/04/23 20:11:44 | 000,339,968 | ---- | M] () -- C:\Program Files\HP\QuickPlay\Kernel\TV\CLTinyDB.dll
MOD - [2007/04/23 20:11:34 | 000,237,673 | ---- | M] () -- C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapEngine.dll
MOD - [2007/04/23 20:11:34 | 000,114,787 | ---- | M] () -- C:\Program Files\HP\QuickPlay\Kernel\TV\CLSchMgr.dll
MOD - [2007/04/23 20:11:34 | 000,032,768 | ---- | M] () -- C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvcps.dll
MOD - [2007/04/23 20:10:44 | 000,061,440 | ---- | M] () -- C:\Program Files\HP\QuickPlay\Kernel\common\MCEMediaStatus.dll
MOD - [2007/03/29 15:59:40 | 003,940,352 | ---- | M] () -- C:\Program Files\Vongo\qt-mt335.dll
MOD - [2007/03/29 15:59:40 | 000,184,320 | ---- | M] () -- C:\Program Files\Vongo\sqldrivers\qsqlite.dll
MOD - [2007/03/29 15:59:40 | 000,159,744 | ---- | M] () -- C:\Program Files\Vongo\CaPolMgr.dll
MOD - [2007/03/20 15:51:46 | 000,053,248 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP Advisor\Pillars\PCAlerts\PCAlertsPillar.dll
MOD - [2007/02/16 19:40:42 | 005,521,408 | ---- | M] () -- C:\Program Files\Common Files\LightScribe\QtGui4.dll
MOD - [2007/02/16 19:40:40 | 001,466,368 | ---- | M] () -- C:\Program Files\Common Files\LightScribe\QtCore4.dll
MOD - [2006/11/02 04:46:09 | 000,364,544 | ---- | M] () -- C:\Windows\System32\msjetoledb40.dll


========== Services (SafeList) ==========

SRV - [2012/09/21 18:33:16 | 000,250,288 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/08/30 12:00:58 | 000,668,512 | ---- | M] (Systweak Inc., (www.systweak.com)) [Auto | Running] -- C:\Program Files\Disk Speedup\DSUDefragSrv.exe -- (DSUDiskOptimizer)
SRV - [2010/08/12 14:18:40 | 000,033,584 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv)
SRV - [2010/08/12 14:16:26 | 000,810,144 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn)
SRV - [2007/08/04 20:55:24 | 000,265,912 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/04/23 20:11:44 | 000,106,593 | ---- | M] () [Auto | Running] -- C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe -- (CLSched)
SRV - [2007/04/23 20:11:42 | 000,262,243 | ---- | M] () [Auto | Running] -- C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe -- (CLCapSvc)
SRV - [2007/03/29 15:59:42 | 000,176,128 | ---- | M] (Starz Entertainment Group LLC) [Auto | Running] -- C:\Program Files\Vongo\VongoService.exe -- (Vongo Service)
SRV - [2007/01/09 16:55:34 | 000,110,592 | ---- | M] (Hewlett-Packard Development Company, L.P.) [On_Demand | Stopped] -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe -- (Com4Qlb)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2010/08/03 13:28:36 | 000,095,896 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\System32\drivers\epfwtdir.sys -- (epfwtdir)
DRV - [2010/07/29 13:31:26 | 000,136,632 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\System32\drivers\eamonm.sys -- (eamonm)
DRV - [2010/07/29 13:31:26 | 000,115,008 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\System32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2008/12/04 02:42:00 | 007,606,688 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2008/08/22 00:49:58 | 000,008,320 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motccgpfl.sys -- (motccgpfl)
DRV - [2008/08/22 00:49:22 | 000,018,688 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motccgp.sys -- (motccgp)
DRV - [2007/06/18 21:18:26 | 000,023,680 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motport.sys -- (motport)
DRV - [2007/06/18 21:18:26 | 000,023,680 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motmodem.sys -- (motmodem)
DRV - [2007/04/11 21:30:52 | 000,160,768 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CHDART.sys -- (HdAudAddService)
DRV - [2007/04/03 10:43:28 | 001,131,136 | ---- | M] (Philips Semiconductors GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Ph3xIB32.sys -- (Ph3xIB32)
DRV - [2007/03/06 23:15:58 | 001,059,112 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmfdx32.sys -- (NVENETFD)
DRV - [2007/02/24 09:42:22 | 000,039,936 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2007/02/16 18:50:32 | 000,012,032 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2007/01/23 12:03:28 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2007/01/23 11:40:20 | 000,042,496 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2006/11/30 12:24:58 | 000,008,192 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | System | Running] -- C:\Windows\System32\drivers\eabfiltr.sys -- (eabfiltr)
DRV - [2006/11/28 11:44:52 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2006/06/28 11:54:00 | 000,009,472 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CPQBttn.sys -- (HBtnKey)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...ilion&pf=laptop
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...ilion&pf=laptop
IE - HKLM\..\SearchScopes,DefaultScope = {13BA74AE-E197-454E-B8DB-18B78838913A}
IE - HKLM\..\SearchScopes\{13BA74AE-E197-454E-B8DB-18B78838913A}: "URL" = http://search.yahoo....ing}&fr=hp-pvdt
IE - HKLM\..\SearchScopes\{9AE845A0-B8DE-4C87-A54E-55B6FFA38502}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpd
IE - HKLM\..\SearchScopes\{C710C720-B588-4676-A61E-B8C9C166D712}: "URL" = http://search.live.c...#38;FORM=HVDUS7

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\SearchScopes,DefaultScope = {C710C720-B588-4676-A61E-B8C9C166D712}
IE - HKCU\..\SearchScopes\{13BA74AE-E197-454E-B8DB-18B78838913A}: "URL" = http://search.yahoo....ing}&fr=hp-pvdt
IE - HKCU\..\SearchScopes\{19F2B849-4ADE-4d4b-85F9-C31C643DBDE9}: "URL" = http://www.fastbrows...F-E71A34AA7871}
IE - HKCU\..\SearchScopes\{9AE845A0-B8DE-4C87-A54E-55B6FFA38502}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpd
IE - HKCU\..\SearchScopes\{C710C720-B588-4676-A61E-B8C9C166D712}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/RhapsodyPlayerEngine,version=1.0: C:\Program Files\Real\RhapsodyPlayerEngine\nprhapengine.dll (RealNetworks, Inc.)
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Users\Denise\AppData\Roaming\Move Networks\plugins\npqmp071701000002.dll (Move Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2010/09/16 16:51:17 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Users\Denise\AppData\Roaming\Move Networks [2009/11/15 20:21:22 | 000,000,000 | ---D | M]

[2010/01/16 13:47:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Denise\AppData\Roaming\Mozilla\Extensions

O1 HOSTS File: ([2006/09/18 16:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Yahoo! Toolbar Helper) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4 - HKLM..\Run: [EMET Notifier] C:\Program Files\EMET\EMET_notifier.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Garmin Lifetime Updater] C:\Program Files\Garmin\Lifetime Updater\GarminLifetime.exe (Garmin)
O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.6.0\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKCU..\Run: [Spotify] C:\Users\Denise\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd)
O4 - HKCU..\Run: [Spotify Web Helper] C:\Users\Denise\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe ()
O4 - HKLM..\RunOnce: [Launcher] C:\Windows\SMINST\Launcher.exe (soft thinks)
O8 - Extra context menu item: &Search - Reg Error: Value error. File not found
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll (Sun Microsystems, Inc.)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Ranges: Range1 ([http] in Local intranet)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.1.10.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{24CC6F9A-E66A-4794-A265-AAD93ADA2EAC}: DhcpNameServer = 10.1.10.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B0717666-99DE-4E14-B322-505B7C9031E4}: DhcpNameServer = 192.168.1.1
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Public\Pictures\Sample Pictures\Dock.jpg
O24 - Desktop BackupWallPaper: C:\Users\Public\Pictures\Sample Pictures\Dock.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/08/04 21:57:23 | 000,000,074 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2005/09/11 10:18:54 | 000,000,340 | -HS- | M] () - E:\AUTOMODE -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012/10/01 19:13:33 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Denise\Desktop\OTL.scr
[2012/10/01 19:09:39 | 000,600,576 | ---- | C] (OldTimer Tools) -- C:\Users\Denise\Desktop\OTL.exe
[2012/09/28 18:22:34 | 003,746,464 | ---- | C] (Systweak Inc ) -- C:\Users\Denise\Desktop\rcpsetup_r.exe
[2012/09/28 18:09:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Disk Speedup
[2012/09/28 18:09:35 | 000,000,000 | ---D | C] -- C:\Program Files\Disk Speedup
[2012/09/28 18:06:47 | 016,437,296 | ---- | C] (Systweak Inc. ) -- C:\Users\Denise\Desktop\photostudio_r.exe
[2012/09/28 17:50:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Protector
[2012/09/28 17:50:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Systweak
[2012/09/28 17:50:51 | 000,000,000 | ---D | C] -- C:\Program Files\Advanced System Protector
[2012/09/28 17:50:05 | 000,000,000 | ---D | C] -- C:\Users\Denise\AppData\Roaming\Advanced System Protector
[2012/09/28 17:49:45 | 000,000,000 | ---D | C] -- C:\Users\Denise\AppData\Roaming\Systweak
[2012/09/28 17:49:43 | 000,015,544 | ---- | C] (Systweak Inc., (www.systweak.com)) -- C:\Windows\System32\roboot.exe
[2012/09/28 17:49:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro
[2012/09/28 17:49:32 | 000,000,000 | ---D | C] -- C:\Program Files\RegClean Pro
[2012/09/28 17:37:16 | 000,000,000 | ---D | C] -- C:\Users\Denise\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Enhanced Mitigation Experience Toolkit
[2012/09/28 17:37:13 | 000,000,000 | ---D | C] -- C:\Program Files\EMET
[2012/09/05 20:43:09 | 000,000,000 | ---D | C] -- C:\Users\Denise\Documents\Graboid
[2012/09/05 20:33:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Graboid Inc
[2012/09/05 20:33:49 | 000,000,000 | ---D | C] -- C:\Users\Denise\AppData\Local\Geckofx
[2012/09/05 20:32:32 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN
[2012/09/05 20:32:11 | 000,000,000 | ---D | C] -- C:\Program Files\Graboid
[2012/09/03 22:02:19 | 000,000,000 | ---D | C] -- C:\Users\Denise\Documents\Prepping

========== Files - Modified Within 30 Days ==========

[2012/10/01 19:13:36 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Denise\Desktop\OTL.scr
[2012/10/01 19:09:52 | 000,600,576 | ---- | M] (OldTimer Tools) -- C:\Users\Denise\Desktop\OTL.exe
[2012/10/01 19:05:17 | 000,627,466 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/10/01 19:05:17 | 000,106,844 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/10/01 18:59:59 | 000,000,147 | ---- | M] () -- C:\Users\Public\Documents\hpqp.ini
[2012/10/01 18:59:37 | 000,027,934 | ---- | M] () -- C:\ProgramData\nvModes.001
[2012/10/01 18:59:01 | 000,000,382 | ---- | M] () -- C:\Windows\tasks\FileCure Startup.job
[2012/10/01 18:59:01 | 000,000,374 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts.ics
[2012/10/01 18:57:58 | 000,003,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/10/01 18:57:58 | 000,003,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/10/01 18:57:53 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/10/01 18:57:48 | 2079,248,384 | -HS- | M] () -- C:\hiberfil.sys
[2012/10/01 18:56:15 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2012/10/01 18:33:09 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/10/01 18:00:11 | 000,000,446 | ---- | M] () -- C:\Windows\tasks\ParetoLogic Registration3.job
[2012/10/01 17:19:47 | 000,000,274 | ---- | M] () -- C:\Windows\tasks\RegClean Pro_UPDATES.job
[2012/10/01 17:19:47 | 000,000,266 | ---- | M] () -- C:\Windows\tasks\RegClean Pro_DEFAULT.job
[2012/10/01 17:19:47 | 000,000,258 | ---- | M] () -- C:\Windows\tasks\RegClean Prosch.job
[2012/10/01 17:14:49 | 000,027,934 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2012/10/01 12:06:50 | 000,000,420 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{595104AD-4C24-414A-9499-8ABF7A1476E1}.job
[2012/09/28 18:24:32 | 000,000,849 | ---- | M] () -- C:\Users\Public\Desktop\RegClean Pro.lnk
[2012/09/28 18:22:38 | 003,746,464 | ---- | M] (Systweak Inc ) -- C:\Users\Denise\Desktop\rcpsetup_r.exe
[2012/09/28 18:09:40 | 000,000,827 | ---- | M] () -- C:\Users\Denise\Application Data\Microsoft\Internet Explorer\Quick Launch\Disk Speedup.lnk
[2012/09/28 18:09:39 | 000,001,872 | ---- | M] () -- C:\Users\Public\Desktop\Disk Speedup.lnk
[2012/09/28 18:07:52 | 016,437,296 | ---- | M] (Systweak Inc. ) -- C:\Users\Denise\Desktop\photostudio_r.exe
[2012/09/28 17:50:55 | 000,001,000 | ---- | M] () -- C:\Users\Public\Desktop\Advanced System Protector.lnk
[2012/09/28 17:44:11 | 000,000,326 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForDenise.job
[2012/09/28 17:44:10 | 000,003,121 | ---- | M] () -- C:\Windows\System32\responseBody.xml
[2012/09/28 17:44:10 | 000,002,450 | ---- | M] () -- C:\Windows\System32\requestBody.xml
[2012/09/28 17:44:10 | 000,000,953 | ---- | M] () -- C:\Windows\System32\request.gzip
[2012/09/21 12:05:08 | 000,015,544 | ---- | M] (Systweak Inc., (www.systweak.com)) -- C:\Windows\System32\roboot.exe

========== Files Created - No Company Name ==========

[2012/09/28 18:26:36 | 000,000,258 | ---- | C] () -- C:\Windows\tasks\RegClean Prosch.job
[2012/09/28 18:09:40 | 000,000,827 | ---- | C] () -- C:\Users\Denise\Application Data\Microsoft\Internet Explorer\Quick Launch\Disk Speedup.lnk
[2012/09/28 18:09:39 | 000,001,872 | ---- | C] () -- C:\Users\Public\Desktop\Disk Speedup.lnk
[2012/09/28 17:50:55 | 000,001,000 | ---- | C] () -- C:\Users\Public\Desktop\Advanced System Protector.lnk
[2012/09/28 17:50:51 | 000,017,136 | ---- | C] () -- C:\Windows\System32\sasnative32.exe
[2012/09/28 17:50:04 | 000,000,266 | ---- | C] () -- C:\Windows\tasks\RegClean Pro_DEFAULT.job
[2012/09/28 17:50:02 | 000,000,274 | ---- | C] () -- C:\Windows\tasks\RegClean Pro_UPDATES.job
[2012/09/28 17:49:42 | 000,000,849 | ---- | C] () -- C:\Users\Public\Desktop\RegClean Pro.lnk
[2010/02/20 17:30:00 | 000,000,680 | ---- | C] () -- C:\Users\Denise\AppData\Local\d3d9caps.dat
[2010/02/20 17:30:00 | 000,000,552 | ---- | C] () -- C:\Users\Denise\AppData\Local\d3d8caps.dat
[2009/10/04 11:52:07 | 000,027,934 | ---- | C] () -- C:\ProgramData\nvModes.001
[2009/10/04 11:51:44 | 000,027,934 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2007/12/31 15:11:40 | 000,008,192 | ---- | C] () -- C:\Users\Denise\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/10/24 19:54:33 | 000,027,430 | ---- | C] () -- C:\Users\Denise\AppData\Roaming\nvModes.001
[2007/10/23 22:02:57 | 000,027,430 | ---- | C] () -- C:\Users\Denise\AppData\Roaming\nvModes.dat

========== ZeroAccess Check ==========

[2006/11/02 07:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2008/11/06 07:57:06 | 011,315,712 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/03/02 23:16:12 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2006/11/02 04:46:13 | 000,348,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2012/09/28 17:50:59 | 000,000,000 | ---D | M] -- C:\Users\Denise\AppData\Roaming\Advanced System Protector
[2011/12/17 12:29:21 | 000,000,000 | ---D | M] -- C:\Users\Denise\AppData\Roaming\Garmin
[2007/10/21 17:43:36 | 000,000,000 | ---D | M] -- C:\Users\Denise\AppData\Roaming\MSNInstaller
[2012/10/01 18:59:47 | 000,000,000 | ---D | M] -- C:\Users\Denise\AppData\Roaming\Spotify
[2012/09/28 18:09:50 | 000,000,000 | ---D | M] -- C:\Users\Denise\AppData\Roaming\Systweak
[2007/11/03 15:05:08 | 000,000,000 | ---D | M] -- C:\Users\Denise\AppData\Roaming\WildTangent

========== Purity Check ==========



< End of report >
  • 0

Advertisements







Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP