Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Constant Freezing And Slow Computer

Started by Carlos Valdivia , Mar 06 2012 08:47 PM

  • Please log in to reply

#1
Carlos Valdivia
Posted 06 March 2012 - 08:47 PM

Carlos Valdivia

    New Member

  • Member
  • Pip
  • 1 posts
my computer freezes a lot and my desktop goes white i can still see the desktop but can not click on anything and i have to wait for it to respond, also window explorer is unresponsive after the freeze (not internet explorer)slow computer also im trying to delete unnecessary programs like mediaget2 which ive researched and says its malware. help please.....

OTL logfile created on: 3/6/2012 6:20:10 PM - Run 1
OTL by OldTimer - Version 3.2.35.1 Folder = C:\Users\Dark Killa\Downloads
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.87 Gb Total Physical Memory | 1.24 Gb Available Physical Memory | 43.23% Memory free
5.96 Gb Paging File | 3.73 Gb Available in Paging File | 62.59% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 285.94 Gb Total Space | 27.85 Gb Free Space | 9.74% Space Free | Partition Type: NTFS
Drive D: | 12.15 Gb Total Space | 1.66 Gb Free Space | 13.63% Space Free | Partition Type: NTFS

Computer Name: DARKKILLA-PC | User Name: Dark Killa | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/03/06 18:19:20 | 000,584,704 | ---- | M] (OldTimer Tools) -- C:\Users\Dark Killa\Downloads\OTL.exe
PRC - [2012/03/06 18:03:26 | 001,332,208 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\17.0.963.66\Installer\setup.exe
PRC - [2012/02/15 14:08:26 | 000,065,096 | ---- | M] (White Sky, Inc.) -- C:\Program Files (x86)\Constant Guard Protection Suite\IDVaultSvc.exe
PRC - [2012/02/15 14:08:22 | 004,720,200 | ---- | M] (White Sky, Inc.) -- C:\Program Files (x86)\Constant Guard Protection Suite\IDVault.exe
PRC - [2012/02/14 21:03:37 | 001,049,072 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2012/01/03 05:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/07/05 09:24:06 | 000,395,528 | ---- | M] (StrikeForce Technologies Inc.) -- C:\Program Files (x86)\SFT\GuardedID\GIDD.exe
PRC - [2011/06/15 16:33:20 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
PRC - [2011/04/16 16:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Security Suite\Engine\5.2.0.13\ccsvchst.exe
PRC - [2010/11/01 14:15:12 | 000,886,752 | ---- | M] () -- C:\Program Files (x86)\SelectRebates\SelectRebates.exe
PRC - [2010/09/13 05:56:02 | 000,168,960 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
PRC - [2009/09/09 13:26:36 | 001,148,200 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
PRC - [2009/08/19 09:25:52 | 001,589,208 | ---- | M] () -- C:\Program Files (x86)\comcasttb\ComcastSpywareScan\ComcastAntiSpy.exe
PRC - [2009/06/17 09:49:44 | 000,616,408 | ---- | M] () -- C:\Program Files (x86)\comcasttb\ComcastSpywareScan\ComcastAntiSpyService.exe
PRC - [2009/05/08 02:53:34 | 000,174,424 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\Common\YMailAdvisor.exe
PRC - [2009/02/03 05:15:18 | 000,111,856 | ---- | M] (Yahoo! Inc) -- C:\Program Files (x86)\Yahoo!\Search Protection\SearchProtection.exe
PRC - [2008/11/09 12:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/04/24 12:26:18 | 000,202,560 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files (x86)\Comcast\Desktop Doctor\bin\sprtsvc.exe
PRC - [2008/04/24 12:25:22 | 000,202,560 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files (x86)\Comcast\Desktop Doctor\bin\sprtcmd.exe
PRC - [2007/09/26 12:55:04 | 000,283,912 | ---- | M] (CA, Inc.) -- C:\Program Files (x86)\CA\PPRT\bin\ITMRTSVC.exe
PRC - [2007/04/18 07:01:34 | 000,065,536 | ---- | M] (Hewlett-Packard Company) -- C:\hp\support\hpsysdrv.exe


========== Modules (No Company Name) ==========

MOD - [2012/02/15 14:08:25 | 000,091,720 | ---- | M] () -- C:\Program Files (x86)\Constant Guard Protection Suite\IdVaultCore.XmlSerializers.dll
MOD - [2012/02/14 21:03:36 | 000,429,040 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\17.0.963.56\ppgooglenaclpluginchrome.dll
MOD - [2012/02/14 21:03:34 | 003,772,912 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\17.0.963.56\pdf.dll
MOD - [2012/02/14 21:02:10 | 000,122,880 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\17.0.963.56\avutil-51.dll
MOD - [2012/02/14 21:02:08 | 000,220,672 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\17.0.963.56\avformat-53.dll
MOD - [2012/02/14 21:02:07 | 001,747,456 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\17.0.963.56\avcodec-53.dll
MOD - [2012/02/14 20:52:32 | 000,240,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\9a22784f4af63232128cbaa639e1852b\WindowsFormsIntegration.ni.dll
MOD - [2012/02/14 20:52:28 | 001,316,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\42aab7622ac540a7f723746eb504b8bf\System.WorkflowServices.ni.dll
MOD - [2012/02/14 20:52:13 | 001,651,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\55fa3e9bbc83c786ece774b817e5aea9\System.ServiceModel.Web.ni.dll
MOD - [2012/02/14 20:50:50 | 000,998,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\8b5f54e3b382fc1720c76557ef8c8bc3\System.Management.ni.dll
MOD - [2012/02/14 20:50:23 | 001,070,080 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\c12259751030b8fb693006bb6e7dd55f\System.IdentityModel.ni.dll
MOD - [2012/02/14 20:50:21 | 002,346,496 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\a4b9d424cd4509b6b76fba81f347f561\System.Runtime.Serialization.ni.dll
MOD - [2012/02/14 20:50:19 | 000,256,000 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\696e2d9a6491947cd89ead8cc4cc658a\SMDiagnostics.ni.dll
MOD - [2012/02/14 20:50:17 | 017,404,416 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\effa6ad5369cea835146937a5635275b\System.ServiceModel.ni.dll
MOD - [2012/02/14 20:49:46 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\d0cf808e33a5123b33010b933d3b1597\System.ServiceProcess.ni.dll
MOD - [2012/02/14 20:49:43 | 001,840,640 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\1a5853155c4e5ab3f91cd37da331e89b\System.Web.Services.ni.dll
MOD - [2012/02/14 20:49:39 | 011,820,032 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\2598077ccea480c6120d3a1ad4455be0\System.Web.ni.dll
MOD - [2012/02/14 20:49:20 | 000,679,936 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Security\96b4cdba0397f94416df0fa211f73441\System.Security.ni.dll
MOD - [2012/02/14 20:49:17 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\7fd6c62196829d1e2dce5a253145d51a\System.Configuration.ni.dll
MOD - [2012/02/14 20:19:17 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d9f0f1dc8cbdb81f1ba122d77a6ab710\System.Xml.ni.dll
MOD - [2012/02/14 20:18:59 | 012,430,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\65450889f3742aada2a6c0cf8e6173e3\System.Windows.Forms.ni.dll
MOD - [2012/02/14 20:18:50 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\137696d0416b65dbc1561152971488b4\System.Drawing.ni.dll
MOD - [2012/02/14 20:18:34 | 006,621,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\029217106fa24787ff7a61b754f8ebf7\System.Data.ni.dll
MOD - [2012/02/14 20:18:24 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\d48e106e015d0f8cb2d5295015cee508\PresentationFramework.Aero.ni.dll
MOD - [2012/02/14 20:18:23 | 014,328,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\56df3488472318c59d0a08ed10a065d3\PresentationFramework.ni.dll
MOD - [2012/02/14 20:18:05 | 012,216,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\3951e0a359c004cd6ba268ff78ac62aa\PresentationCore.ni.dll
MOD - [2012/02/14 20:17:50 | 003,325,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\1e258a951222c818540b33880ca45f2e\WindowsBase.ni.dll
MOD - [2012/02/14 20:17:44 | 007,953,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\c50133cb67d7c013fa31e1ffb942060b\System.ni.dll
MOD - [2012/02/14 18:00:24 | 008,593,568 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\17.0.963.56\gcswf32.dll
MOD - [2011/10/13 12:24:00 | 000,060,928 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\5aab9bc687029a908fc01473f8e5f77b\UIAutomationProvider.ni.dll
MOD - [2011/10/13 12:15:09 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\b6632a8b2f276a8e31f5b0f6b2006cd1\mscorlib.ni.dll
MOD - [2010/11/01 14:15:12 | 000,886,752 | ---- | M] () -- C:\Program Files (x86)\SelectRebates\SelectRebates.exe
MOD - [2009/08/19 09:25:52 | 001,589,208 | ---- | M] () -- C:\Program Files (x86)\comcasttb\ComcastSpywareScan\ComcastAntiSpy.exe
MOD - [2009/06/12 15:32:16 | 000,104,456 | ---- | M] () -- C:\WINDOWS\SysWOW64\EasyHook32.dll
MOD - [2009/03/29 20:42:17 | 002,933,760 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2010/09/22 17:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2008/01/20 18:47:32 | 000,383,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2007/10/18 06:37:22 | 000,412,672 | ---- | M] (Conexant Systems, Inc.) [Auto | Running] -- C:\Windows\SysNative\DRIVERS\xaudio64.exe -- (XAudioService)
SRV - [2012/02/15 14:08:26 | 000,065,096 | ---- | M] (White Sky, Inc.) [Auto | Running] -- C:\Program Files (x86)\Constant Guard Protection Suite\IDVaultSvc.exe -- (IDVaultSvc)
SRV - [2012/01/03 05:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/07/07 18:31:08 | 000,195,336 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/06/15 16:33:20 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (BBUpdate)
SRV - [2011/04/16 16:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Security Suite\Engine\5.2.0.13\ccSvcHst.exe -- (N360)
SRV - [2010/10/12 09:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/17 09:49:44 | 000,616,408 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\comcasttb\ComcastSpywareScan\ComcastAntiSpyService.exe -- (AntiSpywareService)
SRV - [2009/03/29 20:42:14 | 000,066,368 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/11/09 12:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/04/24 12:26:18 | 000,202,560 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files (x86)\Comcast\Desktop Doctor\bin\sprtsvc.exe -- (sprtsvc_ddoctorv2) SupportSoft Sprocket Service (ddoctorv2)
SRV - [2007/09/26 12:55:04 | 000,283,912 | ---- | M] (CA, Inc.) [Auto | Running] -- C:\Program Files (x86)\CA\PPRT\bin\ITMRTSVC.exe -- (ITMRTSVC)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/07/06 11:44:00 | 000,034,288 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2011/07/05 09:18:38 | 000,029,288 | ---- | M] (StrikeForce Technologies, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\gidv2.sys -- (GIDv2)
DRV:64bit: - [2011/05/24 14:39:44 | 000,174,200 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2011/04/20 17:37:49 | 000,432,760 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\N360x64\0502000.00D\SYMTDIV.SYS -- (SYMTDIv)
DRV:64bit: - [2011/03/30 19:04:12 | 000,043,640 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\SymIMv.sys -- (SymIM)
DRV:64bit: - [2011/03/30 19:00:09 | 000,744,568 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\Drivers\N360x64\0502000.00D\SRTSP64.SYS -- (SRTSP)
DRV:64bit: - [2011/03/30 19:00:09 | 000,040,568 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0502000.00D\SRTSPX64.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV:64bit: - [2011/03/14 18:31:23 | 000,912,504 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\0502000.00D\SYMEFA64.SYS -- (SymEFA)
DRV:64bit: - [2011/01/26 22:47:10 | 000,450,680 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\0502000.00D\SYMDS64.SYS -- (SymDS)
DRV:64bit: - [2010/11/15 17:45:33 | 000,171,128 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0502000.00D\Ironx64.SYS -- (SymIRON)
DRV:64bit: - [2010/09/22 23:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2009/09/30 16:51:42 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wpdusb.sys -- (WpdUsb)
DRV:64bit: - [2009/07/09 11:16:16 | 000,048,640 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2009/04/08 14:28:46 | 000,068,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\xusb21.sys -- (xusb21)
DRV:64bit: - [2008/10/22 06:23:12 | 000,103,936 | ---- | M] (SiGma Micro) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SGCameraUVC.sys -- (SGCameraUVC)
DRV:64bit: - [2008/05/08 04:27:00 | 000,411,136 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\CAXHWBS2.sys -- (CAXHWBS2)
DRV:64bit: - [2008/05/08 04:25:12 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\CAX_CNXT.sys -- (winachsf)
DRV:64bit: - [2008/05/08 04:24:08 | 001,487,872 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\CAX_DP.sys -- (HSF_DP)
DRV:64bit: - [2008/01/20 18:51:07 | 000,016,384 | ---- | M] (Microsoft Corporation) [Recognizer | System | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2008/01/20 18:46:53 | 001,523,712 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\VSTDPV6.SYS -- (VST64_DPV)
DRV:64bit: - [2008/01/20 18:46:53 | 000,392,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\VSTBS26.SYS -- (VST64HWBS2)
DRV:64bit: - [2007/10/24 09:47:04 | 000,029,432 | ---- | M] (SIA Syncrosoft) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SynUSB64.sys -- (SynasUSB)
DRV:64bit: - [2007/10/24 03:00:00 | 000,053,488 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2007/10/18 06:37:10 | 000,010,240 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\xaudio64.sys -- (XAudio)
DRV:64bit: - [2006/06/19 05:27:24 | 000,017,024 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\mdmxsdk.sys -- (mdmxsdk)
DRV - [2012/03/06 16:04:10 | 000,488,568 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\IPSDefs\20120306.002\IDSviA64.sys -- (IDSVia64)
DRV - [2012/03/02 10:58:01 | 001,157,240 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\BASHDefs\20120302.001\BHDrvx64.sys -- (BHDrvx64)
DRV - [2012/02/03 18:35:18 | 000,138,360 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2012/02/03 18:35:17 | 000,482,936 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2011/12/14 23:42:16 | 002,048,632 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20120306.003\EX64.SYS -- (NAVEX15)
DRV - [2011/12/14 23:42:14 | 000,117,880 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20120306.003\ENG64.SYS -- (NAVENG)
DRV - [1999/09/10 11:06:00 | 000,025,244 | ---- | M] (Adaptec) [Kernel | System | Stopped] -- C:\Windows\SysWow64\drivers\ASPI32.SYS -- (ASPI32)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...avilion&pf=cndt
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE:64bit: - HKLM\..\SearchScopes\{8467301C-3019-4B07-9F96-1DBC89ABA3EA}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpd
IE:64bit: - HKLM\..\SearchScopes\{AF996310-CC0A-4F17-94AE-8581502E0BC5}: "URL" = http://search.yahoo....ing}&fr=hp-pvdt
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?fr=fp-tyc8
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/?fr=fp-tyc8
IE - HKLM\..\URLSearchHook: {b2475f4c-9372-46d3-a407-ff155aa1fb91} - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\..\SearchScopes\{8467301C-3019-4B07-9F96-1DBC89ABA3EA}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpd
IE - HKLM\..\SearchScopes\{8b0d31e7-0331-43cc-87cd-a472317f1305}: "URL" = http://search.mywebs...r={searchTerms}
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.condui...&ctid=CT2786678
IE - HKLM\..\SearchScopes\ComcastSearch: "URL" = http://search.comcas...cat=Web&con=ie7

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://xfinity.comca...id=mtmh10122011
IE - HKCU\..\URLSearchHook: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn8\yt.dll (Yahoo! Inc.)
IE - HKCU\..\SearchScopes,DefaultScope = {2A958B99-A632-44EA-AD33-58A474D375E2}
IE - HKCU\..\SearchScopes\{1F8365A0-B851-4B06-8507-E6649C8071C5}: "URL" = http://Mp3Rocket.too...s={searchTerms}
IE - HKCU\..\SearchScopes\{2A958B99-A632-44EA-AD33-58A474D375E2}: "URL" = http://search.yahoo....ms}&fr=chr-tyc8
IE - HKCU\..\SearchScopes\{70C81A4D-A553-4852-84DA-8F7EF54C06AB}: "URL" = http://websearch.ask...6-BB921E98747E
IE - HKCU\..\SearchScopes\{B31136C6-C3EF-4368-A713-131A71F4648E}: "URL" = http://delicious.com...p={searchTerms}
IE - HKCU\..\SearchScopes\{F2B4AADC-C2CC-4E70-A4FD-CE48ADF9AD0A}: "URL" = http://www.flickr.co...q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Mp3Rocket"
FF - prefs.js..browser.search.defaultenginename: "Mp3Rocket"
FF - prefs.js..browser.search.order.1: "Mp3Rocket"
FF - prefs.js..browser.search.selectedEngine: "Mp3Rocket"
FF - prefs.js..browser.startup.homepage: "http://www.comcast.n...d=tbid10122011"


FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Users\Dark Killa\AppData\Roaming\Move Networks\plugins\npqmp071706000001.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\IPSFFPlgn\ [2012/02/07 19:41:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\coFFPlgn_2011_7_5_2 [2012/03/06 17:40:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\fbphotozoom\fbphotozoom13.xpi [2012/03/05 13:25:09 | 000,102,233 | ---- | M] ()
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/01/11 14:47:54 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/01/11 14:47:54 | 000,000,000 | ---D | M]

[2011/08/27 15:50:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dark Killa\AppData\Roaming\Mozilla\Extensions
[2012/03/05 13:25:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dark Killa\AppData\Roaming\Mozilla\Firefox\Profiles\t6vfsihk.default\extensions
[2012/02/24 18:35:41 | 000,000,000 | ---D | M] (ShopToWin9) -- C:\Users\Dark Killa\AppData\Roaming\Mozilla\Firefox\Profiles\t6vfsihk.default\extensions\{46d606b0-a645-11df-981c-0800200c9a66}
[2011/10/21 16:21:38 | 000,000,000 | ---D | M] (XFINITY Toolbar) -- C:\Users\Dark Killa\AppData\Roaming\Mozilla\Firefox\Profiles\t6vfsihk.default\extensions\{4b9bcce8-a70b-402a-a7e1-db96831ee26f}
[2011/10/12 10:18:17 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Dark Killa\AppData\Roaming\Mozilla\Firefox\Profiles\t6vfsihk.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2011/09/04 20:44:01 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Dark Killa\AppData\Roaming\Mozilla\Firefox\Profiles\t6vfsihk.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2011/12/16 12:11:53 | 000,000,000 | ---D | M] (Babylon) -- C:\Users\Dark Killa\AppData\Roaming\Mozilla\Firefox\Profiles\t6vfsihk.default\extensions\[email protected]
[2012/03/05 13:25:27 | 000,000,000 | ---D | M] (Yontoo) -- C:\Users\Dark Killa\AppData\Roaming\Mozilla\Firefox\Profiles\t6vfsihk.default\extensions\[email protected]
[2011/09/28 21:51:33 | 000,000,000 | ---D | M] (ShopAtHome.com Intelligent Shopping Toolbar) -- C:\Users\Dark Killa\AppData\Roaming\Mozilla\Firefox\Profiles\t6vfsihk.default\extensions\[email protected]
[2012/02/24 18:35:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dark Killa\AppData\Roaming\Mozilla\Firefox\Profiles\t6vfsihk.default\extensions\{46d606b0-a645-11df-981c-0800200c9a66}\chrome\content\dca\core\extensionManager
[2012/03/06 16:25:06 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/03/06 16:25:06 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}
[2012/03/06 17:40:47 | 000,000,000 | ---D | M] (Norton Toolbar) -- C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\COFFPLGN_2011_7_5_2
[2012/02/07 19:41:34 | 000,000,000 | ---D | M] (Symantec Intrusion Prevention) -- C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\IPSFFPLGN
[2011/10/17 15:38:50 | 000,000,000 | ---D | M] (XFINITY Constant Guard Protection Suite) -- C:\PROGRAMDATA\WHITE SKY, INC\ID VAULT\XPCOM7
[2009/06/23 11:28:31 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
[2011/10/17 11:09:32 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/03/06 16:24:22 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2011/10/17 11:09:29 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2011/09/05 18:02:18 | 000,045,258 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\Mp3Rocket.xml
[2011/09/05 18:02:18 | 000,045,238 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\Mp3Rocket.xml.bak

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\17.0.963.56\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\17.0.963.56\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\17.0.963.56\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.310.5 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll
CHR - plugin: WildTangent Games App Presence Detector (Enabled) = C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Users\Dark Killa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Users\Dark Killa\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.17_0\
CHR - Extension: Lord of Ultima = C:\Users\Dark Killa\AppData\Local\Google\Chrome\User Data\Default\Extensions\jdheeblenjmceeppomdgokgilmkonced\1.0.11_0\
CHR - Extension: Skype Extension = C:\Users\Dark Killa\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.3.0.7550_0\
CHR - Extension: FBPHOTOZOOM = C:\Users\Dark Killa\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpieaakhacmfleokhjcjnpcnmnmpfkid\1.3_0\
CHR - Extension: Gmail = C:\Users\Dark Killa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2010/04/30 13:38:28 | 000,001,045 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 98.158.185.58 www.craigslist.org
O1 - Hosts: 98.158.185.58 www.craigslist.net
O1 - Hosts: 98.158.185.58 www.craigslist.com
O1 - Hosts: 98.158.185.58 craigslist.org
O1 - Hosts: 98.158.185.58 craigslist.com
O1 - Hosts: 98.158.185.58 craigslist.net
O1 - Hosts: 98.158.185.58 accounts.craigslist.org
O1 - Hosts: 98.158.185.58 accounts.craigslist.net
O1 - Hosts: 98.158.185.58 accounts.craigslist.com
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn8\yt.dll (Yahoo! Inc.)
O2 - BHO: (XFINITY Toolbar) - {4b9bcce8-a70b-402a-a7e1-db96831ee26f} - C:\Program Files (x86)\xfin_portal\comcastdx.dll ()
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Security Suite\Engine\5.2.0.13\coieplg.dll (Symantec Corporation)
O2 - BHO: (Freecause Toolbar BHO) - {69CE821F-3668-475A-B66F-94719B322DE3} - C:\Program Files (x86)\Dallas Cowboys\Toolbar.dll ()
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Security Suite\Engine\5.2.0.13\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (no name) - {b2475f4c-9372-46d3-a407-ff155aa1fb91} - No CLSID value found.
O2 - BHO: (Constant Guard Protection Suite (COM)) - {B84CDBE7-1B46-494B-A188-01D4C52DEB61} - C:\Program Files (x86)\Constant Guard Protection Suite\NativeBHO.dll (WhiteSky)
O2 - BHO: (Updater For XFIN_PORTAL) - {bb46be07-13eb-4c49-b0f0-fc78b9ea4983} - C:\Program Files (x86)\xfin_portal\auxi\comcastAu.dll (Visicom Media)
O2 - BHO: (no name) - {c3721e85-f0ac-4b7e-ae4c-3e738011dc9d} - No CLSID value found.
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (ShopAtHomeIEHelper Class) - {E8DAAA30-6CAA-4b58-9603-8E54238219E2} - C:\Program Files (x86)\SelectRebates\Toolbar\ShopAtHomeToolbar.dll (ShopAtHome.com)
O2 - BHO: (Yontoo) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo Layers Runtime\YontooIEClient.dll (Yontoo LLC)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn8\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (Dallas Cowboys) - {27E7F580-724E-46EB-846F-96C2396D23ED} - C:\Program Files (x86)\Dallas Cowboys\Toolbar.dll ()
O3 - HKLM\..\Toolbar: (no name) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - No CLSID value found.
O3 - HKLM\..\Toolbar: (XFINITY Toolbar) - {4b9bcce8-a70b-402a-a7e1-db96831ee26f} - C:\Program Files (x86)\xfin_portal\comcastdx.dll ()
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\5.2.0.13\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (ShopAtHome.com Toolbar) - {98279C38-DE4B-4bcf-93C9-8EC26069D6F4} - C:\Program Files (x86)\SelectRebates\Toolbar\ShopAtHomeToolbar.dll (ShopAtHome.com)
O3 - HKLM\..\Toolbar: (no name) - {b2475f4c-9372-46d3-a407-ff155aa1fb91} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {c3721e85-f0ac-4b7e-ae4c-3e738011dc9d} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn8\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Dallas Cowboys) - {27E7F580-724E-46EB-846F-96C2396D23ED} - C:\Program Files (x86)\Dallas Cowboys\Toolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\5.2.0.13\coieplg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (ShopAtHome.com Toolbar) - {98279C38-DE4B-4BCF-93C9-8EC26069D6F4} - C:\Program Files (x86)\SelectRebates\Toolbar\ShopAtHomeToolbar.dll (ShopAtHome.com)
O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.dll (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [NvMediaCenter] C:\Windows\SysNative\NvMcTray.dll (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ddoctorv2] C:\Program Files (x86)\Comcast\Desktop Doctor\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [DVDAgent] c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [GIDDesktop] C:\Program Files (x86)\SFT\GuardedID\gidd.exe (StrikeForce Technologies Inc.)
O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)
O4 - HKLM..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [KBD] C:\hp\KBD\KbdStub.exe ()
O4 - HKLM..\Run: [SelectRebates] C:\Program Files (x86)\SelectRebates\SelectRebates.exe ()
O4 - HKLM..\Run: [YMailAdvisor] C:\Program Files (x86)\Yahoo!\Common\YMailAdvisor.exe (Yahoo! Inc.)
O4 - HKLM..\Run: [YSearchProtection] C:\Program Files (x86)\Yahoo!\Search Protection\SearchProtection.exe (Yahoo! Inc)
O4 - HKCU..\Run: [AdobeBridge] File not found
O4 - HKCU..\Run: [ComcastAntispyClient] C:\Program Files (x86)\comcasttb\ComcastSpywareScan\ComcastAntispy.exe ()
O4 - HKCU..\Run: [MySpaceIM] C:\Program Files (x86)\MySpace\IM\MySpaceIM.exe File not found
O4 - HKCU..\Run: [YSearchProtection] C:\Program Files (x86)\Yahoo!\Search Protection\SearchProtection.exe (Yahoo! Inc)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\Dark Killa\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8 - Extra context menu item: Free YouTube Download - C:\Users\Dark Killa\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files (x86)\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx...owserPlugin.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {DB7BF79A-FC51-4B5A-92BC-A65731174380} http://www.instantac...ad/iaplayer.cab (InstantAction Game Launcher)
O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} http://134.29.208.43/activex/AMC.cab (AxisMediaControlEmb Class)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 75.75.75.75 75.75.76.76
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F1EBD77E-E50D-41EF-93AD-A1F8ED4B985E}: DhcpNameServer = 75.75.75.75 75.75.76.76
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\symres - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\symres {AA1061FE-6C41-421f-9344-69640C9732AB} - C:\Program Files (x86)\Norton Security Suite\Engine\3.8.0.41\coIEPlg.dll File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Dark Killa\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Dark Killa\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{99e05edb-1fab-11de-973c-00226808c610}\Shell\Auto\command - "" = Setup.exe
O33 - MountPoints2\{99e05edb-1fab-11de-973c-00226808c610}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Setup.exe
O33 - MountPoints2\{99e05ede-1fab-11de-973c-00226808c610}\Shell - "" = AutoRun
O33 - MountPoints2\{99e05ede-1fab-11de-973c-00226808c610}\Shell\AutoRun\command - "" = K:\LaunchU3.exe
O33 - MountPoints2\J\Shell - "" = AutoRun
O33 - MountPoints2\J\Shell\AutoRun\command - "" = J:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012/03/06 16:25:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2012/03/05 13:25:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Yontoo Layers Runtime
[2012/03/05 13:25:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\fbphotozoom
[2012/03/05 13:24:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\1ClickDownload
[2012/03/05 13:16:59 | 000,000,000 | ---D | C] -- C:\Users\Dark Killa\AppData\Roaming\PC Health Doc PDF Reader
[2012/03/05 13:16:57 | 000,000,000 | ---D | C] -- C:\Users\Dark Killa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PCHealthDocPDFReader
[2012/03/05 13:16:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PCHealthDocPDFReader
[2012/02/23 01:42:15 | 000,000,000 | ---D | C] -- C:\Users\Dark Killa\AppData\Local\{D4EF4AEE-F60D-4FD4-8492-64EA45409A02}
[2012/02/23 01:42:05 | 000,000,000 | ---D | C] -- C:\Users\Dark Killa\AppData\Local\{FDAEA683-2DAF-44D7-B343-8CB104907D3D}
[2012/02/23 00:53:05 | 000,000,000 | ---D | C] -- C:\Users\Dark Killa\Desktop\new raps
[2012/02/12 11:30:12 | 000,000,000 | ---D | C] -- C:\Users\Dark Killa\AppData\Local\{22F55FA3-1A8C-4FB5-91AA-D66B8E2D0ABE}
[2012/02/12 11:30:01 | 000,000,000 | ---D | C] -- C:\Users\Dark Killa\AppData\Local\{70DE23A7-3E5B-495D-9D18-84F4A9C19468}
[2012/02/07 17:33:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\eGames
[2010/08/05 12:50:19 | 000,082,816 | ---- | C] (VSO Software) -- C:\Users\Dark Killa\AppData\Roaming\pcouffin.sys
[6 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/03/06 18:04:24 | 000,000,906 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/03/06 18:04:22 | 000,001,985 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2012/03/06 17:45:46 | 000,703,516 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/03/06 17:45:46 | 000,604,502 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/03/06 17:45:46 | 000,104,202 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/03/06 17:40:58 | 000,000,902 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/03/06 17:40:56 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\WinMaximizer-Dark Killa-Startup.job
[2012/03/06 17:40:31 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/03/06 17:40:31 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/03/06 17:40:25 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/03/06 17:40:21 | 3084,050,432 | -HS- | M] () -- C:\hiberfil.sys
[2012/03/05 13:58:17 | 061,807,002 | ---- | M] () -- C:\Users\Dark Killa\Desktop\Acura Integra DA9, DB1, DB2(93) Service Manual.pdf
[2012/02/23 23:00:00 | 000,000,348 | ---- | M] () -- C:\Windows\tasks\Regwork.job
[2012/02/23 02:08:01 | 033,524,512 | ---- | M] () -- C:\Users\Dark Killa\Desktop\grab yo glock3.wav
[2012/02/22 07:00:01 | 000,007,052 | ---- | M] () -- C:\Users\Dark Killa\AppData\Local\d3d9caps.dat
[2012/02/21 09:48:57 | 000,000,452 | ---- | M] () -- C:\user.js
[2012/02/17 18:30:55 | 000,002,060 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Constant Guard.lnk
[2012/02/17 18:30:55 | 000,002,042 | ---- | M] () -- C:\Users\Public\Desktop\Constant Guard.lnk
[2012/02/14 20:16:32 | 005,301,504 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/02/14 19:47:26 | 002,811,646 | ---- | M] () -- C:\Windows\SysNative\drivers\N360x64\0502000.00D\Cat.DB
[2012/02/12 03:00:00 | 000,000,406 | ---- | M] () -- C:\Windows\tasks\RegAce Scheduled Scan - Dark Killa.job
[2012/02/07 19:40:48 | 000,002,243 | ---- | M] () -- C:\Users\Public\Desktop\Norton Security Suite.lnk
[6 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/03/05 13:26:41 | 061,807,002 | ---- | C] () -- C:\Users\Dark Killa\Desktop\Acura Integra DA9, DB1, DB2(93) Service Manual.pdf
[2012/02/23 01:32:59 | 033,524,512 | ---- | C] () -- C:\Users\Dark Killa\Desktop\grab yo glock3.wav
[2011/12/23 11:35:13 | 000,212,392 | ---- | C] () -- C:\Windows\Photo Pos Pro Uninstaller.exe
[2011/05/18 17:51:06 | 000,001,940 | ---- | C] () -- C:\Users\Dark Killa\AppData\Local\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
[2010/12/28 17:19:17 | 000,000,048 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/08/05 12:50:20 | 000,099,384 | ---- | C] () -- C:\Users\Dark Killa\AppData\Roaming\inst.exe
[2010/08/05 12:50:20 | 000,007,859 | ---- | C] () -- C:\Users\Dark Killa\AppData\Roaming\pcouffin.cat
[2010/08/05 12:50:19 | 000,001,167 | ---- | C] () -- C:\Users\Dark Killa\AppData\Roaming\pcouffin.inf
[2010/06/29 23:12:16 | 000,013,312 | ---- | C] () -- C:\Windows\LPRES.DLL
[2010/05/03 12:37:01 | 000,708,868 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010/04/06 02:10:07 | 000,020,480 | ---- | C] () -- C:\Windows\SysWow64\PosTickerLib.dll

========== LOP Check ==========

[2009/08/18 23:50:14 | 000,000,000 | ---D | M] -- C:\Users\Dark Killa\AppData\Roaming\.gaim
[2010/03/06 14:55:12 | 000,000,000 | ---D | M] -- C:\Users\Dark Killa\AppData\Roaming\AnvSoft
[2010/08/05 12:33:05 | 000,000,000 | ---D | M] -- C:\Users\Dark Killa\AppData\Roaming\BackTalk
[2010/08/12 19:23:13 | 000,000,000 | ---D | M] -- C:\Users\Dark Killa\AppData\Roaming\CallingID
[2011/11/12 15:20:35 | 000,000,000 | ---D | M] -- C:\Users\Dark Killa\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2009/04/15 03:17:45 | 000,000,000 | ---D | M] -- C:\Users\Dark Killa\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2009/09/12 16:17:38 | 000,000,000 | ---D | M] -- C:\Users\Dark Killa\AppData\Roaming\CyberMotion 3D-Designer
[2011/11/22 01:16:46 | 000,000,000 | ---D | M] -- C:\Users\Dark Killa\AppData\Roaming\Daichi
[2009/09/12 14:09:43 | 000,000,000 | ---D | M] -- C:\Users\Dark Killa\AppData\Roaming\DAZ 3D
[2010/03/08 15:42:21 | 000,000,000 | ---D | M] -- C:\Users\Dark Killa\AppData\Roaming\Deckadance
[2009/08/18 20:25:04 | 000,000,000 | ---D | M] -- C:\Users\Dark Killa\AppData\Roaming\DriverCure
[2012/01/27 00:25:23 | 000,000,000 | ---D | M] -- C:\Users\Dark Killa\AppData\Roaming\DVDVideoSoft
[2011/09/04 20:44:01 | 000,000,000 | ---D | M] -- C:\Users\Dark Killa\AppData\Roaming\DVDVideoSoftIEHelpers
[2011/08/30 13:17:26 | 000,000,000 | ---D | M] -- C:\Users\Dark Killa\AppData\Roaming\Earth Alerts
[2009/06/24 01:38:11 | 000,000,000 | ---D | M] -- C:\Users\Dark Killa\AppData\Roaming\GarageGames
[2009/09/13 03:09:12 | 000,000,000 | ---D | M] -- C:\Users\Dark Killa\AppData\Roaming\GetRightToGo
[2010/09/29 08:26:39 | 000,000,000 | ---D | M] -- C:\Users\Dark Killa\AppData\Roaming\GrabPro
[2011/12/23 17:46:43 | 000,000,000 | ---D | M] -- C:\Users\Dark Killa\AppData\Roaming\gtk-2.0
[2010/04/19 13:49:21 | 000,000,000 | ---D | M] -- C:\Users\Dark Killa\AppData\Roaming\Heitmeijer
[2011/09/16 16:42:04 | 000,000,000 | ---D | M] -- C:\Users\Dark Killa\AppData\Roaming\ID Vault
[2011/03/11 02:35:49 | 000,000,000 | ---D | M] -- C:\Users\Dark Killa\AppData\Roaming\images
[2010/11/11 21:00:39 | 000,000,000 | ---D | M] -- C:\Users\Dark Killa\AppData\Roaming\ImgBurn
[2011/06/02 17:35:28 | 000,000,000 | ---D | M] -- C:\Users\Dark Killa\AppData\Roaming\iPodder
[2010/06/24 13:10:40 | 000,000,000 | ---D | M] -- C:\Users\Dark Killa\AppData\Roaming\Juce VST Host
[2011/11/21 14:59:13 | 000,000,000 | ---D | M] -- C:\Users\Dark Killa\AppData\Roaming\mp3rocket
[2011/05/18 16:48:09 | 000,000,000 | ---D | M] -- C:\Users\Dark Killa\AppData\Roaming\muvee Technologies
[2011/05/10 20:23:25 | 000,000,000 | ---D | M] -- C:\Users\Dark Killa\AppData\Roaming\NCH Swift Sound
[2011/01/22 21:45:33 | 000,000,000 | ---D | M] -- C:\Users\Dark Killa\AppData\Roaming\ooVoo Details
[2011/07/25 19:19:31 | 000,000,000 | ---D | M] -- C:\Users\Dark Killa\AppData\Roaming\OpenCandy
[2010/10/01 13:42:58 | 000,000,000 | ---D | M] -- C:\Users\Dark Killa\AppData\Roaming\Orbit
[2009/08/18 23:51:41 | 000,000,000 | ---D | M] -- C:\Users\Dark Killa\AppData\Roaming\Paltalk
[2012/03/05 13:16:59 | 000,000,000 | ---D | M] -- C:\Users\Dark Killa\AppData\Roaming\PC Health Doc PDF Reader
[2011/12/23 11:26:37 | 000,000,000 | ---D | M] -- C:\Users\Dark Killa\AppData\Roaming\PhotoScape
[2010/09/29 08:22:46 | 000,000,000 | ---D | M] -- C:\Users\Dark Killa\AppData\Roaming\ProgSense
[2009/08/21 10:22:48 | 000,000,000 | ---D | M] -- C:\Users\Dark Killa\AppData\Roaming\Propellerhead Software
[2011/08/23 16:00:12 | 000,000,000 | ---D | M] -- C:\Users\Dark Killa\AppData\Roaming\RegistryKeys
[2010/03/06 23:53:10 | 000,000,000 | ---D | M] -- C:\Users\Dark Killa\AppData\Roaming\Sakura
[2011/09/05 19:09:22 | 000,000,000 | ---D | M] -- C:\Users\Dark Killa\AppData\Roaming\Sammsoft
[2011/05/10 20:26:32 | 000,000,000 | ---D | M] -- C:\Users\Dark Killa\AppData\Roaming\Sawer
[2009/09/12 15:25:14 | 000,000,000 | ---D | M] -- C:\Users\Dark Killa\AppData\Roaming\Sony
[2011/09/05 18:29:36 | 000,000,000 | ---D | M] -- C:\Users\Dark Killa\AppData\Roaming\SpeedMaxPc
[2010/08/12 15:55:38 | 000,000,000 | ---D | M] -- C:\Users\Dark Killa\AppData\Roaming\Steinberg
[2009/09/13 03:46:03 | 000,000,000 | ---D | M] -- C:\Users\Dark Killa\AppData\Roaming\Template
[2011/08/15 18:47:52 | 000,000,000 | ---D | M] -- C:\Users\Dark Killa\AppData\Roaming\Tific
[2010/02/03 15:27:51 | 000,000,000 | ---D | M] -- C:\Users\Dark Killa\AppData\Roaming\Utherverse
[2010/08/05 12:52:37 | 000,000,000 | ---D | M] -- C:\Users\Dark Killa\AppData\Roaming\Vso
[2009/09/12 17:19:55 | 000,000,000 | ---D | M] -- C:\Users\Dark Killa\AppData\Roaming\WeatherWatcherLive
[2009/04/03 13:33:48 | 000,000,000 | ---D | M] -- C:\Users\Dark Killa\AppData\Roaming\WinBatch
[2011/01/01 08:14:21 | 000,000,000 | ---D | M] -- C:\Users\Dark Killa\AppData\Roaming\Windows Live Writer
[2012/02/12 03:00:00 | 000,000,406 | ---- | M] () -- C:\Windows\Tasks\RegAce Scheduled Scan - Dark Killa.job
[2012/02/23 23:00:00 | 000,000,348 | ---- | M] () -- C:\Windows\Tasks\Regwork.job
[2012/03/06 17:38:36 | 000,032,552 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012/03/06 17:40:56 | 000,000,342 | ---- | M] () -- C:\Windows\Tasks\WinMaximizer-Dark Killa-Startup.job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 99 bytes -> C:\ProgramData\TEMP:BD36345D
@Alternate Data Stream - 138 bytes -> C:\ProgramData\TEMP:A5B56640

< End of report >

OTL logfile created on: 3/6/2012 6:20:10 PM - Run 1
OTL by OldTimer - Version 3.2.35.1 Folder = C:\Users\Dark Killa\Downloads
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.87 Gb Total Physical Memory | 1.24 Gb Available Physical Memory | 43.23% Memory free
5.96 Gb Paging File | 3.73 Gb Available in Paging File | 62.59% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 285.94 Gb Total Space | 27.85 Gb Free Space | 9.74% Space Free | Partition Type: NTFS
Drive D: | 12.15 Gb Total Space | 1.66 Gb Free Space | 13.63% Space Free | Partition Type: NTFS

Computer Name: DARKKILLA-PC | User Name: Dark Killa | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/03/06 18:19:20 | 000,584,704 | ---- | M] (OldTimer Tools) -- C:\Users\Dark Killa\Downloads\OTL.exe
PRC - [2012/03/06 18:03:26 | 001,332,208 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\17.0.963.66\Installer\setup.exe
PRC - [2012/02/15 14:08:26 | 000,065,096 | ---- | M] (White Sky, Inc.) -- C:\Program Files (x86)\Constant Guard Protection Suite\IDVaultSvc.exe
PRC - [2012/02/15 14:08:22 | 004,720,200 | ---- | M] (White Sky, Inc.) -- C:\Program Files (x86)\Constant Guard Protection Suite\IDVault.exe
PRC - [2012/02/14 21:03:37 | 001,049,072 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2012/01/03 05:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/07/05 09:24:06 | 000,395,528 | ---- | M] (StrikeForce Technologies Inc.) -- C:\Program Files (x86)\SFT\GuardedID\GIDD.exe
PRC - [2011/06/15 16:33:20 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
PRC - [2011/04/16 16:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Security Suite\Engine\5.2.0.13\ccsvchst.exe
PRC - [2010/11/01 14:15:12 | 000,886,752 | ---- | M] () -- C:\Program Files (x86)\SelectRebates\SelectRebates.exe
PRC - [2010/09/13 05:56:02 | 000,168,960 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
PRC - [2009/09/09 13:26:36 | 001,148,200 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
PRC - [2009/08/19 09:25:52 | 001,589,208 | ---- | M] () -- C:\Program Files (x86)\comcasttb\ComcastSpywareScan\ComcastAntiSpy.exe
PRC - [2009/06/17 09:49:44 | 000,616,408 | ---- | M] () -- C:\Program Files (x86)\comcasttb\ComcastSpywareScan\ComcastAntiSpyService.exe
PRC - [2009/05/08 02:53:34 | 000,174,424 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\Common\YMailAdvisor.exe
PRC - [2009/02/03 05:15:18 | 000,111,856 | ---- | M] (Yahoo! Inc) -- C:\Program Files (x86)\Yahoo!\Search Protection\SearchProtection.exe
PRC - [2008/11/09 12:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/04/24 12:26:18 | 000,202,560 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files (x86)\Comcast\Desktop Doctor\bin\sprtsvc.exe
PRC - [2008/04/24 12:25:22 | 000,202,560 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files (x86)\Comcast\Desktop Doctor\bin\sprtcmd.exe
PRC - [2007/09/26 12:55:04 | 000,283,912 | ---- | M] (CA, Inc.) -- C:\Program Files (x86)\CA\PPRT\bin\ITMRTSVC.exe
PRC - [2007/04/18 07:01:34 | 000,065,536 | ---- | M] (Hewlett-Packard Company) -- C:\hp\support\hpsysdrv.exe


========== Modules (No Company Name) ==========

MOD - [2012/02/15 14:08:25 | 000,091,720 | ---- | M] () -- C:\Program Files (x86)\Constant Guard Protection Suite\IdVaultCore.XmlSerializers.dll
MOD - [2012/02/14 21:03:36 | 000,429,040 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\17.0.963.56\ppgooglenaclpluginchrome.dll
MOD - [2012/02/14 21:03:34 | 003,772,912 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\17.0.963.56\pdf.dll
MOD - [2012/02/14 21:02:10 | 000,122,880 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\17.0.963.56\avutil-51.dll
MOD - [2012/02/14 21:02:08 | 000,220,672 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\17.0.963.56\avformat-53.dll
MOD - [2012/02/14 21:02:07 | 001,747,456 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\17.0.963.56\avcodec-53.dll
MOD - [2012/02/14 20:52:32 | 000,240,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\9a22784f4af63232128cbaa639e1852b\WindowsFormsIntegration.ni.dll
MOD - [2012/02/14 20:52:28 | 001,316,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\42aab7622ac540a7f723746eb504b8bf\System.WorkflowServices.ni.dll
MOD - [2012/02/14 20:52:13 | 001,651,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\55fa3e9bbc83c786ece774b817e5aea9\System.ServiceModel.Web.ni.dll
MOD - [2012/02/14 20:50:50 | 000,998,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\8b5f54e3b382fc1720c76557ef8c8bc3\System.Management.ni.dll
MOD - [2012/02/14 20:50:23 | 001,070,080 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\c12259751030b8fb693006bb6e7dd55f\System.IdentityModel.ni.dll
MOD - [2012/02/14 20:50:21 | 002,346,496 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\a4b9d424cd4509b6b76fba81f347f561\System.Runtime.Serialization.ni.dll
MOD - [2012/02/14 20:50:19 | 000,256,000 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\696e2d9a6491947cd89ead8cc4cc658a\SMDiagnostics.ni.dll
MOD - [2012/02/14 20:50:17 | 017,404,416 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\effa6ad5369cea835146937a5635275b\System.ServiceModel.ni.dll
MOD - [2012/02/14 20:49:46 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\d0cf808e33a5123b33010b933d3b1597\System.ServiceProcess.ni.dll
MOD - [2012/02/14 20:49:43 | 001,840,640 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\1a5853155c4e5ab3f91cd37da331e89b\System.Web.Services.ni.dll
MOD - [2012/02/14 20:49:39 | 011,820,032 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\2598077ccea480c6120d3a1ad4455be0\System.Web.ni.dll
MOD - [2012/02/14 20:49:20 | 000,679,936 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Security\96b4cdba0397f94416df0fa211f73441\System.Security.ni.dll
MOD - [2012/02/14 20:49:17 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\7fd6c62196829d1e2dce5a253145d51a\System.Configuration.ni.dll
MOD - [2012/02/14 20:19:17 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d9f0f1dc8cbdb81f1ba122d77a6ab710\System.Xml.ni.dll
MOD - [2012/02/14 20:18:59 | 012,430,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\65450889f3742aada2a6c0cf8e6173e3\System.Windows.Forms.ni.dll
MOD - [2012/02/14 20:18:50 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\137696d0416b65dbc1561152971488b4\System.Drawing.ni.dll
MOD - [2012/02/14 20:18:34 | 006,621,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\029217106fa24787ff7a61b754f8ebf7\System.Data.ni.dll
MOD - [2012/02/14 20:18:24 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\d48e106e015d0f8cb2d5295015cee508\PresentationFramework.Aero.ni.dll
MOD - [2012/02/14 20:18:23 | 014,328,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\56df3488472318c59d0a08ed10a065d3\PresentationFramework.ni.dll
MOD - [2012/02/14 20:18:05 | 012,216,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\3951e0a359c004cd6ba268ff78ac62aa\PresentationCore.ni.dll
MOD - [2012/02/14 20:17:50 | 003,325,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\1e258a951222c818540b33880ca45f2e\WindowsBase.ni.dll
MOD - [2012/02/14 20:17:44 | 007,953,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\c50133cb67d7c013fa31e1ffb942060b\System.ni.dll
MOD - [2012/02/14 18:00:24 | 008,593,568 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\17.0.963.56\gcswf32.dll
MOD - [2011/10/13 12:24:00 | 000,060,928 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\5aab9bc687029a908fc01473f8e5f77b\UIAutomationProvider.ni.dll
MOD - [2011/10/13 12:15:09 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\b6632a8b2f276a8e31f5b0f6b2006cd1\mscorlib.ni.dll
MOD - [2010/11/01 14:15:12 | 000,886,752 | ---- | M] () -- C:\Program Files (x86)\SelectRebates\SelectRebates.exe
MOD - [2009/08/19 09:25:52 | 001,589,208 | ---- | M] () -- C:\Program Files (x86)\comcasttb\ComcastSpywareScan\ComcastAntiSpy.exe
MOD - [2009/06/12 15:32:16 | 000,104,456 | ---- | M] () -- C:\WINDOWS\SysWOW64\EasyHook32.dll
MOD - [2009/03/29 20:42:17 | 002,933,760 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2010/09/22 17:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2008/01/20 18:47:32 | 000,383,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2007/10/18 06:37:22 | 000,412,672 | ---- | M] (Conexant Systems, Inc.) [Auto | Running] -- C:\Windows\SysNative\DRIVERS\xaudio64.exe -- (XAudioService)
SRV - [2012/02/15 14:08:26 | 000,065,096 | ---- | M] (White Sky, Inc.) [Auto | Running] -- C:\Program Files (x86)\Constant Guard Protection Suite\IDVaultSvc.exe -- (IDVaultSvc)
SRV - [2012/01/03 05:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/07/07 18:31:08 | 000,195,336 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/06/15 16:33:20 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (BBUpdate)
SRV - [2011/04/16 16:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Security Suite\Engine\5.2.0.13\ccSvcHst.exe -- (N360)
SRV - [2010/10/12 09:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/17 09:49:44 | 000,616,408 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\comcasttb\ComcastSpywareScan\ComcastAntiSpyService.exe -- (AntiSpywareService)
SRV - [2009/03/29 20:42:14 | 000,066,368 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/11/09 12:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/04/24 12:26:18 | 000,202,560 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files (x86)\Comcast\Desktop Doctor\bin\sprtsvc.exe -- (sprtsvc_ddoctorv2) SupportSoft Sprocket Service (ddoctorv2)
SRV - [2007/09/26 12:55:04 | 000,283,912 | ---- | M] (CA, Inc.) [Auto | Running] -- C:\Program Files (x86)\CA\PPRT\bin\ITMRTSVC.exe -- (ITMRTSVC)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/07/06 11:44:00 | 000,034,288 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2011/07/05 09:18:38 | 000,029,288 | ---- | M] (StrikeForce Technologies, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\gidv2.sys -- (GIDv2)
DRV:64bit: - [2011/05/24 14:39:44 | 000,174,200 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2011/04/20 17:37:49 | 000,432,760 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\N360x64\0502000.00D\SYMTDIV.SYS -- (SYMTDIv)
DRV:64bit: - [2011/03/30 19:04:12 | 000,043,640 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\SymIMv.sys -- (SymIM)
DRV:64bit: - [2011/03/30 19:00:09 | 000,744,568 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\Drivers\N360x64\0502000.00D\SRTSP64.SYS -- (SRTSP)
DRV:64bit: - [2011/03/30 19:00:09 | 000,040,568 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0502000.00D\SRTSPX64.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV:64bit: - [2011/03/14 18:31:23 | 000,912,504 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\0502000.00D\SYMEFA64.SYS -- (SymEFA)
DRV:64bit: - [2011/01/26 22:47:10 | 000,450,680 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\0502000.00D\SYMDS64.SYS -- (SymDS)
DRV:64bit: - [2010/11/15 17:45:33 | 000,171,128 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0502000.00D\Ironx64.SYS -- (SymIRON)
DRV:64bit: - [2010/09/22 23:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2009/09/30 16:51:42 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wpdusb.sys -- (WpdUsb)
DRV:64bit: - [2009/07/09 11:16:16 | 000,048,640 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2009/04/08 14:28:46 | 000,068,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\xusb21.sys -- (xusb21)
DRV:64bit: - [2008/10/22 06:23:12 | 000,103,936 | ---- | M] (SiGma Micro) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SGCameraUVC.sys -- (SGCameraUVC)
DRV:64bit: - [2008/05/08 04:27:00 | 000,411,136 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\CAXHWBS2.sys -- (CAXHWBS2)
DRV:64bit: - [2008/05/08 04:25:12 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\CAX_CNXT.sys -- (winachsf)
DRV:64bit: - [2008/05/08 04:24:08 | 001,487,872 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\CAX_DP.sys -- (HSF_DP)
DRV:64bit: - [2008/01/20 18:51:07 | 000,016,384 | ---- | M] (Microsoft Corporation) [Recognizer | System | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2008/01/20 18:46:53 | 001,523,712 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\VSTDPV6.SYS -- (VST64_DPV)
DRV:64bit: - [2008/01/20 18:46:53 | 000,392,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\VSTBS26.SYS -- (VST64HWBS2)
DRV:64bit: - [2007/10/24 09:47:04 | 000,029,432 | ---- | M] (SIA Syncrosoft) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SynUSB64.sys -- (SynasUSB)
DRV:64bit: - [2007/10/24 03:00:00 | 000,053,488 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2007/10/18 06:37:10 | 000,010,240 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\xaudio64.sys -- (XAudio)
DRV:64bit: - [2006/06/19 05:27:24 | 000,017,024 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\mdmxsdk.sys -- (mdmxsdk)
DRV - [2012/03/06 16:04:10 | 000,488,568 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\IPSDefs\20120306.002\IDSviA64.sys -- (IDSVia64)
DRV - [2012/03/02 10:58:01 | 001,157,240 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\BASHDefs\20120302.001\BHDrvx64.sys -- (BHDrvx64)
DRV - [2012/02/03 18:35:18 | 000,138,360 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2012/02/03 18:35:17 | 000,482,936 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2011/12/14 23:42:16 | 002,048,632 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20120306.003\EX64.SYS -- (NAVEX15)
DRV - [2011/12/14 23:42:14 | 000,117,880 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20120306.003\ENG64.SYS -- (NAVENG)
DRV - [1999/09/10 11:06:00 | 000,025,244 | ---- | M] (Adaptec) [Kernel | System | Stopped] -- C:\Windows\SysWow64\drivers\ASPI32.SYS -- (ASPI32)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...avilion&pf=cndt
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE:64bit: - HKLM\..\SearchScopes\{8467301C-3019-4B07-9F96-1DBC89ABA3EA}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpd
IE:64bit: - HKLM\..\SearchScopes\{AF996310-CC0A-4F17-94AE-8581502E0BC5}: "URL" = http://search.yahoo....ing}&fr=hp-pvdt
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?fr=fp-tyc8
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/?fr=fp-tyc8
IE - HKLM\..\URLSearchHook: {b2475f4c-9372-46d3-a407-ff155aa1fb91} - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\..\SearchScopes\{8467301C-3019-4B07-9F96-1DBC89ABA3EA}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpd
IE - HKLM\..\SearchScopes\{8b0d31e7-0331-43cc-87cd-a472317f1305}: "URL" = http://search.mywebs...r={searchTerms}
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.condui...&ctid=CT2786678
IE - HKLM\..\SearchScopes\ComcastSearch: "URL" = http://search.comcas...cat=Web&con=ie7

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://xfinity.comca...id=mtmh10122011
IE - HKCU\..\URLSearchHook: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn8\yt.dll (Yahoo! Inc.)
IE - HKCU\..\SearchScopes,DefaultScope = {2A958B99-A632-44EA-AD33-58A474D375E2}
IE - HKCU\..\SearchScopes\{1F8365A0-B851-4B06-8507-E6649C8071C5}: "URL" = http://Mp3Rocket.too...s={searchTerms}
IE - HKCU\..\SearchScopes\{2A958B99-A632-44EA-AD33-58A474D375E2}: "URL" = http://search.yahoo....ms}&fr=chr-tyc8
IE - HKCU\..\SearchScopes\{70C81A4D-A553-4852-84DA-8F7EF54C06AB}: "URL" = http://websearch.ask...6-BB921E98747E
IE - HKCU\..\SearchScopes\{B31136C6-C3EF-4368-A713-131A71F4648E}: "URL" = http://delicious.com...p={searchTerms}
IE - HKCU\..\SearchScopes\{F2B4AADC-C2CC-4E70-A4FD-CE48ADF9AD0A}: "URL" = http://www.flickr.co...q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Mp3Rocket"
FF - prefs.js..browser.search.defaultenginename: "Mp3Rocket"
FF - prefs.js..browser.search.order.1: "Mp3Rocket"
FF - prefs.js..browser.search.selectedEngine: "Mp3Rocket"
FF - prefs.js..browser.startup.homepage: "http://www.comcast.n...d=tbid10122011"


FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Users\Dark Killa\AppData\Roaming\Move Networks\plugins\npqmp071706000001.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\IPSFFPlgn\ [2012/02/07 19:41:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\coFFPlgn_2011_7_5_2 [2012/03/06 17:40:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\fbphotozoom\fbphotozoom13.xpi [2012/03/05 13:25:09 | 000,102,233 | ---- | M] ()
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/01/11 14:47:54 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/01/11 14:47:54 | 000,000,000 | ---D | M]

[2011/08/27 15:50:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dark Killa\AppData\Roaming\Mozilla\Extensions
[2012/03/05 13:25:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dark Killa\AppData\Roaming\Mozilla\Firefox\Profiles\t6vfsihk.default\extensions
[2012/02/24 18:35:41 | 000,000,000 | ---D | M] (ShopToWin9) -- C:\Users\Dark Killa\AppData\Roaming\Mozilla\Firefox\Profiles\t6vfsihk.default\extensions\{46d606b0-a645-11df-981c-0800200c9a66}
[2011/10/21 16:21:38 | 000,000,000 | ---D | M] (XFINITY Toolbar) -- C:\Users\Dark Killa\AppData\Roaming\Mozilla\Firefox\Profiles\t6vfsihk.default\extensions\{4b9bcce8-a70b-402a-a7e1-db96831ee26f}
[2011/10/12 10:18:17 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Dark Killa\AppData\Roaming\Mozilla\Firefox\Profiles\t6vfsihk.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2011/09/04 20:44:01 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Dark Killa\AppData\Roaming\Mozilla\Firefox\Profiles\t6vfsihk.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2011/12/16 12:11:53 | 000,000,000 | ---D | M] (Babylon) -- C:\Users\Dark Killa\AppData\Roaming\Mozilla\Firefox\Profiles\t6vfsihk.default\extensions\[email protected]
[2012/03/05 13:25:27 | 000,000,000 | ---D | M] (Yontoo) -- C:\Users\Dark Killa\AppData\Roaming\Mozilla\Firefox\Profiles\t6vfsihk.default\extensions\[email protected]
[2011/09/28 21:51:33 | 000,000,000 | ---D | M] (ShopAtHome.com Intelligent Shopping Toolbar) -- C:\Users\Dark Killa\AppData\Roaming\Mozilla\Firefox\Profiles\t6vfsihk.default\extensions\[email protected]
[2012/02/24 18:35:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dark Killa\AppData\Roaming\Mozilla\Firefox\Profiles\t6vfsihk.default\extensions\{46d606b0-a645-11df-981c-0800200c9a66}\chrome\content\dca\core\extensionManager
[2012/03/06 16:25:06 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/03/06 16:25:06 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}
[2012/03/06 17:40:47 | 000,000,000 | ---D | M] (Norton Toolbar) -- C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\COFFPLGN_2011_7_5_2
[2012/02/07 19:41:34 | 000,000,000 | ---D | M] (Symantec Intrusion Prevention) -- C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\IPSFFPLGN
[2011/10/17 15:38:50 | 000,000,000 | ---D | M] (XFINITY Constant Guard Protection Suite) -- C:\PROGRAMDATA\WHITE SKY, INC\ID VAULT\XPCOM7
[2009/06/23 11:28:31 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
[2011/10/17 11:09:32 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/03/06 16:24:22 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2011/10/17 11:09:29 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2011/09/05 18:02:18 | 000,045,258 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\Mp3Rocket.xml
[2011/09/05 18:02:18 | 000,045,238 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\Mp3Rocket.xml.bak

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\17.0.963.56\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\17.0.963.56\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\17.0.963.56\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.310.5 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll
CHR - plugin: WildTangent Games App Presence Detector (Enabled) = C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Users\Dark Killa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Users\Dark Killa\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.17_0\
CHR - Extension: Lord of Ultima = C:\Users\Dark Killa\AppData\Local\Google\Chrome\User Data\Default\Extensions\jdheeblenjmceeppomdgokgilmkonced\1.0.11_0\
CHR - Extension: Skype Extension = C:\Users\Dark Killa\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.3.0.7550_0\
CHR - Extension: FBPHOTOZOOM = C:\Users\Dark Killa\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpieaakhacmfleokhjcjnpcnmnmpfkid\1.3_0\
CHR - Extension: Gmail = C:\Users\Dark Killa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2010/04/30 13:38:28 | 000,001,045 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 98.158.185.58 www.craigslist.org
O1 - Hosts: 98.158.185.58 www.craigslist.net
O1 - Hosts: 98.158.185.58 www.craigslist.com
O1 - Hosts: 98.158.185.58 craigslist.org
O1 - Hosts: 98.158.185.58 craigslist.com
O1 - Hosts: 98.158.185.58 craigslist.net
O1 - Hosts: 98.158.185.58 accounts.craigslist.org
O1 - Hosts: 98.158.185.58 accounts.craigslist.net
O1 - Hosts: 98.158.185.58 accounts.craigslist.com
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn8\yt.dll (Yahoo! Inc.)
O2 - BHO: (XFINITY Toolbar) - {4b9bcce8-a70b-402a-a7e1-db96831ee26f} - C:\Program Files (x86)\xfin_portal\comcastdx.dll ()
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Security Suite\Engine\5.2.0.13\coieplg.dll (Symantec Corporation)
O2 - BHO: (Freecause Toolbar BHO) - {69CE821F-3668-475A-B66F-94719B322DE3} - C:\Program Files (x86)\Dallas Cowboys\Toolbar.dll ()
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Security Suite\Engine\5.2.0.13\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (no name) - {b2475f4c-9372-46d3-a407-ff155aa1fb91} - No CLSID value found.
O2 - BHO: (Constant Guard Protection Suite (COM)) - {B84CDBE7-1B46-494B-A188-01D4C52DEB61} - C:\Program Files (x86)\Constant Guard Protection Suite\NativeBHO.dll (WhiteSky)
O2 - BHO: (Updater For XFIN_PORTAL) - {bb46be07-13eb-4c49-b0f0-fc78b9ea4983} - C:\Program Files (x86)\xfin_portal\auxi\comcastAu.dll (Visicom Media)
O2 - BHO: (no name) - {c3721e85-f0ac-4b7e-ae4c-3e738011dc9d} - No CLSID value found.
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (ShopAtHomeIEHelper Class) - {E8DAAA30-6CAA-4b58-9603-8E54238219E2} - C:\Program Files (x86)\SelectRebates\Toolbar\ShopAtHomeToolbar.dll (ShopAtHome.com)
O2 - BHO: (Yontoo) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo Layers Runtime\YontooIEClient.dll (Yontoo LLC)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn8\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (Dallas Cowboys) - {27E7F580-724E-46EB-846F-96C2396D23ED} - C:\Program Files (x86)\Dallas Cowboys\Toolbar.dll ()
O3 - HKLM\..\Toolbar: (no name) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - No CLSID value found.
O3 - HKLM\..\Toolbar: (XFINITY Toolbar) - {4b9bcce8-a70b-402a-a7e1-db96831ee26f} - C:\Program Files (x86)\xfin_portal\comcastdx.dll ()
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\5.2.0.13\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (ShopAtHome.com Toolbar) - {98279C38-DE4B-4bcf-93C9-8EC26069D6F4} - C:\Program Files (x86)\SelectRebates\Toolbar\ShopAtHomeToolbar.dll (ShopAtHome.com)
O3 - HKLM\..\Toolbar: (no name) - {b2475f4c-9372-46d3-a407-ff155aa1fb91} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {c3721e85-f0ac-4b7e-ae4c-3e738011dc9d} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn8\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Dallas Cowboys) - {27E7F580-724E-46EB-846F-96C2396D23ED} - C:\Program Files (x86)\Dallas Cowboys\Toolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\5.2.0.13\coieplg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (ShopAtHome.com Toolbar) - {98279C38-DE4B-4BCF-93C9-8EC26069D6F4} - C:\Program Files (x86)\SelectRebates\Toolbar\ShopAtHomeToolbar.dll (ShopAtHome.com)
O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.dll (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [NvMediaCenter] C:\Windows\SysNative\NvMcTray.dll (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ddoctorv2] C:\Program Files (x86)\Comcast\Desktop Doctor\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [DVDAgent] c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [GIDDesktop] C:\Program Files (x86)\SFT\GuardedID\gidd.exe (StrikeForce Technologies Inc.)
O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)
O4 - HKLM..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [KBD] C:\hp\KBD\KbdStub.exe ()
O4 - HKLM..\Run: [SelectRebates] C:\Program Files (x86)\SelectRebates\SelectRebates.exe ()
O4 - HKLM..\Run: [YMailAdvisor] C:\Program Files (x86)\Yahoo!\Common\YMailAdvisor.exe (Yahoo! Inc.)
O4 - HKLM..\Run: [YSearchProtection] C:\Program Files (x86)\Yahoo!\Search Protection\SearchProtection.exe (Yahoo! Inc)
O4 - HKCU..\Run: [AdobeBridge] File not found
O4 - HKCU..\Run: [ComcastAntispyClient] C:\Program Files (x86)\comcasttb\ComcastSpywareScan\ComcastAntispy.exe ()
O4 - HKCU..\Run: [MySpaceIM] C:\Program Files (x86)\MySpace\IM\MySpaceIM.exe File not found
O4 - HKCU..\Run: [YSearchProtection] C:\Program Files (x86)\Yahoo!\Search Protection\SearchProtection.exe (Yahoo! Inc)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\Dark Killa\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8 - Extra context menu item: Free YouTube Download - C:\Users\Dark Killa\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files (x86)\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx...owserPlugin.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {DB7BF79A-FC51-4B5A-92BC-A65731174380} http://www.instantac...ad/iaplayer.cab (InstantAction Game Launcher)
O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} http://134.29.208.43/activex/AMC.cab (AxisMediaControlEmb Class)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 75.75.75.75 75.75.76.76
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F1EBD77E-E50D-41EF-93AD-A1F8ED4B985E}: DhcpNameServer = 75.75.75.75 75.75.76.76
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\symres - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\symres {AA1061FE-6C41-421f-9344-69640C9732AB} - C:\Program Files (x86)\Norton Security Suite\Engine\3.8.0.41\coIEPlg.dll File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Dark Killa\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Dark Killa\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{99e05edb-1fab-11de-973c-00226808c610}\Shell\Auto\command - "" = Setup.exe
O33 - MountPoints2\{99e05edb-1fab-11de-973c-00226808c610}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Setup.exe
O33 - MountPoints2\{99e05ede-1fab-11de-973c-00226808c610}\Shell - "" = AutoRun
O33 - MountPoints2\{99e05ede-1fab-11de-973c-00226808c610}\Shell\AutoRun\command - "" = K:\LaunchU3.exe
O33 - MountPoints2\J\Shell - "" = AutoRun
O33 - MountPoints2\J\Shell\AutoRun\command - "" = J:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012/03/06 16:25:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2012/03/05 13:25:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Yontoo Layers Runtime
[2012/03/05 13:25:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\fbphotozoom
[2012/03/05 13:24:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\1ClickDownload
[2012/03/05 13:16:59 | 000,000,000 | ---D | C] -- C:\Users\Dark Killa\AppData\Roaming\PC Health Doc PDF Reader
[2012/03/05 13:16:57 | 000,000,000 | ---D | C] -- C:\Users\Dark Killa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PCHealthDocPDFReader
[2012/03/05 13:16:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PCHealthDocPDFReader
[2012/02/23 01:42:15 | 000,000,000 | ---D | C] -- C:\Users\Dark Killa\AppData\Local\{D4EF4AEE-F60D-4FD4-8492-64EA45409A02}
[2012/02/23 01:42:05 | 000,000,000 | ---D | C] -- C:\Users\Dark Killa\AppData\Local\{FDAEA683-2DAF-44D7-B343-8CB104907D3D}
[2012/02/23 00:53:05 | 000,000,000 | ---D | C] -- C:\Users\Dark Killa\Desktop\new raps
[2012/02/12 11:30:12 | 000,000,000 | ---D | C] -- C:\Users\Dark Killa\AppData\Local\{22F55FA3-1A8C-4FB5-91AA-D66B8E2D0ABE}
[2012/02/12 11:30:01 | 000,000,000 | ---D | C] -- C:\Users\Dark Killa\AppData\Local\{70DE23A7-3E5B-495D-9D18-84F4A9C19468}
[2012/02/07 17:33:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\eGames
[2010/08/05 12:50:19 | 000,082,816 | ---- | C] (VSO Software) -- C:\Users\Dark Killa\AppData\Roaming\pcouffin.sys
[6 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/03/06 18:04:24 | 000,000,906 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/03/06 18:04:22 | 000,001,985 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2012/03/06 17:45:46 | 000,703,516 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/03/06 17:45:46 | 000,604,502 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/03/06 17:45:46 | 000,104,202 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/03/06 17:40:58 | 000,000,902 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/03/06 17:40:56 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\WinMaximizer-Dark Killa-Startup.job
[2012/03/06 17:40:31 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/03/06 17:40:31 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/03/06 17:40:25 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/03/06 17:40:21 | 3084,050,432 | -HS- | M] () -- C:\hiberfil.sys
[2012/03/05 13:58:17 | 061,807,002 | ---- | M] () -- C:\Users\Dark Killa\Desktop\Acura Integra DA9, DB1, DB2(93) Service Manual.pdf
[2012/02/23 23:00:00 | 000,000,348 | ---- | M] () -- C:\Windows\tasks\Regwork.job
[2012/02/23 02:08:01 | 033,524,512 | ---- | M] () -- C:\Users\Dark Killa\Desktop\grab yo glock3.wav
[2012/02/22 07:00:01 | 000,007,052 | ---- | M] () -- C:\Users\Dark Killa\AppData\Local\d3d9caps.dat
[2012/02/21 09:48:57 | 000,000,452 | ---- | M] () -- C:\user.js
[2012/02/17 18:30:55 | 000,002,060 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Constant Guard.lnk
[2012/02/17 18:30:55 | 000,002,042 | ---- | M] () -- C:\Users\Public\Desktop\Constant Guard.lnk
[2012/02/14 20:16:32 | 005,301,504 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/02/14 19:47:26 | 002,811,646 | ---- | M] () -- C:\Windows\SysNative\drivers\N360x64\0502000.00D\Cat.DB
[2012/02/12 03:00:00 | 000,000,406 | ---- | M] () -- C:\Windows\tasks\RegAce Scheduled Scan - Dark Killa.job
[2012/02/07 19:40:48 | 000,002,243 | ---- | M] () -- C:\Users\Public\Desktop\Norton Security Suite.lnk
[6 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/03/05 13:26:41 | 061,807,002 | ---- | C] () -- C:\Users\Dark Killa\Desktop\Acura Integra DA9, DB1, DB2(93) Service Manual.pdf
[2012/02/23 01:32:59 | 033,524,512 | ---- | C] () -- C:\Users\Dark Killa\Desktop\grab yo glock3.wav
[2011/12/23 11:35:13 | 000,212,392 | ---- | C] () -- C:\Windows\Photo Pos Pro Uninstaller.exe
[2011/05/18 17:51:06 | 000,001,940 | ---- | C] () -- C:\Users\Dark Killa\AppData\Local\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
[2010/12/28 17:19:17 | 000,000,048 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/08/05 12:50:20 | 000,099,384 | ---- | C] () -- C:\Users\Dark Killa\AppData\Roaming\inst.exe
[2010/08/05 12:50:20 | 000,007,859 | ---- | C] () -- C:\Users\Dark Killa\AppData\Roaming\pcouffin.cat
[2010/08/05 12:50:19 | 000,001,167 | ---- | C] () -- C:\Users\Dark Killa\AppData\Roaming\pcouffin.inf
[2010/06/29 23:12:16 | 000,013,312 | ---- | C] () -- C:\Windows\LPRES.DLL
[2010/05/03 12:37:01 | 000,708,868 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010/04/06 02:10:07 | 000,020,480 | ---- | C] () -- C:\Windows\SysWow64\PosTickerLib.dll

========== LOP Check ==========

[2009/08/18 23:50:14 | 000,000,000 | ---D | M] -- C:\Users\Dark Killa\AppData\Roaming\.gaim
[2010/03/06 14:55:12 | 000,000,000 | ---D | M] -- C:\Users\Dark Killa\AppData\Roaming\AnvSoft
[2010/08/05 12:33:05 | 000,000,000 | ---D | M] -- C:\Users\Dark Killa\AppData\Roaming\BackTalk
[2010/08/12 19:23:13 | 000,000,000 | ---D | M] -- C:\Users\Dark Killa\AppData\Roaming\CallingID
[2011/11/12 15:20:35 | 000,000,000 | ---D | M] -- C:\Users\Dark Killa\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2009/04/15 03:17:45 | 000,000,000 | ---D | M] -- C:\Users\Dark Killa\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2009/09/12 16:17:38 | 000,000,000 | ---D | M] -- C:\Users\Dark Killa\AppData\Roaming\CyberMotion 3D-Designer
[2011/11/22 01:16:46 | 000,000,000 | ---D | M] -- C:\Users\Dark Killa\AppData\Roaming\Daichi
[2009/09/12 14:09:43 | 000,000,000 | ---D | M] -- C:\Users\Dark Killa\AppData\Roaming\DAZ 3D
[2010/03/08 15:42:21 | 000,000,000 | ---D | M] -- C:\Users\Dark Killa\AppData\Roaming\Deckadance
[2009/08/18 20:25:04 | 000,000,000 | ---D | M] -- C:\Users\Dark Killa\AppData\Roaming\DriverCure
[2012/01/27 00:25:23 | 000,000,000 | ---D | M] -- C:\Users\Dark Killa\AppData\Roaming\DVDVideoSoft
[2011/09/04 20:44:01 | 000,000,000 | ---D | M] -- C:\Users\Dark Killa\AppData\Roaming\DVDVideoSoftIEHelpers
[2011/08/30 13:17:26 | 000,000,000 | ---D | M] -- C:\Users\Dark Killa\AppData\Roaming\Earth Alerts
[2009/06/24 01:38:11 | 000,000,000 | ---D | M] -- C:\Users\Dark Killa\AppData\Roaming\GarageGames
[2009/09/13 03:09:12 | 000,000,000 | ---D | M] -- C:\Users\Dark Killa\AppData\Roaming\GetRightToGo
[2010/09/29 08:26:39 | 000,000,000 | ---D | M] -- C:\Users\Dark Killa\AppData\Roaming\GrabPro
[2011/12/23 17:46:43 | 000,000,000 | ---D | M] -- C:\Users\Dark Killa\AppData\Roaming\gtk-2.0
[2010/04/19 13:49:21 | 000,000,000 | ---D | M] -- C:\Users\Dark Killa\AppData\Roaming\Heitmeijer
[2011/09/16 16:42:04 | 000,000,000 | ---D | M] -- C:\Users\Dark Killa\AppData\Roaming\ID Vault
[2011/03/11 02:35:49 | 000,000,000 | ---D | M] -- C:\Users\Dark Killa\AppData\Roaming\images
[2010/11/11 21:00:39 | 000,000,000 | ---D | M] -- C:\Users\Dark Killa\AppData\Roaming\ImgBurn
[2011/06/02 17:35:28 | 000,000,000 | ---D | M] -- C:\Users\Dark Killa\AppData\Roaming\iPodder
[2010/06/24 13:10:40 | 000,000,000 | ---D | M] -- C:\Users\Dark Killa\AppData\Roaming\Juce VST Host
[2011/11/21 14:59:13 | 000,000,000 | ---D | M] -- C:\Users\Dark Killa\AppData\Roaming\mp3rocket
[2011/05/18 16:48:09 | 000,000,000 | ---D | M] -- C:\Users\Dark Killa\AppData\Roaming\muvee Technologies
[2011/05/10 20:23:25 | 000,000,000 | ---D | M] -- C:\Users\Dark Killa\AppData\Roaming\NCH Swift Sound
[2011/01/22 21:45:33 | 000,000,000 | ---D | M] -- C:\Users\Dark Killa\AppData\Roaming\ooVoo Details
[2011/07/25 19:19:31 | 000,000,000 | ---D | M] -- C:\Users\Dark Killa\AppData\Roaming\OpenCandy
[2010/10/01 13:42:58 | 000,000,000 | ---D | M] -- C:\Users\Dark Killa\AppData\Roaming\Orbit
[2009/08/18 23:51:41 | 000,000,000 | ---D | M] -- C:\Users\Dark Killa\AppData\Roaming\Paltalk
[2012/03/05 13:16:59 | 000,000,000 | ---D | M] -- C:\Users\Dark Killa\AppData\Roaming\PC Health Doc PDF Reader
[2011/12/23 11:26:37 | 000,000,000 | ---D | M] -- C:\Users\Dark Killa\AppData\Roaming\PhotoScape
[2010/09/29 08:22:46 | 000,000,000 | ---D | M] -- C:\Users\Dark Killa\AppData\Roaming\ProgSense
[2009/08/21 10:22:48 | 000,000,000 | ---D | M] -- C:\Users\Dark Killa\AppData\Roaming\Propellerhead Software
[2011/08/23 16:00:12 | 000,000,000 | ---D | M] -- C:\Users\Dark Killa\AppData\Roaming\RegistryKeys
[2010/03/06 23:53:10 | 000,000,000 | ---D | M] -- C:\Users\Dark Killa\AppData\Roaming\Sakura
[2011/09/05 19:09:22 | 000,000,000 | ---D | M] -- C:\Users\Dark Killa\AppData\Roaming\Sammsoft
[2011/05/10 20:26:32 | 000,000,000 | ---D | M] -- C:\Users\Dark Killa\AppData\Roaming\Sawer
[2009/09/12 15:25:14 | 000,000,000 | ---D | M] -- C:\Users\Dark Killa\AppData\Roaming\Sony
[2011/09/05 18:29:36 | 000,000,000 | ---D | M] -- C:\Users\Dark Killa\AppData\Roaming\SpeedMaxPc
[2010/08/12 15:55:38 | 000,000,000 | ---D | M] -- C:\Users\Dark Killa\AppData\Roaming\Steinberg
[2009/09/13 03:46:03 | 000,000,000 | ---D | M] -- C:\Users\Dark Killa\AppData\Roaming\Template
[2011/08/15 18:47:52 | 000,000,000 | ---D | M] -- C:\Users\Dark Killa\AppData\Roaming\Tific
[2010/02/03 15:27:51 | 000,000,000 | ---D | M] -- C:\Users\Dark Killa\AppData\Roaming\Utherverse
[2010/08/05 12:52:37 | 000,000,000 | ---D | M] -- C:\Users\Dark Killa\AppData\Roaming\Vso
[2009/09/12 17:19:55 | 000,000,000 | ---D | M] -- C:\Users\Dark Killa\AppData\Roaming\WeatherWatcherLive
[2009/04/03 13:33:48 | 000,000,000 | ---D | M] -- C:\Users\Dark Killa\AppData\Roaming\WinBatch
[2011/01/01 08:14:21 | 000,000,000 | ---D | M] -- C:\Users\Dark Killa\AppData\Roaming\Windows Live Writer
[2012/02/12 03:00:00 | 000,000,406 | ---- | M] () -- C:\Windows\Tasks\RegAce Scheduled Scan - Dark Killa.job
[2012/02/23 23:00:00 | 000,000,348 | ---- | M] () -- C:\Windows\Tasks\Regwork.job
[2012/03/06 17:38:36 | 000,032,552 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012/03/06 17:40:56 | 000,000,342 | ---- | M] () -- C:\Windows\Tasks\WinMaximizer-Dark Killa-Startup.job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 99 bytes -> C:\ProgramData\TEMP:BD36345D
@Alternate Data Stream - 138 bytes -> C:\ProgramData\TEMP:A5B56640

< End of report >
  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP