Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Hijacked home page on Firefox

Started by lucille123 , Oct 13 2011 05:02 PM

  • Please log in to reply

#1
lucille123
Posted 13 October 2011 - 05:02 PM

lucille123

    Member

  • Member
  • PipPipPip
  • 100 posts
Hi,

I accidentally typed www.gmaiol.com and a webpage came up with a few pop ups. I was very careful to only click the X's in the upper right hand corner, but it totally hijacked my firefox anyway :) Below is my OTL log. Thanks so much for taking out the time to look at my computer :yes:


OTL logfile created on: 10/13/2011 3:41:17 PM - Run 1
OTL by OldTimer - Version 3.2.29.1 Folder = C:\Documents and Settings\Dr Lisa Huffman\My Documents\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

501.11 Mb Total Physical Memory | 98.02 Mb Available Physical Memory | 19.56% Memory free
1.20 Gb Paging File | 0.40 Gb Available in Paging File | 33.69% Paging File free
Paging file location(s): C:\pagefile.sys 756 1512 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.45 Gb Total Space | 55.24 Gb Free Space | 74.20% Space Free | Partition Type: NTFS

Computer Name: FRONT | User Name: Dr Lisa Huffman | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/10/13 15:40:12 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Dr Lisa Huffman\My Documents\Downloads\OTL.exe
PRC - [2011/10/13 13:44:48 | 000,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe
PRC - [2011/10/13 13:44:28 | 002,048,352 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgtray.exe
PRC - [2011/09/30 08:12:41 | 001,030,200 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Dr Lisa Huffman\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
PRC - [2011/08/31 17:00:48 | 001,047,208 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
PRC - [2011/08/10 11:53:46 | 000,094,880 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
PRC - [2009/08/17 09:58:30 | 000,486,680 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgrsx.exe
PRC - [2009/05/21 10:55:32 | 000,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtcmd.exe
PRC - [2009/01/09 20:00:52 | 007,418,368 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin
PRC - [2009/01/09 19:57:32 | 007,424,000 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe
PRC - [2008/08/13 18:32:40 | 000,201,968 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe
PRC - [2008/06/16 16:43:06 | 000,272,272 | ---- | M] (GreenPrint Technologies) -- C:\Program Files\GreenPrint Technologies\GreenPrint World\GPTray.exe
PRC - [2008/06/16 16:42:44 | 000,595,872 | ---- | M] (GreenPrint Technologies) -- C:\Program Files\GreenPrint Technologies\GreenPrint World\GPPrinterNotify.exe
PRC - [2008/04/13 17:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/03/06 10:24:42 | 000,629,248 | ---- | M] (j2 Global Communications, Inc.) -- C:\Program Files\eFax Messenger 4.3\J2GTray.exe
PRC - [2007/03/06 10:21:31 | 000,116,224 | ---- | M] (j2 Global Communications, Inc.) -- C:\Program Files\eFax Messenger 4.3\J2GDllCmd.exe
PRC - [2006/10/20 16:23:38 | 000,118,784 | ---- | M] (CyberLink Corp.) -- C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
PRC - [2006/06/22 14:15:48 | 000,462,848 | ---- | M] (Southwest Airlines) -- C:\Program Files\Southwest Airlines\Ding\Ding.exe


========== Modules (No Company Name) ==========

MOD - [2011/09/30 08:12:40 | 000,412,728 | ---- | M] () -- C:\Documents and Settings\Dr Lisa Huffman\Local Settings\Application Data\Google\Chrome\Application\14.0.835.202\ppgooglenaclpluginchrome.dll
MOD - [2011/09/30 08:12:39 | 003,696,184 | ---- | M] () -- C:\Documents and Settings\Dr Lisa Huffman\Local Settings\Application Data\Google\Chrome\Application\14.0.835.202\pdf.dll
MOD - [2011/09/30 08:11:39 | 000,309,304 | ---- | M] () -- C:\Documents and Settings\Dr Lisa Huffman\Local Settings\Application Data\Google\Chrome\Application\14.0.835.202\Locales\en-US.dll
MOD - [2011/09/30 08:11:13 | 000,142,568 | ---- | M] () -- C:\Documents and Settings\Dr Lisa Huffman\Local Settings\Application Data\Google\Chrome\Application\14.0.835.202\avutil-51.dll
MOD - [2011/09/30 08:11:12 | 000,253,320 | ---- | M] () -- C:\Documents and Settings\Dr Lisa Huffman\Local Settings\Application Data\Google\Chrome\Application\14.0.835.202\avformat-53.dll
MOD - [2011/09/30 08:11:10 | 002,403,240 | ---- | M] () -- C:\Documents and Settings\Dr Lisa Huffman\Local Settings\Application Data\Google\Chrome\Application\14.0.835.202\avcodec-53.dll
MOD - [2011/09/29 13:06:57 | 008,587,936 | ---- | M] () -- C:\Documents and Settings\Dr Lisa Huffman\Local Settings\Application Data\Google\Chrome\Application\14.0.835.202\gcswf32.dll
MOD - [2011/08/11 09:11:23 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\10154dcad2d62f226af2fd4211460a4b\System.Xml.ni.dll
MOD - [2011/08/11 09:03:54 | 007,950,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\e6c79e1d71b0c9000afd7e5e439b5c54\System.ni.dll
MOD - [2011/06/30 09:00:59 | 011,490,816 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\0309936a8e1672d39b9cf14463ce69f9\mscorlib.ni.dll
MOD - [2009/02/13 12:44:56 | 000,071,696 | ---- | M] () -- c:\Program Files\McAfee\SiteAdvisor\mcfrmwk.dll
MOD - [2009/02/13 12:44:52 | 000,207,376 | ---- | M] () -- c:\Program Files\McAfee\SiteAdvisor\cntscan.dll
MOD - [2009/02/13 12:44:52 | 000,117,264 | ---- | M] () -- c:\Program Files\McAfee\SiteAdvisor\apengine.dll
MOD - [2008/07/29 13:55:14 | 000,969,728 | ---- | M] () -- C:\Program Files\OpenOffice.org 3\program\libxml2.dll
MOD - [2008/06/16 16:43:50 | 000,017,296 | ---- | M] () -- C:\WINDOWS\system32\gpmon.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2011/10/13 13:44:48 | 000,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG8\avgwdsvc.exe -- (avg8wd)
SRV - [2011/08/10 11:53:46 | 000,094,880 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\SiteAdvisor\McSACore.exe -- (McAfee SiteAdvisor Service)
SRV - [2008/08/13 18:32:40 | 000,201,968 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_dellsupportcenter) SupportSoft Sprocket Service (dellsupportcenter)
SRV - [2005/07/25 12:25:18 | 000,491,520 | ---- | M] ( ) [On_Demand | Stopped] -- C:\WINDOWS\System32\lxcfcoms.exe -- (lxcf_device)


========== Driver Services (SafeList) ==========

DRV - [2011/10/13 15:35:14 | 000,041,272 | ---- | M] (Malwarebytes Corporation) [Kernel | Disabled | Running] -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2009/08/17 09:58:29 | 000,335,240 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2009/08/17 09:58:29 | 000,027,784 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\System32\Drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2007/06/13 19:41:44 | 004,403,712 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2007/04/11 14:33:48 | 000,014,336 | R--- | M] (Hewlett Packard) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hpfxfax.sys -- (HPFXFAX)
DRV - [2007/04/11 14:33:24 | 000,011,264 | R--- | M] (Hewlett Packard) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hpfxbulk.sys -- (HPFXBULK)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.dell.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = partnerpage.google.com/smallbiz.dell.com/en_us?hl=en&client=dell-usuk&channel=us-smb&ibd=4080126
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.co...?channel=us-smb
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = partnerpage.google.com/smallbiz.dell.com/en_us?hl=en&client=dell-usuk&channel=us-smb&ibd=4080126

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = partnerpage.google.com/smallbiz.dell.com/en_us?hl=en&client=dell-usuk&channel=us-smb&ibd=4080126
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = partnerpage.google.com/smallbiz.dell.com/en_us?hl=en&client=dell-usuk&channel=us-smb&ibd=4080126
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Secure Search"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://www.msn.com/"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.9
FF - prefs.js..extensions.enabledItems: [email protected]:2.2.15
FF - prefs.js..extensions.enabledItems: {0538E3E3-7E9B-4d49-8831-A227C80A7AD3}:2.0.19
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {AE93811A-5C9A-4d34-8462-F7B864FC4696}:3.94
FF - prefs.js..extensions.enabledItems: [email protected]:4.0.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: [email protected]:3.6.7
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.3.5.20110120033202
FF - prefs.js..extensions.enabledItems: {5c8bfb7c-9a54-11dc-8314-0800200c9a66}:3.6.7
FF - prefs.js..keyword.URL: "http://search.yahoo....h?fr=mcafee&p="


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa2,version=2.0.0: C:\Program Files\Picasa2\npPicasa2.dll File not found
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Dr Lisa Huffman\Local Settings\Application Data\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Dr Lisa Huffman\Local Settings\Application Data\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG8\Firefox [2011/10/13 13:47:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files\McAfee\SiteAdvisor [2011/09/27 11:11:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.23\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/09/28 11:59:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.23\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/09/28 09:22:35 | 000,000,000 | ---D | M]

[2008/09/05 15:20:13 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Dr Lisa Huffman\Application Data\Mozilla\Extensions
[2011/10/13 11:53:41 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Dr Lisa Huffman\Application Data\Mozilla\Firefox\Profiles\typtwket.default\extensions
[2011/07/19 10:27:28 | 000,000,000 | ---D | M] (Forecastfox) -- C:\Documents and Settings\Dr Lisa Huffman\Application Data\Mozilla\Firefox\Profiles\typtwket.default\extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3}
[2011/07/06 09:02:25 | 000,000,000 | ---D | M] (Aero Fox XL) -- C:\Documents and Settings\Dr Lisa Huffman\Application Data\Mozilla\Firefox\Profiles\typtwket.default\extensions\{5c8bfb7c-9a54-11dc-8314-0800200c9a66}
[2011/08/26 09:14:22 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\Dr Lisa Huffman\Application Data\Mozilla\Firefox\Profiles\typtwket.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2011/09/01 13:49:09 | 000,000,000 | ---D | M] ("StumbleUpon") -- C:\Documents and Settings\Dr Lisa Huffman\Application Data\Mozilla\Firefox\Profiles\typtwket.default\extensions\{AE93811A-5C9A-4d34-8462-F7B864FC4696}
[2011/07/06 09:02:35 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Dr Lisa Huffman\Application Data\Mozilla\Firefox\Profiles\typtwket.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2011/07/06 09:02:31 | 000,000,000 | ---D | M] (Virtus Search Opt-in) -- C:\Documents and Settings\Dr Lisa Huffman\Application Data\Mozilla\Firefox\Profiles\typtwket.default\extensions\[email protected]
[2011/09/01 13:49:07 | 000,000,000 | ---D | M] (Feed Filter) -- C:\Documents and Settings\Dr Lisa Huffman\Application Data\Mozilla\Firefox\Profiles\typtwket.default\extensions\[email protected]
[2011/07/19 10:27:54 | 000,000,000 | ---D | M] ("Xmarks") -- C:\Documents and Settings\Dr Lisa Huffman\Application Data\Mozilla\Firefox\Profiles\typtwket.default\extensions\[email protected]
[2009/05/14 11:04:07 | 000,000,000 | ---D | M] (LogMeIn, Inc. Remote Access Plugin) -- C:\Documents and Settings\Dr Lisa Huffman\Application Data\Mozilla\Firefox\Profiles\typtwket.default\extensions\[email protected]
[2011/07/06 09:02:31 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Dr Lisa Huffman\Application Data\Mozilla\Firefox\Profiles\typtwket.default\extensions\[email protected]\chrome
[2011/07/06 09:02:25 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Dr Lisa Huffman\Application Data\Mozilla\Firefox\Profiles\typtwket.default\extensions\{5c8bfb7c-9a54-11dc-8314-0800200c9a66}\chrome\win\mozapps\extensions
[2008/04/25 16:48:03 | 000,002,386 | ---- | M] () -- C:\Documents and Settings\Dr Lisa Huffman\Application Data\Mozilla\Firefox\Profiles\typtwket.default\searchplugins\siteadvisor.xml
[2011/10/13 11:53:41 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/07/09 12:12:35 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2011/08/26 09:13:53 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2009/02/25 10:04:35 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2009/09/02 18:29:44 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
[2011/05/04 04:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2010/11/18 15:40:19 | 000,002,024 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\McSiteAdvisor.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - Extension: SiteAdvisor = C:\Documents and Settings\Dr Lisa Huffman\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.40.135.1_0\

O1 HOSTS File: ([2004/08/04 04:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll (Google Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll (Dell Inc.)
O2 - BHO: (CGreenPrintPDF Object) - {DF96BA30-57F6-4700-8065-910EC3BE9E3B} - C:\Program Files\GreenPrint Technologies\GreenPrint World\GPIEPlugin.dll (GreenPrint Technologies)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [AVG8_TRAY] C:\Program Files\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [DellSupportCenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [dscactivate] C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe ( )
O4 - HKLM..\Run: [ECenter] C:\dell\E-Center\EULALauncher.exe ( )
O4 - HKLM..\Run: [eFax 4.3] C:\Program Files\eFax Messenger 4.3\J2GDllCmd.exe (j2 Global Communications, Inc.)
O4 - HKLM..\Run: [GPPrinterNotify] C:\Program Files\GreenPrint Technologies\GreenPrint World\GPPrinterNotify.exe (GreenPrint Technologies)
O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [ToolBoxFX] C:\Program Files\HP\ToolBoxFX\bin\HPTLBXFX.exe (HP)
O4 - HKCU..\Run: [DellSupportCenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKCU..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe File not found
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKCU..\RunOnce: [avg_spchecker] C:\Program Files\AVG\AVG8\Notification\SPChecker.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\eFax 4.3.lnk = C:\Program Files\eFax Messenger 4.3\J2GTray.exe (j2 Global Communications, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\GPLog.lnk = C:\Program Files\GreenPrint Technologies\GreenPrint World\LOGWnd.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\GreenPrint Printer Notify.lnk = C:\Program Files\GreenPrint Technologies\GreenPrint World\GPPrinterNotify.exe (GreenPrint Technologies)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\GreenPrint TrayIcon.lnk = C:\Program Files\GreenPrint Technologies\GreenPrint World\GPTray.exe (GreenPrint Technologies)
O4 - Startup: C:\Documents and Settings\Dr Lisa Huffman\Start Menu\Programs\Startup\DING!.lnk = C:\Program Files\Southwest Airlines\Ding\Ding.exe (Southwest Airlines)
O4 - Startup: C:\Documents and Settings\Dr Lisa Huffman\Start Menu\Programs\Startup\OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll (Google Inc.)
O9 - Extra Button: GreenPrint - {554099FE-3856-4d93-86B5-0024AEF63BC7} - C:\Program Files\GreenPrint Technologies\GreenPrint World\GPIEPlugin.dll (GreenPrint Technologies)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.1.10.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BAF5412B-B5E0-45FE-BEC6-5819CCF3767A}: DhcpNameServer = 10.1.10.1
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\avgrsstarter: DllName - (avgrsstx.dll) - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O24 - Desktop WallPaper: C:\Documents and Settings\Dr Lisa Huffman\Application Data\Mozilla\Firefox\Desktop Background.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Dr Lisa Huffman\Application Data\Mozilla\Firefox\Desktop Background.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/10 12:04:08 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{44f0e4b4-9166-11dd-829d-001d0985d5b9}\Shell - "" = AutoRun
O33 - MountPoints2\{44f0e4b4-9166-11dd-829d-001d0985d5b9}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{44f0e4b4-9166-11dd-829d-001d0985d5b9}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/10/13 15:35:14 | 000,041,272 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/10/13 15:34:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dr Lisa Huffman\Application Data\Malwarebytes
[2011/10/13 15:34:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/10/13 15:34:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2011/10/13 15:34:05 | 000,022,216 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/10/13 15:34:05 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/10/13 13:36:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dr Lisa Huffman\Start Menu\Programs\Google Chrome
[2011/09/21 11:36:24 | 000,000,000 | ---D | C] -- C:\MDT
[2011/09/21 11:28:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dr Lisa Huffman\Application Data\CyberLink
[2011/09/21 11:28:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\CyberLink
[2008/02/05 18:49:08 | 000,018,944 | ---- | C] ( ) -- C:\WINDOWS\System32\IMPLODE.DLL
[2005/07/25 12:31:30 | 001,183,744 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcfserv.dll
[2005/07/25 12:27:22 | 000,483,328 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcflmpm.dll
[2005/07/25 12:26:58 | 000,413,696 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcfcomm.dll
[2005/07/25 12:25:40 | 000,372,736 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcfih.exe
[2005/07/25 12:25:26 | 000,114,688 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcfpplc.dll
[2005/07/25 12:25:18 | 000,491,520 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcfcoms.exe
[2005/07/25 12:24:46 | 000,704,512 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcfcomc.dll
[2005/07/25 12:24:14 | 000,155,648 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcfprox.dll
[2005/07/25 12:19:36 | 001,134,592 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcfusb1.dll
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\Documents and Settings\Dr Lisa Huffman\Desktop\*.tmp files -> C:\Documents and Settings\Dr Lisa Huffman\Desktop\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/10/13 15:46:04 | 000,000,868 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2011/10/13 15:40:20 | 000,001,018 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2083466410-2910171583-3572193697-1006UA.job
[2011/10/13 15:35:25 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/10/13 15:35:14 | 000,041,272 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/10/13 15:34:14 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/10/13 14:35:12 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/10/13 13:45:54 | 000,142,495 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\microavi.avg
[2011/10/13 13:45:53 | 084,662,489 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2011/10/13 13:42:55 | 000,002,358 | ---- | M] () -- C:\Documents and Settings\Dr Lisa Huffman\Desktop\Google Chrome.lnk
[2011/10/13 13:42:55 | 000,002,336 | ---- | M] () -- C:\Documents and Settings\Dr Lisa Huffman\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/10/13 13:40:09 | 000,000,966 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2083466410-2910171583-3572193697-1006Core.job
[2011/10/13 13:39:29 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/10/13 13:39:28 | 525,516,800 | -HS- | M] () -- C:\hiberfil.sys
[2011/10/13 13:32:22 | 000,004,660 | ---- | M] () -- C:\Documents and Settings\Dr Lisa Huffman\Application Data\EZUser.INI
[2011/10/12 11:32:42 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\null
[2011/10/04 18:45:06 | 000,000,722 | ---- | M] () -- C:\WINDOWS\tasks\Amigo.job
[2011/10/03 08:59:15 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/09/26 12:47:45 | 000,269,132 | ---- | M] () -- C:\Documents and Settings\Dr Lisa Huffman\Desktop\TEST.pdf
[2011/09/23 14:57:34 | 000,031,744 | ---- | M] () -- C:\Documents and Settings\Dr Lisa Huffman\My Documents\Rescue1.asd
[2011/09/15 18:23:23 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\Documents and Settings\Dr Lisa Huffman\Desktop\*.tmp files -> C:\Documents and Settings\Dr Lisa Huffman\Desktop\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/10/13 15:34:14 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/10/13 13:42:55 | 000,002,336 | ---- | C] () -- C:\Documents and Settings\Dr Lisa Huffman\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/10/13 13:42:54 | 000,002,358 | ---- | C] () -- C:\Documents and Settings\Dr Lisa Huffman\Desktop\Google Chrome.lnk
[2011/10/13 13:35:08 | 000,001,018 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2083466410-2910171583-3572193697-1006UA.job
[2011/10/13 13:35:07 | 000,000,966 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2083466410-2910171583-3572193697-1006Core.job
[2011/09/26 12:47:45 | 000,269,132 | ---- | C] () -- C:\Documents and Settings\Dr Lisa Huffman\Desktop\TEST.pdf
[2011/09/23 14:57:34 | 000,031,744 | ---- | C] () -- C:\Documents and Settings\Dr Lisa Huffman\My Documents\Rescue1.asd
[2011/03/03 15:48:57 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Viewer.INI
[2011/02/07 10:02:25 | 000,003,012 | ---- | C] () -- C:\WINDOWS\EzUser.Ini
[2008/11/07 10:00:53 | 000,005,120 | ---- | C] () -- C:\Documents and Settings\Dr Lisa Huffman\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/07/22 16:55:26 | 000,017,296 | ---- | C] () -- C:\WINDOWS\System32\gpmon.dll
[2008/07/14 14:57:20 | 000,000,608 | -HS- | C] () -- C:\WINDOWS\System32\winzvprt5.sys
[2008/07/14 14:49:51 | 000,000,685 | R--- | C] () -- C:\WINDOWS\System32\hppapr07.dat
[2008/07/14 14:47:24 | 000,152,815 | ---- | C] () -- C:\WINDOWS\hppins07.dat
[2008/07/14 14:47:24 | 000,152,774 | ---- | C] () -- C:\WINDOWS\System32\hppins07.dat
[2008/07/14 14:47:24 | 000,000,838 | ---- | C] () -- C:\WINDOWS\hppmdl07.dat
[2008/06/06 16:14:43 | 000,025,612 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2008/02/21 09:33:45 | 000,008,704 | ---- | C] () -- C:\WINDOWS\System32\CNMVS7R.DLL
[2008/02/21 09:33:11 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\IPPCPUID.DLL
[2008/02/21 09:32:49 | 000,011,776 | ---- | C] () -- C:\WINDOWS\System32\pmsbfn32.dll
[2008/02/05 18:50:03 | 000,004,660 | ---- | C] () -- C:\Documents and Settings\Dr Lisa Huffman\Application Data\EZUser.INI
[2008/02/05 18:49:11 | 000,447,488 | ---- | C] () -- C:\WINDOWS\System32\PGPDLL.DLL
[2008/02/05 18:49:11 | 000,030,720 | ---- | C] () -- C:\WINDOWS\System32\PKDCLVB.DLL
[2008/02/05 18:49:01 | 000,159,744 | ---- | C] () -- C:\WINDOWS\System32\AESCRYPT.DLL
[2008/01/31 14:04:54 | 000,001,289 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2008/01/31 12:16:42 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2008/01/25 22:42:13 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2008/01/25 22:14:47 | 000,077,824 | ---- | C] () -- C:\WINDOWS\setpwr32.exe
[2008/01/25 22:14:37 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4820.dll
[2008/01/25 22:13:07 | 000,001,124 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2005/07/07 02:12:28 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxcfvs.dll
[2004/08/10 12:12:05 | 000,000,780 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/08/10 12:07:31 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2004/08/10 12:02:15 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2004/08/10 12:01:18 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004/08/10 11:57:52 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004/08/10 11:57:15 | 000,216,064 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2004/08/10 11:51:21 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/10 11:51:20 | 000,445,846 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/10 11:51:20 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/10 11:51:20 | 000,073,052 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/10 11:51:20 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/10 11:51:18 | 000,004,627 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/08/10 11:51:17 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004/08/10 11:51:16 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2004/08/10 11:51:12 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/10 11:51:11 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/10 11:51:05 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/10 11:50:56 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2001/07/07 04:00:00 | 000,003,399 | ---- | C] () -- C:\WINDOWS\System32\hptcpmon.ini

========== LOP Check ==========

[2008/02/21 09:33:48 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
[2008/03/06 11:01:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\eFax Messenger 4.3 Output
[2008/03/06 11:01:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\eFax Messenger 4.3 Setup
[2008/06/04 17:53:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Grisoft
[2008/01/25 22:40:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SupportSoft
[2008/02/05 18:41:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2008/07/14 14:57:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\zvprt50
[2008/03/06 10:52:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dr Lisa Huffman\Application Data\Canon
[2009/09/04 15:26:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dr Lisa Huffman\Application Data\diag
[2008/03/06 11:01:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dr Lisa Huffman\Application Data\eFax Messenger
[2008/07/22 17:33:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dr Lisa Huffman\Application Data\GreenPrint
[2008/01/31 12:22:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dr Lisa Huffman\Application Data\Grisoft
[2008/03/06 10:55:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dr Lisa Huffman\Application Data\NewSoft
[2008/08/25 09:28:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dr Lisa Huffman\Application Data\Nvu
[2009/04/07 11:30:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dr Lisa Huffman\Application Data\OpenOffice.org
[2008/10/01 15:52:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dr Lisa Huffman\Application Data\Southwest Airlines
[2011/10/04 18:45:06 | 000,000,722 | ---- | M] () -- C:\WINDOWS\Tasks\Amigo.job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 113 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:62E2D794

< End of report >
  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP