Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Task Manager has been disabled by 'administrator'

Started by docatlas , Oct 13 2011 08:29 AM

  • Please log in to reply

#1
docatlas
Posted 13 October 2011 - 08:29 AM

docatlas

    New Member

  • Member
  • Pip
  • 1 posts
I came home from work this morning to find my computer had rebooted itself during the night. I couldn't get IE to shut down, so I tried to open the task manager, but got an error message that said it was disabled by the administrator. I tried to open the registry editor, but I got the same error message about it. IE is working fine now, though.

This is the log from OTL:

OTL logfile created on: 10/13/2011 10:09:07 AM - Run 1
OTL by OldTimer - Version 3.2.29.1 Folder = C:\Users\Scott\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

7.99 Gb Total Physical Memory | 5.77 Gb Available Physical Memory | 72.25% Memory free
15.98 Gb Paging File | 13.60 Gb Available in Paging File | 85.10% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 919.90 Gb Total Space | 234.63 Gb Free Space | 25.51% Space Free | Partition Type: NTFS
Drive D: | 11.32 Gb Total Space | 1.60 Gb Free Space | 14.15% Space Free | Partition Type: NTFS
Drive F: | 465.76 Gb Total Space | 21.29 Gb Free Space | 4.57% Space Free | Partition Type: NTFS
Drive G: | 1863.01 Gb Total Space | 888.11 Gb Free Space | 47.67% Space Free | Partition Type: NTFS
Drive K: | 7.55 Gb Total Space | 3.12 Gb Free Space | 41.29% Space Free | Partition Type: FAT32
Drive O: | 8.24 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive P: | 14.83 Gb Total Space | 7.80 Gb Free Space | 52.56% Space Free | Partition Type: FAT32

Computer Name: TARTARUS | User Name: Scott | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/10/13 10:08:35 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\Users\Scott\Desktop\OTL.exe
PRC - [2011/01/27 17:13:50 | 000,226,624 | ---- | M] () -- C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe
PRC - [2011/01/27 17:13:40 | 000,673,088 | ---- | M] () -- C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperAgent.exe
PRC - [2011/01/20 05:20:12 | 001,305,408 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
PRC - [2010/11/21 00:33:29 | 000,274,608 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\real\realplayer\Update\realsched.exe
PRC - [2010/11/02 00:34:33 | 000,179,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\schtasks.exe
PRC - [2010/10/14 17:27:38 | 000,092,216 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
PRC - [2010/07/12 12:32:48 | 000,074,752 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\Winamp\winampa.exe
PRC - [2010/06/28 16:50:36 | 000,075,048 | ---- | M] (cyberlink) -- C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
PRC - [2010/05/21 00:28:00 | 011,312,128 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
PRC - [2010/05/21 00:27:58 | 011,318,784 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
PRC - [2010/05/14 12:44:46 | 000,501,480 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
PRC - [2010/04/13 15:47:14 | 001,636,872 | ---- | M] (M-Audio) -- C:\Program Files (x86)\M-Audio\USB MIDI Series\AudioDevMon.exe
PRC - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
PRC - [2010/03/04 23:38:00 | 000,071,096 | ---- | M] () -- C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe
PRC - [2010/02/25 20:21:50 | 000,126,392 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton 360\Engine\4.3.0.5\ccsvchst.exe
PRC - [2010/02/03 00:08:56 | 000,087,336 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe
PRC - [2009/12/01 21:49:52 | 000,210,216 | ---- | M] (CyberLink) -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
PRC - [2009/09/19 18:40:54 | 000,122,880 | ---- | M] () -- C:\Windows\SysWOW64\WinMsgBalloonServer.exe
PRC - [2009/09/19 18:40:48 | 000,139,264 | ---- | M] () -- C:\Windows\SysWOW64\WinMsgBalloonClient.exe
PRC - [2009/09/19 18:39:06 | 000,122,880 | ---- | M] (AMD) -- C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe
PRC - [2009/09/19 18:38:48 | 000,065,536 | ---- | M] () -- C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpert.exe
PRC - [2009/08/24 22:11:15 | 000,656,896 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe
PRC - [2009/02/16 09:55:38 | 000,087,336 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Cyberlink\PowerDVD9\PDVD9Serv.exe
PRC - [2008/11/20 14:47:28 | 000,062,768 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
PRC - [2008/07/11 18:51:32 | 000,423,200 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\Content Transfer\ContentTransferWMDetector.exe
PRC - [2006/12/25 14:21:32 | 000,687,104 | ---- | M] (CyberMatrix Corporation, Inc.) -- C:\Program Files (x86)\Clipboard Magic\ClipboardMagic.exe
PRC - [2002/12/17 18:26:22 | 007,520,337 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe


========== Modules (No Company Name) ==========

MOD - [2011/01/27 17:13:40 | 000,673,088 | ---- | M] () -- C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperAgent.exe
MOD - [2010/05/04 15:36:28 | 000,970,752 | ---- | M] () -- C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
MOD - [2009/12/01 21:49:50 | 000,931,112 | ---- | M] () -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMediaLibrary.dll
MOD - [2009/08/20 16:35:48 | 007,745,536 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll
MOD - [2009/08/20 16:35:46 | 002,121,728 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll
MOD - [2009/08/20 16:35:46 | 000,135,168 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011/04/07 11:37:16 | 005,352,960 | ---- | M] (Native Instruments GmbH) [Auto | Running] -- C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe -- (NIHardwareService)
SRV:64bit: - [2010/09/08 01:51:16 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2011/01/27 17:13:50 | 000,226,624 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe -- (MotoHelper)
SRV - [2010/10/14 17:27:38 | 000,092,216 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
SRV - [2010/04/13 15:47:14 | 001,636,872 | ---- | M] (M-Audio) [Auto | Running] -- C:\Program Files (x86)\M-Audio\USB MIDI Series\AudioDevMon.exe -- (USBMIDIAudioDevMon)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/04 23:38:00 | 000,071,096 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe -- (NMSAccess)
SRV - [2010/02/25 20:21:50 | 000,126,392 | R--- | M] (Symantec Corporation) [Unknown | Running] -- C:\Program Files (x86)\Norton 360\Engine\4.3.0.5\ccSvcHst.exe -- (N360)
SRV - [2009/09/19 18:39:06 | 000,122,880 | ---- | M] (AMD) [Auto | Running] -- C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe -- (AMD_RAIDXpert)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/06/05 20:07:28 | 000,250,616 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2002/12/17 18:26:22 | 007,520,337 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe -- (MSSQL$SONY_MEDIAMGR)
SRV - [2002/12/17 18:23:30 | 000,311,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE -- (SQLAgent$SONY_MEDIAMGR)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/10/07 23:38:57 | 000,111,696 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NIWinCDEmu.sys -- (NIWinCDEmu)
DRV:64bit: - [2011/03/03 20:47:01 | 000,254,528 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2011/01/31 15:04:44 | 000,049,256 | ---- | M] (Yamaha Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ymidusbx64.sys -- (YMIDUSBW) Yamaha USB-MIDI Driver (WDM)
DRV:64bit: - [2010/09/08 02:26:04 | 007,767,552 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2010/09/08 02:26:04 | 007,767,552 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2010/09/08 01:15:06 | 000,279,040 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010/08/05 10:18:22 | 000,173,104 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2010/05/06 00:01:59 | 000,451,120 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0403000.005\symtdiv.sys -- (SYMTDIv)
DRV:64bit: - [2010/04/29 01:03:51 | 000,150,064 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0403000.005\ironx64.sys -- (SymIRON)
DRV:64bit: - [2010/04/21 23:02:20 | 000,221,232 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\0403000.005\symefa64.sys -- (SymEFA)
DRV:64bit: - [2010/04/21 22:29:51 | 000,505,392 | ---- | M] (Symantec Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0403000.005\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2010/04/21 22:29:51 | 000,032,304 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0403000.005\srtspx64.sys -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV:64bit: - [2010/04/14 01:01:44 | 000,054,824 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btusbflt.sys -- (btusbflt)
DRV:64bit: - [2010/04/13 16:47:12 | 000,200,200 | ---- | M] (M-Audio) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MAudioUSBMIDI.sys -- (MAUSBMIDI)
DRV:64bit: - [2010/02/25 20:22:52 | 000,615,040 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0403000.005\cchpx64.sys -- (ccHP)
DRV:64bit: - [2010/02/03 21:40:47 | 000,433,200 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\0403000.005\symds64.sys -- (SymDS)
DRV:64bit: - [2010/01/28 11:33:38 | 000,116,736 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2009/11/12 14:48:56 | 000,005,504 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\StarOpen.sys -- (StarOpen)
DRV:64bit: - [2009/10/06 09:49:14 | 000,230,456 | ---- | M] (Advanced Micro Devices, Inc) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ahcix64s.sys -- (ahcix64s)
DRV:64bit: - [2009/08/20 20:05:06 | 000,239,616 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009/07/13 21:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009/07/13 21:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/26 16:36:32 | 000,030,352 | ---- | M] (Steinberg Media Technologies GmbH) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\synusb64.sys -- (SynUSB64)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/06/05 11:10:10 | 001,478,144 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009/05/18 17:17:08 | 000,034,152 | R--- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009/05/05 06:00:28 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie) AMD PCI Express (3GIO)
DRV:64bit: - [2009/04/03 10:39:58 | 000,034,872 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2008/11/11 13:42:00 | 000,033,792 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64modem.sys -- (USBModem)
DRV:64bit: - [2008/11/11 13:42:00 | 000,027,136 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64diag.sys -- (UsbDiag)
DRV:64bit: - [2008/11/11 13:42:00 | 000,017,920 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64bus.sys -- (usbbus)
DRV:64bit: - [2007/08/29 15:53:00 | 000,062,976 | ---- | M] (Frontier Design Group, LLC) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\US122Wdmx64.sys -- (US122WdmService)
DRV:64bit: - [2007/08/29 15:52:46 | 000,020,224 | ---- | M] (Frontier Design Group) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\US122DLx64.sys -- (US122DL)
DRV:64bit: - [2007/08/29 15:52:36 | 000,200,320 | ---- | M] (Frontier Design Group, LLC) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\US122x64.sys -- (US122)
DRV:64bit: - [2007/01/04 18:19:20 | 000,076,024 | ---- | M] (Mark of the Unicorn) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\motuusb64.sys -- (MotuUsb64)
DRV:64bit: - [2007/01/04 18:19:12 | 000,046,840 | ---- | M] (Mark of the Unicorn) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\motumidi64.sys -- (motumidi64)
DRV:64bit: - [2007/01/04 18:19:06 | 000,028,408 | ---- | M] (Mark of the Unicorn) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\motubus64.sys -- (motubus)
DRV - [2011/09/29 17:35:09 | 001,152,632 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\BASHDefs\20110929.001\BHDrvx64.sys -- (BHDrvx64)
DRV - [2011/09/25 18:34:16 | 002,048,632 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\VirusDefs\20111008.008\EX64.SYS -- (NAVEX15)
DRV - [2011/09/25 18:34:16 | 000,117,880 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\VirusDefs\20111008.008\ENG64.SYS -- (NAVENG)
DRV - [2011/09/23 09:11:20 | 000,488,568 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\IPSDefs\20111007.030\IDSviA64.sys -- (IDSVia64)
DRV - [2011/07/31 16:02:34 | 000,481,912 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2011/07/31 16:02:34 | 000,136,824 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2010/06/28 22:50:22 | 000,146,928 | ---- | M] (CyberLink Corp.) [2011/05/28 01:52:29] [Kernel | Auto | Running] -- C:\Program Files (x86)\Cyberlink\PowerDVD10\NavFilter\000.fcl -- ({1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC})
DRV - [2010/06/15 20:23:28 | 000,146,928 | ---- | M] (CyberLink Corp.) [2011/05/28 01:10:26] [Kernel | Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl -- ({55662437-DA8C-40c0-AADA-2C816A897A49})
DRV - [2009/11/12 14:48:56 | 000,007,168 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\Windows\SysWow64\drivers\StarOpen.sys -- (StarOpen)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2009/02/28 19:40:18 | 000,146,928 | ---- | M] (CyberLink Corp.) [2011/05/28 01:45:32] [Kernel | Auto | Running] -- C:\Program Files (x86)\Cyberlink\PowerDVD9\000.fcl -- ({B154377D-700F-42cc-9474-23858FBDF4BD})
DRV - [2002/07/17 09:05:10 | 000,016,512 | ---- | M] (Adaptec) [Kernel | Auto | Stopped] -- C:\Windows\SysWOW64\drivers\ASPI32.SYS -- (Aspi32)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK/1
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPDSK/1
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK/1
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPDSK/1
IE - HKLM\..\URLSearchHook: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files (x86)\BitTorrentBar\tbBitT.dll (Conduit Ltd.)

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK/1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.kvraudio.com/
IE - HKCU\..\URLSearchHook: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files (x86)\BitTorrentBar\tbBitT.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "DAEMON Search"
FF - prefs.js..browser.startup.homepage: "http://www.kvraudio.com"
FF - prefs.js..extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:3.0
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.1
FF - prefs.js..extensions.enabledItems: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:2.0.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: [email protected]:1.1.4.0024
FF - prefs.js..extensions.enabledItems: [email protected]:3.2.5.2
FF - prefs.js..extensions.enabledItems: [email protected]:1.2
FF - prefs.js..extensions.enabledItems: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:2010.9.0.6
FF - prefs.js..network.proxy.type: 0

FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\3.0.40624.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.609: c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.609: c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.609: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.609: c:\program files (x86)\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@hulu.com/Hulu Desktop: C:\Windows\..\Users\Default\AppData\Local\HuluDesktop\instances\0.9.9.1\npHDPlg.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Scott\AppData\Local\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Scott\AppData\Local\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\IPSFFPlgn\ [2011/07/29 11:23:38 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\coFFPlgn_2010_9_0_6 [2011/10/13 09:46:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010/11/21 00:33:54 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.18\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/10/04 20:03:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.18\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/10/04 20:03:19 | 000,000,000 | ---D | M]

[2010/08/18 08:25:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Scott\AppData\Roaming\Mozilla\Extensions
[2011/10/07 18:31:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Scott\AppData\Roaming\Mozilla\Firefox\Profiles\r3rw5hks.default\extensions
[2011/02/22 11:26:17 | 000,000,000 | ---D | M] (BitTorrentBar Community Toolbar) -- C:\Users\Scott\AppData\Roaming\Mozilla\Firefox\Profiles\r3rw5hks.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}
[2011/04/02 02:34:58 | 000,000,000 | ---D | M] (DownThemAll!) -- C:\Users\Scott\AppData\Roaming\Mozilla\Firefox\Profiles\r3rw5hks.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}
[2011/03/03 20:46:58 | 000,000,000 | ---D | M] ("DAEMON Tools Toolbar") -- C:\Users\Scott\AppData\Roaming\Mozilla\Firefox\Profiles\r3rw5hks.default\extensions\[email protected]
[2011/02/22 11:26:17 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\Scott\AppData\Roaming\Mozilla\Firefox\Profiles\r3rw5hks.default\extensions\[email protected]
[2011/05/28 00:56:21 | 000,000,000 | ---D | M] (Search Toolbar) -- C:\Users\Scott\AppData\Roaming\Mozilla\Firefox\Profiles\r3rw5hks.default\extensions\[email protected]
[2011/03/03 20:45:19 | 000,002,059 | ---- | M] () -- C:\Users\Scott\AppData\Roaming\Mozilla\Firefox\Profiles\r3rw5hks.default\searchplugins\daemon-search.xml
[2010/11/12 11:29:28 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010/11/12 11:29:28 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011/10/13 09:46:14 | 000,000,000 | ---D | M] (Norton Toolbar) -- C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\COFFPLGN_2010_9_0_6
[2011/07/29 11:23:38 | 000,000,000 | ---D | M] (Norton IPS) -- C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\IPSFFPLGN
[2010/11/21 00:33:54 | 000,000,000 | ---D | M] (RealPlayer Browser Record Plugin) -- C:\PROGRAMDATA\REAL\REALPLAYER\BROWSERRECORDPLUGIN\FIREFOX\EXT
[2010/11/12 11:29:00 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2010/07/12 12:33:56 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll

========== Chrome ==========

CHR - default_search_provider: DAEMON Search (Enabled)
CHR - default_search_provider: search_url = http://www.daemon-se...q={searchTerms}
CHR - default_search_provider: suggest_url =
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Scott\AppData\Local\Google\Chrome\Application\14.0.835.202\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Java Deployment Toolkit 6.0.220.4 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U22 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\3.0.40624.0\npctrl.dll
CHR - plugin: RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nprpjplug.dll
CHR - plugin: RealPlayer™ HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Scott\AppData\Local\Google\Chrome\Application\14.0.835.202\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Scott\AppData\Local\Google\Chrome\Application\14.0.835.202\pdf.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nprjplug.dll
CHR - plugin: Winamp Application Detector (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Hulu Desktop (Enabled) = C:\Windows\..\Users\Default\AppData\Local\HuluDesktop\instances\0.9.9.1\npHDPlg.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: Entanglement = C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd\2.1.1_0\
CHR - Extension: Entanglement = C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd\2.5.7_0\
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.3_0\
CHR - Extension: Poppit = C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi\2.2_0\

O1 HOSTS File: ([2009/06/10 17:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\4.3.0.5\coIEplg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\4.3.0.5\ipsbho.dll (Symantec Corporation)
O2 - BHO: (BitTorrentBar Toolbar) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files (x86)\BitTorrentBar\tbBitT.dll (Conduit Ltd.)
O2 - BHO: (Search Toolbar) - {9D425283-D487-4337-BAB6-AB8354A81457} - C:\Program Files (x86)\Search Toolbar\SearchToolbar.dll ()
O2 - BHO: (Microsoft Live Search Toolbar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll (Microsoft Corp.)
O3:64bit: - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
O3 - HKLM\..\Toolbar: (Microsoft Live Search Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll (Microsoft Corp.)
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\4.3.0.5\coIEplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (BitTorrentBar Toolbar) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files (x86)\BitTorrentBar\tbBitT.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Search Toolbar) - {9D425283-D487-4337-BAB6-AB8354A81457} - C:\Program Files (x86)\Search Toolbar\SearchToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\4.3.0.5\coIEplg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (BitTorrentBar Toolbar) - {88C7F2AA-F93F-432C-8F0E-B7D85967A527} - C:\Program Files (x86)\BitTorrentBar\tbBitT.dll (Conduit Ltd.)
O4:64bit: - HKLM..\Run: [PC-Doctor for Windows localizer] C:\Program Files\PC-Doctor for Windows\localizer.exe (PC-Doctor, Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [ATICustomerCare] C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [BDRegion] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe (cyberlink)
O4 - HKLM..\Run: [ContentTransferWMDetector.exe] C:\Program Files (x86)\Sony\Content Transfer\ContentTransferWMDetector.exe (Sony Corporation)
O4 - HKLM..\Run: [HP Remote Solution] C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe (Hewlett-Packard)
O4 - HKLM..\Run: [hpsysdrv] c:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe (Hewlett-Packard)
O4 - HKLM..\Run: [NortonOnlineBackupReminder] C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe (Symantec Corporation)
O4 - HKLM..\Run: [PDVD9LanguageShortcut] C:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe (CyberLink Corp.)
O4 - HKLM..\Run: [PowerDVD10] C:\Users\Scott\AppData\Local\Temp\DVDDIR\Setup.exe File not found
O4 - HKLM..\Run: [RemoteControl10] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [RemoteControl9] C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [TkBellExe] c:\program files (x86)\real\realplayer\Update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files (x86)\Winamp\winampa.exe (Nullsoft, Inc.)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - Startup: C:\Users\Scott\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Clipboard Magic.lnk = C:\Program Files (x86)\Clipboard Magic\ClipboardMagic.exe (CyberMatrix Corporation, Inc.)
O4 - Startup: C:\Users\Scott\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: sony.com ([]* in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 71.252.0.12 71.250.0.12
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E29D7A26-DAF3-4F3F-8796-4482F6715FF1}: DhcpNameServer = 71.252.0.12 71.250.0.12
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FA94D0AA-568A-4DCA-BB37-6E76DD2CA3F1}: DhcpNameServer = 71.252.0.12 71.242.0.12
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011/02/14 17:38:25 | 000,000,072 | R--- | M] () - O:\Autorun.inf -- [ CDFS ]
O33 - MountPoints2\{03dfcfeb-a1c6-11df-8f97-d8d385784af1}\Shell - "" = AutoRun
O33 - MountPoints2\{03dfcfeb-a1c6-11df-8f97-d8d385784af1}\Shell\AutoRun\command - "" = M:\setup.exe -a
O33 - MountPoints2\{75efbf19-720a-11e0-af47-d8d385784af1}\Shell - "" = AutoRun
O33 - MountPoints2\{75efbf19-720a-11e0-af47-d8d385784af1}\Shell\AutoRun\command - "" = O:\setup.exe -- [2011/01/19 19:47:24 | 000,083,072 | R--- | M] ()
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/10/13 10:08:33 | 000,582,656 | ---- | C] (OldTimer Tools) -- C:\Users\Scott\Desktop\OTL.exe
[2011/10/13 09:46:20 | 000,000,000 | R--D | C] -- C:\Users\Scott\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 9
[2011/10/13 09:38:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro
[2011/10/13 09:38:29 | 000,000,000 | ---D | C] -- C:\Users\Scott\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
[2011/10/13 08:52:49 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2011/10/13 08:52:49 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2011/10/13 08:52:48 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2011/10/13 08:52:48 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2011/10/13 08:52:47 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2011/10/13 08:52:46 | 002,309,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2011/10/13 08:52:46 | 000,818,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2011/10/13 08:52:46 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2011/10/13 08:52:46 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2011/10/12 15:32:10 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisdecd.dll
[2011/10/12 15:32:10 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisdecd.dll
[2011/10/12 15:32:10 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSNP.ax
[2011/10/12 15:32:10 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisrndr.ax
[2011/10/12 15:32:10 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisrndr.ax
[2011/10/12 15:32:09 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSNP.ax
[2011/10/12 15:32:09 | 000,104,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Mpeg2Data.ax
[2011/10/12 15:32:08 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSDvbNP.ax
[2011/10/12 15:32:08 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Mpeg2Data.ax
[2011/10/12 15:32:08 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSDvbNP.ax
[2011/10/12 15:32:07 | 000,861,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2011/10/12 15:32:07 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleacc.dll
[2011/10/12 08:44:22 | 000,000,000 | -HSD | C] -- C:\Windupdt
[2011/10/07 23:44:17 | 000,000,000 | -H-D | C] -- C:\ProgramData\{4AD6F65B-2A15-4CFF-9AF7-830F277D0157}
[2011/10/07 23:40:07 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Retro Machines Mk2 Library
[2011/10/07 23:38:25 | 000,000,000 | ---D | C] -- C:\ProgramData\{86F5018B-953F-4E9F-B852-6A413B16003A}
[2011/10/07 11:39:50 | 000,000,000 | -H-D | C] -- C:\ProgramData\{AE42E1A6-D95D-454D-9F3D-E20CCCCB159A}
[2011/10/07 11:19:37 | 000,000,000 | -H-D | C] -- C:\ProgramData\{65BD0376-C4B3-4402-8FF3-939E99FDADE9}
[2011/10/07 11:16:28 | 000,000,000 | -H-D | C] -- C:\ProgramData\{DCC412E7-393B-4016-91FB-9307F059AFB6}
[2011/10/07 11:15:38 | 000,000,000 | -H-D | C] -- C:\ProgramData\{49FAB1E7-7D4E-4015-BBCA-E52669133FB7}
[2011/10/07 10:25:01 | 395,588,872 | ---- | C] (Native Instruments ) -- C:\Users\Scott\Desktop\Guitar Rig 5 5.0.2 Setup PC.exe
[2011/10/07 10:09:25 | 091,708,176 | ---- | C] (Native Instruments ) -- C:\Users\Scott\Desktop\Kontakt 5 5.0.1 Setup PC.exe
[2011/10/06 01:07:50 | 000,000,000 | -H-D | C] -- C:\ProgramData\{D8A28F10-6563-43AC-A9A6-278CB7631D2B}
[2011/10/06 01:07:47 | 000,000,000 | -H-D | C] -- C:\ProgramData\{B53633F4-53A8-4BAA-81BD-2830099F2459}
[2011/10/06 01:07:39 | 000,000,000 | -H-D | C] -- C:\ProgramData\{F299F641-E758-4AF2-AEE2-1FF1FA99E411}
[2011/10/06 01:07:32 | 000,000,000 | -H-D | C] -- C:\ProgramData\{DC597CF0-DB39-40C2-9F8C-CF9D0A386548}
[2011/10/06 01:07:24 | 000,000,000 | -H-D | C] -- C:\ProgramData\{588D017F-D30B-4C08-8A10-1FEF7D039369}
[2011/10/06 01:07:16 | 000,000,000 | -H-D | C] -- C:\ProgramData\{CA03436C-933D-4ADA-9E89-2C39CC03E904}
[2011/10/06 01:07:09 | 000,000,000 | -H-D | C] -- C:\ProgramData\{792288EF-B822-4482-B541-7ED490D444F7}
[2011/10/06 01:07:03 | 000,000,000 | -H-D | C] -- C:\ProgramData\{14F71F5E-7E38-4BE6-9307-DC81B8A419A5}
[2011/10/06 01:06:56 | 000,000,000 | -H-D | C] -- C:\ProgramData\{D49FD676-115D-4DF5-B976-28952EB09BEB}
[2011/10/06 01:06:37 | 000,000,000 | -H-D | C] -- C:\ProgramData\{3DFBC806-D62A-4312-81FF-5F343DDCB5DC}
[2011/10/06 01:06:26 | 000,000,000 | -H-D | C] -- C:\ProgramData\{B0DF9098-245E-479F-A4ED-B5F91EA4948B}
[2011/10/06 01:06:11 | 000,000,000 | -H-D | C] -- C:\ProgramData\{0A583E76-A7A0-45F8-9386-AEE1E529A4DE}
[2011/10/06 01:05:47 | 000,000,000 | -H-D | C] -- C:\ProgramData\{6E467D89-1963-440B-84F9-852C8150E323}
[2011/10/06 01:05:34 | 000,000,000 | -H-D | C] -- C:\ProgramData\{D04E7E60-5F77-4E61-9CD4-7AEC5E15C525}
[2011/10/06 01:05:25 | 000,000,000 | -H-D | C] -- C:\ProgramData\{F409EA92-6713-4D2D-AF88-0C51B1CF1D2A}
[2011/10/06 01:04:30 | 000,000,000 | -H-D | C] -- C:\ProgramData\{7B7672F5-5EA2-4D83-BC77-1AFCA8846266}
[2011/10/06 01:03:09 | 000,000,000 | -H-D | C] -- C:\ProgramData\{6B3E9A08-404E-4FBF-A80D-1E9DA9E75171}
[2011/10/06 01:02:09 | 000,000,000 | -H-D | C] -- C:\ProgramData\{4C01754A-32F9-4A34-8B9F-E06DD553B755}
[2011/10/06 01:00:36 | 000,000,000 | -H-D | C] -- C:\ProgramData\{91377244-4B4E-4A81-9F72-FA41DECB3D8F}
[2011/10/06 00:58:55 | 000,000,000 | -H-D | C] -- C:\ProgramData\{82B9F45C-9378-4B6C-B80A-338C197F3791}
[2011/10/06 00:56:54 | 000,000,000 | -H-D | C] -- C:\ProgramData\{DFB8047B-FF22-438D-90BD-83E8B78F83D7}
[2011/10/06 00:55:06 | 000,000,000 | -H-D | C] -- C:\ProgramData\{68233086-CF7D-452D-8519-A7815257EC6B}
[2011/10/06 00:53:16 | 000,000,000 | -H-D | C] -- C:\ProgramData\{4A95D8FB-6FE5-4651-9C81-388A5F0CB306}
[2011/10/06 00:48:49 | 000,000,000 | -H-D | C] -- C:\ProgramData\{E13AD921-F7D5-4901-BF24-AC8BF60E1EB6}
[2011/10/06 00:30:30 | 000,000,000 | -H-D | C] -- C:\ProgramData\{589B734B-3C34-40B2-9EFD-8C2D12D479CE}
[2011/10/06 00:25:46 | 000,000,000 | -H-D | C] -- C:\ProgramData\{AB38F02B-C891-457C-B8C8-DA9D96EFA317}
[2011/10/06 00:21:45 | 000,000,000 | -H-D | C] -- C:\ProgramData\{B06671EB-304F-4BCB-A3C8-1D59B4FD236F}
[2011/10/06 00:13:54 | 000,000,000 | -H-D | C] -- C:\ProgramData\{F2026C51-8509-47B4-816D-CCD2DB993FC1}
[2011/10/06 00:11:56 | 000,000,000 | -H-D | C] -- C:\ProgramData\{624486AF-AD5B-4BB3-BEEE-A0D2D4D112DF}
[2011/10/06 00:10:24 | 000,000,000 | -H-D | C] -- C:\ProgramData\{B8AB470F-A90B-4652-A8F5-160A08FD7411}
[2011/10/06 00:03:08 | 000,000,000 | -H-D | C] -- C:\ProgramData\{7FC6C6B3-C2D5-4F17-BBEF-A11135E1A668}
[2011/10/06 00:01:07 | 000,000,000 | -H-D | C] -- C:\ProgramData\{8CD9955F-F554-4B5B-9EA3-370A45EF233C}
[2011/10/05 23:58:45 | 000,000,000 | -H-D | C] -- C:\ProgramData\{69DF5CE1-2094-4539-A287-9DD19C7BD30B}
[2011/10/05 23:54:06 | 000,000,000 | -H-D | C] -- C:\ProgramData\{CD0D90ED-2704-4043-9651-E90B134DD7DD}
[2011/10/05 23:48:50 | 000,000,000 | -H-D | C] -- C:\ProgramData\{24EEDFDA-74B5-4E97-8334-5AEA44CD0095}
[2011/10/05 23:44:28 | 000,000,000 | -H-D | C] -- C:\ProgramData\{AA5037F8-9B97-456B-847E-A64FEB3E393C}
[2011/10/05 23:40:26 | 000,000,000 | -H-D | C] -- C:\ProgramData\{80A0A482-175E-4DE8-9D32-C8C8463D1362}
[2011/10/05 23:39:27 | 000,000,000 | -H-D | C] -- C:\ProgramData\{B7CF1107-3BD9-48BA-BC77-54B909022641}
[2011/10/05 23:39:05 | 000,000,000 | -H-D | C] -- C:\ProgramData\{CCE3E562-124D-4D63-8AC7-EC849A579F07}
[2011/10/05 23:34:40 | 000,000,000 | -H-D | C] -- C:\ProgramData\{35B46D49-85E2-40EA-8EC6-43B281EDD8E7}
[2011/10/05 23:19:40 | 000,000,000 | -H-D | C] -- C:\ProgramData\{DE181BBE-2522-484E-A620-BDCFB298DC87}
[2011/10/05 23:05:56 | 000,000,000 | -H-D | C] -- C:\ProgramData\{E26B3878-7CEC-469C-B449-5CAA336DF8CD}
[2011/10/05 22:51:33 | 000,000,000 | -H-D | C] -- C:\ProgramData\{3006A797-CDFA-44FC-98EF-155579E2CDBF}
[2011/10/05 22:47:07 | 000,000,000 | -H-D | C] -- C:\ProgramData\{E9CDB61C-771D-42BB-B441-4CA7622ACA52}
[2011/10/05 22:38:15 | 000,000,000 | -H-D | C] -- C:\ProgramData\{C2A88E6D-FA3D-462B-BDFF-A09B1EFA8FBE}
[2011/10/03 19:27:22 | 000,414,368 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2011/09/16 19:13:46 | 000,719,872 | ---- | C] (Abysmal Software) -- C:\Windows\SysWow64\devil.dll
[2011/09/16 19:13:46 | 000,369,152 | ---- | C] (The Public) -- C:\Windows\SysWow64\avisynth.dll
[2011/09/16 19:13:46 | 000,070,656 | ---- | C] (www.helixcommunity.org) -- C:\Windows\SysWow64\yv12vfw.dll
[2011/09/16 19:13:46 | 000,070,656 | ---- | C] (www.helixcommunity.org) -- C:\Windows\SysWow64\i420vfw.dll
[2011/09/16 19:13:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AviSynth 2.5
[2011/09/16 19:12:54 | 000,216,064 | RHS- | C] (MONOGRAM Multimedia, s.r.o.) -- C:\Windows\SysWow64\nbDX.dll
[2011/09/16 19:12:54 | 000,186,880 | RHS- | C] (RadLight) -- C:\Windows\SysWow64\RLOgg.ax
[2011/09/16 19:12:54 | 000,163,328 | RHS- | C] (Gabest) -- C:\Windows\SysWow64\flvDX.dll
[2011/09/16 19:12:54 | 000,092,672 | RHS- | C] (RadLight) -- C:\Windows\SysWow64\RLVorbisDec.ax
[2011/09/16 19:12:54 | 000,090,112 | RHS- | C] (-) -- C:\Windows\SysWow64\TTADSSplitter.ax
[2011/09/16 19:12:54 | 000,090,112 | RHS- | C] (-) -- C:\Windows\SysWow64\TTADSDecoder.ax
[2011/09/16 19:12:54 | 000,067,584 | RHS- | C] (RadLight, LLC) -- C:\Windows\SysWow64\RLTheoraDec.ax
[2011/09/16 19:12:54 | 000,031,232 | RHS- | C] (Hans Mayerl) -- C:\Windows\SysWow64\msfDX.dll
[2011/09/16 19:12:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPER © - by eRightSoft
[2011/09/16 19:12:53 | 000,179,200 | RHS- | C] (Gabest) -- C:\Windows\SysWow64\DiracSplitter.ax
[2011/09/16 19:12:53 | 000,169,472 | RHS- | C] (Gabest) -- C:\Windows\SysWow64\MatroskaDX.ax
[2011/09/16 19:12:53 | 000,161,792 | RHS- | C] (Gabest) -- C:\Windows\SysWow64\RealMediaDX.ax
[2011/09/16 19:12:53 | 000,123,904 | RHS- | C] (CoreCodec) -- C:\Windows\SysWow64\AVCDX.ax
[2011/09/16 19:10:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\eRightSoft
[2011/09/15 23:26:50 | 000,000,000 | ---D | C] -- C:\Users\Scott\Desktop\Playin Music 24 Bit
[1 C:\Users\Scott\Documents\*.tmp files -> C:\Users\Scott\Documents\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/10/13 10:13:00 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2761110742-3028898302-1901812405-1001UA.job
[2011/10/13 10:08:35 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\Users\Scott\Desktop\OTL.exe
[2011/10/13 09:59:07 | 000,015,792 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/10/13 09:59:07 | 000,015,792 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/10/13 09:53:05 | 000,001,492 | ---- | M] () -- C:\ProgramData\ss.ini
[2011/10/13 09:44:34 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/10/13 09:43:56 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/10/13 09:43:05 | 2141,106,175 | -HS- | M] () -- C:\hiberfil.sys
[2011/10/13 09:38:29 | 000,002,975 | ---- | M] () -- C:\Users\Scott\Desktop\HiJackThis.lnk
[2011/10/13 09:37:02 | 001,402,880 | ---- | M] () -- C:\Users\Scott\Desktop\HiJackThis.msi
[2011/10/13 09:35:17 | 000,000,338 | ---- | M] () -- C:\Users\Scott\Desktop\enable-task-manager.zip
[2011/10/13 09:28:17 | 000,000,480 | ---- | M] () -- C:\Users\Scott\Desktop\Enable_Task_Manager.reg
[2011/10/13 09:15:58 | 000,355,368 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011/10/13 09:15:06 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/10/13 08:58:55 | 000,779,654 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/10/13 08:58:55 | 000,650,538 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/10/13 08:58:55 | 000,118,026 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/10/13 07:13:00 | 000,000,856 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2761110742-3028898302-1901812405-1001Core.job
[2011/10/12 22:32:36 | 000,000,332 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForScott.job
[2011/10/12 22:31:32 | 1272,534,633 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011/10/12 22:25:33 | 005,914,861 | ---- | M] () -- C:\Users\Scott\Desktop\Steel Curtain Demo 001.mp3
[2011/10/12 22:23:16 | 048,997,052 | ---- | M] () -- C:\Users\Scott\Desktop\Steel Curtain Demo 001.wav
[2011/10/12 15:29:46 | 000,001,854 | ---- | M] () -- C:\Users\Scott\AppData\Roaming\GhostObjGAFix.xml
[2011/10/08 14:09:37 | 006,983,175 | ---- | M] () -- C:\Users\Scott\Desktop\Summerland Sojourn.mp3
[2011/10/08 13:56:51 | 070,766,592 | ---- | M] () -- C:\Users\Scott\Desktop\Summerland Sojourn.wav
[2011/10/07 23:38:57 | 000,111,696 | ---- | M] () -- C:\Windows\SysNative\drivers\NIWinCDEmu.sys
[2011/10/07 11:39:48 | 000,001,016 | ---- | M] () -- C:\Users\Public\Desktop\Kontakt 5.lnk
[2011/10/07 11:19:27 | 000,001,046 | ---- | M] () -- C:\Users\Public\Desktop\Guitar Rig 5.lnk
[2011/10/07 11:16:23 | 000,001,096 | ---- | M] () -- C:\Users\Public\Desktop\Controller Editor.lnk
[2011/10/07 11:15:36 | 000,001,061 | ---- | M] () -- C:\Users\Public\Desktop\Service Center.lnk
[2011/10/07 10:25:16 | 395,588,872 | ---- | M] (Native Instruments ) -- C:\Users\Scott\Desktop\Guitar Rig 5 5.0.2 Setup PC.exe
[2011/10/07 10:09:25 | 091,708,176 | ---- | M] (Native Instruments ) -- C:\Users\Scott\Desktop\Kontakt 5 5.0.1 Setup PC.exe
[2011/10/05 23:19:34 | 000,001,011 | ---- | M] () -- C:\Users\Public\Desktop\Reaktor 5.lnk
[2011/10/05 23:05:55 | 000,000,992 | ---- | M] () -- C:\Users\Public\Desktop\Massive.lnk
[2011/10/05 22:51:19 | 000,000,944 | ---- | M] () -- C:\Users\Public\Desktop\FM8.lnk
[2011/10/05 22:47:04 | 000,001,016 | ---- | M] () -- C:\Users\Public\Desktop\Battery 3.lnk
[2011/10/05 22:37:45 | 000,001,016 | ---- | M] () -- C:\Users\Public\Desktop\Absynth 5.lnk
[2011/10/05 22:23:28 | 001,698,166 | ---- | M] () -- C:\Users\Scott\Desktop\BellsForBeth3.mp3
[2011/10/05 22:20:22 | 047,862,188 | ---- | M] () -- C:\Users\Scott\Desktop\BellsForBeth3.wav
[2011/10/05 21:45:51 | 001,427,173 | ---- | M] () -- C:\Users\Scott\Desktop\BellsForBeth2.mp3
[2011/10/05 21:26:42 | 038,953,216 | ---- | M] () -- C:\Users\Scott\Desktop\BellsForBeth2.wav
[2011/10/05 20:36:19 | 005,648,896 | ---- | M] () -- C:\Users\Scott\Desktop\Tubular Bell For Beth.wav
[2011/10/04 20:07:19 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2011/10/03 22:58:43 | 000,003,190 | ---- | M] () -- C:\Users\Scott\AppData\Roaming\wklnhst.dat
[2011/09/30 14:28:35 | 000,000,544 | ---- | M] () -- C:\Windows\tasks\PCDRScheduledMaintenance.job
[2011/09/25 02:19:45 | 000,000,462 | ---- | M] () -- C:\Users\Scott\Documents\Mbaba Mwana Waresa - Zulu Weather Goddess.rtf
[2011/09/24 16:35:34 | 000,014,848 | ---- | M] () -- C:\Users\Scott\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/09/16 19:12:54 | 000,001,114 | ---- | M] () -- C:\Users\Public\Desktop\SUPER ©.lnk
[2011/09/13 21:21:35 | 000,002,041 | ---- | M] () -- C:\Users\Scott\Documents\Fat Man's Prayer.rtf
[1 C:\Users\Scott\Documents\*.tmp files -> C:\Users\Scott\Documents\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/10/13 09:38:29 | 000,002,975 | ---- | C] () -- C:\Users\Scott\Desktop\HiJackThis.lnk
[2011/10/13 09:37:02 | 001,402,880 | ---- | C] () -- C:\Users\Scott\Desktop\HiJackThis.msi
[2011/10/13 09:36:28 | 000,000,284 | ---- | C] () -- C:\Users\Scott\Desktop\Enable Task Manager.reg
[2011/10/13 09:35:17 | 000,000,338 | ---- | C] () -- C:\Users\Scott\Desktop\enable-task-manager.zip
[2011/10/13 09:28:17 | 000,000,480 | ---- | C] () -- C:\Users\Scott\Desktop\Enable_Task_Manager.reg
[2011/10/12 22:23:53 | 005,914,861 | ---- | C] () -- C:\Users\Scott\Desktop\Steel Curtain Demo 001.mp3
[2011/10/12 22:23:04 | 048,997,052 | ---- | C] () -- C:\Users\Scott\Desktop\Steel Curtain Demo 001.wav
[2011/10/08 13:59:24 | 006,983,175 | ---- | C] () -- C:\Users\Scott\Desktop\Summerland Sojourn.mp3
[2011/10/08 13:50:09 | 070,766,592 | ---- | C] () -- C:\Users\Scott\Desktop\Summerland Sojourn.wav
[2011/10/07 23:38:57 | 000,111,696 | ---- | C] () -- C:\Windows\SysNative\drivers\NIWinCDEmu.sys
[2011/10/07 11:19:27 | 000,001,046 | ---- | C] () -- C:\Users\Public\Desktop\Guitar Rig 5.lnk
[2011/10/07 11:16:23 | 000,001,096 | ---- | C] () -- C:\Users\Public\Desktop\Controller Editor.lnk
[2011/10/05 23:19:34 | 000,001,011 | ---- | C] () -- C:\Users\Public\Desktop\Reaktor 5.lnk
[2011/10/05 23:05:55 | 000,000,992 | ---- | C] () -- C:\Users\Public\Desktop\Massive.lnk
[2011/10/05 23:02:42 | 000,001,016 | ---- | C] () -- C:\Users\Public\Desktop\Kontakt 5.lnk
[2011/10/05 22:51:19 | 000,000,944 | ---- | C] () -- C:\Users\Public\Desktop\FM8.lnk
[2011/10/05 22:47:04 | 000,001,016 | ---- | C] () -- C:\Users\Public\Desktop\Battery 3.lnk
[2011/10/05 22:37:45 | 000,001,016 | ---- | C] () -- C:\Users\Public\Desktop\Absynth 5.lnk
[2011/10/05 22:23:20 | 001,698,166 | ---- | C] () -- C:\Users\Scott\Desktop\BellsForBeth3.mp3
[2011/10/05 22:19:16 | 047,862,188 | ---- | C] () -- C:\Users\Scott\Desktop\BellsForBeth3.wav
[2011/10/05 22:12:53 | 000,001,061 | ---- | C] () -- C:\Users\Public\Desktop\Service Center.lnk
[2011/10/05 21:45:44 | 001,427,173 | ---- | C] () -- C:\Users\Scott\Desktop\BellsForBeth2.mp3
[2011/10/05 21:26:31 | 038,953,216 | ---- | C] () -- C:\Users\Scott\Desktop\BellsForBeth2.wav
[2011/10/05 20:36:17 | 005,648,896 | ---- | C] () -- C:\Users\Scott\Desktop\Tubular Bell For Beth.wav
[2011/09/25 02:19:45 | 000,000,462 | ---- | C] () -- C:\Users\Scott\Documents\Mbaba Mwana Waresa - Zulu Weather Goddess.rtf
[2011/09/23 16:28:17 | 001,981,952 | ---- | C] () -- C:\Users\Scott\Desktop\paulstretch.exe
[2011/09/16 19:13:46 | 000,032,256 | ---- | C] () -- C:\Windows\SysWow64\AVSredirect.dll
[2011/09/16 19:12:54 | 000,121,344 | RHS- | C] () -- C:\Windows\SysWow64\TAKDSDecoder.ax
[2011/09/16 19:12:54 | 000,107,520 | RHS- | C] () -- C:\Windows\SysWow64\TAKDSDecoder.dll
[2011/09/16 19:12:54 | 000,051,712 | RHS- | C] () -- C:\Windows\SysWow64\RLSpeexDec.ax
[2011/09/16 19:12:54 | 000,001,114 | ---- | C] () -- C:\Users\Public\Desktop\SUPER ©.lnk
[2011/09/16 19:12:53 | 000,227,328 | RHS- | C] () -- C:\Windows\SysWow64\ac3DX.ax
[2011/09/16 19:12:53 | 000,175,104 | RHS- | C] () -- C:\Windows\SysWow64\CoreAAC.ax
[2011/09/16 19:12:53 | 000,120,832 | RHS- | C] () -- C:\Windows\SysWow64\MPCDx.ax
[2011/09/16 19:12:53 | 000,107,520 | RHS- | C] () -- C:\Windows\SysWow64\RLMPCDec.ax
[2011/09/16 19:12:53 | 000,097,280 | RHS- | C] () -- C:\Windows\SysWow64\FLACDX.ax
[2011/09/16 19:12:53 | 000,081,920 | RHS- | C] () -- C:\Windows\SysWow64\aac_parser.ax
[2011/09/16 19:12:53 | 000,070,656 | RHS- | C] () -- C:\Windows\SysWow64\RLAPEDec.ax
[2011/09/13 21:21:35 | 000,002,041 | ---- | C] () -- C:\Users\Scott\Documents\Fat Man's Prayer.rtf
[2011/08/05 22:10:27 | 000,001,854 | ---- | C] () -- C:\Users\Scott\AppData\Roaming\GhostObjGAFix.xml
[2011/06/12 08:36:52 | 000,000,033 | ---- | C] () -- C:\ProgramData\{081230F8-EA50-42A9-983C-D22ABC2EED3B}.ini
[2011/05/27 23:59:59 | 000,000,040 | -HS- | C] () -- C:\ProgramData\.zreglib
[2011/05/27 10:11:16 | 000,020,335 | ---- | C] () -- C:\Users\Scott\AppData\Roaming\MHarmonizerCMpresets.xml
[2011/05/22 16:22:26 | 000,001,940 | ---- | C] () -- C:\Users\Scott\AppData\Local\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
[2011/05/11 01:37:00 | 000,003,190 | ---- | C] () -- C:\Users\Scott\AppData\Roaming\wklnhst.dat
[2011/04/02 02:55:41 | 000,000,055 | ---- | C] () -- C:\Windows\SQ.INI
[2011/03/01 17:47:57 | 000,036,864 | ---- | C] () -- C:\Windows\SysWow64\utilpt32.dll
[2011/03/01 17:47:56 | 000,120,320 | ---- | C] () -- C:\Windows\SysWow64\zlibocx2.dll
[2011/02/16 13:48:49 | 002,156,032 | ---- | C] () -- C:\Windows\SysWow64\Lexicon PSP42.dll
[2010/11/14 13:40:05 | 006,640,274 | ---- | C] () -- C:\Windows\SysWow64\Modalys_for_Arturia.dll
[2010/11/14 04:15:04 | 000,002,892 | ---- | C] () -- C:\Windows\SysWow64\audcon.sys
[2010/11/14 04:13:55 | 000,000,051 | ---- | C] () -- C:\Windows\SysWow64\SYNSOPOS.exe.cfg
[2010/11/14 04:13:45 | 000,163,840 | ---- | C] () -- C:\Windows\SysWow64\ArtFfct.dll
[2010/09/11 22:38:11 | 000,000,368 | ---- | C] () -- C:\Windows\SysWow64\msvcsv60.dll
[2010/09/11 22:38:11 | 000,000,368 | ---- | C] () -- C:\Windows\msocreg32.dat
[2010/09/10 22:24:14 | 000,007,168 | ---- | C] () -- C:\Windows\SysWow64\drivers\StarOpen.sys
[2010/08/29 20:07:01 | 000,086,016 | ---- | C] () -- C:\Windows\SysWow64\SYNSOPOS.exe
[2010/08/11 20:58:24 | 000,014,848 | ---- | C] () -- C:\Users\Scott\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/08/07 19:05:39 | 000,001,492 | ---- | C] () -- C:\ProgramData\ss.ini
[2010/08/07 08:18:24 | 003,265,024 | ---- | C] () -- C:\Windows\es.exe
[2010/08/06 23:39:00 | 000,744,112 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010/07/26 11:13:40 | 000,108,032 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2010/06/23 13:35:52 | 000,790,528 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2010/06/23 13:35:52 | 000,134,144 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2010/06/15 22:28:54 | 000,002,857 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2010/02/22 22:24:28 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2009/09/29 19:25:16 | 000,013,312 | ---- | C] () -- C:\Windows\LPRES.DLL
[2009/09/19 18:40:54 | 000,122,880 | ---- | C] () -- C:\Windows\SysWow64\WinMsgBalloonServer.exe
[2009/09/19 18:40:48 | 000,139,264 | ---- | C] () -- C:\Windows\SysWow64\WinMsgBalloonClient.exe
[2009/08/16 11:08:36 | 000,178,176 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2009/07/14 01:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/13 22:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/13 22:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/13 20:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 19:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 17:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 17:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2007/02/05 21:05:26 | 000,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI
[2006/12/08 08:58:14 | 000,069,632 | ---- | C] () -- C:\Windows\SysWow64\FxShared.dll
[2006/12/07 21:52:50 | 000,069,632 | ---- | C] () -- C:\Windows\SysWow64\com.fxpansion.fxshared.dll
[2004/02/20 16:36:34 | 000,416,256 | ---- | C] () -- C:\Windows\exchndl.dll

< End of report >

Thanks for any suggestions anyone can offer.
  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP