My PC is clearly infected with malware/virus. It's been used by a couple of people, and it's been a long time since I checked it.
I have ESET Nod32 5, and Malwarebytes Anti-Malware. ESET detects that almost all my program files(.exe), i.e, Photoshop.exe, javaw.exe; they are detected as Win32/Sality.NAR virus. Around 355 files like this are detected by ESET and is now in quarantine. Regedit and Taskmanager are disabled.
I don't really know what's the problem. I wanna fix it.. and I don't have time for reformatting this PC.
I would really need your help.
Thank you in advance
OTL logfile created on: 10/27/2012 8:38:15 PM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Faith Morante\My Documents\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1013.11 Mb Total Physical Memory | 314.57 Mb Available Physical Memory | 31.05% Memory free
2.38 Gb Paging File | 1.43 Gb Available in Paging File | 59.94% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 59.87 Gb Total Space | 7.15 Gb Free Space | 11.94% Space Free | Partition Type: NTFS
Drive F: | 14.65 Gb Total Space | 2.97 Gb Free Space | 20.28% Space Free | Partition Type: NTFS
Computer Name: FAITH | User Name: Faith Morante | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012/10/27 20:11:04 | 072,668,672 | ---- | M] () -- C:\Program Files\Secunia\PSI\SUA\ab135562cebb5f78ce8ea5ec8bd5d2fde6d6a194\ab135562cebb5f78ce8ea5ec8bd5d2fde6d6a194.exe
PRC - [2012/10/27 19:55:40 | 014,919,168 | ---- | M] () -- C:\Program Files\Secunia\PSI\SUA\a85cd460c341ad61be403a895d4d4b07c00ee57d\JavaJRE_6u37_32-bit_SPS.exe
PRC - [2012/10/27 19:51:33 | 018,417,152 | ---- | M] () -- C:\Program Files\Secunia\PSI\SUA\b0c42552db57cf38c536877b1a9794905d184dd8\Firefox_16.0.1_en-US_SPS.exe
PRC - [2012/10/27 19:48:16 | 039,612,928 | ---- | M] () -- C:\Program Files\Secunia\PSI\SUA\f2231c88705aaaf267443a8e6ac62ca5b6806acc\QuickTime_7.7.2_SPS.exe
PRC - [2012/10/27 19:41:37 | 003,267,584 | ---- | M] () -- C:\Program Files\Secunia\PSI\SUA\0a2bb793b17eb17cb6f38b9316bb53504cb86de2\AdobeFlashPlayer_10.3.183.29_ax_SPS.exe
PRC - [2012/10/27 18:50:48 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Faith Morante\My Documents\Downloads\OTL.exe
PRC - [2012/10/10 17:06:17 | 001,239,064 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Faith Morante\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
PRC - [2012/10/02 12:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) -- C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2012/09/24 19:46:16 | 001,328,736 | ---- | M] (Secunia) -- C:\Program Files\Secunia\PSI\psia.exe
PRC - [2012/09/24 19:46:16 | 000,656,480 | ---- | M] (Secunia) -- C:\Program Files\Secunia\PSI\sua.exe
PRC - [2012/09/24 19:46:14 | 001,950,304 | ---- | M] (Secunia) -- C:\Program Files\Secunia\PSI\psi.exe
PRC - [2012/09/24 19:46:14 | 000,573,536 | ---- | M] (Secunia) -- C:\Program Files\Secunia\PSI\psi_tray.exe
PRC - [2012/09/03 18:13:49 | 001,022,352 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\uTorrent\UTORRENT.EXE
PRC - [2012/07/20 08:27:23 | 000,871,536 | ---- | M] (BitLeader) -- C:\Program Files\lg_fwupdate\fwupdate.exe
PRC - [2012/03/07 15:40:34 | 000,913,144 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
PRC - [2012/03/07 15:40:28 | 003,117,344 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
PRC - [2011/05/09 14:07:38 | 000,512,000 | ---- | M] () -- C:\Program Files\Smartfren Connex AC682 UI\bin\MonServiceUDisk.exe
PRC - [2009/02/23 19:43:12 | 000,576,000 | ---- | M] (MagicISO, Inc.) -- C:\Program Files\MagicDisc\MagicDisc.exe
PRC - [2008/12/10 01:10:14 | 000,024,636 | ---- | M] (Apache Software Foundation) -- C:\wamp\bin\apache\Apache2.2.11\bin\httpd.exe
PRC - [2008/12/10 01:10:14 | 000,024,636 | ---- | M] (Apache Software Foundation) -- c:\wamp\bin\apache\Apache2.2.11\bin\httpd.exe
PRC - [2008/11/10 03:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/04/14 12:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/02/07 09:54:00 | 000,045,056 | ---- | M] () -- C:\Program Files\RDX\Service\RDXmon.exe
PRC - [2007/04/13 23:20:22 | 000,097,432 | ---- | M] () -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe
========== Modules (No Company Name) ==========
MOD - [2012/10/27 20:11:04 | 072,668,672 | ---- | M] () -- C:\Program Files\Secunia\PSI\SUA\ab135562cebb5f78ce8ea5ec8bd5d2fde6d6a194\ab135562cebb5f78ce8ea5ec8bd5d2fde6d6a194.exe
MOD - [2012/10/27 20:08:23 | 001,238,016 | ---- | M] () -- C:\Program Files\Secunia\PSI\psires.dll
MOD - [2012/10/27 19:55:40 | 014,919,168 | ---- | M] () -- C:\Program Files\Secunia\PSI\SUA\a85cd460c341ad61be403a895d4d4b07c00ee57d\JavaJRE_6u37_32-bit_SPS.exe
MOD - [2012/10/27 19:51:33 | 018,417,152 | ---- | M] () -- C:\Program Files\Secunia\PSI\SUA\b0c42552db57cf38c536877b1a9794905d184dd8\Firefox_16.0.1_en-US_SPS.exe
MOD - [2012/10/27 19:48:16 | 039,612,928 | ---- | M] () -- C:\Program Files\Secunia\PSI\SUA\f2231c88705aaaf267443a8e6ac62ca5b6806acc\QuickTime_7.7.2_SPS.exe
MOD - [2012/10/27 19:41:37 | 003,267,584 | ---- | M] () -- C:\Program Files\Secunia\PSI\SUA\0a2bb793b17eb17cb6f38b9316bb53504cb86de2\AdobeFlashPlayer_10.3.183.29_ax_SPS.exe
MOD - [2012/10/10 17:06:15 | 000,460,312 | ---- | M] () -- C:\Documents and Settings\Faith Morante\Local Settings\Application Data\Google\Chrome\Application\22.0.1229.94\ppgooglenaclpluginchrome.dll
MOD - [2012/10/10 17:06:13 | 012,435,992 | ---- | M] () -- C:\Documents and Settings\Faith Morante\Local Settings\Application Data\Google\Chrome\Application\22.0.1229.94\PepperFlash\pepflashplayer.dll
MOD - [2012/10/10 17:06:12 | 004,005,912 | ---- | M] () -- C:\Documents and Settings\Faith Morante\Local Settings\Application Data\Google\Chrome\Application\22.0.1229.94\pdf.dll
MOD - [2012/10/10 17:04:44 | 000,156,712 | ---- | M] () -- C:\Documents and Settings\Faith Morante\Local Settings\Application Data\Google\Chrome\Application\22.0.1229.94\avutil-51.dll
MOD - [2012/10/10 17:04:43 | 000,275,496 | ---- | M] () -- C:\Documents and Settings\Faith Morante\Local Settings\Application Data\Google\Chrome\Application\22.0.1229.94\avformat-54.dll
MOD - [2012/10/10 17:04:42 | 002,168,360 | ---- | M] () -- C:\Documents and Settings\Faith Morante\Local Settings\Application Data\Google\Chrome\Application\22.0.1229.94\avcodec-54.dll
MOD - [2011/11/03 22:28:36 | 001,292,288 | ---- | M] () -- C:\WINDOWS\system32\quartz.dll
MOD - [2011/05/09 14:07:38 | 000,512,000 | ---- | M] () -- C:\Program Files\Smartfren Connex AC682 UI\bin\MonServiceUDisk.exe
MOD - [2011/03/17 00:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2010/08/12 15:00:00 | 003,843,584 | ---- | M] () -- C:\Program Files\K-Lite Codec Pack\ffdshow\ffdshow.ax
MOD - [2010/01/21 01:34:10 | 008,793,952 | ---- | M] () -- C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
MOD - [2008/04/14 12:42:04 | 000,562,176 | ---- | M] () -- C:\WINDOWS\system32\qedit.dll
MOD - [2008/04/14 12:42:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2008/04/14 12:41:52 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
MOD - [2008/02/07 09:54:00 | 000,045,056 | ---- | M] () -- C:\Program Files\RDX\Service\RDXmon.exe
MOD - [2007/04/13 23:20:22 | 000,097,432 | ---- | M] () -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe
========== Services (SafeList) ==========
SRV - File not found [Auto | Stopped] -- -- (ABP_InstallCheckerService)
SRV - [2012/10/27 19:38:42 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/10/11 08:05:59 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/10/02 12:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012/09/29 19:54:26 | 000,676,936 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/09/24 19:46:16 | 001,328,736 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files\Secunia\PSI\psia.exe -- (Secunia PSI Agent)
SRV - [2012/09/24 19:46:16 | 000,656,480 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files\Secunia\PSI\sua.exe -- (Secunia Update Agent)
SRV - [2012/07/03 13:19:28 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/03/07 15:40:34 | 000,913,144 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn)
SRV - [2011/05/09 14:07:38 | 000,512,000 | ---- | M] () [Auto | Running] -- C:\Program Files\Smartfren Connex AC682 UI\bin\MonServiceUDisk.exe -- (UDisk Monitor)
SRV - [2010/10/22 05:03:00 | 004,533,336 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\WINDOWS\system32\GameMon.des -- (npggsvc)
SRV - [2010/05/03 21:44:22 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2010/01/21 17:51:12 | 030,963,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2009/06/17 11:18:42 | 006,582,912 | ---- | M] () [On_Demand | Stopped] -- c:\wamp\bin\mysql\mysql5.1.36\bin\mysqld.exe -- (wampmysqld)
SRV - [2008/12/10 01:10:14 | 000,024,636 | ---- | M] (Apache Software Foundation) [Auto | Running] -- c:\wamp\bin\apache\Apache2.2.11\bin\httpd.exe -- (wampapache)
SRV - [2008/11/10 03:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/02/07 09:54:00 | 000,045,056 | ---- | M] () [Auto | Running] -- C:\Program Files\RDX\Service\RDXmon.exe -- (RDXmon)
SRV - [2007/04/13 23:20:22 | 000,097,432 | ---- | M] () [Auto | Running] -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\FAITHM~1\LOCALS~1\Temp\DinF8.tmp -- (XDva392)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\XDva361.sys -- (XDva361)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\XDva349.sys -- (XDva349)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\XDva347.sys -- (XDva347)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\usbaapl.sys -- (USBAAPL)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ewusbfake.sys -- (hwusbfake)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ewusbmdm.sys -- (hwdatacard)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Garena\safedrv.sys -- (GGSAFERDriver)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\EagleNT.sys -- (EagleNT)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\FAITHM~1\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pjoqln.sys -- (asc3360pr)
DRV - [2012/09/29 19:54:26 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2012/03/14 08:40:04 | 000,104,160 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\epfwtdir.sys -- (epfwtdir)
DRV - [2012/03/14 08:40:02 | 000,160,816 | ---- | M] (ESET) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\eamon.sys -- (eamon)
DRV - [2012/03/14 08:40:02 | 000,120,152 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2011/12/16 21:19:54 | 000,015,544 | ---- | M] (Secunia) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\psi_mf.sys -- (PSI)
DRV - [2011/04/05 00:47:40 | 000,021,504 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\USB_MODEM_T.sys -- (UsbModemDriver)
DRV - [2011/01/03 21:15:09 | 000,109,440 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\KbdCap.sys -- (kbdcap)
DRV - [2010/07/29 00:25:42 | 000,025,112 | ---- | M] (Initio Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ivusb.sys -- (ivusb)
DRV - [2010/05/11 01:41:30 | 000,067,656 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010/02/18 01:25:48 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2009/12/18 10:58:52 | 000,011,336 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\SystemRequirementsLab\cpudrv.sys -- (cpudrv)
DRV - [2009/11/05 11:50:50 | 000,038,400 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\USB_BusEnum_T.sys -- (USB_BusEnum_T)
DRV - [2009/10/27 08:45:06 | 000,030,080 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\USB_WinMux_T.sys -- (USB_WinMux_T)
DRV - [2009/09/30 22:00:00 | 000,138,112 | ---- | M] (Roland Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Rdwm1104.sys -- (RDID1104)
DRV - [2009/02/24 18:42:14 | 000,116,736 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mcdbus.sys -- (mcdbus)
DRV - [2008/09/24 10:40:22 | 004,122,368 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM)
DRV - [2008/05/29 07:02:08 | 000,016,128 | ---- | M] (Via Telecom, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\USB_ETS_T.sys -- (USB_ETS_T)
DRV - [2008/04/14 05:05:40 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139)
DRV - [2007/11/21 17:37:06 | 000,181,888 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\cam1690.sys -- (CAM1690)
DRV - [2007/08/07 07:15:07 | 000,033,052 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2002/09/16 17:14:32 | 000,004,228 | ---- | M] (PowerQuest Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\PQNTDRV.sys -- (PQNTDrv)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.condui...&ctid=CT3220468
IE - HKCU\..\URLSearchHook: {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files\uTorrentControl_v2\prxtbuTor.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.)
IE - HKCU\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
IE - HKCU\..\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}: "URL" = http://search.yahoo....q={searchTerms}
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.condui...&ctid=CT3220468
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = socks=
========== FireFox ==========
FF - prefs.js..CT3220468.browser.search.defaultthis.engineName: true
FF - prefs.js..browser.search.selectedEngine: "uTorrentControl_v2 Customized Web Search"
FF - prefs.js..browser.startup.homepage: "http://search.condui...earchSource=13"
FF - prefs.js..extensions.enabledAddons: [email protected]:1.0.28
FF - prefs.js..extensions.enabledAddons: {7473b6bd-4691-4744-a82b-7854eb3d70b6}:10.10.27.6
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.1.20091029021655
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.13
FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.1.94
FF - prefs.js..extensions.enabledItems: {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.1.94
FF - prefs.js..extensions.enabledItems: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:5.5.0.8013
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - prefs.js..keyword.URL: "http://search.condui...rchSource=2&q="
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_37: C:\WINDOWS\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.450: C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0: C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF - HKLM\Software\MozillaPlugins\@soe.sony.com/installer,version=1.0.3: C:\Program Files\Sony Online Entertainment\npsoe.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@eximion.com/KalydoPlayer3.09.00: C:\Documents and Settings\Faith Morante\Application Data\Kalydo\KalydoPlayer\npkalydo.dll (Eximion B.V.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Documents and Settings\Faith Morante\Local Settings\Application Data\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Documents and Settings\Faith Morante\Application Data\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Documents and Settings\Faith Morante\Application Data\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Faith Morante\Local Settings\Application Data\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Faith Morante\Local Settings\Application Data\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Documents and Settings\Faith Morante\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\@yahoo.com/BrowserPlus,version=2.9.8: C:\Documents and Settings\Faith Morante\Local Settings\Application Data\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll (Yahoo! Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video [2011/05/19 22:04:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa [2011/05/19 22:04:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/10/27 19:55:02 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/10/27 19:52:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2012/10/19 23:24:40 | 000,000,000 | ---D | M]
[2010/05/16 23:06:57 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Faith Morante\Application Data\Mozilla\Extensions
[2012/10/15 16:46:01 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Faith Morante\Application Data\Mozilla\Firefox\Profiles\jtwrayev.default\extensions
[2010/10/04 14:00:30 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Faith Morante\Application Data\Mozilla\Firefox\Profiles\jtwrayev.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012/10/15 16:46:01 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\Faith Morante\Application Data\Mozilla\Firefox\Profiles\jtwrayev.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2012/09/03 18:26:41 | 000,000,000 | ---D | M] (uTorrentControl_v2) -- C:\Documents and Settings\Faith Morante\Application Data\Mozilla\Firefox\Profiles\jtwrayev.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}
[2011/05/05 18:25:24 | 000,000,000 | ---D | M] (cacaoweb) -- C:\Documents and Settings\Faith Morante\Application Data\Mozilla\Firefox\Profiles\jtwrayev.default\extensions\[email protected]
[2012/08/13 19:41:06 | 000,741,958 | ---- | M] () (No name found) -- C:\Documents and Settings\Faith Morante\Application Data\Mozilla\Firefox\Profiles\jtwrayev.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2012/09/04 16:52:44 | 000,000,929 | ---- | M] () -- C:\Documents and Settings\Faith Morante\Application Data\Mozilla\Firefox\Profiles\jtwrayev.default\searchplugins\conduit.xml
[2012/10/27 20:01:31 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/10/27 19:26:45 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012/10/27 20:01:31 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
[2012/10/11 08:06:18 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012/10/11 08:05:38 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011/04/09 15:07:45 | 000,001,088 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\search.xml
[2012/10/11 08:05:38 | 000,002,058 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml
========== Chrome ==========
CHR - homepage: http://www.google.co.id/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: http://www.google.co.id/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\Faith Morante\Local Settings\Application Data\Google\Chrome\Application\22.0.1229.94\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Faith Morante\Local Settings\Application Data\Google\Chrome\Application\22.0.1229.94\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Faith Morante\Local Settings\Application Data\Google\Chrome\Application\22.0.1229.94\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Documents and Settings\Faith Morante\Local Settings\Application Data\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Google Talk Plugin (Enabled) = C:\Documents and Settings\Faith Morante\Application Data\Mozilla\plugins\npgoogletalk.dll
CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Documents and Settings\Faith Morante\Application Data\Mozilla\plugins\npgtpo3dautoplugin.dll
CHR - plugin: ActiveTouch General Plugin Container (Enabled) = C:\Documents and Settings\Faith Morante\Local Settings\Application Data\Google\Chrome\Application\plugins\npatgpc.dll
CHR - plugin: RealPlayer G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Documents and Settings\Faith Morante\Local Settings\Application Data\Google\Chrome\Application\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Documents and Settings\Faith Morante\Local Settings\Application Data\Google\Chrome\Application\plugins\nprpjplug.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java Platform SE 6 U29 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Kalydo Player Plugin for Mozilla (Enabled) = C:\Documents and Settings\Faith Morante\Application Data\Kalydo\KalydoPlayer\npkalydo.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\Faith Morante\Local Settings\Application Data\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Unity Player (Enabled) = C:\Documents and Settings\Faith Morante\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: BrowserPlus (from Yahoo!) v2.9.8 (Enabled) = C:\Documents and Settings\Faith Morante\Local Settings\Application Data\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Web Player (Enabled) = C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files\Google\Picasa3\npPicasa3.dll
CHR - plugin: SOE Web Installer (Enabled) = C:\Program Files\Sony Online Entertainment\npsoe.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: Entanglement = C:\Documents and Settings\Faith Morante\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd\2.7.9_0\
CHR - Extension: BeFunky Photo Editor = C:\Documents and Settings\Faith Morante\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apfkepiiddolifkgjmfdgpnipgnfejab\1.1_0\
CHR - Extension: Hotot = C:\Documents and Settings\Faith Morante\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\cnfkkfleeiooolklkgkmigodkmcopnji\0.9.8.8_0\
CHR - Extension: Pixlr-o-matic = C:\Documents and Settings\Faith Morante\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ehcibdjmpjlekgjhepbfmenfppliikcj\1.2_0\
CHR - Extension: uTorrentControl_v2 = C:\Documents and Settings\Faith Morante\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda\2.3.15.10_0\
CHR - Extension: DivX HiQ = C:\Documents and Settings\Faith Morante\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fnjbmmemklcjgepojigaapkoodmkgbae\2.1.1.94_0\
CHR - Extension: Totoro Rainy Day = C:\Documents and Settings\Faith Morante\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lmiagjknjjfockcklibjlfdojojaffff\1.15_0\
CHR - Extension: Poppit = C:\Documents and Settings\Faith Morante\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi\2.2_0\
CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Documents and Settings\Faith Morante\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.1.94_0\
O1 HOSTS File: ([2010/09/25 09:14:15 | 000,418,706 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 14474 more lines...
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (uTorrentControl_v2 Toolbar) - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files\uTorrentControl_v2\prxtbuTor.dll (Conduit Ltd.)
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (uTorrentControl_v2 Toolbar) - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files\uTorrentControl_v2\prxtbuTor.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\WebBrowser: (uTorrentControl_v2 Toolbar) - {7473B6BD-4691-4744-A82B-7854EB3D70B6} - C:\Program Files\uTorrentControl_v2\prxtbuTor.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [BlackBerryAutoUpdate] C:\Program Files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe (Research In Motion Limited)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4 - HKLM..\Run: [LanguageShortcut] C:\Program Files\CyberLink\PowerDVD\Language\Language.exe ()
O4 - HKLM..\Run: [LGODDFU] C:\Program Files\lg_fwupdate\lgfw.exe (Bitleader)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe ()
O4 - HKLM..\Run: [OpwareSE4] C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE (PowerISO Computing, Inc.)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [UpdatePDRShortCut] C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePSTShortCut] C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKCU..\Run: [Facebook Update] C:\Documents and Settings\Faith Morante\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKCU..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O4 - HKCU..\Run: [XPRepairPro2007] C:\Program Files\XP Repair Pro 2007\XPRepairPro.exe (ddxSoftware Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Secunia PSI Tray.lnk = C:\Program Files\Secunia\PSI\psi_tray.exe (Secunia)
O4 - Startup: C:\Documents and Settings\Faith Morante\Start Menu\Programs\Startup\MagicDisc.lnk = C:\Program Files\MagicDisc\MagicDisc.exe (MagicISO, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 1
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Append to Existing PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft....k/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.mi...b?1351340620312 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_37)
O16 - DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_37)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_37)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{83C7520B-8193-4D80-993D-12C2633CF8EF}: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\livecall - No CLSID value found
O18 - Protocol\Handler\msnim - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (logonui.exe) - File not found
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - File not found
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\crypt32chain: DllName - (crypt32.dll) - File not found
O20 - Winlogon\Notify\cryptnet: DllName - (cryptnet.dll) - File not found
O20 - Winlogon\Notify\cscdll: DllName - (cscdll.dll) - File not found
O20 - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - File not found
O20 - Winlogon\Notify\ScCertProp: DllName - (wlnotify.dll) - File not found
O20 - Winlogon\Notify\Schedule: DllName - (wlnotify.dll) - File not found
O20 - Winlogon\Notify\sclgntfy: DllName - (sclgntfy.dll) - File not found
O20 - Winlogon\Notify\SensLogn: DllName - (WlNotify.dll) - File not found
O20 - Winlogon\Notify\termsrv: DllName - (wlnotify.dll) - File not found
O20 - Winlogon\Notify\WgaLogon: DllName - (WgaLogon.dll) - File not found
O20 - Winlogon\Notify\wlballoon: DllName - (wlnotify.dll) - File not found
O24 - Desktop WallPaper: C:\Documents and Settings\Faith Morante\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Faith Morante\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll File not found
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msapsspc.dll) - File not found
O29 - HKLM SecurityProviders - (schannel.dll) - File not found
O29 - HKLM SecurityProviders - (digest.dll) - File not found
O29 - HKLM SecurityProviders - (msnsspc.dll) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/05/03 14:39:49 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{701db2fc-b4cc-11e0-806d-00e04c191ab1}\Shell - "" = AutoRun
O33 - MountPoints2\{701db2fc-b4cc-11e0-806d-00e04c191ab1}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{701db2fc-b4cc-11e0-806d-00e04c191ab1}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{701db300-b4cc-11e0-806d-00e04c191ab1}\Shell - "" = AutoRun
O33 - MountPoints2\{701db300-b4cc-11e0-806d-00e04c191ab1}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{701db300-b4cc-11e0-806d-00e04c191ab1}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{9fa7c052-bcd5-11df-8188-00e04c191ab1}\Shell\open\Command - "" = metdgv.bat
O33 - MountPoints2\{9fa7c053-bcd5-11df-8188-00e04c191ab1}\Shell\open\Command - "" = metdgv.bat
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2012/10/27 19:55:04 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2012/10/27 19:55:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Mozilla
[2012/10/27 19:51:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\QuickTime
[2012/10/27 19:41:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Google
[2012/10/27 19:20:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Faith Morante\Local Settings\Application Data\Secunia PSI
[2012/10/27 19:19:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2012/10/27 19:19:12 | 000,000,000 | ---D | C] -- C:\Program Files\Secunia
[2012/10/20 07:00:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Faith Morante\Desktop\Shortcuts
[2012/10/20 05:22:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Faith Morante\Application Data\com.adobe.DC3Module.AdobeADC
[2012/10/20 04:59:52 | 000,000,000 | ---D | C] -- C:\Program Files\IrfanView
[2012/10/19 23:24:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\ESET
[2012/10/19 23:01:33 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Faith Morante\Recent
[2012/10/19 21:30:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Faith Morante\Desktop\50
[2012/10/06 13:52:54 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2011/04/26 18:44:29 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\Faith Morante\Application Data\pcouffin.sys
[2010/09/30 06:17:03 | 000,129,024 | ---- | C] (Fp6t7DQi84YsPx2m1S0) -- C:\Program Files\Common Files\Uninstall.exe
[2008/07/25 11:17:10 | 001,172,472 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Faith Morante\Application Data\hey.exe
[1 C:\Documents and Settings\Faith Morante\Desktop\*.tmp files -> C:\Documents and Settings\Faith Morante\Desktop\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012/10/27 20:36:01 | 000,001,010 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1844237615-1085031214-682003330-1003UA.job
[2012/10/27 20:05:18 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012/10/27 19:55:06 | 000,000,742 | ---- | M] () -- C:\Documents and Settings\Faith Morante\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2012/10/27 19:55:06 | 000,000,724 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2012/10/27 19:37:09 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/10/27 19:19:18 | 000,000,753 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
[2012/10/27 18:49:22 | 000,001,734 | ---- | M] () -- C:\Documents and Settings\Faith Morante\Desktop\HijackThis.lnk
[2012/10/27 18:44:09 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/10/21 20:46:00 | 000,001,030 | ---- | M] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-1844237615-1085031214-682003330-1003UA.job
[2012/10/21 20:37:39 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2012/10/21 15:12:26 | 000,025,088 | ---- | M] () -- C:\Documents and Settings\Faith Morante\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/10/21 14:38:07 | 000,256,517 | ---- | M] () -- C:\Documents and Settings\Faith Morante\Desktop\yeahh me.jpg
[2012/10/21 00:20:01 | 000,000,958 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1844237615-1085031214-682003330-1003Core.job
[2012/10/20 08:02:53 | 000,000,168 | ---- | M] () -- C:\Documents and Settings\Faith Morante\Application Data\log
[2012/10/20 05:33:48 | 000,001,456 | ---- | M] () -- C:\Documents and Settings\Faith Morante\Local Settings\Application Data\Adobe Save for Web 12.0 Prefs
[2012/10/19 23:13:27 | 000,040,776 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2012/10/19 23:11:42 | 000,079,930 | ---- | M] () -- C:\Documents and Settings\Faith Morante\My Documents\backup oct19.reg
[2012/10/13 08:46:00 | 000,001,008 | ---- | M] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-1844237615-1085031214-682003330-1003Core.job
[2012/10/11 18:28:30 | 000,002,322 | ---- | M] () -- C:\Documents and Settings\Faith Morante\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/10/10 21:00:37 | 000,033,716 | ---- | M] () -- C:\WINDOWS\System32\MRT.INI
[2012/10/09 20:45:24 | 000,123,081 | ---- | M] () -- C:\Documents and Settings\Faith Morante\My Documents\Faith Morante CV.pdf
[2012/10/01 16:59:29 | 000,558,133 | ---- | M] () -- C:\WINDOWS\System32\sqlite3.dll
[2012/09/29 19:54:26 | 000,022,856 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[1 C:\Documents and Settings\Faith Morante\Desktop\*.tmp files -> C:\Documents and Settings\Faith Morante\Desktop\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012/10/27 19:55:06 | 000,000,724 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2012/10/27 19:38:45 | 000,000,830 | ---- | C] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012/10/27 19:19:18 | 000,000,753 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
[2012/10/27 19:19:18 | 000,000,716 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Secunia PSI.lnk
[2012/10/27 18:49:22 | 000,001,734 | ---- | C] () -- C:\Documents and Settings\Faith Morante\Desktop\HijackThis.lnk
[2012/10/21 14:38:06 | 000,256,517 | ---- | C] () -- C:\Documents and Settings\Faith Morante\Desktop\yeahh me.jpg
[2012/10/20 08:00:23 | 000,000,168 | ---- | C] () -- C:\Documents and Settings\Faith Morante\Application Data\log
[2012/10/19 23:11:39 | 000,079,930 | ---- | C] () -- C:\Documents and Settings\Faith Morante\My Documents\backup oct19.reg
[2012/10/09 20:45:24 | 000,123,081 | ---- | C] () -- C:\Documents and Settings\Faith Morante\My Documents\Faith Morante CV.pdf
[2012/10/01 16:59:40 | 000,558,133 | ---- | C] () -- C:\WINDOWS\System32\sqlite3.dll
[2012/05/19 12:53:33 | 000,000,256 | ---- | C] () -- C:\WINDOWS\System32\pool.bin
[2012/02/02 11:14:17 | 000,000,440 | RHS- | C] () -- C:\Documents and Settings\Faith Morante\ntuser.pol
[2012/01/13 19:03:42 | 000,000,204 | ---- | C] () -- C:\WINDOWS\System32\secustat.dat
[2012/01/13 13:11:30 | 000,000,025 | ---- | C] () -- C:\WINDOWS\libem.INI
[2012/01/11 18:46:12 | 000,033,716 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2012/01/02 15:40:52 | 000,000,069 | ---- | C] () -- C:\Documents and Settings\Faith Morante\jagex_cl_runescape_LIVE.dat
[2012/01/02 15:40:52 | 000,000,024 | ---- | C] () -- C:\Documents and Settings\Faith Morante\random.dat
[2011/10/28 09:18:05 | 000,000,094 | ---- | C] () -- C:\WINDOWS\ka.ini
[2011/08/20 14:57:31 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Secrets.INI
[2011/07/04 12:48:39 | 000,038,400 | ---- | C] () -- C:\WINDOWS\System32\drivers\USB_BusEnum_T.sys
[2011/07/04 12:48:39 | 000,030,080 | ---- | C] () -- C:\WINDOWS\System32\drivers\USB_WinMux_T.sys
[2011/07/04 12:48:39 | 000,021,504 | ---- | C] () -- C:\WINDOWS\System32\drivers\USB_MODEM_T.sys
[2011/05/17 12:38:51 | 000,000,000 | ---- | C] () -- C:\WINDOWS\CastleMalloy.INI
[2011/05/16 23:53:40 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Shadow.INI
[2011/04/30 12:18:29 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PhotoNow.INI
[2011/04/26 18:45:17 | 000,000,671 | ---- | C] () -- C:\Documents and Settings\Faith Morante\Application Data\vso_ts_preview.xml
[2011/04/26 18:44:29 | 000,087,608 | ---- | C] () -- C:\Documents and Settings\Faith Morante\Application Data\inst.exe
[2011/04/26 18:44:29 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\Faith Morante\Application Data\pcouffin.cat
[2011/04/26 18:44:29 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\Faith Morante\Application Data\pcouffin.inf
[2011/04/21 07:36:39 | 000,046,706 | ---- | C] () -- C:\Documents and Settings\Faith Morante\Application Data\room.dat
[2011/04/12 22:02:49 | 000,086,528 | ---- | C] () -- C:\WINDOWS\bnetunin.exe
[2011/04/01 05:15:25 | 000,040,411 | ---- | C] () -- C:\Documents and Settings\Faith Morante\Application Data\fb.exe
[2011/03/17 21:18:44 | 000,000,132 | ---- | C] () -- C:\Documents and Settings\Faith Morante\Application Data\Adobe GIF Format CS5 Prefs
[2011/03/07 21:24:45 | 000,001,456 | ---- | C] () -- C:\Documents and Settings\Faith Morante\Local Settings\Application Data\Adobe Save for Web 12.0 Prefs
[2011/02/15 18:18:13 | 000,000,132 | ---- | C] () -- C:\Documents and Settings\Faith Morante\Application Data\Adobe PNG Format CS5 Prefs
[2011/01/03 21:15:09 | 000,109,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\KbdCap.sys
[2010/09/19 21:27:28 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Faith Morante\.javafx_eula_accepted
[2010/05/04 09:02:28 | 000,025,088 | ---- | C] () -- C:\Documents and Settings\Faith Morante\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/05/04 06:55:38 | 000,000,257 | ---- | C] () -- C:\Documents and Settings\Faith Morante\Application Data\dth.dwq
[2010/05/04 06:38:19 | 000,000,257 | ---- | C] () -- C:\Documents and Settings\Faith Morante\Application Data\njn.dwq
[2010/05/04 01:17:12 | 000,000,257 | ---- | C] () -- C:\Documents and Settings\Faith Morante\Application Data\fyy.dwq
[2010/05/04 00:59:46 | 000,000,257 | ---- | C] () -- C:\Documents and Settings\Faith Morante\Application Data\fao.dwq
[2010/05/04 00:48:51 | 000,000,257 | ---- | C] () -- C:\Documents and Settings\Faith Morante\Application Data\abj.dwq
[2010/05/04 00:36:49 | 000,000,257 | ---- | C] () -- C:\Documents and Settings\Faith Morante\Application Data\qvc.dwq
[2010/05/03 23:53:53 | 000,000,257 | ---- | C] () -- C:\Documents and Settings\Faith Morante\Application Data\ara.dwq
[2010/05/03 23:30:08 | 000,000,257 | ---- | C] () -- C:\Documents and Settings\Faith Morante\Application Data\rbd.dwq
[2010/05/03 22:09:38 | 000,000,257 | ---- | C] () -- C:\Documents and Settings\Faith Morante\Application Data\fin.dwq
[2006/05/06 15:28:09 | 000,000,015 | -H-- | C] () -- C:\Documents and Settings\Faith Morante\Application Data\Faith Morantelog.dat
========== ZeroAccess Check ==========
[2010/05/19 13:04:34 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2012/08/31 03:29:36 | 001,510,400 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 19:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/14 12:42:10 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2011/03/31 17:36:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AdventureChronicles1
[2010/07/28 17:49:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Cakewalk
[2010/05/11 19:28:47 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
[2012/02/02 07:01:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJPLM
[2011/12/08 11:48:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Electronic Arts
[2012/02/02 11:46:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ESET
[2011/03/31 18:28:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Floodlight Games
[2011/01/28 23:06:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Growl
[2011/05/13 23:06:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Legacy Interactive
[2012/01/13 19:01:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound
[2011/12/13 17:28:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Origin
[2011/05/12 21:29:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PlayFirst
[2011/04/08 19:14:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PoBros
[2011/02/04 14:59:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\regid.1986-12.com.adobe
[2012/05/23 21:17:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Research In Motion
[2011/06/03 21:55:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sandlot Games
[2010/05/11 19:31:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ScanSoft
[2011/04/30 11:41:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SmartSound Software Inc
[2011/04/26 17:57:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Temp
[2011/06/02 08:33:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TuneUp Software
[2011/04/26 19:50:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\vsosdk
[2010/05/03 15:27:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZip
[2011/05/12 21:39:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Zylom
[2011/06/02 08:30:58 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
[2011/01/18 13:26:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2011/04/01 05:19:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Faith Morante\Application Data\Artogon
[2011/04/02 18:00:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Faith Morante\Application Data\Awem
[2012/01/13 20:35:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Faith Morante\Application Data\BITS
[2012/10/19 22:21:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Faith Morante\Application Data\cacaoweb
[2010/08/24 10:52:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Faith Morante\Application Data\CAD-KAS
[2010/07/28 17:57:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Faith Morante\Application Data\Cakewalk
[2011/05/17 18:18:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Faith Morante\Application Data\cald3
[2010/05/25 09:06:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Faith Morante\Application Data\Canon
[2011/02/04 16:52:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Faith Morante\Application Data\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2012/10/20 05:22:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Faith Morante\Application Data\com.adobe.DC3Module.AdobeADC
[2011/09/23 12:04:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Faith Morante\Application Data\com.ClarityEnglish.ClarityRecorder
[2011/05/20 10:33:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Faith Morante\Application Data\DDMSettings
[2010/09/20 17:39:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Faith Morante\Application Data\DesktopReminder
[2011/02/09 05:41:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Faith Morante\Application Data\Dropbox
[2011/04/08 20:09:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Faith Morante\Application Data\Enki Games
[2012/01/13 13:08:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Faith Morante\Application Data\FlashGet
[2012/01/13 13:08:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Faith Morante\Application Data\FlashGetBHO
[2011/03/31 18:28:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Faith Morante\Application Data\Floodlight Games
[2011/04/02 20:48:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Faith Morante\Application Data\Friday's games
[2010/10/24 20:19:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Faith Morante\Application Data\FVZilla
[2010/10/04 21:27:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Faith Morante\Application Data\gtk-2.0
[2010/10/15 14:37:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Faith Morante\Application Data\Hide IP NG
[2010/09/20 17:53:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Faith Morante\Application Data\hott notes 4
[2011/05/12 17:20:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Faith Morante\Application Data\iWin
[2011/03/09 20:42:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Faith Morante\Application Data\Kalydo
[2011/04/09 15:13:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Faith Morante\Application Data\MP3Rocket
[2010/05/17 22:30:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Faith Morante\Application Data\Notepad++
[2011/08/01 07:08:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Faith Morante\Application Data\Pamela
[2011/05/12 21:29:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Faith Morante\Application Data\PlayFirst
[2011/04/08 19:14:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Faith Morante\Application Data\PoBros
[2012/05/19 12:53:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Faith Morante\Application Data\Research In Motion
[2011/03/31 17:20:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Faith Morante\Application Data\Robin Crusoe
[2010/05/11 19:31:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Faith Morante\Application Data\ScanSoft
[2011/04/07 22:27:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Faith Morante\Application Data\Silverback Productions
[2010/10/22 18:49:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Faith Morante\Application Data\Sony Online Entertainment
[2011/02/04 15:15:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Faith Morante\Application Data\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2011/05/09 17:08:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Faith Morante\Application Data\SystemRequirementsLab
[2010/10/04 21:14:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Faith Morante\Application Data\Thinstall
[2011/06/02 08:31:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Faith Morante\Application Data\TuneUp Software
[2012/10/27 20:42:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Faith Morante\Application Data\uTorrent
[2012/10/19 23:01:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Faith Morante\Application Data\Vso
[2010/12/01 20:01:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Faith Morante\Application Data\webex
[2012/10/21 06:44:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Faith Morante\Application Data\WinFF
[2011/02/04 16:40:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Faith Morante\Application Data\YouSendIt
[2010/12/06 20:01:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Faith Morante\Application Data\Youtube Downloader HD
[2011/07/04 12:41:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Faith Morante\Application Data\ZTEEVDO
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 95 bytes -> C:\Documents and Settings\All Users\Application Data\Temp:5C321E34
@Alternate Data Stream - 134 bytes -> C:\Documents and Settings\All Users\Application Data\Temp:689AB7E9
@Alternate Data Stream - 133 bytes -> C:\Documents and Settings\All Users\Application Data\Temp:2AF322BF
< End of report >