Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Google.htm file tries to get me to save it every page I open

Started by writertiff , Dec 14 2010 07:10 PM

  • Please log in to reply

#1
writertiff
Posted 14 December 2010 - 07:10 PM

writertiff

    Member

  • Member
  • PipPipPip
  • 129 posts
I'm attaching an image of a thing that pops up EVERY time I open a new FireFox tab or even if I click from one page of a site to another. I have always clicked cancel or exited out - not sure what this thing is since it's never happened on my computers before. I don't want to accidentally download something bad.

Is this something I need to download and do something with? Orhow can I get it to quit popping up each time I go to a new page?

Here's my OTL:

OTL logfile created on: 12/14/2010 6:45:29 PM - Run 2
OTL by OldTimer - Version 3.2.9.0 Folder = C:\Documents and Settings\HP_Administrator.TIFFANY\Desktop
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1,022.00 Mb Total Physical Memory | 290.00 Mb Available Physical Memory | 28.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 74.00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 224.22 Gb Total Space | 161.92 Gb Free Space | 72.21% Space Free | Partition Type: NTFS
Drive D: | 8.64 Gb Total Space | 0.42 Gb Free Space | 4.90% Space Free | Partition Type: FAT32
Drive E: | 7.21 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: TIFFANY
Current User Name: HP_Administrator
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010/12/10 20:44:10 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe
PRC - [2010/12/10 20:44:07 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010/11/04 17:58:10 | 000,622,504 | ---- | M] () -- C:\Program Files\OnlyWire\OnlyWireWindows.exe
PRC - [2010/10/16 10:13:20 | 000,134,808 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\1.2.183.39\GoogleCrashHandler.exe
PRC - [2010/09/17 20:14:22 | 000,460,144 | ---- | M] () -- C:\Program Files\Flip Video\FlipShare\FlipShareService.exe
PRC - [2010/07/15 11:34:30 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\HP_Administrator.TIFFANY\Desktop\OTL.exe
PRC - [2010/05/29 14:24:51 | 000,039,408 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2010/03/29 23:46:14 | 000,303,952 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2010/03/29 23:46:12 | 000,437,584 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2009/09/24 21:57:59 | 000,117,640 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton 360\Engine\3.8.0.41\ccSvcHst.exe
PRC - [2009/04/30 15:01:10 | 000,154,136 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
PRC - [2009/03/09 04:19:13 | 000,144,792 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\javaw.exe
PRC - [2009/03/09 04:19:11 | 000,144,792 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\system32\java.exe
PRC - [2008/04/13 18:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/04/13 18:12:14 | 000,389,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cmd.exe
PRC - [2007/08/31 13:13:41 | 000,988,584 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft IntelliType Pro\itype.exe
PRC - [2007/08/31 12:58:50 | 000,357,800 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe
PRC - [2006/06/01 18:25:00 | 000,180,224 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\IntelDH\Intel® Quick Resume Technology Drivers\ELService.exe
PRC - [2006/02/21 10:58:34 | 000,081,920 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe


========== Modules (SafeList) ==========

MOD - [2010/08/23 10:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2010/07/15 11:34:30 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\HP_Administrator.TIFFANY\Desktop\OTL.exe
MOD - [2009/09/24 21:57:46 | 000,419,696 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton 360\Engine\3.8.0.41\asOEHook.dll
MOD - [2008/04/13 18:10:20 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx


========== Win32 Services (SafeList) ==========

SRV - [2010/09/17 20:14:22 | 000,460,144 | ---- | M] () [Auto | Running] -- C:\Program Files\Flip Video\FlipShare\FlipShareService.exe -- (FlipShare Service)
SRV - [2010/03/29 23:46:14 | 000,303,952 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2009/09/24 21:57:59 | 000,117,640 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton 360\Engine\3.8.0.41\ccSvcHst.exe -- (N360)
SRV - [2009/04/30 15:01:10 | 000,154,136 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2008/01/29 15:09:02 | 000,394,704 | ---- | M] (Symantec, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\Support Controls\ssrc.exe -- (Symantec RemoteAssist)
SRV - [2007/10/25 14:27:54 | 000,266,240 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Live\installer\WLSetupSvc.exe -- (WLSetupSvc)
SRV - [2006/06/01 18:25:00 | 000,180,224 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\IntelDH\Intel® Quick Resume Technology Drivers\ELService.exe -- (ELService) Intel®
SRV - [2006/02/21 10:58:34 | 000,081,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel®


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | Boot | Stopped] -- C:\WINDOWS\System32\DRIVERS\ftsata2.sys -- (ftsata2)
DRV - [2010/12/08 03:00:00 | 001,360,248 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20101214.001\NAVEX15.SYS -- (NAVEX15)
DRV - [2010/12/08 03:00:00 | 000,086,136 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20101214.001\NAVENG.SYS -- (NAVENG)
DRV - [2010/11/08 18:50:31 | 000,341,944 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20101213.001\IDSXpx86.sys -- (IDSxpx86)
DRV - [2010/05/26 02:00:00 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2010/05/26 02:00:00 | 000,102,448 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2010/03/29 23:45:52 | 000,020,824 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2009/09/24 21:58:08 | 000,124,976 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2009/09/24 21:58:02 | 000,310,320 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\N360\0308000.029\SYMEFA.SYS -- (SymEFA)
DRV - [2009/09/24 21:58:02 | 000,308,272 | ---- | M] (Symantec Corporation) [File_System | System | Running] -- C:\WINDOWS\System32\Drivers\N360\0308000.029\SRTSP.SYS -- (SRTSP)
DRV - [2009/09/24 21:58:02 | 000,217,136 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\N360\0308000.029\SYMTDI.SYS -- (SYMTDI)
DRV - [2009/09/24 21:58:02 | 000,089,904 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\Drivers\N360\0308000.029\SYMFW.SYS -- (SYMFW)
DRV - [2009/09/24 21:58:02 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\N360\0308000.029\SRTSPX.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV - [2009/09/24 21:58:02 | 000,036,400 | R--- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SymIM.sys -- (SymIMMP)
DRV - [2009/09/24 21:58:02 | 000,036,400 | R--- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SymIM.sys -- (SymIM)
DRV - [2009/09/24 21:58:02 | 000,036,400 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\Drivers\N360\0308000.029\SYMNDIS.SYS -- (SYMNDIS)
DRV - [2009/09/24 21:58:02 | 000,033,072 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\Drivers\N360\0308000.029\SYMIDS.SYS -- (SYMIDS)
DRV - [2009/09/24 21:58:01 | 000,482,432 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\N360\0308000.029\ccHPx86.sys -- (ccHP)
DRV - [2009/09/24 21:58:01 | 000,259,632 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\N360\0308000.029\BHDrvx86.sys -- (BHDrvx86)
DRV - [2009/09/13 11:18:36 | 000,008,552 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\asctrm.sys -- (ASCTRM)
DRV - [2009/05/09 00:14:20 | 000,014,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nuidfltr.sys -- (NuidFltr)
DRV - [2009/04/30 17:03:28 | 000,023,832 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvuvcflt.sys -- (FilterService)
DRV - [2009/04/30 17:03:06 | 006,754,712 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lvuvc.sys -- (LVUVC) Logitech QuickCam S5500(UVC)
DRV - [2009/04/30 17:01:34 | 000,265,496 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lvrs.sys -- (LVRS)
DRV - [2009/04/30 15:00:12 | 000,025,624 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2008/12/17 00:01:20 | 000,041,752 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2008/04/13 12:53:09 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm)
DRV - [2008/04/13 11:45:12 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2008/04/13 10:36:05 | 000,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2007/01/20 21:56:59 | 000,008,413 | ---- | M] (RealNetworks, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\mcstrm.sys -- (MCSTRM)
DRV - [2006/09/18 14:24:59 | 003,958,496 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2006/07/24 16:15:04 | 004,353,024 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2006/05/09 17:36:44 | 000,009,728 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ELacpi.sys -- (ELacpi)
DRV - [2006/05/09 17:36:42 | 000,007,040 | ---- | M] (Intel Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\Elmon.sys -- (ELmon)
DRV - [2006/05/09 17:36:22 | 000,006,912 | ---- | M] (Intel Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\Elkbd.sys -- (ELkbd)
DRV - [2006/05/09 17:36:20 | 000,006,400 | ---- | M] (Intel Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\Elmou.sys -- (ELmou)
DRV - [2006/05/09 17:36:18 | 000,010,112 | ---- | M] (Intel Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\Elhid.sys -- (ELhid)
DRV - [2006/02/21 10:44:30 | 000,250,368 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\iastor.sys -- (iaStor)
DRV - [2005/12/12 11:27:00 | 000,019,072 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PS2.sys -- (Ps2)
DRV - [2005/12/06 05:20:50 | 000,241,664 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSXHWBS2.sys -- (HSXHWBS2)
DRV - [2005/12/06 05:20:42 | 000,670,208 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSX_CNXT.sys -- (winachsx)
DRV - [2005/12/06 05:20:40 | 000,936,448 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSX_DP.sys -- (HSX_DP)
DRV - [2005/11/25 16:43:48 | 000,031,896 | ---- | M] (DemoForge, LLC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\dfmirage.sys -- (dfmirage)
DRV - [2005/06/24 19:36:16 | 000,039,036 | R--- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbmodem.sys -- (USBModem)
DRV - [2005/05/26 12:01:36 | 000,038,144 | R--- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbdiag.sys -- (UsbDiag)
DRV - [2005/05/26 12:01:18 | 000,021,344 | R--- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbbus.sys -- (usbbus)
DRV - [2004/08/03 08:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2003/01/10 15:13:04 | 000,033,588 | R--- | M] (America Online, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wanatw4.sys -- (wanatw) WAN Miniport (ATW)
DRV - [2001/08/17 13:05:16 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\OVCD.sys -- (QCDonner)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://securityrespo...r/fix_homepage/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.co...ie=utf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.ask.com?g...C&o=13162&l=dis
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:5555

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.order.1: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "file:///C:/Documents%20and%20Settings/HP_Administrator.TIFFANY/My%20Documents/Start-Page.htm"
FF - prefs.js..extensions.enabledItems: [email protected]:1.10.01
FF - prefs.js..extensions.enabledItems: {5d67eb1e-2b10-4538-8321-74a5ec8ccf96}:2.1
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {000a9d1c-beef-4f90-9363-039d445309b8}:0.5.36.0
FF - prefs.js..extensions.enabledItems: [email protected]:7
FF - prefs.js..extensions.enabledItems: {7CEA821D-3DAB-4238-B424-BF7324531750}:0.4.95
FF - prefs.js..keyword.URL: "http://www.google.co...-8&oe=utf-8&q="

FF - HKLM\software\mozilla\Firefox\extensions\\{7BA52691-1876-45ce-9EE6-54BCB3B04BBC}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn\ [2010/04/16 07:14:38 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\{000a9d1c-beef-4f90-9363-039d445309b8}: C:\Program Files\Google\Google Gears\Firefox\ [2010/03/06 16:58:31 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/12/10 20:44:21 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/12/10 20:44:21 | 000,000,000 | ---D | M]

[2008/12/04 18:19:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP_Administrator.TIFFANY\Application Data\Mozilla\Extensions
[2010/12/14 06:32:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP_Administrator.TIFFANY\Application Data\Mozilla\Firefox\Profiles\o2rbua71.default\extensions
[2008/09/10 13:22:09 | 000,000,000 | ---D | M] (Warrior Forum Formatter) -- C:\Documents and Settings\HP_Administrator.TIFFANY\Application Data\Mozilla\Firefox\Profiles\o2rbua71.default\extensions\{1BC1FC5B-E43B-4367-AA99-1748C38BA3C8}
[2009/09/06 08:30:02 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\HP_Administrator.TIFFANY\Application Data\Mozilla\Firefox\Profiles\o2rbua71.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/03/29 15:18:12 | 000,000,000 | ---D | M] (Squidoo) -- C:\Documents and Settings\HP_Administrator.TIFFANY\Application Data\Mozilla\Firefox\Profiles\o2rbua71.default\extensions\{5d67eb1e-2b10-4538-8321-74a5ec8ccf96}
[2009/06/06 16:57:35 | 000,000,000 | ---D | M] (IE Tab) -- C:\Documents and Settings\HP_Administrator.TIFFANY\Application Data\Mozilla\Firefox\Profiles\o2rbua71.default\extensions\{77b819fa-95ad-4f2c-ac7c-486b356188a9}
[2010/09/18 09:16:53 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\HP_Administrator.TIFFANY\Application Data\Mozilla\Firefox\Profiles\o2rbua71.default\extensions\{7CEA821D-3DAB-4238-B424-BF7324531750}
[2008/09/20 14:22:50 | 000,000,000 | ---D | M] (MyStickies) -- C:\Documents and Settings\HP_Administrator.TIFFANY\Application Data\Mozilla\Firefox\Profiles\o2rbua71.default\extensions\{bbc21d30-1cff-11da-8cd6-0800200c9a66}
[2009/10/15 18:28:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP_Administrator.TIFFANY\Application Data\Mozilla\Firefox\Profiles\o2rbua71.default\extensions\[email protected]
[2009/04/02 20:00:34 | 000,000,681 | ---- | M] () -- C:\Documents and Settings\HP_Administrator.TIFFANY\Application Data\Mozilla\Firefox\Profiles\o2rbua71.default\searchplugins\ask.xml
[2010/12/14 06:32:59 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009/10/15 18:28:57 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\[email protected]
[2009/06/27 15:19:17 | 000,072,960 | ---- | M] (Foxit Software Company) -- C:\Program Files\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll

O1 HOSTS File: ([2009/04/30 01:03:47 | 000,305,826 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 10530 more lines...
O2 - BHO: (SnagIt Toolbar Loader) - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\Snagit 9\SnagitBHO.dll (TechSmith Corporation)
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\3.8.0.41\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\3.8.0.41\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll (Google Inc.)
O2 - BHO: (Google Gears Helper) - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.)
O2 - BHO: (Yontoo Layers) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo Layers Client\YontooIEClient.dll (Yontoo Technology, Inc.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\3.8.0.41\CoIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Snagit) - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\Snagit 9\SnagitIEAddin.dll (TechSmith Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\3.8.0.41\CoIEPlg.dll (Symantec Corporation)
O4 - HKLM..\Run: [ftutil2] C:\WINDOWS\System32\ftutil2.dll (Promise Technology, Inc.)
O4 - HKLM..\Run: [itype] C:\Program Files\Microsoft IntelliType Pro\itype.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [Recguard] C:\WINDOWS\SMINST\Recguard.exe ()
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\AutorunsDisabled [2009/06/27 15:14:58 | 000,000,000 | -H-D | M]
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\OnlyWire.LNK = C:\Program Files\OnlyWire\OnlyWireWindows.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableStatusMessages = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFind = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisallowRun = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogoff = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetFolders = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewContextMenu = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideClock = 0
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll (Google Inc.)
O9 - Extra 'Tools' menuitem : &Gears Settings - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.)
O9 - Extra Button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKLM\..Trusted Domains: trymedia.com ([]http in Trusted sites)
O15 - HKLM\..Trusted Domains: trymedia.com ([]https in Trusted sites)
O15 - HKCU\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O15 - HKCU\..Trusted Domains: stumbleupon.com ([]* in Trusted sites)
O16 - DPF: {0B79F48A-E8D6-11DB-9283-E25056D89593} http://support.f-sec...m/ols/fscax.cab (F-Secure Online Scanner 3.1)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\yinsthelper.dll (YInstStarter Class)
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} https://webdl.symant...ex/symdlmgr.cab (Symantec Download Manager)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.mi...b?1196378701750 (MUWebControl Class)
O16 - DPF: {6F750202-1362-4815-A476-88533DE61D0C} http://www.kodakgall..._2/axofupld.cab (Kodak Gallery Easy Upload Manager Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...t/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.94.156.1 151.164.8.201
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\symres {AA1061FE-6C41-421f-9344-69640C9732AB} - C:\Program Files\Norton 360\Engine\3.8.0.41\CoIEPlg.dll (Symantec Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\HP_Administrator.TIFFANY\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\HP_Administrator.TIFFANY\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/07/29 16:22:32 | 000,000,150 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2001/07/27 08:07:38 | 000,000,000 | -HS- | M] () - D:\AUTOEXEC.BAT -- [ FAT32 ]
O33 - MountPoints2\{4e44e90c-5c17-11dd-b055-00038a000015}\Shell\AutoRun\command - "" = F:\Setup_FlipShare.exe -- File not found
O33 - MountPoints2\{4e44e90c-5c17-11dd-b055-00038a000015}\Shell\Setup FlipShare\command - "" = F:\Setup_FlipShare.exe -- File not found
O33 - MountPoints2\{8e556282-0bb5-11dc-afc7-00038a000015}\Shell\AutoRun\command - "" = F:\PortableVault.exe -- File not found
O33 - MountPoints2\{ef40415a-f56e-11dd-8e3c-806d6172696f}\Shell - "" = Autorun
O33 - MountPoints2\{ef40415a-f56e-11dd-8e3c-806d6172696f}\Shell\AutoRun - "" = Auto&Play
O34 - HKLM BootExecute: ('autocheck autochk *') - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 90 Days ==========

[2010/12/14 12:39:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator.TIFFANY\Desktop\tatearticlereview
[2010/12/13 09:14:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator.TIFFANY\Desktop\Christmas Lists
[2010/12/10 17:40:33 | 000,000,000 | ---D | C] -- C:\Program Files\Market Samurai
[2010/11/28 15:32:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator.TIFFANY\My Documents\GuruOverwhelm
[2010/11/27 22:02:09 | 000,000,000 | ---D | C] -- C:\Program Files\OnlyWire
[2010/11/24 13:03:40 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2010/11/14 12:56:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator.TIFFANY\My Documents\LizTomey
[2010/11/12 17:03:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator.TIFFANY\My Documents\babyelephant
[2010/10/23 15:30:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator.TIFFANY\My Documents\V1VREDV11
[2010/10/12 09:46:04 | 000,000,000 | ---D | C] -- C:\Program Files\Flip Video
[2010/10/04 17:40:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator.TIFFANY\Desktop\keyword packs
[2010/09/27 06:12:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator.TIFFANY\Desktop\GhostwritingCash
[2010/09/24 18:08:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator.TIFFANY\My Documents\TIFFANYinterview
[2010/09/19 20:03:05 | 000,000,000 | ---D | C] -- C:\ADOBEAPP
[8 C:\Documents and Settings\HP_Administrator.TIFFANY\Desktop\*.tmp files -> C:\Documents and Settings\HP_Administrator.TIFFANY\Desktop\*.tmp -> ]
[38 C:\Documents and Settings\HP_Administrator.TIFFANY\My Documents\*.tmp files -> C:\Documents and Settings\HP_Administrator.TIFFANY\My Documents\*.tmp -> ]

========== Files - Modified Within 90 Days ==========

[2010/12/14 18:44:12 | 000,020,335 | ---- | M] () -- C:\Documents and Settings\HP_Administrator.TIFFANY\Desktop\googleopen.JPG
[2010/12/14 18:33:03 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010/12/14 18:32:38 | 000,000,902 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/12/14 18:32:33 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/12/14 18:32:16 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/12/14 18:32:07 | 000,229,592 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/12/14 18:32:06 | 1072,123,904 | -HS- | M] () -- C:\hiberfil.sys
[2010/12/14 18:31:56 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\lvuvc.hs
[2010/12/14 18:31:53 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\logiflt.iad
[2010/12/14 18:30:11 | 018,087,936 | ---- | M] () -- C:\Documents and Settings\HP_Administrator.TIFFANY\NTUSER.DAT
[2010/12/14 18:30:11 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\HP_Administrator.TIFFANY\ntuser.ini
[2010/12/14 18:25:08 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/12/14 18:19:11 | 000,000,906 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/12/14 12:39:08 | 000,186,368 | ---- | M] () -- C:\Documents and Settings\HP_Administrator.TIFFANY\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/12/14 12:16:30 | 000,002,491 | ---- | M] () -- C:\Documents and Settings\HP_Administrator.TIFFANY\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Word.lnk
[2010/12/14 11:51:08 | 000,020,480 | ---- | M] () -- C:\Documents and Settings\HP_Administrator.TIFFANY\Desktop\Awesome JV Tool.doc
[2010/12/14 06:57:26 | 000,031,490 | ---- | M] () -- C:\Documents and Settings\HP_Administrator.TIFFANY\Desktop\The HCG Dietebook.docx
[2010/12/13 19:23:31 | 000,019,456 | ---- | M] () -- C:\Documents and Settings\HP_Administrator.TIFFANY\My Documents\janetzoom.doc
[2010/12/13 19:03:48 | 000,002,265 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2010/12/13 13:55:16 | 000,020,706 | ---- | M] () -- C:\Documents and Settings\HP_Administrator.TIFFANY\Desktop\tatearticlereview.zip
[2010/12/13 12:20:13 | 000,000,847 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/12/13 09:26:22 | 000,268,800 | ---- | M] () -- C:\Documents and Settings\HP_Administrator.TIFFANY\Desktop\tiffany.xls
[2010/12/12 21:41:44 | 000,026,112 | ---- | M] () -- C:\Documents and Settings\HP_Administrator.TIFFANY\My Documents\sharingonsundaysquestions.doc
[2010/12/11 15:57:16 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/12/11 14:20:08 | 000,001,304 | ---- | M] () -- C:\Documents and Settings\HP_Administrator.TIFFANY\Desktop\freelance writing analysis.csv
[2010/12/11 13:41:42 | 000,002,467 | ---- | M] () -- C:\Documents and Settings\HP_Administrator.TIFFANY\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft FrontPage.lnk
[2010/12/10 17:58:24 | 000,146,432 | ---- | M] () -- C:\Documents and Settings\HP_Administrator.TIFFANY\My Documents\freelance writing.msam
[2010/12/10 17:40:44 | 000,000,733 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Market Samurai.lnk
[2010/12/09 21:48:06 | 000,025,088 | ---- | M] () -- C:\Documents and Settings\HP_Administrator.TIFFANY\Desktop\hcgplr.doc
[2010/12/09 18:46:42 | 000,023,040 | ---- | M] () -- C:\Documents and Settings\HP_Administrator.TIFFANY\My Documents\plratmlesson.doc
[2010/12/09 17:37:30 | 000,050,176 | ---- | M] () -- C:\Documents and Settings\HP_Administrator.TIFFANY\My Documents\TASKS.xls
[2010/12/09 06:21:57 | 000,072,509 | ---- | M] () -- C:\Documents and Settings\HP_Administrator.TIFFANY\My Documents\guruprice.JPG
[2010/12/08 22:44:03 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/12/08 20:16:48 | 000,032,256 | ---- | M] () -- C:\Documents and Settings\HP_Administrator.TIFFANY\My Documents\emails.doc
[2010/12/08 16:22:26 | 000,141,199 | ---- | M] () -- C:\Documents and Settings\HP_Administrator.TIFFANY\My Documents\tristanwso.JPG
[2010/12/07 20:29:16 | 000,042,496 | ---- | M] () -- C:\Documents and Settings\HP_Administrator.TIFFANY\Desktop\Outsourcers.xls
[2010/12/07 10:37:04 | 000,021,504 | ---- | M] () -- C:\Documents and Settings\HP_Administrator.TIFFANY\My Documents\Mom Money Owed.doc
[2010/12/06 17:28:57 | 000,011,749 | ---- | M] () -- C:\Documents and Settings\HP_Administrator.TIFFANY\Desktop\honeyxmas.JPG
[2010/12/06 12:40:12 | 000,002,489 | ---- | M] () -- C:\Documents and Settings\HP_Administrator.TIFFANY\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Excel.lnk
[2010/12/05 12:52:06 | 000,025,510 | ---- | M] () -- C:\Documents and Settings\HP_Administrator.TIFFANY\Desktop\Four Articles.docx
[2010/12/05 11:52:54 | 000,020,480 | ---- | M] () -- C:\Documents and Settings\HP_Administrator.TIFFANY\My Documents\Dylan.doc
[2010/11/29 10:55:43 | 000,034,304 | ---- | M] () -- C:\Documents and Settings\HP_Administrator.TIFFANY\Desktop\Tiff HCG.doc
[2010/11/28 20:21:58 | 000,032,256 | ---- | M] () -- C:\Documents and Settings\HP_Administrator.TIFFANY\Desktop\guruoverwhelm.doc
[2010/11/28 01:28:09 | 000,147,456 | ---- | M] () -- C:\Documents and Settings\HP_Administrator.TIFFANY\My Documents\hcg diet.msam
[2010/11/27 22:02:14 | 000,001,433 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\OnlyWire.LNK
[2010/11/27 17:13:07 | 000,002,471 | ---- | M] () -- C:\Documents and Settings\HP_Administrator.TIFFANY\Desktop\Microsoft Excel.lnk
[2010/11/26 17:59:02 | 000,041,984 | ---- | M] () -- C:\Documents and Settings\HP_Administrator.TIFFANY\Desktop\Shawn Christmas list 2010.doc
[2010/11/26 17:15:21 | 000,017,408 | ---- | M] () -- C:\Documents and Settings\HP_Administrator.TIFFANY\My Documents\DebtandBills.xls
[2010/11/24 18:44:53 | 000,002,137 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2010/11/23 22:14:40 | 000,013,872 | ---- | M] () -- C:\Documents and Settings\HP_Administrator.TIFFANY\Desktop\re2unpaidarticles.zip
[2010/11/18 18:07:01 | 000,011,050 | ---- | M] () -- C:\Documents and Settings\HP_Administrator.TIFFANY\My Documents\Start-Page.htm
[2010/11/18 11:01:05 | 000,023,552 | ---- | M] () -- C:\Documents and Settings\HP_Administrator.TIFFANY\Desktop\93c7107c8a22.doc
[2010/11/13 09:42:51 | 018,087,936 | -H-- | M] () -- C:\Documents and Settings\HP_Administrator.TIFFANY\NTUSER.bak
[2010/11/11 21:44:24 | 000,023,040 | ---- | M] () -- C:\Documents and Settings\HP_Administrator.TIFFANY\Desktop\golflogix review590.doc
[2010/11/11 19:48:14 | 000,029,696 | ---- | M] () -- C:\Documents and Settings\HP_Administrator.TIFFANY\My Documents\mlm Network Marketing Mega.doc
[2010/11/11 18:52:20 | 000,524,888 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/11/11 18:52:20 | 000,443,232 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/11/11 18:52:20 | 000,072,372 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/11/10 17:58:11 | 000,256,000 | ---- | M] () -- C:\Documents and Settings\HP_Administrator.TIFFANY\My Documents\article marketing.msam
[2010/11/09 18:47:00 | 000,045,056 | ---- | M] () -- C:\Documents and Settings\HP_Administrator.TIFFANY\My Documents\outsourcing.doc
[2010/11/07 21:03:10 | 000,019,456 | ---- | M] () -- C:\Documents and Settings\HP_Administrator.TIFFANY\My Documents\Unicorn toy.doc
[2010/11/07 14:20:06 | 000,023,552 | ---- | M] () -- C:\Documents and Settings\HP_Administrator.TIFFANY\My Documents\blood pressure.doc
[2010/11/07 12:31:04 | 000,019,456 | ---- | M] () -- C:\Documents and Settings\HP_Administrator.TIFFANY\Desktop\DailyToDo.doc
[2010/11/07 10:23:25 | 000,019,456 | ---- | M] () -- C:\Documents and Settings\HP_Administrator.TIFFANY\Desktop\dsareview.doc
[2010/11/06 15:30:10 | 000,276,480 | ---- | M] () -- C:\Documents and Settings\HP_Administrator.TIFFANY\My Documents\yeast infection.msam
[2010/11/04 11:10:38 | 000,032,256 | ---- | M] () -- C:\Documents and Settings\HP_Administrator.TIFFANY\My Documents\deadbeatsuper.doc
[2010/11/04 10:44:29 | 000,166,912 | ---- | M] () -- C:\Documents and Settings\HP_Administrator.TIFFANY\My Documents\golflogix gps.msam
[2010/11/02 10:07:57 | 000,041,984 | ---- | M] () -- C:\Documents and Settings\HP_Administrator.TIFFANY\Desktop\christmasdish.doc
[2010/10/29 09:44:31 | 000,135,663 | ---- | M] () -- C:\Documents and Settings\HP_Administrator.TIFFANY\Desktop\WPR2838.zip
[2010/10/28 10:22:46 | 000,165,888 | ---- | M] () -- C:\Documents and Settings\HP_Administrator.TIFFANY\My Documents\netbook.msam
[2010/10/28 10:22:37 | 000,000,786 | ---- | M] () -- C:\Documents and Settings\HP_Administrator.TIFFANY\My Documents\netbook analysis.csv
[2010/10/24 08:21:49 | 000,037,888 | ---- | M] () -- C:\Documents and Settings\HP_Administrator.TIFFANY\Desktop\Domains.xls
[2010/10/17 11:14:35 | 000,088,576 | ---- | M] () -- C:\Documents and Settings\HP_Administrator.TIFFANY\My Documents\Graphs.doc
[2010/10/12 09:46:14 | 000,000,862 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\FlipShare.lnk
[2010/10/04 17:36:57 | 000,079,934 | ---- | M] () -- C:\Documents and Settings\HP_Administrator.TIFFANY\Desktop\keywordresearchfromwarriornicolalane.zip
[2010/09/28 10:06:43 | 000,019,968 | ---- | M] () -- C:\Documents and Settings\HP_Administrator.TIFFANY\My Documents\VinceDowd.doc
[2010/09/25 13:18:25 | 000,059,381 | ---- | M] () -- C:\Documents and Settings\HP_Administrator.TIFFANY\My Documents\dylanseniorcrosscountry.JPG
[2010/09/25 10:05:00 | 000,019,456 | ---- | M] () -- C:\Documents and Settings\HP_Administrator.TIFFANY\Desktop\Launch Drama Mama.doc
[2010/09/24 16:03:52 | 000,025,600 | ---- | M] () -- C:\Documents and Settings\HP_Administrator.TIFFANY\My Documents\linkstoallplratm.doc
[2010/09/19 08:14:47 | 000,058,101 | ---- | M] () -- C:\Documents and Settings\HP_Administrator.TIFFANY\My Documents\tiff.jpg
[2010/09/18 12:04:48 | 000,025,088 | ---- | M] () -- C:\Documents and Settings\HP_Administrator.TIFFANY\My Documents\New Affiliate Tools and New PLR.doc
[2010/09/18 07:45:05 | 000,028,672 | ---- | M] () -- C:\Documents and Settings\HP_Administrator.TIFFANY\My Documents\GhostwritingTuition.xls
[8 C:\Documents and Settings\HP_Administrator.TIFFANY\Desktop\*.tmp files -> C:\Documents and Settings\HP_Administrator.TIFFANY\Desktop\*.tmp -> ]
[38 C:\Documents and Settings\HP_Administrator.TIFFANY\My Documents\*.tmp files -> C:\Documents and Settings\HP_Administrator.TIFFANY\My Documents\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/12/14 18:44:12 | 000,020,335 | ---- | C] () -- C:\Documents and Settings\HP_Administrator.TIFFANY\Desktop\googleopen.JPG
[2010/12/14 11:51:08 | 000,020,480 | ---- | C] () -- C:\Documents and Settings\HP_Administrator.TIFFANY\Desktop\Awesome JV Tool.doc
[2010/12/14 06:57:26 | 000,031,490 | ---- | C] () -- C:\Documents and Settings\HP_Administrator.TIFFANY\Desktop\The HCG Dietebook.docx
[2010/12/13 19:23:31 | 000,019,456 | ---- | C] () -- C:\Documents and Settings\HP_Administrator.TIFFANY\My Documents\janetzoom.doc
[2010/12/13 13:55:16 | 000,020,706 | ---- | C] () -- C:\Documents and Settings\HP_Administrator.TIFFANY\Desktop\tatearticlereview.zip
[2010/12/12 18:22:49 | 000,026,112 | ---- | C] () -- C:\Documents and Settings\HP_Administrator.TIFFANY\My Documents\sharingonsundaysquestions.doc
[2010/12/10 17:58:09 | 000,001,304 | ---- | C] () -- C:\Documents and Settings\HP_Administrator.TIFFANY\Desktop\freelance writing analysis.csv
[2010/12/10 17:42:05 | 000,146,432 | ---- | C] () -- C:\Documents and Settings\HP_Administrator.TIFFANY\My Documents\freelance writing.msam
[2010/12/10 17:40:44 | 000,000,733 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Market Samurai.lnk
[2010/12/09 17:43:58 | 000,023,040 | ---- | C] () -- C:\Documents and Settings\HP_Administrator.TIFFANY\My Documents\plratmlesson.doc
[2010/12/09 06:21:57 | 000,072,509 | ---- | C] () -- C:\Documents and Settings\HP_Administrator.TIFFANY\My Documents\guruprice.JPG
[2010/12/08 18:41:10 | 000,032,256 | ---- | C] () -- C:\Documents and Settings\HP_Administrator.TIFFANY\My Documents\emails.doc
[2010/12/08 16:22:26 | 000,141,199 | ---- | C] () -- C:\Documents and Settings\HP_Administrator.TIFFANY\My Documents\tristanwso.JPG
[2010/12/06 17:28:57 | 000,011,749 | ---- | C] () -- C:\Documents and Settings\HP_Administrator.TIFFANY\Desktop\honeyxmas.JPG
[2010/12/05 12:52:06 | 000,025,510 | ---- | C] () -- C:\Documents and Settings\HP_Administrator.TIFFANY\Desktop\Four Articles.docx
[2010/11/29 12:56:07 | 000,268,800 | ---- | C] () -- C:\Documents and Settings\HP_Administrator.TIFFANY\Desktop\tiffany.xls
[2010/11/29 10:55:42 | 000,034,304 | ---- | C] () -- C:\Documents and Settings\HP_Administrator.TIFFANY\Desktop\Tiff HCG.doc
[2010/11/28 01:17:26 | 000,147,456 | ---- | C] () -- C:\Documents and Settings\HP_Administrator.TIFFANY\My Documents\hcg diet.msam
[2010/11/27 22:02:14 | 000,001,433 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\OnlyWire.LNK
[2010/11/26 18:29:44 | 000,025,088 | ---- | C] () -- C:\Documents and Settings\HP_Administrator.TIFFANY\Desktop\hcgplr.doc
[2010/11/26 17:59:01 | 000,041,984 | ---- | C] () -- C:\Documents and Settings\HP_Administrator.TIFFANY\Desktop\Shawn Christmas list 2010.doc
[2010/11/23 22:14:39 | 000,013,872 | ---- | C] () -- C:\Documents and Settings\HP_Administrator.TIFFANY\Desktop\re2unpaidarticles.zip
[2010/11/17 17:57:02 | 000,032,256 | ---- | C] () -- C:\Documents and Settings\HP_Administrator.TIFFANY\Desktop\guruoverwhelm.doc
[2010/11/17 12:59:44 | 000,023,552 | ---- | C] () -- C:\Documents and Settings\HP_Administrator.TIFFANY\Desktop\93c7107c8a22.doc
[2010/11/13 09:42:24 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\HP_Administrator.TIFFANY\NTUSER.tmp.LOG
[2010/11/10 17:44:19 | 000,256,000 | ---- | C] () -- C:\Documents and Settings\HP_Administrator.TIFFANY\My Documents\article marketing.msam
[2010/11/09 17:53:47 | 000,045,056 | ---- | C] () -- C:\Documents and Settings\HP_Administrator.TIFFANY\My Documents\outsourcing.doc
[2010/11/08 20:17:26 | 000,023,040 | ---- | C] () -- C:\Documents and Settings\HP_Administrator.TIFFANY\Desktop\golflogix review590.doc
[2010/11/07 21:03:09 | 000,019,456 | ---- | C] () -- C:\Documents and Settings\HP_Administrator.TIFFANY\My Documents\Unicorn toy.doc
[2010/11/07 10:23:25 | 000,019,456 | ---- | C] () -- C:\Documents and Settings\HP_Administrator.TIFFANY\Desktop\dsareview.doc
[2010/11/06 16:28:05 | 000,023,552 | ---- | C] () -- C:\Documents and Settings\HP_Administrator.TIFFANY\My Documents\blood pressure.doc
[2010/11/06 15:09:35 | 000,276,480 | ---- | C] () -- C:\Documents and Settings\HP_Administrator.TIFFANY\My Documents\yeast infection.msam
[2010/11/04 10:26:51 | 000,166,912 | ---- | C] () -- C:\Documents and Settings\HP_Administrator.TIFFANY\My Documents\golflogix gps.msam
[2010/11/04 09:05:10 | 000,032,256 | ---- | C] () -- C:\Documents and Settings\HP_Administrator.TIFFANY\My Documents\deadbeatsuper.doc
[2010/11/02 09:08:21 | 000,041,984 | ---- | C] () -- C:\Documents and Settings\HP_Administrator.TIFFANY\Desktop\christmasdish.doc
[2010/10/29 09:44:32 | 000,135,663 | ---- | C] () -- C:\Documents and Settings\HP_Administrator.TIFFANY\Desktop\WPR2838.zip
[2010/10/28 10:08:55 | 000,000,786 | ---- | C] () -- C:\Documents and Settings\HP_Administrator.TIFFANY\My Documents\netbook analysis.csv
[2010/10/28 10:04:04 | 000,165,888 | ---- | C] () -- C:\Documents and Settings\HP_Administrator.TIFFANY\My Documents\netbook.msam
[2010/10/28 09:41:40 | 000,019,456 | ---- | C] () -- C:\Documents and Settings\HP_Administrator.TIFFANY\Desktop\DailyToDo.doc
[2010/10/23 14:59:22 | 000,037,888 | ---- | C] () -- C:\Documents and Settings\HP_Administrator.TIFFANY\Desktop\Domains.xls
[2010/10/23 12:55:18 | 000,042,496 | ---- | C] () -- C:\Documents and Settings\HP_Administrator.TIFFANY\Desktop\Outsourcers.xls
[2010/10/17 11:14:34 | 000,088,576 | ---- | C] () -- C:\Documents and Settings\HP_Administrator.TIFFANY\My Documents\Graphs.doc
[2010/10/13 05:15:48 | 000,002,265 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2010/10/12 09:46:14 | 000,000,862 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\FlipShare.lnk
[2010/10/04 17:36:49 | 000,079,934 | ---- | C] () -- C:\Documents and Settings\HP_Administrator.TIFFANY\Desktop\keywordresearchfromwarriornicolalane.zip
[2010/09/28 10:06:24 | 000,019,968 | ---- | C] () -- C:\Documents and Settings\HP_Administrator.TIFFANY\My Documents\VinceDowd.doc
[2010/09/27 09:53:39 | 000,029,696 | ---- | C] () -- C:\Documents and Settings\HP_Administrator.TIFFANY\My Documents\mlm Network Marketing Mega.doc
[2010/09/25 13:18:23 | 000,059,381 | ---- | C] () -- C:\Documents and Settings\HP_Administrator.TIFFANY\My Documents\dylanseniorcrosscountry.JPG
[2010/09/25 10:04:04 | 000,019,456 | ---- | C] () -- C:\Documents and Settings\HP_Administrator.TIFFANY\Desktop\Launch Drama Mama.doc
[2010/09/23 12:24:03 | 000,025,600 | ---- | C] () -- C:\Documents and Settings\HP_Administrator.TIFFANY\My Documents\linkstoallplratm.doc
[2010/09/19 08:14:33 | 000,058,101 | ---- | C] () -- C:\Documents and Settings\HP_Administrator.TIFFANY\My Documents\tiff.jpg
[2010/09/18 08:08:36 | 000,025,088 | ---- | C] () -- C:\Documents and Settings\HP_Administrator.TIFFANY\My Documents\New Affiliate Tools and New PLR.doc
[2010/02/26 12:46:58 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2009/06/05 15:34:32 | 000,082,289 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2009/05/08 09:13:04 | 000,013,584 | ---- | C] () -- C:\WINDOWS\System32\drivers\iKeyLFT2.dll
[2009/04/30 15:00:12 | 000,025,624 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys
[2009/02/17 11:30:36 | 000,000,099 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2008/12/29 21:33:33 | 000,000,000 | ---- | C] () -- C:\WINDOWS\iPlayer.INI
[2008/12/28 14:15:42 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2008/03/08 09:59:12 | 000,000,073 | ---- | C] () -- C:\WINDOWS\EurekaLog.ini
[2008/02/19 00:33:34 | 000,446,352 | ---- | C] () -- C:\WINDOWS\System32\OpenQuicktimeLib.dll
[2007/02/23 19:18:51 | 000,210,944 | ---- | C] () -- C:\WINDOWS\System32\Msvcrt10.dll
[2007/02/23 19:18:49 | 000,016,384 | ---- | C] () -- C:\WINDOWS\System32\PdfPorts.dll
[2006/12/30 22:30:33 | 000,000,141 | ---- | C] () -- C:\WINDOWS\disney.ini
[2006/12/30 22:30:25 | 000,000,185 | ---- | C] () -- C:\WINDOWS\disneysy.ini
[2006/12/30 21:33:33 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/11/18 19:37:29 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/11/18 19:16:01 | 000,028,848 | ---- | C] () -- C:\WINDOWS\System32\drivers\USBkey.sys
[2006/11/18 19:10:31 | 000,014,318 | ---- | C] () -- C:\WINDOWS\System32\CHODDI.SYS
[2006/11/18 19:10:25 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\hpreg.dll
[2006/11/18 19:07:21 | 000,000,031 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI
[2006/11/18 18:53:59 | 000,005,249 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2006/11/18 18:53:18 | 000,000,698 | ---- | C] () -- C:\WINDOWS\NSSetDefaultBrowser.ini
[2006/11/18 18:47:17 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2006/11/18 18:43:25 | 000,000,791 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2006/11/18 18:19:59 | 000,016,896 | ---- | C] () -- C:\WINDOWS\System32\bcbmm.dll
[2006/09/18 14:25:12 | 001,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2006/09/18 14:25:12 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2006/09/18 14:25:10 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2006/09/18 14:25:08 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2006/09/18 14:25:06 | 001,470,464 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2006/09/18 14:25:06 | 000,581,632 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2006/09/18 14:24:59 | 000,196,608 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2006/06/16 05:58:18 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2005/08/05 16:01:54 | 000,235,008 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2004/09/16 14:24:26 | 003,375,104 | ---- | C] () -- C:\WINDOWS\System32\qt-mt331.dll
[2004/07/26 01:51:38 | 000,000,560 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[1999/01/22 12:46:56 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL

========== LOP Check ==========

[2007/08/06 17:11:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Broderbund Software
[2007/01/27 09:51:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Digital Interactive Systems Corporation
[2009/12/29 22:30:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Flip Video
[2007/12/23 18:14:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GlobalSCAPE
[2007/07/22 16:18:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Grisoft
[2008/07/29 16:23:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\muvee Technologies
[2008/07/25 21:47:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nuance
[2009/04/28 13:26:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PCSettings
[2009/01/21 20:29:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Pure Digital Technologies
[2007/08/06 17:32:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Riverdeep Interactive Learning Limited
[2007/11/09 10:40:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\RoboForm
[2009/10/15 18:27:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Tarma Installer
[2009/01/27 13:20:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TechSmith
[2010/03/14 18:10:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2008/09/19 05:40:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\The Journal
[2009/02/07 21:18:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2007/12/09 13:23:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WildTangent
[2008/10/06 17:10:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[2009/09/26 19:25:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/09/18 15:01:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{7B6BA59A-FB0E-4499-8536-A7420338BF3B}

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:E965A533
< End of report >


Thanks!
Tiff :D

Attached Thumbnails

  • googleopen.JPG

  • 0

Advertisements

#2
noknojon
Posted 14 December 2010 - 11:28 PM

noknojon

    Member

  • Member
  • PipPipPip
  • 533 posts
Hi Tiff -
Firstly please note your Java is well out of date -
Please go into the Control Panel, Add/Remove and for now remove ALL versions of JAVA

Then run this tool to help cleanup any left over Java
Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system.
Please download JavaRa and unzip it to your desktop.
***Please close any instances of Internet Explorer (or other web browser) before continuing!***
  • Double-click on JavaRa.exe to start the program.
  • From the drop-down menu, choose English and click on Select.
  • JavaRa will open; click on Remove Older Versions to remove the older versions of Java installed on your computer.
  • Click Yes when prompted. When JavaRa is done, a notice will appear that a logfile has been produced. Click OK.
  • A logfile will pop up. Please save it to a convenient location and post it back when you reply.

    Then look for the following Java folders and if found delete them.
  • C:\Program Files\Java
  • C:\Program Files\Common Files\Java
  • C:\Windows\Sun
  • C:\Documents and Settings\All Users\Application Data\Java
  • C:\Documents and Settings\All Users\Application Data\Sun\Java
  • C:\Documents and Settings\username\Application Data\Java
  • C:\Documents and Settings\username\Application Data\Sun\Java
EDIT- The log is not actually required at this stage , but please leave it on your desktop for later -

Thank You -
  • 0

#3
writertiff
Posted 15 December 2010 - 07:24 AM

writertiff

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 129 posts
I did this thank you!

The only two in your list that I had were:

# C:\Program Files\Java
# C:\Program Files\Common Files\Java

the others weren't found there.

I will restart now and see if it's still happening.
Tiff :D
  • 0

#4
starjax
Posted 15 December 2010 - 07:45 AM

starjax

    Global Moderator

  • Global Moderator
  • 6,678 posts
Please go to the malware forum and follow the instructions at the top....Especially the CLICK HERE.

That will give you several steps that will help you clean up 70 percent of all problems by yourself. If at the end of the process you are still having difficulty--and you may not be-- then post an OTListIt log in THAT forum.
  • 0

#5
writertiff
Posted 15 December 2010 - 09:43 AM

writertiff

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 129 posts
I did go there first. It only has the new steps - run the OTL and post a thread. I had been looking for that comprehensive self cleaning guide y'all used to have up there and couldn't find it.
  • 0

#6
SpywareDr
Posted 15 December 2010 - 10:22 AM

SpywareDr

    Member 3k

  • Member
  • PipPipPipPipPipPip
  • 3,996 posts
GeeksToGo.com > Malware and Spyware Cleaning Guide
http://www.geekstogo...cleaning-guide/

?
  • 0
Back to Windows XP, 2000, 2003, NT · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Retired Forums
  3. Windows XP, 2000, 2003, NT

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP