Solved Google redirect

broni · 2010/07/01

Wait
We're not done yet...LOL
I need to make sure, your computer is really clean.

Delete your Combofix file, download fresh one and post new log.

lynsing · 2010/07/01

Thank you for being so thorough. Unusual thing happened while trying to get to this website through link in email. Instead of going to the internet website, it asked for the executable link file location.
Here is another Combofix log.

ComboFix 10-06-30.03 - Lynda 01/07/2010 6:23.3.1 - x86
Microsoft Windows 2000 Professional 5.0.2195.4.1252.1.1033.18.255.117 [GMT -7:00]
Running from: c:\documents and settings\Lynda\Desktop\ComboFix.exe
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_MYWEBSEARCHSERVICE
-------\Legacy_SROSA
-------\Service_MyWebSearchService
-------\Service_srosa
-------\Legacy_hbiogn
-------\Service_hbiogn

((((((((((((((((((((((((( Files Created from 2010-06-01 to 2010-07-01 )))))))))))))))))))))))))))))))
.

2010-07-01 13:40 . 2010-07-01 13:40 16384 ----atw- c:\winnt\system32\Perflib_Perfdata_284.dat
2010-06-29 18:54 . 2010-06-17 21:35 1496064 ----a-w- c:\documents and settings\Lynda\Application Data\Mozilla\Firefox\Profiles\io85391o.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll
2010-06-29 18:54 . 2010-06-17 21:35 43008 ----a-w- c:\documents and settings\Lynda\Application Data\Mozilla\Firefox\Profiles\io85391o.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbarloader.dll
2010-06-29 18:54 . 2010-06-17 21:35 339456 ----a-w- c:\documents and settings\Lynda\Application Data\Mozilla\Firefox\Profiles\io85391o.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\libraries\googletoolbar-ff2.dll
2010-06-29 18:54 . 2010-06-17 21:35 346112 ----a-w- c:\documents and settings\Lynda\Application Data\Mozilla\Firefox\Profiles\io85391o.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\libraries\googletoolbar-ff3.dll
2010-06-29 10:59 . 2004-05-03 09:24 16784 -c----w- c:\winnt\system32\dllcache\nsiislog.dll
2010-06-29 10:59 . 2005-02-22 07:05 18192 -c----w- c:\winnt\system32\dllcache\fltlib.dll
2010-06-29 10:59 . 2005-01-12 19:39 576784 -c----w- c:\winnt\system32\dllcache\hypertrm.dll
2010-06-29 10:59 . 2004-12-02 13:19 22800 -c----w- c:\winnt\system32\dllcache\fltmc.exe
2010-06-29 10:59 . 2004-05-03 10:24 222384 -c----w- c:\winnt\system32\dllcache\nscm.exe
2010-06-29 10:59 . 2002-08-29 14:14 44032 -c----w- c:\winnt\system32\dllcache\msxml3r.dll
2010-06-29 10:59 . 2005-02-04 05:34 55568 -c----w- c:\winnt\system32\dllcache\authz.dll
2010-06-29 10:54 . 2005-07-13 07:22 138000 -c--a-w- c:\winnt\system32\dllcache\faxui.dll
2010-06-29 10:54 . 2005-07-13 07:22 138000 ----a-w- c:\winnt\system32\faxui.dll
2010-06-29 10:47 . 2006-03-18 09:51 21264 -c----w- c:\winnt\system32\dllcache\verclsid.exe
2010-06-29 10:29 . 2010-02-16 04:16 1736576 -c--a-w- c:\winnt\system32\dllcache\NTKRPAMP.EXE
2010-06-29 10:29 . 2010-02-16 04:15 1715264 -c--a-w- c:\winnt\system32\dllcache\NTKRNLMP.EXE
2010-06-28 05:32 . 2010-04-29 22:39 38224 ----a-w- c:\winnt\system32\drivers\mbamswissarmy.sys
2010-06-28 05:32 . 2010-04-29 22:39 19288 ----a-w- c:\winnt\system32\drivers\mbam.sys
2010-06-27 23:11 . 2010-06-28 05:32 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-06-27 17:25 . 2010-06-27 17:25 -------- d--h--w- c:\winnt\PIF
2010-06-27 04:44 . 2010-06-27 04:44 -------- d-----w- C:\rei
2010-06-27 04:44 . 2010-06-27 04:44 -------- d-----w- c:\program files\Reimage
2010-06-27 04:10 . 2001-05-30 06:59 1174288 ----a-w- c:\winnt\system32\msoe.dll
2010-06-27 02:31 . 1999-12-01 06:40 86288 -c--a-w- c:\winnt\system32\dllcache\tp4mon.exe
2010-06-27 02:30 . 1999-09-25 17:36 6736 -c--a-w- c:\winnt\system32\dllcache\serscan.sys
2010-06-27 02:29 . 1999-12-01 06:39 56592 -c--a-w- c:\winnt\system32\dllcache\p6xx_32.dll
2010-06-27 02:28 . 1999-04-01 19:56 202752 -c--a-w- c:\winnt\system32\dllcache\mwremind.exe
2010-06-27 02:27 . 2003-06-19 19:05 70416 -c--a-w- c:\winnt\system32\dllcache\metadata.dll
2010-06-27 02:26 . 1999-10-22 21:54 32592 -c--a-w- c:\winnt\system32\dllcache\ichaud.sys
2010-06-27 02:25 . 1999-12-01 06:40 54032 -c--a-w- c:\winnt\system32\dllcache\eqnloop.exe
2010-06-27 02:24 . 2003-06-19 19:05 40720 -c--a-w- c:\winnt\system32\dllcache\coadmin.dll
2010-06-27 02:23 . 2005-01-12 19:39 248080 -c--a-w- c:\winnt\system32\dllcache\adsiis.dll
2010-06-25 17:38 . 2009-11-24 08:13 12560 -c--a-w- c:\winnt\system32\dllcache\tsbyuv.dll
2010-06-25 17:38 . 2009-11-24 08:13 12560 ----a-w- c:\winnt\system32\tsbyuv.dll
2010-06-25 17:38 . 1999-12-02 22:30 258320 ----a-w- c:\winnt\system32\msh263.drv
2010-06-25 17:38 . 1999-12-01 06:39 45840 -c--a-w- c:\winnt\system32\dllcache\iyuv_32.dll
2010-06-25 17:38 . 1999-12-01 06:39 45840 ----a-w- c:\winnt\system32\iyuv_32.dll
2010-06-25 17:38 . 2003-06-19 19:05 51472 -c--a-w- c:\winnt\system32\dllcache\vfwwdm32.dll
2010-06-25 17:38 . 2003-06-19 19:05 51472 ----a-w- c:\winnt\system32\vfwwdm32.dll
2010-06-22 16:06 . 2010-06-22 16:08 -------- d-----w- c:\program files\Resource Kit
2010-06-21 20:01 . 2010-06-21 20:01 -------- d---a-w- c:\documents and settings\All Users\Application Data\MGS
2010-06-21 19:18 . 2010-06-21 19:18 -------- d---a-w- C:\Microgaming
2010-06-20 20:09 . 2010-06-20 20:10 -------- d-----w- C:\2ee63a6d2f15f2bc6933a6663abb32d1
2010-06-20 19:07 . 2010-06-20 19:07 -------- d-----w- C:\602119c08bc7fc2f3510a95ca86
2010-06-19 19:37 . 2010-06-19 19:37 -------- d-----w- c:\documents and settings\Lynda\Local Settings\Application Data\Apple Computer
2010-06-19 19:37 . 2010-06-19 19:37 -------- d-----w- c:\documents and settings\Lynda\Application Data\Apple Computer
2010-06-19 19:33 . 2010-06-20 01:55 -------- d-----w- c:\program files\Safari
2010-06-19 19:28 . 2010-06-19 22:36 -------- d-----w- c:\program files\Bonjour
2010-06-19 19:26 . 2010-06-19 19:26 -------- d-----w- c:\documents and settings\Lynda\Local Settings\Application Data\Apple
2010-06-19 19:25 . 2010-06-19 19:25 -------- d-----w- c:\program files\Apple Software Update
2010-06-19 19:25 . 2010-06-19 19:25 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple
2010-06-18 20:05 . 2010-06-18 20:05 -------- d-----w- c:\documents and settings\Lynda\Application Data\Motive
2010-06-18 19:50 . 2010-06-18 19:50 -------- d---a-w- c:\documents and settings\All Users\Application Data\Motive
2010-06-18 19:48 . 2010-06-18 19:52 -------- d---a-w- c:\program files\Common Files\Motive
2010-06-18 19:34 . 2010-06-18 19:34 -------- d-----w- c:\documents and settings\Lynda\Application Data\TELUS
2010-06-17 21:04 . 2010-06-17 21:04 -------- d-----w- c:\program files\Common Files\Command Software
2010-06-17 21:04 . 2010-06-17 21:04 -------- d-----w- c:\program files\Common Files\PestPatrol
2010-06-17 21:04 . 2010-06-18 19:54 -------- d-----w- c:\program files\TELUS
2010-06-17 20:51 . 2010-06-17 20:51 -------- d-----w- c:\documents and settings\All Users\Application Data\TELUS
2010-06-17 20:19 . 2010-06-17 20:19 -------- d-----w- C:\1a2687b8e65ac33ffdb2d3d0865a2b64
2010-06-16 17:02 . 1999-09-25 06:55 771824 -c--a-w- c:\winnt\system32\dllcache\winacisa.sys
2010-06-16 17:02 . 1999-10-12 22:57 68912 -c--a-w- c:\winnt\system32\dllcache\usbaudio.sys
2010-06-16 17:02 . 1999-10-20 21:49 28432 -c--a-w- c:\winnt\system32\dllcache\tos4mo.sys
2010-06-16 17:02 . 1999-09-25 17:34 7568 -c--a-w- c:\winnt\system32\dllcache\twotrack.sys
2010-06-16 17:02 . 1999-09-25 02:17 17712 -c--a-w- c:\winnt\system32\dllcache\tsbmce.sys
2010-06-16 17:02 . 1999-12-01 06:39 420624 -c--a-w- c:\winnt\system32\dllcache\spxports.dll
2010-06-16 17:02 . 2003-06-19 19:05 104656 -c--a-w- c:\winnt\system32\dllcache\skfpwin.sys
2010-06-16 17:02 . 1999-12-07 23:43 188688 -c--a-w- c:\winnt\system32\dllcache\sisv256.dll
2010-06-16 17:02 . 1999-12-07 23:43 179792 -c--a-w- c:\winnt\system32\dllcache\sis6306v.dll
2010-06-16 17:02 . 1999-09-28 03:02 71280 -c--a-w- c:\winnt\system32\dllcache\sis6306p.sys
2010-06-16 17:02 . 1999-12-01 06:39 28432 -c--a-w- c:\winnt\system32\dllcache\sma032.dll
2010-06-16 17:00 . 2001-05-08 12:00 24336 -c--a-w- c:\winnt\system32\dllcache\sm9232.dll
2010-06-16 17:00 . 1999-12-01 06:39 25872 -c--a-w- c:\winnt\system32\dllcache\sm9132.dll
2010-06-16 17:00 . 1999-12-01 06:39 25872 -c--a-w- c:\winnt\system32\dllcache\sm8c32.dll
2010-06-16 17:00 . 1999-12-01 06:39 23824 -c--a-w- c:\winnt\system32\dllcache\sm9032.dll
2010-06-16 17:00 . 1999-12-01 06:39 23824 -c--a-w- c:\winnt\system32\dllcache\sm8d32.dll
2010-06-16 17:00 . 1999-12-01 06:39 32016 -c--a-w- c:\winnt\system32\dllcache\sm8732.dll
2010-06-16 17:00 . 1999-12-01 06:39 23824 -c--a-w- c:\winnt\system32\dllcache\sm8a32.dll
2010-06-16 17:00 . 1999-12-01 06:39 23824 -c--a-w- c:\winnt\system32\dllcache\sm8932.dll
2010-06-16 17:00 . 1999-12-01 06:39 24848 -c--a-w- c:\winnt\system32\dllcache\sm5932.dll
2010-06-16 16:59 . 2001-05-08 12:00 22800 -c--a-w- c:\winnt\system32\dllcache\permchk.dll
2010-06-16 16:59 . 1999-09-25 17:36 13680 -c--a-w- c:\winnt\system32\dllcache\rnbo3531.sys
2010-06-16 16:59 . 1999-09-25 02:17 18704 -c--a-w- c:\winnt\system32\dllcache\rtl8029.sys
2010-06-16 16:59 . 1999-09-25 02:17 43792 -c--a-w- c:\winnt\system32\dllcache\otceth5.sys
2010-06-16 16:59 . 1999-09-25 02:17 30064 -c--a-w- c:\winnt\system32\dllcache\pca200e.sys
2010-06-16 16:59 . 1999-09-25 02:17 30992 -c--a-w- c:\winnt\system32\dllcache\ngrpci.sys
2010-06-16 16:55 . 1999-12-01 06:39 8464 -c--a-w- c:\winnt\system32\dllcache\mssti.dll
2010-06-16 16:55 . 1999-12-01 06:39 24848 -c--a-w- c:\winnt\system32\dllcache\msmgr32.dll
2010-06-16 16:55 . 1999-09-25 17:36 12208 -c--a-w- c:\winnt\system32\dllcache\msriffwv.sys
2010-06-16 16:55 . 1999-12-01 06:39 7440 -c--a-w- c:\winnt\system32\dllcache\msf12sp.dll
2010-06-16 16:55 . 1999-12-01 06:39 7440 -c--a-w- c:\winnt\system32\dllcache\msf12cx.dll
2010-06-16 16:55 . 1999-12-01 06:39 7440 -c--a-w- c:\winnt\system32\dllcache\msf08sp.dll
2010-06-16 16:55 . 1999-09-25 17:36 5776 -c--a-w- c:\winnt\system32\dllcache\msfsio.sys
2010-06-16 16:55 . 1999-12-01 06:39 7440 -c--a-w- c:\winnt\system32\dllcache\msf06sp.dll
2010-06-16 16:55 . 1999-12-01 06:39 7440 -c--a-w- c:\winnt\system32\dllcache\msf06cz.dll
2010-06-16 16:55 . 1999-12-01 06:39 7440 -c--a-w- c:\winnt\system32\dllcache\msf06cx.dll
2010-06-16 16:53 . 1999-12-07 23:43 38320 -c--a-w- c:\winnt\system32\dllcache\8514a.dll
2010-06-16 16:53 . 1999-12-01 06:38 91920 -c--a-w- c:\winnt\system32\dllcache\acq32.dll
2010-06-16 16:53 . 2003-06-19 19:05 10928 -c--a-w- c:\winnt\system32\dllcache\4mmdat.sys
2010-06-16 16:53 . 1999-11-01 23:42 801072 -c--a-w- c:\winnt\system32\dllcache\3cpciadi.sys
2010-06-16 16:53 . 1999-09-25 06:55 792176 -c--a-w- c:\winnt\system32\dllcache\3cisaadi.sys
2010-06-16 16:53 . 1999-09-25 06:55 774928 -c--a-w- c:\winnt\system32\dllcache\3cisati.sys
2010-06-16 16:53 . 2003-06-19 19:05 40752 -c--a-w- c:\winnt\system32\dllcache\1394bus.sys
2010-06-16 16:53 . 1999-10-07 22:29 22992 -c--a-w- c:\winnt\system32\dllcache\15_16wdm.sys
2010-06-16 16:53 . 1999-09-25 06:55 763024 -c--a-w- c:\winnt\system32\dllcache\3cwmcru.sys
2010-06-15 18:51 . 2010-06-15 18:52 -------- d-----w- c:\documents and settings\All Users\Application Data\TrojanHunter
2010-06-15 18:50 . 2010-06-27 21:59 -------- d-----w- c:\program files\TrojanHunter 5.3
2010-06-15 00:37 . 2010-06-15 00:37 -------- d-----w- c:\documents and settings\Lynda\Application Data\Malwarebytes
2010-06-15 00:37 . 2010-06-15 00:37 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2010-06-14 23:45 . 2010-06-14 23:45 -------- d-----w- c:\documents and settings\Lynda\Application Data\Yahoo!
2010-06-14 23:44 . 2010-06-15 18:11 -------- d-----w- c:\program files\Yahoo!
2010-06-14 23:44 . 2010-06-14 23:46 -------- d-----w- c:\program files\CCleaner
2010-06-14 00:29 . 2010-06-14 00:29 -------- d-----w- c:\winnt\Local Settings
2010-06-13 19:45 . 2010-06-13 20:07 -------- d-----w- c:\program files\Windows Live Safety Center
2010-06-12 17:14 . 2010-06-12 17:14 -------- d-----w- c:\winnt\E58B329BFB28487490DE0D7CB2709267.TMP
2010-06-12 16:56 . 2010-06-12 16:56 -------- d-----w- c:\documents and settings\Lynda\Application Data\FRISK Software
2010-06-12 16:20 . 2009-08-27 23:25 682840 ----a-w- c:\winnt\system32\drivers\FStopW.sys
2010-06-12 16:19 . 2010-06-12 16:19 -------- d-----w- c:\program files\FRISK Software
2010-06-11 00:26 . 2010-06-11 00:22 64288 ----a-w- c:\winnt\system32\drivers\Lbd.sys
2010-06-11 00:26 . 2010-06-11 00:25 95024 ----a-w- c:\winnt\system32\drivers\SBREDrv.sys
2010-06-11 00:11 . 2010-06-11 00:11 -------- dc-h--w- c:\documents and settings\All Users\Application Data\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}
2010-06-11 00:11 . 2010-02-04 15:53 2954656 -c--a-w- c:\documents and settings\All Users\Application Data\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}\Ad-AwareInstaller.exe
2010-06-02 12:12 . 2010-06-02 12:12 352513 ----a-w- c:\winnt\system32\savapi3.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-06-29 21:50 . 2007-10-16 20:20 1960 ----a-w- c:\winnt\system32\d3d9caps.dat
2010-06-29 05:51 . 2008-12-08 10:45 -------- d--h--w- c:\documents and settings\Lynda\Application Data\drivers
2010-06-28 17:41 . 2007-10-07 02:02 -------- d-----w- c:\program files\MSN Messenger
2010-06-28 16:38 . 2010-05-28 05:12 0 ----a-w- c:\winnt\Htumimeq.bin
2010-06-28 08:56 . 2008-03-09 23:24 -------- d-----w- c:\program files\MailNavigator
2010-06-28 03:39 . 2010-05-28 05:12 120 ----a-w- c:\winnt\Ujoziqefameteqar.dat
2010-06-27 23:09 . 2007-10-10 04:51 -------- d-----w- c:\documents and settings\Lynda\Application Data\NewsBin
2010-06-27 23:08 . 2007-10-08 21:24 -------- d-----w- c:\program files\eMule
2010-06-27 23:06 . 2007-10-07 02:23 -------- d-----w- c:\program files\Azureus
2010-06-21 08:14 . 2008-01-03 22:37 -------- d-----w- c:\program files\Common Files\snpstd
2010-06-20 19:08 . 2009-03-15 05:32 -------- d-----w- c:\program files\Lavasoft
2010-06-14 23:58 . 2007-10-13 05:05 -------- d-----w- c:\documents and settings\Lynda\Application Data\Azureus
2010-06-12 07:07 . 2009-01-21 17:48 111967 ----a-w- c:\winnt\hpoins07.dat
2010-06-04 18:03 . 2008-02-14 20:45 -------- d-----w- c:\program files\HOTALBUMMyBOX
2010-06-04 17:16 . 2007-10-09 06:09 -------- d-----w- c:\documents and settings\Lynda\Application Data\Image Zone Express
2010-05-13 14:18 . 2007-10-07 02:26 -------- d-----w- c:\program files\Google
2010-05-12 18:04 . 2010-02-26 17:15 -------- d-----w- c:\documents and settings\Lynda\Application Data\Skype
2010-05-12 17:23 . 2008-09-16 03:45 -------- d-----w- c:\documents and settings\Lynda\Application Data\skypePM
2010-05-03 08:17 . 2003-06-19 19:05 1650448 ----a-w- c:\winnt\system32\WIN32K.SYS
2010-04-14 23:17 . 2010-04-14 23:17 576512 ----a-w- c:\winnt\system32\WININET.DLL
2010-04-13 01:12 . 2003-06-19 19:05 291920 ----a-w- c:\winnt\system32\atmfd.dll
2009-10-07 20:35 . 2009-10-07 20:35 19135 ----a-w- c:\program files\Heather's School Photo 2008-2009 (240 x 338).jpg
2007-10-06 22:54 . 2007-10-06 22:54 21952 ---h--w- c:\program files\folder.htt
2007-07-26 23:06 . 2007-10-13 05:00 479232 ----a-w- c:\program files\mozilla firefox\plugins\msvcm80.dll
2007-07-26 23:06 . 2007-10-13 05:00 548864 ----a-w- c:\program files\mozilla firefox\plugins\msvcp80.dll
2007-07-26 23:06 . 2007-10-13 05:00 626688 ----a-w- c:\program files\mozilla firefox\plugins\msvcr80.dll
.

------- Sigcheck -------

[-] 2002-11-27 02:03 . 36678803A8030EE9A771935CFC1848BD . 52224 . . [ERROR: 0x0] . . c:\winnt\system32\mspmsnsv.dll

[-] 2004-07-09 12:27 . 0E51BD586D186F61A9E4453DB8AEC774 . 1703936 . . [ERROR: 0x0] . . c:\winnt\system32\d3d9.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{9df9b682-9c18-4a01-bac3-a265ca7cd866} "= "mscoree.dll" [2007-04-13 271360]

[HKEY_CLASSES_ROOT\clsid\{9df9b682-9c18-4a01-bac3-a265ca7cd866}]
[HKEY_CLASSES_ROOT\EGToolbar.EGToolbar]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg "= "c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-10-08 68856]
"NBJ "= "c:\program files\Ahead\Nero BackItUp\nbj.exe" [2006-09-15 2048000]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Synchronization Manager "= "mobsync.exe" [2003-06-19 111376]
"NeroFilterCheck "= "c:\winnt\system32\NeroCheck.exe" [2001-07-09 155648]
"SunJavaUpdateSched "= "c:\program files\Java\jre6\bin\jusched.exe" [2009-03-14 136600]
"HP Software Update "= "c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"QuickTime Task "= "c:\program files\QuickTime\qttask.exe" [2008-01-10 286720]
"MBBalloon "= "c:\program files\HOTALBUMMyBOX\MBBalloon.exe" [2007-02-09 789120]
"TkBellExe "= "c:\program files\Common Files\Real\Update_OB\realsched.exe" [2008-06-16 185896]
"eFax 4.3 "= "c:\program files\eFax Messenger 4.3\J2GDllCmd.exe" [2007-03-06 116224]
"Adobe Reader Speed Launcher "= "c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-28 35696]
"THGuard "= "c:\program files\TrojanHunter 5.3\THGuard.exe" [2010-03-20 1070240]
"GlobeCom_Full_Client_McciTrayApp "= "c:\program files\TELUS\TELUS Support Centre\bin\McciTrayApp.exe" [2009-05-27 1528832]
"snpstd "= "c:\winnt\vsnpstd.exe" [2004-01-01 40960]
"Malwarebytes' Anti-Malware "= "c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2010-04-29 437584]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"internat.exe "= "internat.exe" [2001-05-08 20752]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"^SetupICWDesktop "= "c:\program files\Internet Explorer\Connection Wizard\icwconn1.exe" [2003-06-19 186640]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
eFax 4.3.lnk - c:\program files\eFax Messenger 4.3\J2GTray.exe [2008-8-20 629248]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2005-5-11 282624]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\FPAVServer]
@= "Service "

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@= "Service "

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sr.sys]
@= "FSFilter System Recovery "

R0 FPAV_RTP;FPAV_RTP;c:\winnt\system32\drivers\FStopW.sys [12/06/2010 9:20 AM 682840]
R0 Lbd;Lbd;c:\winnt\system32\drivers\Lbd.sys [10/06/2010 5:26 PM 64288]
R0 PzWDM;PzWDM;c:\winnt\system32\drivers\PzWDM.sys [14/02/2008 1:46 PM 15172]
R2 ASTRA32;ASTRA32 Kernel Driver 5.2.1.0;c:\program files\ASTRA32\astra32.sys [22/02/2007 11:28 AM 30864]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [27/06/2010 10:32 PM 304464]
R3 MBAMProtector;MBAMProtector;c:\winnt\system32\drivers\mbam.sys [27/06/2010 10:32 PM 19288]
R3 openhci;Microsoft USB Open Host Controller Driver;c:\winnt\system32\drivers\openhci.sys [19/06/2003 12:05 PM 24784]
R3 usbhub20;USB 2.0 Root Hub Support;c:\winnt\system32\drivers\usbhub20.sys [06/10/2007 8:35 AM 49776]
S2 gupdate1c9a8cb2e4ea6b0;Google Update Service (gupdate1c9a8cb2e4ea6b0);c:\program files\Google\Update\GoogleUpdate.exe [19/03/2009 12:44 PM 133104]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; "c:\program files\Lavasoft\Ad-Aware\AAWService.exe" --> c:\program files\Lavasoft\Ad-Aware\AAWService.exe [?]
S3 DM9USB;ST268 USB To Fast Ethernet Adapter;c:\winnt\system32\drivers\dm9usb.sys [20/02/2009 7:02 PM 21376]
S3 ne2000;Novell/Eagle NE2000 Adapter Driver;c:\winnt\system32\drivers\ne2000.sys [20/02/2009 4:33 PM 16016]
S4 FPAVServer;F-PROT Antivirus for Windows system;c:\program files\FRISK Software\F-PROT Antivirus for Windows\FPAVServer.exe [27/08/2009 4:26 PM 75424]
.
Contents of the 'Scheduled Tasks' folder

2010-06-26 c:\winnt\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2007-08-29 21:57]

2010-07-01 c:\winnt\Tasks\Backup.job
- c:\winnt\system32\ntbackup.exe [2003-06-19 19:05]

2010-07-01 c:\winnt\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-03-19 19:44]

2010-07-01 c:\winnt\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-03-19 19:44]
.
.
------- Supplementary Scan -------
.
uSearch Page = hxxp://www.google.com
uStart Page = hxxp://www.google.ca/
uSearch Bar = hxxp://www.google.com/ie
mDefault_Search_URL = hxxp://www.google.com/ie
mSearch Bar = hxxp://www.Google.com/
mSearchMigratedDefaultURL = hxxp://www.Google.com/
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mSearchURL = hxxp://www.Google.com/
mSearchAssistant = hxxp://www.google.com/ie
IE: {{c95fe080-8f5d-11d2-a20b-00aa003c157a} - %SystemRoot%\web\related.htm
IE: {{898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
LSP: %SystemRoot%\system32\msafd.dll
DPF: CabBuilder - hxxp://www.imgag.com/kiw/toolbar/download/InstallerControl.cab
FF - ProfilePath - c:\documents and settings\Lynda\Application Data\Mozilla\Firefox\Profiles\io85391o.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.startup.homepage - hxxp://www.google.ca/
FF - component: c:\documents and settings\Lynda\Application Data\Mozilla\Firefox\Profiles\io85391o.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll
FF - plugin: c:\program files\Common Files\Motive\npMotive.dll
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Update\1.2.183.29\npGoogleOneClick8.dll

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref( "ui.use_native_colors ", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref( "network.IDN.whitelist.lu ", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref( "network.IDN.whitelist.nu ", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref( "network.IDN.whitelist.nz ", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref( "network.IDN.whitelist.xn--mgberp4a5d4ar ", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref( "network.IDN.whitelist.xn--p1ai ", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref( "network.IDN.whitelist.xn--mgbayh7gpa ", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref( "network.IDN.whitelist.tel ", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref( "network.auth.force-generic-ntlm ", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref( "network.proxy.type ", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref( "dom.ipc.plugins.timeoutSecs ", 45);
c:\program files\Mozilla Firefox\greprefs\all.js - pref( "svg.smil.enabled ", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref( "accelerometer.enabled ", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref( "security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref ", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref( "security.ssl.renego_unrestricted_hosts ", " ");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref( "security.ssl.treat_unsafe_negotiation_as_broken ", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref( "security.ssl.require_safe_negotiation ", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref( "extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name ", "chrome://browser/locale/browser.properties ");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref( "extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description ", "chrome://browser/locale/browser.properties ");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref( "plugins.update.notifyUser ", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref( "dom.ipc.plugins.enabled.nptest.dll ", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref( "dom.ipc.plugins.enabled.npswf32.dll ", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref( "dom.ipc.plugins.enabled.npctrl.dll ", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref( "dom.ipc.plugins.enabled.npqtplugin.dll ", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref( "dom.ipc.plugins.enabled ", false);
.
- - - - ORPHANS REMOVED - - - -

SharedTaskScheduler-{ecc974ae-6ede-44a2-90da-93b996d8eaf8} - (no file)

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-07-01 06:42
Windows 5.0.2195 Service Pack 4 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll >>UNKNOWN [0xFFAB378A]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\Disk -> CLASSPNP.SYS @ 0xed022ac3
\Driver\ACPI -> ACPI.sys @ 0xbffde554
\Driver\atapi -> ntoskrnl.exe @ 0x804a5c6f
IoDeviceObjectType -> DeleteProcedure -> ntoskrnl.exe @ 0x804c079e
ParseProcedure -> ntoskrnl.exe @ 0x804bf0b0
\Device\Harddisk0\DR0 -> DeleteProcedure -> ntoskrnl.exe @ 0x804c079e
ParseProcedure -> ntoskrnl.exe @ 0x804bf0b0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-117609710-842925246-1343024091-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{8593F352-608B-7BFB-82A0-0F4F572D13D6}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
"oakgbfagfodpbopkgljleebehnjocb "=hex:69,61,6f,6e,65,70,70,6f,64,65,6b,6a,6d,6f,
61,70,70,63,00,00
"naaghdpjedpaepnlohbeebkhgjff "=hex:6a,61,70,6e,62,6f,62,6c,63,68,65,6f,66,69,
6a,65,6b,6d,68,6a,00,00

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@= "FlashBroker "
"LocalizedString "= "@c:\\WINNT\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe,-101 "

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled "=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@= "c:\\WINNT\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe "

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@= "{FAB3E735-69C7-453B-A446-B6823C6DF1C9} "

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@= "IFlashBroker4 "

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@= "{00020424-0000-0000-C000-000000000046} "

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@= "{FAB3E735-69C7-453B-A446-B6823C6DF1C9} "
"Version "= "1.0 "
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(216)
c:\winnt\system32\wzcdlg.dll
c:\winnt\system32\WZCSAPI.DLL

- - - - - - - > 'explorer.exe'(1260)
c:\winnt\system32\SHDOCVW.DLL
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\Motive\McciCMService.exe
c:\winnt\system32\regsvc.exe
c:\winnt\system32\MSTask.exe
c:\winnt\System32\WBEM\WinMgmt.exe
c:\winnt\system32\mspmspsv.exe
c:\winnt\system32\stisvc.exe
.
**************************************************************************
.
Completion time: 2010-07-01 06:50:19 - machine was rebooted
ComboFix-quarantined-files.txt 2010-07-01 13:50

Pre-Run: 5,655,052,288 bytes free
Post-Run: 5,653,917,696 bytes free

- - End Of File - - 40191A411F28D42A6827B829E1AE830B

broni · 2010/07/01

Uninstall Combofix:
Go Start > Run [Vista users, go Start> "Start search"]
Type in:
Combofix /Uninstall
Note the space between the "Combofix" and the "/Uninstall "
Click OK (Vista users - press Enter).
Restart computer.

===============================================================

Download OTL to your Desktop.

* Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
* Under the Custom Scan box paste this in:

netsvcs
drivers32 /all
%SYSTEMDRIVE%\*.*
%systemroot%\system32\Spool\prtprocs\w32x86\*.dll
%systemroot%\*. /mp /s
CREATERESTOREPOINT
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\user32.dll /md5
%systemroot%\system32\ws2_32.dll /md5
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU

* Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.

When the scan completes, it will open two notepad windows: OTL.txt and Extras.txt. These are saved in the same location as OTL.

Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them back here.

lynsing · 2010/07/01

Happy Canada Day!!

OTL Extras logfile created on: 01/07/2010 11:50:32 AM - Run 1
OTL by OldTimer - Version 3.2.7.0 Folder = C:\Documents and Settings\Lynda\Desktop
Windows 2000 Professional Edition Service Pack 4 (Version = 5.0.2195) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2800.1106)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy

255.00 Mb Total Physical Memory | 84.00 Mb Available Physical Memory | 33.00% Memory free
614.00 Mb Paging File | 367.00 Mb Available in Paging File | 60.00% Paging File free
Paging file location(s): C:\pagefile.sys 384 1000 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINNT | %ProgramFiles% = C:\Program Files
Drive C: | 37.26 Gb Total Space | 5.41 Gb Free Space | 14.52% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: LYNDA-4F4C00F7A
Current User Name: Lynda
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- %1
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
"FirewallDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0611BD4E-4FE4-4a62-B0C0-18A4CC463428}" = CP_Package_Variety1
"{09984AEC-6B9F-4ca7-B78D-CB44D4771DA3}" = Destinations
"{0B33B738-AD79-4E32-90C5-E67BFB10BBFF}" = AiO_Scan
"{1C139D7D-9FEA-468d-A9C8-2A6E3BDE564A}" = CP_Package_Variety3
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{25AE8D2F-55D2-4848-A7EF-1597017CAD9E}" = Canon Camera TWAIN Driver
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 11
"{274A67E7-528B-417A-9D45-B5EC1554EAF0}" = HOT ALBUM MYBOX
"{2CADCEAB-D5DA-44D6-B5FC-7DEE87AB3C0C}" = Unload
"{30C19FF2-7FBA-4d09-B9DE-1659977F64F6}" = TrayApp
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java(TM) 6 Update 3
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java(TM) 6 Update 5
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{3571D374-7DF9-4741-960E-04EB82CA69BB}" = Microsoft Tool Web Package : DUREG.EXE
"{36FDBE6E-6684-462B-AE98-9A39A1B200CC}" = HP Product Assistant
"{47BF1BD6-DCAC-468F-A0AD-E5DECC2211C3}" = Bonjour
"{4A128437-CCB4-4C57-9F0A-B82E0551844F}" = Before You Know It 3.6
"{54E3707F-808E-4fd4-95C9-15D1AB077E5D}" = NewCopy
"{5546CDB5-2CE2-498B-B059-5B3BF81FC41F}" = Macromedia Extension Manager
"{56F8AFC3-FA98-4ff1-9673-8A026CBF85BE}" = WebReg
"{57383270-6F61-4DC8-A9B8-C1745FC29F38}" = USB PC Camera (SN9C102)
"{5B622B7A-60FB-4630-B11D-F121D20BCCD6}" = MarketResearch
"{5B79CFD1-6845-4158-9D7D-6BE89DF2C135}" = HP PSC & OfficeJet 5.3.B
"{63CFD835-FF50-4F8B-91CD-5662A8C640F8}" = Photo Transport
"{65248369-7CB9-43A9-82C8-C438AE04DED4}" = 1500
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{6BB6627C-694F-4FDC-A3E5-C7F4BED4C724}" = DocProc
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{6F716D8C-398F-11D3-85E1-005004838609}" = WebFldrs
"{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}" = Microsoft .NET Framework 2.0
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}" = Avanquest update
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7850A6D2-CBEA-4728-9877-F1BEDEA9F619}" = AiOSoftware
"{7C9B95B7-B598-4398-B30F-7F6827192E6C}" = ProductContext
"{81E06318-EEB9-4D55-8CD5-7AC9148D5E66}" = 1500_Help
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8BF2C401-02CE-424D-BC26-6C4F9FB446B6}" = Macromedia Flash 8 Video Encoder
"{90110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{923A7F5A-1E8C-4FBE-8DF6-85940A60A79F}" = Readme
"{9527450C-64B3-11D5-9B31-000021116B62}" = SmartCamera Ver 2.1
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{A195B13E-A5E3-4BAF-A995-7F70F445CD06}" = ScannerCopy
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{ABEB838C-A1A7-4C5D-B7E1-8B4314600820}" = MSN Messenger 7.0
"{AC76BA86-7AD7-1033-7B44-A91000000001}" = Adobe Reader 9.1.3
"{AC76BA86-7AD7-2448-0000-900000000003}" = Chinese Traditional Fonts Support For Adobe Reader 9
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{B3076A28-345A-4d89-90A3-B68866C0DFB8}" = eFax Messenger 4.3
"{B544F669-B04B-45B7-B449-30E273712FCC}" = TELUS Security service
"{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}" = Apple Software Update
"{B824B5C9-849F-4b9e-9EA7-6FD8CD8116DA}" = CP_Package_Variety2
"{B996AE66-10DB-4ac5-B151-E8B4BFBC42FC}" = BufferChm
"{BAD8CA9C-77C0-4663-B00B-A8D3B13C341B}" = Motorola Phone Tools
"{C506A18C-1469-4678-B094-F4EC9DAE6DB7}" = Scan
"{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}" = HP Product Detection
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CBA30674-A242-4531-82B5-586B31F90E04}" = 1500Trb
"{CE24344F-DFD8-40C8-8FD8-C9740B5F25AC}" = Fax
"{D050D7362D214723AD585B541FFB6C11}" = DivX Content Uploader
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D6A1E429-CCE1-4140-A615-710B806D12BA}" = Motorola Driver Installation 3.2.0
"{DBEA1034-5882-4A88-8033-81C4EF0CFA29}" = Google Toolbar for Internet Explorer
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{E3F90083-80D4-4b5a-87C7-E97E12F5516D}" = HPProductAssistant
"{E58B329B-FB28-4874-90DE-0D7CB2709267}" = F-PROT Antivirus for Windows
"{E7C97E98-4C2D-BEAF-5D2F-CC45A2F95D90}" = Acrobat.com
"{EA103B64-C0E4-4C0E-A506-751590E1653D}" = SolutionCenter
"{EB21A812-671B-4D08-B974-2A347F0D8F70}" = HP Photosmart Essential
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F4C2E5F5-2970-45f4-ABD3-C180C4D961C4}" = Status
"{F7B0939E-58DF-11DF-B3A6-005056806466}" = Google Earth
"{F8C366C2-66A9-4F5C-A8A7-5108A0251F58}" = Microsoft Tool Web Package : OLEVIEW.EXE
"{FE57DE70-95DE-4B64-9266-84DA811053DB}" = HP Update
"Ad-Aware" = Ad-Aware
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11
"Advanced MP3/WMA Recorder" = Advanced MP3/WMA Recorder
"ASTRA32_is1" = ASTRA32 - Advanced System Information Tool 1.54
"Astro-Mania" = Astro-Mania
"ATI Display Driver" = ATI Win2k Display Driver
"CameraWindowDC" = Canon Utilities CameraWindow DC
"CameraWindowDVC5" = Canon Utilities CameraWindow DC_DV 5 for ZoomBrowser EX
"CameraWindowDVC6" = Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX
"CameraWindowLauncher" = Canon Utilities CameraWindow
"Canon G.726 WMP-Decoder" = Canon G.726 WMP-Decoder
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Conjugaison - 60 verbes" = Conjugaison - 60 verbes 1.0
"Coupon Printer for Windows5.0.0.0" = Coupon Printer for Windows
"CSCLIB" = Canon Camera Support Core Library
"EOS Utility" = Canon Utilities EOS Utility
"HP Imaging Device Functions" = HP Imaging Device Functions 5.3
"HP Solution Center & Imaging Support Tools" = HP Solution Center & Imaging Support Tools 5.3
"HPExtendedCapabilities" = HP Extended Capabilities 5.3
"InstallShield_{25AE8D2F-55D2-4848-A7EF-1597017CAD9E}" = Canon Camera TWAIN Driver 6.9
"InstallShield_{274A67E7-528B-417A-9D45-B5EC1554EAF0}" = HOT ALBUM MYBOX
"Learn To Speak English 8.1" = Learn To Speak English 8.1
"MailNavigator v.1.11" = MailNavigator v.1.11
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 2.0" = Microsoft .NET Framework 2.0
"MovieEditTask" = Canon MovieEdit Task for ZoomBrowser EX
"Mozilla Firefox (3.6.6)" = Mozilla Firefox (3.6.6)
"MyCamera" = Canon Utilities MyCamera
"MyCameraDC" = Canon Utilities MyCamera DC
"Nero - Burning Rom!UninstallKey" = Nero OEM
"NeroVision!UninstallKey" = NeroVision Express 2
"NMPUninstallKey" = Nero Media Player
"PhotoStitch" = Canon Utilities PhotoStitch
"Q828026" = Windows Media Player Hotfix [See Q828026 for more information]
"QuickTime" = QuickTime
"RAW Image Task" = Canon RAW Image Task for ZoomBrowser EX
"RealPlayer 6.0" = RealPlayer
"Reimage Repair" = Reimage Repair
"RemoteCaptureTask" = Canon Utilities RemoteCapture Task for ZoomBrowser EX
"TELUS Support Centre" = TELUS Support Centre (remove only)
"TrojanHunter_is1" = TrojanHunter 5.3
"Update Rollup 1" = Update Rollup 1 for Windows 2000 SP4
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner
"WinRAR archiver" = WinRAR archiver
"WMP7" = Windows Media Player system update (9 Series)
"Xvid_is1" = Xvid 1.1.3 final uninstall
"yukongold" = Yukon Gold
"ZoomBrowser EX" = Canon Utilities ZoomBrowser EX
"ZoomBrowser EX Memory Card Utility" = Canon ZoomBrowser EX Memory Card Utility

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Pilot Desktop" = Palm Desktop

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 29/06/2010 1:26:57 PM | Computer Name = LYNDA-4F4C00F7A | Source = LoadPerf | ID = 3009
Description = Installing the performance counter strings for .NETFramework failed.
The Error code is DWORD 0 of the Record Data.

Error - 29/06/2010 2:25:16 PM | Computer Name = LYNDA-4F4C00F7A | Source = Perflib | ID = 2002
Description = The open procedure for service "PerfDisk" in DLL "C:\WINNT\system32\perfdisk.dll "
has taken longer than the established wait time to complete. There may be a problem
with this extensible counter or the service it is collecting data from or the system
may have been very busy when this call was attempted.

Error - 29/06/2010 10:46:57 PM | Computer Name = LYNDA-4F4C00F7A | Source = Perflib | ID = 2002
Description = The open procedure for service "PerfDisk" in DLL "C:\WINNT\system32\perfdisk.dll "
has taken longer than the established wait time to complete. There may be a problem
with this extensible counter or the service it is collecting data from or the system
may have been very busy when this call was attempted.

Error - 30/06/2010 6:49:37 AM | Computer Name = LYNDA-4F4C00F7A | Source = Perflib | ID = 2002
Description = The open procedure for service "PerfDisk" in DLL "C:\WINNT\system32\perfdisk.dll "
has taken longer than the established wait time to complete. There may be a problem
with this extensible counter or the service it is collecting data from or the system
may have been very busy when this call was attempted.

Error - 30/06/2010 7:19:54 PM | Computer Name = LYNDA-4F4C00F7A | Source = Perflib | ID = 2002
Description = The open procedure for service "PerfDisk" in DLL "C:\WINNT\system32\perfdisk.dll "
has taken longer than the established wait time to complete. There may be a problem
with this extensible counter or the service it is collecting data from or the system
may have been very busy when this call was attempted.

Error - 01/07/2010 2:09:45 AM | Computer Name = LYNDA-4F4C00F7A | Source = Perflib | ID = 2002
Description = The open procedure for service "PerfDisk" in DLL "C:\WINNT\system32\perfdisk.dll "
has taken longer than the established wait time to complete. There may be a problem
with this extensible counter or the service it is collecting data from or the system
may have been very busy when this call was attempted.

Error - 01/07/2010 2:29:44 AM | Computer Name = LYNDA-4F4C00F7A | Source = Perflib | ID = 2002
Description = The open procedure for service "PerfDisk" in DLL "C:\WINNT\system32\perfdisk.dll "
has taken longer than the established wait time to complete. There may be a problem
with this extensible counter or the service it is collecting data from or the system
may have been very busy when this call was attempted.

Error - 01/07/2010 9:21:50 AM | Computer Name = LYNDA-4F4C00F7A | Source = Perflib | ID = 2002
Description = The open procedure for service "PerfDisk" in DLL "C:\WINNT\system32\perfdisk.dll "
has taken longer than the established wait time to complete. There may be a problem
with this extensible counter or the service it is collecting data from or the system
may have been very busy when this call was attempted.

Error - 01/07/2010 9:40:25 AM | Computer Name = LYNDA-4F4C00F7A | Source = Perflib | ID = 2002
Description = The open procedure for service "PerfDisk" in DLL "C:\WINNT\system32\perfdisk.dll "
has taken longer than the established wait time to complete. There may be a problem
with this extensible counter or the service it is collecting data from or the system
may have been very busy when this call was attempted.

Error - 01/07/2010 2:41:48 PM | Computer Name = LYNDA-4F4C00F7A | Source = Perflib | ID = 2002
Description = The open procedure for service "PerfDisk" in DLL "C:\WINNT\system32\perfdisk.dll "
has taken longer than the established wait time to complete. There may be a problem
with this extensible counter or the service it is collecting data from or the system
may have been very busy when this call was attempted.

[ System Events ]
Error - 01/07/2010 2:09:35 AM | Computer Name = LYNDA-4F4C00F7A | Source = Service Control Manager | ID = 7000
Description = The Lavasoft Ad-Aware Service service failed to start due to the following
error: %%3

Error - 01/07/2010 2:29:33 AM | Computer Name = LYNDA-4F4C00F7A | Source = Kbdclass | ID = 327689
Description = Could not enable interrupts on connected port device .

Error - 01/07/2010 2:29:33 AM | Computer Name = LYNDA-4F4C00F7A | Source = Service Control Manager | ID = 7000
Description = The Lavasoft Ad-Aware Service service failed to start due to the following
error: %%3

Error - 01/07/2010 6:00:23 AM | Computer Name = LYNDA-4F4C00F7A | Source = Windows Update Agent | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x8007f302: Security Update for Outlook Express 6.0 for Windows 2000
(KB978542).

Error - 01/07/2010 9:21:35 AM | Computer Name = LYNDA-4F4C00F7A | Source = Kbdclass | ID = 327689
Description = Could not enable interrupts on connected port device .

Error - 01/07/2010 9:21:38 AM | Computer Name = LYNDA-4F4C00F7A | Source = Service Control Manager | ID = 7000
Description = The Lavasoft Ad-Aware Service service failed to start due to the following
error: %%3

Error - 01/07/2010 9:40:14 AM | Computer Name = LYNDA-4F4C00F7A | Source = Service Control Manager | ID = 7000
Description = The Lavasoft Ad-Aware Service service failed to start due to the following
error: %%3

Error - 01/07/2010 9:40:17 AM | Computer Name = LYNDA-4F4C00F7A | Source = Kbdclass | ID = 327689
Description = Could not enable interrupts on connected port device .

Error - 01/07/2010 2:41:35 PM | Computer Name = LYNDA-4F4C00F7A | Source = Kbdclass | ID = 327689
Description = Could not enable interrupts on connected port device .

Error - 01/07/2010 2:41:38 PM | Computer Name = LYNDA-4F4C00F7A | Source = Service Control Manager | ID = 7000
Description = The Lavasoft Ad-Aware Service service failed to start due to the following
error: %%3

< End of report >

lynsing · 2010/07/01

OTL logfile created on: 01/07/2010 11:50:32 AM - Run 1
OTL by OldTimer - Version 3.2.7.0 Folder = C:\Documents and Settings\Lynda\Desktop
Windows 2000 Professional Edition Service Pack 4 (Version = 5.0.2195) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2800.1106)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy

255.00 Mb Total Physical Memory | 84.00 Mb Available Physical Memory | 33.00% Memory free
614.00 Mb Paging File | 367.00 Mb Available in Paging File | 60.00% Paging File free
Paging file location(s): C:\pagefile.sys 384 1000 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINNT | %ProgramFiles% = C:\Program Files
Drive C: | 37.26 Gb Total Space | 5.41 Gb Free Space | 14.52% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: LYNDA-4F4C00F7A
Current User Name: Lynda
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010/07/01 11:46:49 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Lynda\Desktop\OTL.exe
PRC - [2010/06/29 11:55:49 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010/04/29 15:39:34 | 000,304,464 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2010/04/29 15:39:32 | 000,437,584 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2010/03/20 12:22:30 | 001,070,240 | ---- | M] (Mischel Internet Security) -- C:\Program Files\TrojanHunter 5.3\THGuard.exe
PRC - [2009/05/27 13:25:34 | 001,528,832 | ---- | M] (Motive Communications, Inc.) -- C:\Program Files\TELUS\TELUS Support Centre\bin\McciTrayApp.exe
PRC - [2008/06/16 13:11:43 | 000,185,896 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
PRC - [2007/10/07 23:49:20 | 000,068,856 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2004/09/07 08:59:06 | 000,122,128 | ---- | M] (Microsoft Corporation) -- C:\WINNT\system32\mstask.exe
PRC - [2003/12/31 17:39:04 | 000,040,960 | ---- | M] () -- C:\WINNT\vsnpstd.exe
PRC - [2003/06/19 12:05:04 | 000,243,472 | ---- | M] (Microsoft Corporation) -- C:\WINNT\explorer.exe
PRC - [2003/06/19 12:05:04 | 000,196,706 | ---- | M] (Microsoft Corporation) -- C:\WINNT\system32\wbem\winmgmt.exe
PRC - [2003/06/19 12:05:04 | 000,068,368 | ---- | M] (Microsoft Corporation) -- C:\WINNT\system32\regsvc.exe
PRC - [2003/06/19 12:05:04 | 000,061,712 | ---- | M] (Microsoft Corporation) -- C:\WINNT\system32\stisvc.exe

========== Modules (SafeList) ==========

MOD - [2010/07/01 11:46:49 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Lynda\Desktop\OTL.exe
MOD - [2003/06/19 12:05:04 | 000,106,547 | ---- | M] (Microsoft Corporation) -- C:\WINNT\system32\msscript.ocx
MOD - [2003/06/19 12:05:04 | 000,021,776 | ---- | M] (Microsoft Corporation) -- C:\WINNT\system32\wsock32.dll
MOD - [2003/06/19 12:05:04 | 000,010,000 | ---- | M] (Microsoft Corporation) -- C:\WINNT\system32\lz32.dll
MOD - [2001/05/08 05:00:00 | 000,011,536 | ---- | M] (Microsoft Corporation) -- C:\WINNT\system32\netrap.dll

========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (Lavasoft Ad-Aware Service)
SRV - File not found [Disabled | Stopped] -- -- (Ati HotKey Poller)
SRV - [2010/04/29 15:39:34 | 000,304,464 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2009/08/27 16:26:02 | 000,075,424 | ---- | M] (FRISK Software International) [Disabled | Stopped] -- C:\Program Files\FRISK Software\F-PROT Antivirus for Windows\FPAVServer.exe -- (FPAVServer)
SRV - [2007/08/09 00:27:52 | 000,073,728 | ---- | M] (HP) [Auto | Stopped] -- C:\WINNT\system32\HPZipm12.exe -- (Pml Driver HPZ12)
SRV - [2004/09/07 08:59:06 | 000,122,128 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINNT\system32\mstask.exe -- (Schedule)
SRV - [2003/06/19 12:05:04 | 000,196,706 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINNT\system32\wbem\winmgmt.exe -- (WinMgmt)
SRV - [2003/06/19 12:05:04 | 000,147,728 | ---- | M] (VERITAS Software Corp.) [On_Demand | Stopped] -- C:\WINNT\System32\dmadmin.exe -- (dmadmin)
SRV - [2003/06/19 12:05:04 | 000,094,992 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINNT\system32\faxsvc.exe -- (Fax)
SRV - [2003/06/19 12:05:04 | 000,068,368 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINNT\system32\regsvc.exe -- (RemoteRegistry)
SRV - [2003/06/19 12:05:04 | 000,061,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINNT\system32\stisvc.exe -- (StiSvc)
SRV - [2003/06/19 12:05:04 | 000,022,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINNT\system32\utilman.exe -- (UtilMan)

========== Driver Services (SafeList) ==========

DRV - [2010/06/10 17:22:58 | 000,064,288 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\WINNT\system32\DRIVERS\Lbd.sys -- (Lbd)
DRV - [2010/04/29 15:39:24 | 000,019,288 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Running] -- C:\WINNT\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2009/08/27 16:25:54 | 000,682,840 | ---- | M] (FRISK Software International) [File_System | Boot | Running] -- C:\WINNT\system32\DRIVERS\FStopW.sys -- (FPAV_RTP)
DRV - [2009/05/27 13:25:34 | 000,021,248 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MREMP50.sys -- (MREMP50)
DRV - [2009/05/27 13:25:34 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MRESP50.sys -- (MRESP50)
DRV - [2008/08/19 23:18:12 | 000,022,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINNT\system32\drivers\usbsermpt.sys -- (usbsermpt)
DRV - [2008/02/14 13:46:30 | 000,015,172 | ---- | M] (Prassi Technology) [Kernel | Boot | Running] -- C:\WINNT\system32\Drivers\PzWDM.sys -- (PzWDM)
DRV - [2008/01/23 14:25:32 | 000,027,136 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\WINNT\system32\drivers\tapvpn.sys -- (tapvpn)
DRV - [2007/10/19 15:19:19 | 000,058,000 | ---- | M] (Roxio) [Kernel | System | Running] -- C:\WINNT\system32\drivers\cdr4_2K.sys -- (Cdr4_2K)
DRV - [2007/10/19 15:19:19 | 000,023,420 | ---- | M] (Roxio) [Kernel | System | Running] -- C:\WINNT\system32\drivers\cdralw2k.sys -- (Cdralw2k)
DRV - [2007/06/18 15:18:26 | 000,023,680 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINNT\system32\drivers\motmodem.sys -- (motmodem)
DRV - [2007/02/22 11:28:48 | 000,030,864 | ---- | M] (Licensed for Sysinfo Lab) [Kernel | Auto | Running] -- C:\Program Files\ASTRA32\astra32.sys -- (ASTRA32)
DRV - [2006/05/01 22:24:28 | 000,021,376 | R--- | M] (DAVICOM Semiconductor, Inc. ) [Kernel | On_Demand | Stopped] -- C:\WINNT\system32\drivers\dm9usb.sys -- (DM9USB)
DRV - [2004/07/09 03:58:10 | 000,015,104 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINNT\system32\drivers\mpe.sys -- (MPE)
DRV - [2004/04/13 20:20:08 | 000,015,781 | R--- | M] (Meetinghouse Data Communications) [Kernel | Auto | Running] -- C:\WINNT\system32\drivers\mdc8021x.sys -- (MDC8021X) AEGIS Protocol (IEEE 802.1x)
DRV - [2004/03/22 21:52:12 | 000,301,824 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINNT\system32\drivers\snpstd.sys -- (snpstd) USB PC Camera (SN9C102)
DRV - [2003/09/25 14:37:58 | 000,054,528 | R--- | M] (Zero-Knowledge Systems Inc.) [Kernel | On_Demand | Running] -- C:\WINNT\system32\drivers\freedom.sys -- (Freedom)
DRV - [2003/06/19 12:05:04 | 000,369,104 | ---- | M] (VERITAS Software Corp.) [Kernel | Disabled | Stopped] -- C:\WINNT\system32\drivers\dmboot.sys -- (dmboot)
DRV - [2003/06/19 12:05:04 | 000,137,936 | ---- | M] (VERITAS Software Corp.) [Kernel | Boot | Running] -- C:\WINNT\System32\drivers\dmio.sys -- (dmio)
DRV - [2003/06/19 12:05:04 | 000,091,408 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINNT\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2003/06/19 12:05:04 | 000,065,520 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINNT\system32\drivers\nwlnknb.sys -- (NwlnkNb)
DRV - [2003/06/19 12:05:04 | 000,060,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINNT\system32\drivers\parallel.sys -- (Parallel)
DRV - [2003/06/19 12:05:04 | 000,032,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINNT\system32\drivers\uhcd.sys -- (uhcd)
DRV - [2003/06/19 12:05:04 | 000,027,440 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Running] -- C:\WINNT\system32\drivers\efs.sys -- (EFS)
DRV - [2003/06/19 12:05:04 | 000,024,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINNT\system32\drivers\openhci.sys -- (openhci)
DRV - [2003/06/19 12:05:04 | 000,007,728 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINNT\system32\drivers\diskperf.sys -- (Diskperf)
DRV - [2003/06/19 12:05:04 | 000,007,312 | ---- | M] (VERITAS Software Corp.) [Kernel | Boot | Running] -- C:\WINNT\System32\drivers\dmload.sys -- (dmload)
DRV - [2003/06/19 05:05:04 | 000,049,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINNT\system32\drivers\usbhub20.sys -- (usbhub20)
DRV - [2002/07/17 09:53:02 | 000,016,877 | ---- | M] (Adaptec) [Kernel | Auto | Running] -- C:\WINNT\system32\drivers\ASPI32.SYS -- (Aspi32)
DRV - [2001/05/08 05:00:00 | 000,102,160 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINNT\system32\drivers\nbf.sys -- (Nbf)
DRV - [2001/05/08 05:00:00 | 000,058,480 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINNT\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)
DRV - [2001/05/08 05:00:00 | 000,021,712 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINNT\system32\drivers\rca.sys -- (RCA)
DRV - [2001/05/08 05:00:00 | 000,009,680 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINNT\system32\drivers\netdtect.sys -- (NetDetect)
DRV - [2000/06/29 10:36:42 | 000,260,841 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINNT\system32\drivers\ati2mtaa.sys -- (ati2mtaa)
DRV - [1999/11/06 03:11:56 | 000,044,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINNT\system32\drivers\es1371mp.sys -- (es1371) Creative AudioPCI (ES1371,ES1373) (WDM)
DRV - [1999/09/30 16:25:32 | 000,016,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINNT\system32\drivers\ne2000.sys -- (ne2000)
DRV - [1999/09/24 12:17:18 | 000,018,704 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINNT\system32\drivers\RTL8139.sys -- (rtl8139)

lynsing · 2010/07/01

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Search
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.Google.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKLM\Software\Microsoft\Internet Explorer\SearchURL\w, = http://www.Google.com/

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Google "
FF - prefs.js..browser.search.defaulturl: "http://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q= "
FF - prefs.js..browser.startup.homepage: "http://www.google.ca/ "

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/06/29 11:55:54 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/06/29 11:58:58 | 000,000,000 | ---D | M]

[2010/04/20 15:31:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lynda\Application Data\Mozilla\Extensions
[2010/06/30 10:59:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lynda\Application Data\Mozilla\Firefox\Profiles\io85391o.default\extensions
[2010/06/29 11:54:51 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Documents and Settings\Lynda\Application Data\Mozilla\Firefox\Profiles\io85391o.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2008/07/02 12:14:02 | 000,000,276 | ---- | M] () -- C:\Documents and Settings\Lynda\Application Data\Mozilla\Firefox\Profiles\io85391o.default\searchplugins\search.xml
[2010/06/25 10:19:36 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2007/07/26 16:06:34 | 000,479,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\msvcm80.dll
[2007/07/26 16:06:34 | 000,548,864 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\msvcp80.dll
[2007/07/26 16:06:34 | 000,626,688 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\msvcr80.dll

O1 HOSTS File: ([2010/07/01 06:42:28 | 000,000,027 | ---- | M]) - C:\WINNT\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (@msdxmLC.dll,-1@1033,&Radio) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx ()
O3 - HKCU\..\Toolbar\ShellBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (@msdxmLC.dll,-1@1033,&Radio) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx ()
O4 - HKLM..\Run: [eFax 4.3] C:\Program Files\eFax Messenger 4.3\J2GDllCmd.exe (j2 Global Communications, Inc.)
O4 - HKLM..\Run: [GlobeCom_Full_Client_McciTrayApp] C:\Program Files\TELUS\TELUS Support Centre\bin\McciTrayApp.exe (Motive Communications, Inc.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [MBBalloon] C:\Program Files\HOTALBUMMyBOX\MBBalloon.exe (PLANNING Co., Ltd.)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINNT\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [snpstd] C:\WINNT\vsnpstd.exe ()
O4 - HKLM..\Run: [THGuard] C:\Program Files\TrojanHunter 5.3\THGuard.exe (Mischel Internet Security)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKCU..\Run: [NBJ] C:\Program Files\Ahead\Nero BackItUp\nbj.exe (Ahead Software AG)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKCU..\RunOnce: [Shockwave Updater] C:\WINNT\System32\Adobe\SHOCKW~1\SWHELP~3.EXE -Update -1103472 -Mozilla\4.0 ( File not found
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\eFax 4.3.lnk = C:\Program Files\eFax Messenger 4.3\J2GTray.exe (j2 Global Communications, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: RestrictRun = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: RestrictRun = 0
O9 - Extra Button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll (Apple Inc.)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: @shdoclc.dll,-866 - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\Web\related.htm ()
O9 - Extra 'Tools' menuitem : @shdoclc.dll,-864 - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\Web\related.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINNT\system32\rnr20.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINNT\system32\NWPROVAU.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000029 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000030 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000031 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000032 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000033 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000034 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000035 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000036 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000037 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000038 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000039 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000040 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000041 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000042 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000043 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000044 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000045 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000046 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000047 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000048 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://www.apple.com/qtactivex/qtplugin.cab (QuickTime Object)
O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} https://oas.support.microsoft.com/ActiveX/MSDcode.cab (Microsoft Data Collection Control)
O16 - DPF: {0E8D0700-75DF-11D3-8B4A-0008C7450C4A} http://www.lizardtech.com/download/files/win/djvuplugin/en_US/DjVuControl_en_US.cab (Reg Error: Key error.)
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} http://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB (Reg Error: Key error.)
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase6087.cab (Windows Live Safety Center Base Module)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1276470283938 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1276470217753 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (RealPlayer G2 Control)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: CabBuilder http://www.imgag.com/kiw/toolbar/download/InstallerControl.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\vnd.ms.radio {3DA2AA3B-3D96-11D2-9BD2-204C4F4F5020} - C:\WINNT\system32\msdxm.ocx ()
O18 - Protocol\Filter\application/octet-stream - No CLSID value found
O18 - Protocol\Filter\application/x-complus - No CLSID value found
O18 - Protocol\Filter\application/xhtml+xml - No CLSID value found
O18 - Protocol\Filter\application/xhtml+xml; charset=iso-8859-1 - No CLSID value found
O18 - Protocol\Filter\application/xhtml+xml; charset=utf-8 - No CLSID value found
O18 - Protocol\Filter\application/x-msdownload - No CLSID value found
O18 - Protocol\Filter\Class Install Handler - No CLSID value found
O18 - Protocol\Filter\deflate - No CLSID value found
O18 - Protocol\Filter\gzip - No CLSID value found
O18 - Protocol\Filter\lzdhtml - No CLSID value found
O18 - Protocol\Filter\text/webviewhtml - No CLSID value found
O18 - Protocol\Filter\text/xml - No CLSID value found
O18 - Protocol\Filter\text/xml; charset=iso-8859-1 - No CLSID value found
O18 - Protocol\Filter\text/xml; charset=utf-8 - No CLSID value found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINNT\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\wzcnotif: DllName - wzcdlg.dll - C:\WINNT\System32\wzcdlg.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {ecc974ae-6ede-44a2-90da-93b996d8eaf8} - frizzed - Reg Error: Key error. File not found
O24 - Desktop WallPaper: C:\Documents and Settings\Lynda\My Documents\My Pictures\2009_09_12\IMG_0422.JPG
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Lynda\Application Data\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/10/06 15:55:45 | 000,000,000 | -H-- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\WINNT\System32\lsdelete.exe ()
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

lynsing · 2010/07/01

NetSvcs: Ias - C:\WINNT\system32\ias [2010/01/24 14:38:11 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Nwsapagent - File not found

Drivers32: aux - C:\WINNT\System32\mmdrv.dll (Microsoft Corporation)
Drivers32: aux1 - File not found
Drivers32: aux2 - File not found
Drivers32: aux3 - File not found
Drivers32: aux4 - File not found
Drivers32: aux5 - File not found
Drivers32: aux6 - File not found
Drivers32: aux7 - File not found
Drivers32: aux8 - File not found
Drivers32: aux9 - File not found
Drivers32: midi - C:\WINNT\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: midi1 - File not found
Drivers32: midi2 - File not found
Drivers32: midi3 - File not found
Drivers32: midi4 - File not found
Drivers32: midi5 - File not found
Drivers32: midi6 - File not found
Drivers32: midi7 - File not found
Drivers32: midi8 - File not found
Drivers32: midi9 - File not found
Drivers32: midimapper - C:\WINNT\System32\midimap.dll (Microsoft Corporation)
Drivers32: mixer - C:\WINNT\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: mixer1 - File not found
Drivers32: mixer2 - File not found
Drivers32: mixer3 - File not found
Drivers32: mixer4 - File not found
Drivers32: mixer5 - File not found
Drivers32: mixer6 - File not found
Drivers32: mixer7 - File not found
Drivers32: mixer8 - File not found
Drivers32: mixer9 - File not found
Drivers32: msacm.iac2 - C:\WINNT\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.imaadpcm - C:\WINNT\System32\imaadp32.acm (Microsoft Corporation)
Drivers32: msacm.l3acm - C:\WINNT\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lhacm - C:\WINNT\System32\lhacm.acm (Microsoft Corporation)
Drivers32: msacm.msadpcm - C:\WINNT\System32\msadp32.acm (Microsoft Corporation)
Drivers32: msacm.msaudio1 - C:\WINNT\System32\msaud32.acm (Microsoft Corporation)
Drivers32: msacm.msg711 - C:\WINNT\System32\msg711.acm (Microsoft Corporation)
Drivers32: msacm.msg723 - C:\WINNT\System32\msg723.acm (Microsoft Corporation)
Drivers32: msacm.msgsm610 - C:\WINNT\System32\msgsm32.acm (Microsoft Corporation)
Drivers32: msacm.sl_anet - C:\WINNT\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINNT\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: msacm.voxacm160 - C:\WINNT\System32\vct3216.acm (Voxware, Inc.)
Drivers32: MSVideo8 - C:\WINNT\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINNT\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.I420 - C:\WINNT\System32\msh263.drv (Microsoft Corporation)
Drivers32: vidc.iv31 - C:\WINNT\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINNT\System32\ir32_32.dll ()
Drivers32: vidc.iv50 - C:\WINNT\System32\ir50_32.dll (Intel Corporation)
Drivers32: VIDC.IYUV - C:\WINNT\System32\iyuv_32.dll (Intel(R) Corporation)
Drivers32: vidc.M261 - C:\WINNT\System32\msh261.drv (Microsoft Corporation)
Drivers32: vidc.M263 - C:\WINNT\System32\msh263.drv (Microsoft Corporation)
Drivers32: vidc.mrle - C:\WINNT\System32\msrle32.dll (Microsoft Corporation)
Drivers32: vidc.msvc - C:\WINNT\System32\msvidc32.dll (Microsoft Corporation)
Drivers32: VIDC.UYVY - C:\WINNT\System32\msyuv.dll (Microsoft Corporation)
Drivers32: VIDC.WMV3 - C:\WINNT\System32\wmv9vcm.dll (Microsoft Corporation)
Drivers32: vidc.XVID - C:\WINNT\System32\xvidvfw.dll ()
Drivers32: VIDC.YUY2 - C:\WINNT\System32\msyuv.dll (Microsoft Corporation)
Drivers32: VIDC.YVU9 - C:\WINNT\System32\tsbyuv.dll (Toshiba Corporation)
Drivers32: VIDC.YVYU - C:\WINNT\System32\msyuv.dll (Microsoft Corporation)
Drivers32: wave - C:\WINNT\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: wave1 - File not found
Drivers32: wave2 - File not found
Drivers32: wave3 - File not found
Drivers32: wave4 - File not found
Drivers32: wave5 - File not found
Drivers32: wave6 - File not found
Drivers32: wave7 - File not found
Drivers32: wave8 - File not found
Drivers32: wave9 - File not found
Drivers32: wavemapper - C:\WINNT\System32\msacm32.drv (Microsoft Corporation)
Drivers32: wdmaud.drv - C:\WINNT\System32\wdmaud.drv (Microsoft Corporation)
SystemRestore not available.

========== Files/Folders - Created Within 90 Days ==========

[2010/07/01 11:46:51 | 000,574,464 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Lynda\Desktop\OTL.exe
[2010/07/01 11:37:39 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010/07/01 11:36:37 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010/07/01 11:36:00 | 000,000,000 | ---D | C] -- C:\32788R22FWJFW
[2010/07/01 06:37:04 | 000,000,000 | ---D | C] -- C:\WINNT\temp
[2010/06/30 17:40:47 | 001,015,120 | ---- | C] (Kaspersky Lab) -- C:\Documents and Settings\Lynda\Desktop\TDSSKiller.exe
[2010/06/28 20:55:12 | 000,000,000 | ---D | C] -- C:\WINNT\ERDNT
[2010/06/27 22:32:30 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINNT\System32\drivers\mbamswissarmy.sys
[2010/06/27 22:32:20 | 000,019,288 | ---- | C] (Malwarebytes Corporation) -- C:\WINNT\System32\drivers\mbam.sys
[2010/06/27 16:11:14 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/06/27 15:57:02 | 006,153,352 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Lynda\Desktop\mbam-setup-1.46.exe
[2010/06/27 12:39:00 | 000,040,960 | ---- | C] (SLCOCHRAN) -- C:\Documents and Settings\Lynda\Desktop\WMUtil.exe
[2010/06/27 10:25:56 | 000,000,000 | -H-D | C] -- C:\WINNT\PIF
[2010/06/27 09:09:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lynda\Desktop\temp msoe
[2010/06/26 21:44:21 | 000,000,000 | ---D | C] -- C:\rei
[2010/06/26 21:44:11 | 000,000,000 | ---D | C] -- C:\Program Files\Reimage
[2010/06/26 19:32:48 | 000,017,168 | ---- | C] (US Robotics MCD (Megahertz)) -- C:\WINNT\System32\dllcache\xem336n5.sys
[2010/06/26 19:32:47 | 000,024,848 | ---- | C] (Lucent Technologies) -- C:\WINNT\System32\dllcache\wvlan48.sys
[2010/06/26 19:32:39 | 000,035,088 | ---- | C] (Raytheon Corp.) -- C:\WINNT\System32\dllcache\wlandrv2.sys
[2010/06/26 19:32:30 | 000,088,576 | ---- | C] (Comtrol® Corporation) -- C:\WINNT\System32\dllcache\wcom32.exe
[2010/06/26 19:32:26 | 000,007,440 | ---- | C] (Eastman Software, Inc., A Kodak Business) -- C:\WINNT\System32\dllcache\wangimg.exe
[2010/06/26 19:32:23 | 000,018,704 | ---- | C] (Winbond Electronics Corporation) -- C:\WINNT\System32\dllcache\w940nd.sys
[2010/06/26 19:32:23 | 000,017,264 | ---- | C] (Winbond Electronics Corporation) -- C:\WINNT\System32\dllcache\w926nd.sys
[2010/06/26 19:32:20 | 000,253,200 | ---- | C] (Comtrol® Corporation) -- C:\WINNT\System32\dllcache\vssetup.dll
[2010/06/26 19:32:20 | 000,053,008 | ---- | C] (3Dfx Interactive, Inc.) -- C:\WINNT\System32\dllcache\voodoo3.sys
[2010/06/26 19:32:19 | 000,333,168 | ---- | C] (3Dfx Interactive, Inc.) -- C:\WINNT\System32\dllcache\voodoo3.dll
[2010/06/26 19:32:02 | 000,154,384 | ---- | C] (Trident Microsystems Inc.) -- C:\WINNT\System32\dllcache\tridkbm.sys
[2010/06/26 19:32:01 | 000,523,408 | ---- | C] (Trident Microsystems Inc.) -- C:\WINNT\System32\dllcache\tridkb.dll
[2010/06/26 19:32:01 | 000,277,520 | ---- | C] (Trident Microsystems Inc.) -- C:\WINNT\System32\dllcache\trid3d.dll
[2010/06/26 19:32:01 | 000,191,888 | ---- | C] (Trident Microsystems Inc.) -- C:\WINNT\System32\dllcache\trid3dm.sys
[2010/06/26 19:32:00 | 000,028,672 | ---- | C] (IBM) -- C:\WINNT\System32\dllcache\tp4res.dll
[2010/06/26 19:31:59 | 000,086,288 | ---- | C] (IBM) -- C:\WINNT\System32\dllcache\tp4mon.exe
[2010/06/26 19:31:59 | 000,035,088 | ---- | C] (IBM) -- C:\WINNT\System32\dllcache\tp4.dll
[2010/06/26 19:31:55 | 000,123,856 | ---- | C] (Tiger Jet Network) -- C:\WINNT\System32\dllcache\tjisdn.sys
[2010/06/26 19:31:54 | 000,141,136 | ---- | C] (Trident Microsystems Inc.) -- C:\WINNT\System32\dllcache\tgiulnt5.sys
[2010/06/26 19:31:54 | 000,079,024 | ---- | C] (Trident Microsystems Inc.) -- C:\WINNT\System32\dllcache\tgiul50.dll
[2010/06/26 19:31:53 | 000,072,784 | ---- | C] (M-Systems) -- C:\WINNT\System32\dllcache\tffsport.sys
[2010/06/26 19:31:50 | 000,010,800 | ---- | C] (Thomas-Conrad Corporation) -- C:\WINNT\System32\dllcache\tcarc.sys
[2010/06/26 19:31:48 | 000,037,104 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINNT\System32\dllcache\t2r4mini.sys
[2010/06/26 19:31:47 | 000,251,312 | ---- | C] (Number Nine Visual Technology) -- C:\WINNT\System32\dllcache\t2r4disp.dll
[2010/06/26 19:31:42 | 000,021,136 | ---- | C] (Symbios Inc.) -- C:\WINNT\System32\dllcache\sym_hi.sys
[2010/06/26 19:31:41 | 000,097,936 | ---- | C] (Specialix International Ltd. ) -- C:\WINNT\System32\dllcache\sx.sys
[2010/06/26 19:31:30 | 000,019,376 | ---- | C] (Adaptec, Inc.) -- C:\WINNT\System32\dllcache\sparrow.sys
[2010/06/26 19:31:13 | 000,036,112 | ---- | C] (SMC) -- C:\WINNT\System32\dllcache\smcirda.sys
[2010/06/26 19:31:13 | 000,023,824 | ---- | C] (Standard Microsystems Corporation) -- C:\WINNT\System32\dllcache\smc8000n.sys
[2010/06/26 19:31:13 | 000,021,008 | ---- | C] (SMC Networks, Inc.) -- C:\WINNT\System32\dllcache\smcpwr2n.sys
[2010/06/26 19:31:11 | 000,052,736 | ---- | C] (Symbol Technologies) -- C:\WINNT\System32\dllcache\slant.sys
[2010/06/26 19:31:11 | 000,019,728 | ---- | C] (MicroGate Corporation) -- C:\WINNT\System32\dllcache\slpp.dll
[2010/06/26 19:31:10 | 000,091,920 | ---- | C] (SysKonnect, a business unit of Schneider & Koch & Co. Datensysteme GmbH.) -- C:\WINNT\System32\dllcache\sk98win.sys
[2010/06/26 19:31:04 | 000,493,424 | ---- | C] (Trident Microsystems Inc.) -- C:\WINNT\System32\dllcache\sgiul50.dll
[2010/06/26 19:31:04 | 000,097,808 | ---- | C] (Trident Microsystems Inc.) -- C:\WINNT\System32\dllcache\sgiulnt5.sys
[2010/06/26 19:31:04 | 000,006,992 | ---- | C] (SGI) -- C:\WINNT\System32\dllcache\sglfb.sys
[2010/06/26 19:30:46 | 000,246,256 | ---- | C] (S3 Incorporated) -- C:\WINNT\System32\dllcache\s3sav4.dll
[2010/06/26 19:30:46 | 000,065,072 | ---- | C] (S3 Incorporated) -- C:\WINNT\System32\dllcache\s3sav4m.sys
[2010/06/26 19:30:46 | 000,016,048 | ---- | C] (DigitalScape) -- C:\WINNT\System32\dllcache\s53c885.sys
[2010/06/26 19:30:45 | 000,304,688 | ---- | C] (S3 Incorporated) -- C:\WINNT\System32\dllcache\s3mvirge.dll
[2010/06/26 19:30:45 | 000,213,776 | ---- | C] (S3 Incorporated) -- C:\WINNT\System32\dllcache\s3sav3d.dll
[2010/06/26 19:30:45 | 000,062,960 | ---- | C] (S3 Incorporated) -- C:\WINNT\System32\dllcache\s3sav3dm.sys
[2010/06/26 19:30:44 | 000,293,456 | ---- | C] (S3 Incorporated) -- C:\WINNT\System32\dllcache\s3mt3d.dll
[2010/06/26 19:30:44 | 000,168,112 | ---- | C] (S3 Incorporated) -- C:\WINNT\System32\dllcache\s3m.sys
[2010/06/26 19:30:44 | 000,061,968 | ---- | C] (S3 Incorporated) -- C:\WINNT\System32\dllcache\s3mtrio.dll
[2010/06/26 19:30:44 | 000,041,008 | ---- | C] (S3 Incorporated) -- C:\WINNT\System32\dllcache\s3mt3d.sys
[2010/06/26 19:30:38 | 000,071,216 | ---- | C] (Comtrol Corporation) -- C:\WINNT\System32\dllcache\rocket.sys
[2010/06/26 19:30:37 | 000,037,808 | ---- | C] (RadioLAN) -- C:\WINNT\System32\dllcache\rlnet5.sys
[2010/06/26 19:30:37 | 000,036,480 | ---- | C] (RNS, a division of Meret Communications, Inc.) -- C:\WINNT\System32\dllcache\rnsfnet.sys
[2010/06/26 19:30:13 | 000,149,264 | ---- | C] (Comtrol® Corporation) -- C:\WINNT\System32\dllcache\portmon.exe
[2010/06/26 19:30:05 | 000,077,072 | ---- | C] (PHILIPS ) -- C:\WINNT\System32\dllcache\philcam1.sys
[2010/06/26 19:30:05 | 000,040,720 | ---- | C] ( ) -- C:\WINNT\System32\dllcache\philcam1.dll
[2010/06/26 19:30:03 | 000,108,304 | ---- | C] (Comtrol® Corporation) -- C:\WINNT\System32\dllcache\peer.exe
[2010/06/26 19:30:03 | 000,035,088 | ---- | C] (Aironet Wireless Communications Inc.) -- C:\WINNT\System32\dllcache\pcx500.sys
[2010/06/26 19:30:01 | 000,024,016 | ---- | C] (Linksys) -- C:\WINNT\System32\dllcache\pc100nds.sys
[2010/06/26 19:29:47 | 000,175,376 | ---- | C] (Olicom A/S ) -- C:\WINNT\System32\dllcache\oct3xnd5.sys
[2010/06/26 19:29:47 | 000,065,808 | ---- | C] (Olicom A/S ) -- C:\WINNT\System32\dllcache\oct4pnd5.sys
[2010/06/26 19:29:47 | 000,057,936 | ---- | C] (Olicom A/S ) -- C:\WINNT\System32\dllcache\oce5xnd5.sys
[2010/06/26 19:29:46 | 000,035,600 | ---- | C] (Olicom A/S ) -- C:\WINNT\System32\dllcache\oce2xnd5.sys
[2010/06/26 19:29:46 | 000,031,984 | ---- | C] (Olicom A/S ) -- C:\WINNT\System32\dllcache\oce4xnd5.sys
[2010/06/26 19:29:46 | 000,023,824 | ---- | C] (Olicom A/S ) -- C:\WINNT\System32\dllcache\oce3xnd5.sys
[2010/06/26 19:29:45 | 000,041,648 | ---- | C] (Olicom A/S ) -- C:\WINNT\System32\dllcache\oca2pnd5.sys
[2010/06/26 19:29:45 | 000,038,960 | ---- | C] (Olicom A/S ) -- C:\WINNT\System32\dllcache\oca1pnd5.sys
[2010/06/26 19:29:17 | 000,026,832 | ---- | C] (Compaq Computer Corp.) -- C:\WINNT\System32\dllcache\netflx.sys
[2010/06/26 19:29:15 | 000,039,888 | ---- | C] (NeoMagic Corporation) -- C:\WINNT\System32\dllcache\neo20xx.sys
[2010/06/26 19:29:14 | 000,060,944 | ---- | C] (NeoMagic Corporation) -- C:\WINNT\System32\dllcache\neo20xx.dll
[2010/06/26 19:29:12 | 000,128,240 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINNT\System32\dllcache\n9i3disp.dll
[2010/06/26 19:29:11 | 000,100,592 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINNT\System32\dllcache\n9i128v2.dll
[2010/06/26 19:29:11 | 000,033,392 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINNT\System32\dllcache\n9i128v2.sys
[2010/06/26 19:29:11 | 000,028,240 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINNT\System32\dllcache\n9i3d.sys
[2010/06/26 19:29:10 | 000,035,760 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINNT\System32\dllcache\n9i128.dll
[2010/06/26 19:29:10 | 000,013,936 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINNT\System32\dllcache\n9i128.sys
[2010/06/26 19:29:08 | 000,020,112 | ---- | C] (Macronix International Co., Ltd. ) -- C:\WINNT\System32\dllcache\mxnic.sys
[2010/06/26 19:28:19 | 000,009,488 | ---- | C] (American MegaTrends Inc.) -- C:\WINNT\System32\dllcache\mraid35x.sys
[2010/06/26 19:28:05 | 000,008,976 | ---- | C] (MicroGate Corporation) -- C:\WINNT\System32\dllcache\mgwantr5.sys
[2010/06/26 19:28:04 | 000,091,408 | ---- | C] (MicroGate Corp) -- C:\WINNT\System32\dllcache\mgwan.exe
[2010/06/26 19:28:04 | 000,067,504 | ---- | C] (MicroGate Corporation) -- C:\WINNT\System32\dllcache\mgwan5.sys
[2010/06/26 19:28:04 | 000,041,984 | ---- | C] (MicroGate Corporation) -- C:\WINNT\System32\dllcache\mgwanpp.dll
[2010/06/26 19:28:03 | 000,063,760 | ---- | C] (MicroGate Corporation) -- C:\WINNT\System32\dllcache\mgfrpp.dll
[2010/06/26 19:28:03 | 000,040,944 | ---- | C] (MicroGate Corporation) -- C:\WINNT\System32\dllcache\mgsl5.sys
[2010/06/26 19:28:03 | 000,033,840 | ---- | C] (MicroGate Corporation) -- C:\WINNT\System32\dllcache\mgsync5.sys
[2010/06/26 19:28:03 | 000,021,264 | ---- | C] (MicroGate Corporation) -- C:\WINNT\System32\dllcache\mgslpp.dll
[2010/06/26 19:28:03 | 000,010,000 | ---- | C] (MicroGate Corporation) -- C:\WINNT\System32\dllcache\mgfrtrc5.sys
[2010/06/26 19:28:02 | 000,097,040 | ---- | C] (MicroGate Corporation) -- C:\WINNT\System32\dllcache\mgfrmon.exe
[2010/06/26 19:28:02 | 000,053,232 | ---- | C] (MicroGate Corporation) -- C:\WINNT\System32\dllcache\mgfr5.sys
[2010/06/26 19:27:55 | 000,150,992 | ---- | C] (Madge Networks Ltd) -- C:\WINNT\System32\dllcache\mdgndis5.sys
[2010/06/26 19:27:50 | 000,410,832 | ---- | C] (LT) -- C:\WINNT\System32\dllcache\ltmdmntt.sys
[2010/06/26 19:27:49 | 000,543,056 | ---- | C] (LT) -- C:\WINNT\System32\dllcache\ltmdmntl.sys
[2010/06/26 19:27:49 | 000,408,016 | ---- | C] (LT) -- C:\WINNT\System32\dllcache\ltmdmntc.sys
[2010/06/26 19:27:48 | 000,413,712 | ---- | C] (LT) -- C:\WINNT\System32\dllcache\ltmdmnt.sys
[2010/06/26 19:27:48 | 000,055,120 | ---- | C] (Logitech) -- C:\WINNT\System32\dllcache\lsermous.sys
[2010/06/26 19:27:46 | 000,033,328 | ---- | C] (Emulex Corporation) -- C:\WINNT\System32\dllcache\lp6nds35.sys
[2010/06/26 19:27:43 | 000,030,992 | ---- | C] (Linksys Group, Inc.) -- C:\WINNT\System32\dllcache\lne100tx.sys
[2010/06/26 19:27:39 | 000,025,360 | ---- | C] (Legend Technology Limited) -- C:\WINNT\System32\dllcache\le56n5.sys
[2010/06/26 19:27:38 | 000,026,640 | ---- | C] (SMSC) -- C:\WINNT\System32\dllcache\lanepic5.sys
[2010/06/26 19:27:15 | 000,046,160 | ---- | C] (Interphase (R) Corporation a Windows (R) 2000 DDK driver provider) -- C:\WINNT\System32\dllcache\ip5515.sys
[2010/06/26 19:27:15 | 000,036,592 | ---- | C] (Specialix International Ltd. ) -- C:\WINNT\System32\dllcache\io8.sys
[2010/06/26 19:26:54 | 000,019,216 | ---- | C] (IBM) -- C:\WINNT\System32\dllcache\ibmeimp.sys
[2010/06/26 19:26:36 | 000,027,408 | ---- | C] (Generic) -- C:\WINNT\System32\dllcache\genan5.sys
[2010/06/26 19:26:36 | 000,025,360 | ---- | C] (Generic) -- C:\WINNT\System32\dllcache\genbn5.sys
[2010/06/26 19:26:34 | 000,404,528 | ---- | C] (AVM Berlin) -- C:\WINNT\System32\dllcache\fxusbase.sys
[2010/06/26 19:26:32 | 000,404,912 | ---- | C] (AVM Berlin) -- C:\WINNT\System32\dllcache\fusbbase.sys
[2010/06/26 19:26:28 | 000,387,248 | ---- | C] (AVM Berlin) -- C:\WINNT\System32\dllcache\fpnpbase.sys
[2010/06/26 19:26:24 | 000,388,272 | ---- | C] (AVM Berlin) -- C:\WINNT\System32\dllcache\fpcmbase.sys
[2010/06/26 19:26:23 | 000,387,440 | ---- | C] (AVM Berlin) -- C:\WINNT\System32\dllcache\fpcibase.sys
[2010/06/26 19:26:14 | 000,076,912 | ---- | C] (Mylex,Corp.) -- C:\WINNT\System32\dllcache\flashpnt.sys
[2010/06/26 19:26:11 | 000,161,040 | ---- | C] (Fujitsu Computer Product of America) -- C:\WINNT\System32\dllcache\fcpatwc.dll
[2010/06/26 19:26:09 | 000,387,536 | ---- | C] (AVM Berlin) -- C:\WINNT\System32\dllcache\fbase.sys
[2010/06/26 19:26:06 | 000,012,048 | ---- | C] (FUJITSU LIMITED) -- C:\WINNT\System32\dllcache\f3ab18xi.sys
[2010/06/26 19:26:06 | 000,011,536 | ---- | C] (FUJITSU LIMITED) -- C:\WINNT\System32\dllcache\f3ab18xj.sys
[2010/06/26 19:26:01 | 000,013,584 | ---- | C] (KTI Networks Inc.) -- C:\WINNT\System32\dllcache\et32nt.sys
[2010/06/26 19:26:00 | 000,227,120 | ---- | C] (ESS Technology Inc.) -- C:\WINNT\System32\dllcache\es56pci.sys
[2010/06/26 19:25:58 | 000,051,152 | ---- | C] (Efficient Networks, Inc.) -- C:\WINNT\System32\dllcache\eni25p.sys
[2010/06/26 19:25:57 | 000,027,408 | ---- | C] (Accton Technology Corporation) -- C:\WINNT\System32\dllcache\en22265.sys
[2010/06/26 19:25:51 | 000,133,200 | ---- | C] (Eicon Technology Corporation) -- C:\WINNT\System32\dllcache\ecndis.sys
[2010/06/26 19:25:51 | 000,070,784 | ---- | C] (Eicon Technology Corporation) -- C:\WINNT\System32\dllcache\ecwani.sys
[2010/06/26 19:25:51 | 000,070,784 | ---- | C] (Eicon Technology Corporation) -- C:\WINNT\System32\dllcache\ecwan.sys
[2010/06/26 19:25:32 | 000,250,640 | ---- | C] (Eicon Technology) -- C:\WINNT\System32\dllcache\ditrace.exe
[2010/06/26 19:25:21 | 000,029,232 | ---- | C] (Digital Equipment Corporation.) -- C:\WINNT\System32\dllcache\defea.sys
[2010/06/26 19:25:21 | 000,021,360 | ---- | C] (Digital Equipment Corporation) -- C:\WINNT\System32\dllcache\defpa.sys
[2010/06/26 19:25:13 | 000,248,080 | ---- | C] (Comtrol® Corporation) -- C:\WINNT\System32\dllcache\ctmasetp.dll
[2010/06/26 19:25:13 | 000,012,560 | ---- | C] (Comtrol® Corporation) -- C:\WINNT\System32\dllcache\ctmvclas.dll
[2010/06/26 19:25:13 | 000,012,560 | ---- | C] (Comtrol® Corporation) -- C:\WINNT\System32\dllcache\ctmrclas.dll
[2010/06/26 19:25:12 | 000,093,456 | ---- | C] (Chips And Technologies, Inc.) -- C:\WINNT\System32\dllcache\ctlegacy.dll
[2010/06/26 19:25:12 | 000,028,848 | ---- | C] (Chips and Technologies, Inc.) -- C:\WINNT\System32\dllcache\ctlegacy.sys
[2010/06/26 19:25:08 | 000,107,376 | ---- | C] (Compaq Computer Corp.) -- C:\WINNT\System32\dllcache\cpqtrnd4.sys
[2010/06/26 19:25:08 | 000,061,072 | ---- | C] (Compaq Computers Inc) -- C:\WINNT\System32\dllcache\cpqtrnd5.sys
[2010/06/26 19:24:39 | 000,027,408 | ---- | C] (Xircom, Inc.) -- C:\WINNT\System32\dllcache\ce3n5.sys
[2010/06/26 19:24:39 | 000,025,360 | ---- | C] (Xircom, Inc.) -- C:\WINNT\System32\dllcache\cem56n5.sys
[2010/06/26 19:24:39 | 000,022,288 | ---- | C] (Xircom, Inc.) -- C:\WINNT\System32\dllcache\cem33n5.sys
[2010/06/26 19:24:39 | 000,022,288 | ---- | C] (Xircom, Inc.) -- C:\WINNT\System32\dllcache\cem28n5.sys
[2010/06/26 19:24:38 | 000,021,776 | ---- | C] (Xircom, Inc.) -- C:\WINNT\System32\dllcache\ce2n5.sys
[2010/06/26 19:24:35 | 000,040,208 | ---- | C] (Xircom, Inc.) -- C:\WINNT\System32\dllcache\cben5.sys
[2010/06/26 19:24:29 | 000,038,928 | ---- | C] (3Dfx Interactive, Inc.) -- C:\WINNT\System32\dllcache\banshee.sys
[2010/06/26 19:24:28 | 000,257,264 | ---- | C] (3Dfx Interactive, Inc.) -- C:\WINNT\System32\dllcache\banshee.dll
[2010/06/26 19:24:28 | 000,063,088 | ---- | C] (AVM Berlin) -- C:\WINNT\System32\dllcache\b1cbase.sys
[2010/06/26 19:24:26 | 000,062,224 | ---- | C] (AVM Berlin) -- C:\WINNT\System32\dllcache\avmcoins.dll
[2010/06/26 19:24:26 | 000,029,968 | ---- | C] (AVM Berlin) -- C:\WINNT\System32\dllcache\avmwan.sys
[2010/06/26 19:24:17 | 000,077,648 | ---- | C] (ATI Technologies, Inc.) -- C:\WINNT\System32\dllcache\ati.sys
[2010/06/26 19:24:15 | 000,097,552 | ---- | C] (Bay Networks, Inc.) -- C:\WINNT\System32\dllcache\aspndis3.sys
[2010/06/26 19:24:10 | 000,022,064 | ---- | C] (AMD Corporation) -- C:\WINNT\System32\dllcache\amd751.sys
[2010/06/26 19:24:09 | 000,055,056 | ---- | C] (AmbiCom, Inc.) -- C:\WINNT\System32\dllcache\ambcbl.sys
[2010/06/26 19:24:08 | 000,597,776 | ---- | C] (Alteon WebSystems Inc.) -- C:\WINNT\System32\dllcache\altnd5.sys
[2010/06/26 19:24:07 | 000,041,744 | ---- | C] (Acer Labs Inc) -- C:\WINNT\System32\dllcache\alifir.sys
[2010/06/26 19:24:06 | 000,095,536 | ---- | C] (Adaptec, Inc.) -- C:\WINNT\System32\dllcache\aic116x.sys
[2010/06/26 19:23:58 | 000,036,368 | ---- | C] (Adaptec, Inc ) -- C:\WINNT\System32\dllcache\adptsf50.sys
[2010/06/26 19:23:48 | 000,387,536 | ---- | C] (AVM Berlin) -- C:\WINNT\System32\dllcache\a1base.sys
[2010/06/26 19:23:46 | 000,019,728 | ---- | C] (Winbond Electronics Corporation) -- C:\WINNT\System32\dllcache\w840nd.sys
[2010/06/26 19:23:42 | 000,176,400 | ---- | C] (Stallion Technologies) -- C:\WINNT\System32\dllcache\stlnprop.dll
[2010/06/26 19:23:41 | 000,280,912 | ---- | C] (Stallion Technologies) -- C:\WINNT\System32\dllcache\stlnata.sys
[2010/06/22 09:06:41 | 000,000,000 | ---D | C] -- C:\Program Files\Resource Kit
[2010/06/21 13:01:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\MGS
[2010/06/21 12:18:10 | 000,000,000 | ---D | C] -- C:\Microgaming
[2010/06/20 13:09:32 | 000,000,000 | ---D | C] -- C:\2ee63a6d2f15f2bc6933a6663abb32d1
[2010/06/20 12:07:00 | 000,000,000 | ---D | C] -- C:\602119c08bc7fc2f3510a95ca86
[2010/06/19 12:37:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lynda\Local Settings\Application Data\Apple Computer
[2010/06/19 12:37:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lynda\Application Data\Apple Computer
[2010/06/19 12:33:21 | 000,000,000 | ---D | C] -- C:\Program Files\Safari
[2010/06/19 12:28:04 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2010/06/19 12:26:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lynda\Local Settings\Application Data\Apple
[2010/06/19 12:25:42 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
[2010/06/19 12:25:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Apple
[2010/06/18 13:05:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lynda\Application Data\Motive
[2010/06/18 12:50:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Motive
[2010/06/18 12:48:21 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Motive
[2010/06/18 12:34:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lynda\Application Data\TELUS
[2010/06/17 16:21:39 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2010/06/17 14:04:53 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Command Software
[2010/06/17 14:04:35 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PestPatrol
[2010/06/17 14:04:33 | 000,000,000 | ---D | C] -- C:\Program Files\TELUS
[2010/06/17 13:51:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TELUS
[2010/06/17 13:19:41 | 000,000,000 | ---D | C] -- C:\1a2687b8e65ac33ffdb2d3d0865a2b64
[2010/06/16 10:17:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lynda\Desktop\Copy of directx
[2010/06/16 10:17:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lynda\Desktop\directx
[2010/06/16 10:02:42 | 000,771,824 | ---- | C] (Rockwell) -- C:\WINNT\System32\dllcache\winacisa.sys
[2010/06/16 10:02:28 | 000,420,624 | ---- | C] (Specialix International Ltd.) -- C:\WINNT\System32\dllcache\spxports.dll
[2010/06/16 10:02:27 | 000,104,656 | ---- | C] (SysKonnect, a business unit of Schneider & Koch & Co. Datensysteme GmbH.) -- C:\WINNT\System32\dllcache\skfpwin.sys
[2010/06/16 09:59:50 | 000,013,680 | ---- | C] (Rainbow Technologies Inc.) -- C:\WINNT\System32\dllcache\rnbo3531.sys
[2010/06/16 09:59:29 | 000,043,792 | ---- | C] (Ositech Communications, Inc.) -- C:\WINNT\System32\dllcache\otceth5.sys
[2010/06/16 09:59:29 | 000,030,064 | ---- | C] (FORE Systems, Inc.) -- C:\WINNT\System32\dllcache\pca200e.sys
[2010/06/16 09:59:28 | 000,030,992 | ---- | C] (NETGEAR Corporation.) -- C:\WINNT\System32\dllcache\ngrpci.sys
[2010/06/16 09:54:54 | 000,019,408 | ---- | C] (Logitech, Inc.) -- C:\WINNT\System32\dllcache\lwusbhid.sys
[2010/06/16 09:54:54 | 000,018,576 | ---- | C] (Logitech, Inc.) -- C:\WINNT\System32\dllcache\lwadihid.sys
[2010/06/16 09:54:52 | 000,015,952 | ---- | C] (Litronic Industries) -- C:\WINNT\System32\dllcache\lit220p.sys
[2010/06/16 09:54:51 | 000,035,856 | ---- | C] (Level One Communications) -- C:\WINNT\System32\dllcache\jt1nd5.sys
[2010/06/16 09:54:40 | 000,038,464 | ---- | C] (Eicon Technology Corporation) -- C:\WINNT\System32\dllcache\ecnb.sys
[2010/06/16 09:54:40 | 000,032,528 | ---- | C] (FORE Systems, Inc.) -- C:\WINNT\System32\dllcache\forehe.sys
[2010/06/16 09:54:40 | 000,017,856 | ---- | C] (Eicon Technology Corporation) -- C:\WINNT\System32\dllcache\ecwandd.sys
[2010/06/16 09:54:39 | 000,033,792 | ---- | C] (Eicon Technology Corporation) -- C:\WINNT\System32\dllcache\ecpagex.dll
[2010/06/16 09:54:39 | 000,023,664 | ---- | C] (Eicon Technology Corporation) -- C:\WINNT\System32\dllcache\eclandd.sys
[2010/06/16 09:54:38 | 000,100,432 | ---- | C] (Eicon Technology Corporation) -- C:\WINNT\System32\dllcache\eccommdd.sys
[2010/06/16 09:54:38 | 000,021,680 | ---- | C] (Eicon Technology Corporation) -- C:\WINNT\System32\dllcache\ecpinst.dll
[2010/06/16 09:54:38 | 000,008,960 | ---- | C] (Eicon Technology Corporation) -- C:\WINNT\System32\dllcache\ecsnadd.sys
[2010/06/16 09:54:38 | 000,007,648 | ---- | C] (Eicon Technology Corporation) -- C:\WINNT\System32\dllcache\ecvbus.sys
[2010/06/16 09:54:38 | 000,007,648 | ---- | C] (Eicon Technology Corporation) -- C:\WINNT\System32\dllcache\ecdtrace.sys
[2010/06/16 09:54:32 | 000,023,216 | ---- | C] (D-Link Corporation) -- C:\WINNT\System32\dllcache\dlh5xnd5.sys
[2010/06/16 09:54:23 | 000,039,680 | ---- | C] (Silicom Ltd.) -- C:\WINNT\System32\dllcache\cb325.sys
[2010/06/16 09:54:23 | 000,031,888 | ---- | C] (BreezeCOM) -- C:\WINNT\System32\dllcache\brzwlan.sys
[2010/06/16 09:54:22 | 000,017,168 | ---- | C] (AmbiCom, Inc.) -- C:\WINNT\System32\dllcache\amb8002.sys
[2010/06/16 09:53:35 | 000,801,072 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINNT\System32\dllcache\3cpciadi.sys
[2010/06/16 09:53:34 | 000,792,176 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINNT\System32\dllcache\3cisaadi.sys
[2010/06/16 09:53:34 | 000,774,928 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINNT\System32\dllcache\3cisati.sys
[2010/06/16 09:53:33 | 000,763,024 | ---- | C] (3Com, Inc.) -- C:\WINNT\System32\dllcache\3cwmcru.sys
[2010/06/15 11:51:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TrojanHunter
[2010/06/15 11:50:54 | 000,000,000 | ---D | C] -- C:\Program Files\TrojanHunter 5.3
[2010/06/14 17:37:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lynda\Application Data\Malwarebytes
[2010/06/14 17:37:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/06/14 16:45:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lynda\Application Data\Yahoo!
[2010/06/14 16:44:35 | 000,000,000 | ---D | C] -- C:\Program Files\Yahoo!
[2010/06/14 16:44:13 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2010/06/13 17:29:16 | 000,000,000 | ---D | C] -- C:\WINNT\Local Settings
[2010/06/13 12:45:53 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live Safety Center
[2010/06/12 10:14:14 | 000,000,000 | ---D | C] -- C:\WINNT\E58B329BFB28487490DE0D7CB2709267.TMP
[2010/06/12 09:56:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lynda\Application Data\FRISK Software
[2010/06/12 09:20:39 | 000,682,840 | ---- | C] (FRISK Software International) -- C:\WINNT\System32\drivers\FStopW.sys
[2010/06/12 09:19:54 | 000,000,000 | ---D | C] -- C:\Program Files\FRISK Software
[2010/06/10 17:26:56 | 000,064,288 | ---- | C] (Lavasoft AB) -- C:\WINNT\System32\drivers\Lbd.sys
[2010/06/10 17:26:03 | 000,095,024 | ---- | C] (Sunbelt Software) -- C:\WINNT\System32\drivers\SBREDrv.sys
[2010/06/10 17:11:19 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}
[2010/06/02 05:12:14 | 000,352,513 | ---- | C] (Avira GmbH) -- C:\WINNT\System32\savapi3.dll
[2010/05/27 22:19:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lynda\Desktop\Heather's DÃ©fi
[2010/05/13 07:19:33 | 000,000,000 | ---D | C] -- C:\Google Earth
[2010/05/10 13:51:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\My Documents
[2010/04/19 00:08:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lynda\My Documents\100419000751
[2010/04/19 00:01:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lynda\My Documents\Ghost pic ...hehe
[2010/04/14 22:18:31 | 000,000,000 | ---D | C] -- C:\temp
[2008/01/03 15:37:52 | 000,061,440 | ---- | C] ( ) -- C:\WINNT\System32\csnpstd.dll
[2008/01/03 15:37:52 | 000,040,960 | ---- | C] ( ) -- C:\WINNT\System32\rsnpstd.dll
[2008/01/03 15:37:52 | 000,036,864 | ---- | C] ( ) -- C:\WINNT\System32\vsnpstd.dll
[7 C:\WINNT\*.tmp files -> C:\WINNT\*.tmp -> ]
[6 C:\Documents and Settings\Lynda\My Documents\*.tmp files -> C:\Documents and Settings\Lynda\My Documents\*.tmp -> ]
[1 C:\WINNT\System32\*.tmp files -> C:\WINNT\System32\*.tmp -> ]
[1 C:\Documents and Settings\Lynda\Application Data\*.tmp files -> C:\Documents and Settings\Lynda\Application Data\*.tmp -> ]

========== Files - Modified Within 90 Days ==========

[2010/07/01 11:54:38 | 005,120,000 | -H-- | M] () -- C:\Documents and Settings\Lynda\NTUSER.DAT
[2010/07/01 11:46:49 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Lynda\Desktop\OTL.exe
[2010/07/01 11:43:05 | 000,000,882 | ---- | M] () -- C:\WINNT\tasks\GoogleUpdateTaskMachineCore.job
[2010/07/01 11:41:43 | 000,000,006 | -H-- | M] () -- C:\WINNT\tasks\SA.DAT
[2010/07/01 11:41:38 | 000,016,384 | ---- | M] () -- C:\WINNT\System32\Perflib_Perfdata_284.dat
[2010/07/01 11:39:31 | 000,000,278 | -HS- | M] () -- C:\Documents and Settings\Lynda\ntuser.ini
[2010/07/01 11:39:13 | 000,745,364 | -H-- | M] () -- C:\WINNT\ShellIconCache
[2010/07/01 11:30:54 | 000,052,736 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\UK CV.doc
[2010/07/01 11:20:01 | 000,000,886 | ---- | M] () -- C:\WINNT\tasks\GoogleUpdateTaskMachineUA.job
[2010/07/01 11:17:26 | 000,055,296 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\LyndaSchmitResume 2010.doc
[2010/07/01 09:13:23 | 000,031,232 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Film Work Resume.doc
[2010/07/01 09:13:14 | 000,075,776 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Set Resume and Production Assist together.doc
[2010/07/01 08:39:13 | 000,061,440 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Set Tutor Resume Lynda Schmit 2010.doc
[2010/07/01 08:35:17 | 000,020,992 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Natalie's Reference Letter.doc
[2010/07/01 06:42:34 | 000,000,215 | ---- | M] () -- C:\WINNT\system.ini
[2010/07/01 06:42:28 | 000,000,027 | ---- | M] () -- C:\WINNT\System32\drivers\etc\hosts
[2010/07/01 03:00:00 | 000,000,252 | ---- | M] () -- C:\WINNT\tasks\Backup.job
[2010/06/30 20:05:30 | 000,077,312 | ---- | M] () -- C:\Documents and Settings\Lynda\Desktop\mbr.exe
[2010/06/30 17:40:21 | 001,015,120 | ---- | M] (Kaspersky Lab) -- C:\Documents and Settings\Lynda\Desktop\TDSSKiller.exe
[2010/06/30 09:29:11 | 000,000,630 | ---- | M] () -- C:\Documents and Settings\Lynda\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Microsoft Office Outlook.lnk
[2010/06/30 09:28:52 | 000,355,874 | ---- | M] () -- C:\WINNT\System32\perfh009.dat
[2010/06/30 09:28:51 | 000,407,036 | ---- | M] () -- C:\WINNT\System32\PerfStringBackup.INI
[2010/06/30 09:28:51 | 000,047,564 | ---- | M] () -- C:\WINNT\System32\perfc009.dat
[2010/06/30 03:26:30 | 000,000,188 | ---- | M] () -- C:\WINNT\win.ini
[2010/06/29 21:51:40 | 000,000,588 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Acrobat_com.lnk
[2010/06/29 14:50:02 | 000,001,960 | ---- | M] () -- C:\WINNT\System32\d3d9caps.dat
[2010/06/29 14:15:12 | 000,028,160 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Group Home Operator.doc
[2010/06/29 12:33:16 | 000,001,499 | ---- | M] () -- C:\Documents and Settings\Lynda\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010/06/29 11:42:01 | 000,004,613 | ---- | M] () -- C:\WINNT\imsins.BAK
[2010/06/29 11:24:46 | 000,216,856 | ---- | M] () -- C:\WINNT\System32\FNTCACHE.DAT
[2010/06/29 11:21:06 | 000,001,481 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2010/06/29 10:14:51 | 000,000,880 | ---- | M] () -- C:\WINNT\setup.inf
[2010/06/29 10:14:51 | 000,000,283 | ---- | M] () -- C:\WINNT\setup.rpt
[2010/06/28 19:50:49 | 000,294,400 | ---- | M] () -- C:\Documents and Settings\Lynda\Desktop\exeHelper.com
[2010/06/28 19:18:57 | 000,363,520 | ---- | M] () -- C:\Documents and Settings\Lynda\Desktop\rkill.com
[2010/06/28 18:10:27 | 000,027,136 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\English Teacher J.doc
[2010/06/28 16:42:03 | 000,028,160 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Essential Skiils Practitioner.doc
[2010/06/28 16:19:26 | 000,000,162 | -H-- | M] () -- C:\Documents and Settings\Lynda\My Documents\~$aining Facilitator.doc
[2010/06/28 13:14:44 | 000,027,136 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\English Teacher Kindergarten.doc
[2010/06/28 13:07:47 | 000,027,648 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\English Teacher Hampton College.doc
[2010/06/28 09:38:36 | 000,000,000 | ---- | M] () -- C:\WINNT\Htumimeq.bin
[2010/06/27 22:32:33 | 000,000,569 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/06/27 20:39:39 | 000,000,120 | ---- | M] () -- C:\WINNT\Ujoziqefameteqar.dat
[2010/06/27 15:58:41 | 000,002,214 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Directions to Windows BBS advice.rtf
[2010/06/27 15:57:02 | 006,153,352 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Lynda\Desktop\mbam-setup-1.46.exe
[2010/06/27 12:37:54 | 000,179,116 | ---- | M] () -- C:\Documents and Settings\Lynda\Desktop\wmutil151.zip
[2010/06/27 10:26:02 | 000,525,824 | ---- | M] () -- C:\Documents and Settings\Lynda\Desktop\dds.pif
[2010/06/27 09:18:56 | 000,000,735 | ---- | M] () -- C:\Documents and Settings\Lynda\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2010/06/26 21:44:23 | 000,001,558 | ---- | M] () -- C:\Documents and Settings\Lynda\Desktop\PC Scan & Repair by Reimage.lnk
[2010/06/26 10:53:00 | 000,000,284 | ---- | M] () -- C:\WINNT\tasks\AppleSoftwareUpdate.job
[2010/06/26 10:23:52 | 000,241,197 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Global Partners Reference Letter.jpg
[2010/06/25 09:36:30 | 000,000,162 | -H-- | M] () -- C:\Documents and Settings\Lynda\My Documents\~$DICAL ASSESSMENT FORM.doc
[2010/06/25 07:23:22 | 000,000,268 | RHS- | M] () -- C:\boot.ini
[2010/06/24 21:08:07 | 000,069,632 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Smart Teachers CV Lynda Schmit 2010.doc
[2010/06/24 17:29:42 | 000,000,162 | -H-- | M] () -- C:\Documents and Settings\Lynda\My Documents\~$art Teachers CV Lynda Schmit 2010.doc
[2010/06/24 14:35:06 | 000,028,160 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Mercer Bradley.doc
[2010/06/24 14:03:06 | 000,000,162 | -H-- | M] () -- C:\Documents and Settings\Lynda\My Documents\~$sh green officer posting_16jun10.doc
[2010/06/24 14:02:42 | 000,080,384 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\lush green officer posting_16jun10.doc
[2010/06/24 13:11:42 | 000,027,136 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\D'Hercy Dance Co..doc
[2010/06/24 13:05:45 | 000,000,162 | -H-- | M] () -- C:\Documents and Settings\Lynda\My Documents\~$ndertree.doc
[2010/06/24 13:01:54 | 000,026,624 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Life Skills Worker.doc
[2010/06/24 09:52:30 | 000,070,373 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Lynda Schmit Refund Agreement.pdf
[2010/06/22 14:37:39 | 000,000,162 | -H-- | M] () -- C:\Documents and Settings\Lynda\My Documents\~$haviour Interventionalist.doc
[2010/06/22 12:38:22 | 000,027,136 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\VA Instructor.doc
[2010/06/22 12:30:48 | 000,000,162 | -H-- | M] () -- C:\Documents and Settings\Lynda\My Documents\~$ade 6 Jarvis.doc
[2010/06/22 12:08:56 | 000,028,160 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\KGIC.doc
[2010/06/22 12:00:04 | 000,000,162 | -H-- | M] () -- C:\Documents and Settings\Lynda\My Documents\~$L Teacher.doc
[2010/06/21 16:15:10 | 000,028,160 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Transglobal.doc
[2010/06/21 12:25:17 | 000,000,628 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Yukon Gold.lnk
[2010/06/19 16:01:47 | 000,000,702 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Ad-Aware.lnk
[2010/06/19 11:59:36 | 000,028,672 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Trainee Copy Editor.doc
[2010/06/19 11:58:03 | 000,000,162 | -H-- | M] () -- C:\Documents and Settings\Lynda\My Documents\~$ainee Copy Editor.doc
[2010/06/19 11:39:07 | 000,000,162 | -H-- | M] () -- C:\Documents and Settings\Lynda\My Documents\~$rsonal Assistant.doc
[2010/06/19 11:38:22 | 000,000,162 | -H-- | M] () -- C:\Documents and Settings\Lynda\My Documents\~$aining Group Douglas College.doc
[2010/06/19 11:25:20 | 000,028,672 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Personal Assistant.doc
[2010/06/19 11:19:44 | 000,000,162 | -H-- | M] () -- C:\Documents and Settings\Lynda\My Documents\~$cclaim.doc
[2010/06/18 17:13:48 | 000,027,648 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\English Teacher.doc
[2010/06/18 13:27:40 | 000,048,128 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\APPLICATION_FOR_EMPLOYMENT_FORM01(2).doc
[2010/06/18 13:27:32 | 001,446,812 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Application Form.pdf
[2010/06/18 13:06:41 | 000,001,897 | ---- | M] () -- C:\Documents and Settings\Lynda\Desktop\TELUS Support Centre.lnk
[2010/06/18 12:36:21 | 000,792,362 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Diagnostics.html
[2010/06/18 07:04:59 | 000,002,338 | RHS- | M] () -- C:\Documents and Settings\All Users\ntuser.pol
[2010/06/17 14:05:55 | 000,000,698 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\TELUS Security & Privacy.lnk
[2010/06/16 13:03:14 | 000,028,160 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Fossil Project.doc
[2010/06/16 12:49:26 | 000,028,160 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Alexander College.doc
[2010/06/16 12:19:56 | 000,028,160 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Acclaim.doc
[2010/06/16 12:11:42 | 000,028,160 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Training Group Douglas College.doc
[2010/06/16 09:57:32 | 000,602,688 | ---- | M] () -- C:\Documents and Settings\Lynda\Desktop\SP4express_EN.exe
[2010/06/15 11:55:56 | 000,000,032 | ---- | M] () -- C:\WINNT\System32\thxcfg.ini
[2010/06/15 11:51:30 | 000,000,593 | ---- | M] () -- C:\Documents and Settings\Lynda\Application Data\Microsoft\Internet Explorer\Quick Launch\TrojanHunter Scanner.lnk
[2010/06/15 11:51:30 | 000,000,575 | ---- | M] () -- C:\Documents and Settings\Lynda\Desktop\TrojanHunter.lnk
[2010/06/15 11:02:52 | 000,016,576 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\cc_20100615_110225.reg
[2010/06/15 08:40:10 | 000,000,162 | -H-- | M] () -- C:\Documents and Settings\Lynda\My Documents\~$tivity Programmer.doc
[2010/06/15 08:38:03 | 000,000,162 | -H-- | M] () -- C:\Documents and Settings\Lynda\My Documents\~$ne HÃ©bert.doc
[2010/06/14 17:49:16 | 000,015,218 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\cc_20100614_174857.reg
[2010/06/14 17:03:55 | 000,247,024 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\cc_20100614_170229.reg
[2010/06/14 16:44:20 | 000,001,423 | ---- | M] () -- C:\Documents and Settings\Lynda\Desktop\CCleaner.lnk
[2010/06/14 08:54:16 | 000,000,162 | -H-- | M] () -- C:\Documents and Settings\Lynda\My Documents\~$glish Teacher.doc
[2010/06/14 08:47:43 | 000,000,162 | -H-- | M] () -- C:\Documents and Settings\Lynda\My Documents\~$erlitz.doc
[2010/06/12 09:20:54 | 000,001,728 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\F-PROT Antivirus for Windows.lnk
[2010/06/12 00:07:49 | 000,111,967 | ---- | M] () -- C:\WINNT\hpoins07.dat
[2010/06/11 12:26:47 | 000,000,162 | -H-- | M] () -- C:\Documents and Settings\Lynda\My Documents\~$ndaSchmitResume 2010.doc
[2010/06/10 19:00:18 | 000,028,160 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Berlitz.doc
[2010/06/10 18:24:33 | 000,112,033 | ---- | M] () -- C:\WINNT\hpoins07.dat.temp
[2010/06/10 17:25:44 | 000,095,024 | ---- | M] (Sunbelt Software) -- C:\WINNT\System32\drivers\SBREDrv.sys
[2010/06/10 17:22:58 | 000,064,288 | ---- | M] (Lavasoft AB) -- C:\WINNT\System32\drivers\Lbd.sys
[2010/06/10 16:08:36 | 000,097,824 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Yellow Pages Group ABC_eng (8).pdf
[2010/06/09 16:49:09 | 000,000,162 | -H-- | M] () -- C:\Documents and Settings\Lynda\My Documents\~$llow Pages.doc
[2010/06/09 16:22:04 | 000,028,160 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Yellow Pages.doc
[2010/06/08 18:49:52 | 000,027,136 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Winston College.doc
[2010/06/08 10:19:08 | 000,000,162 | -H-- | M] () -- C:\Documents and Settings\Lynda\My Documents\~$UK CV.doc
[2010/06/07 13:10:20 | 000,000,162 | -H-- | M] () -- C:\Documents and Settings\Lynda\My Documents\~$nda Career Change Resume.DOC
[2010/06/07 13:07:05 | 000,048,640 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Education Resume with Personal Info removed.doc
[2010/06/07 12:54:26 | 000,029,696 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Manitongues.doc
[2010/06/07 10:44:22 | 000,000,162 | -H-- | M] () -- C:\Documents and Settings\Lynda\My Documents\~$xwell Canada Paper.doc
[2010/06/07 10:16:33 | 000,027,648 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\HSBC.doc
[2010/06/04 13:15:51 | 000,027,648 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Conversation Club.doc
[2010/06/04 13:10:24 | 000,000,162 | -H-- | M] () -- C:\Documents and Settings\Lynda\My Documents\~$L Instructor Cambridge.doc
[2010/06/03 15:46:04 | 000,020,480 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Paragraph Why ME.doc
[2010/06/03 15:24:08 | 000,027,648 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\ESL Instructor Cambridge.doc
[2010/06/02 18:33:12 | 000,027,136 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Part time Tutor Austin.doc
[2010/06/02 12:00:00 | 000,027,648 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Training Support Specialist.doc
[2010/06/02 05:12:14 | 000,352,513 | ---- | M] (Avira GmbH) -- C:\WINNT\System32\savapi3.dll
[2010/06/01 15:59:51 | 000,027,648 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\gastown.doc
[2010/06/01 15:36:58 | 000,028,672 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Prosperous International Consultants Inc..doc
[2010/05/31 14:00:28 | 000,028,160 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Lynda's rec letter.doc
[2010/05/31 13:58:34 | 000,029,184 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\CSA Transportation.doc
[2010/05/31 13:38:26 | 000,027,648 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\North American Sanitas.doc
[2010/05/31 13:07:52 | 000,027,648 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Maxwell Canada Paper.doc
[2010/05/31 12:24:38 | 000,029,184 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Unya.doc
[2010/05/31 11:09:14 | 000,028,160 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Career Strategist.doc
[2010/05/31 11:03:43 | 000,037,376 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Lynda Career Change Resume.DOC
[2010/05/31 10:42:25 | 000,028,672 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Host Program Coordinator.doc
[2010/05/30 12:08:57 | 000,000,371 | ---- | M] () -- C:\Documents and Settings\Lynda\Desktop\Video .lnk
[2010/05/30 12:08:57 | 000,000,371 | ---- | M] () -- C:\Documents and Settings\Lynda\Desktop\Pictures .lnk
[2010/05/30 12:08:57 | 000,000,371 | ---- | M] () -- C:\Documents and Settings\Lynda\Desktop\Passwords .lnk
[2010/05/30 12:08:57 | 000,000,371 | ---- | M] () -- C:\Documents and Settings\Lynda\Desktop\New Folder .lnk
[2010/05/30 12:08:57 | 000,000,371 | ---- | M] () -- C:\Documents and Settings\Lynda\Desktop\Music .lnk
[2010/05/30 12:08:57 | 000,000,371 | ---- | M] () -- C:\Documents and Settings\Lynda\Desktop\Documents .lnk
[2010/05/30 12:08:57 | 000,000,125 | RHS- | M] () -- C:\Documents and Settings\Lynda\Desktop\autorun.inf
[2010/05/29 11:20:07 | 000,023,552 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Cancellation of Agreement with Rich Janitor SBG.doc
[2010/05/29 10:31:11 | 005,021,184 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Doc1.doc
[2010/05/28 12:18:22 | 037,350,912 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Heather's DÃ©fi Presentation.ppt
[2010/05/28 01:08:49 | 001,166,450 | ---- | M] () -- C:\Documents and Settings\Lynda\Desktop\lightning thief diable.bmp
[2010/05/27 12:06:16 | 000,144,306 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\05[1].27.10 Lynda Schmit.pdf
[2010/05/25 13:21:23 | 000,028,160 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Manager of Education Vancouver Career College.doc
[2010/05/25 12:27:42 | 000,028,672 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Diversecity.doc
[2010/05/20 12:05:48 | 000,053,760 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\LSchmit Education Canada Resume.doc
[2010/05/19 20:09:42 | 000,030,208 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Darren.doc
[2010/05/18 09:12:19 | 000,029,696 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Host family application form Happy Home.xls
[2010/05/14 11:33:38 | 000,028,160 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\office admin.doc
[2010/05/14 11:13:22 | 000,028,160 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Data Entry Shipping.doc
[2010/05/13 14:26:54 | 000,028,672 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Case Manager.doc
[2010/05/13 14:22:13 | 000,049,152 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Lynda Office and Teaching Merged .doc
[2010/05/13 11:00:08 | 000,028,672 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Client Care Coordinator.doc
[2010/05/13 10:59:47 | 000,028,672 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Client Care.doc
[2010/05/13 07:19:34 | 000,001,713 | ---- | M] () -- C:\Google Earth.lnk
[2010/05/12 18:21:46 | 000,027,648 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\CDCI.doc
[2010/05/12 16:58:48 | 000,000,162 | -H-- | M] () -- C:\Documents and Settings\Lynda\My Documents\~$t Resume Lynda Schmit 2010.doc
[2010/05/12 12:01:18 | 000,000,116 | ---- | M] () -- C:\WINNT\NeroDigital.ini
[2010/05/12 11:31:37 | 000,028,672 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Clerical Work Reception, Researcher Government Agencies.doc
[2010/05/11 17:18:53 | 000,029,696 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Cornerstone Montesorri.doc
[2010/05/11 17:07:24 | 000,000,162 | -H-- | M] () -- C:\Documents and Settings\Lynda\My Documents\~$Cats Art Studio.doc
[2010/05/11 16:34:21 | 000,027,136 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Training Facilitator.doc
[2010/05/10 16:54:11 | 000,029,696 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\4 Cats Art Studio.doc
[2010/05/03 12:02:49 | 000,028,160 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Canadian Mental Health Association Vocational Rehab Counsellor.doc
[2010/05/03 11:37:40 | 000,028,160 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Gastown Business College.doc
[2010/05/02 02:04:29 | 000,002,194 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2010/04/29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINNT\System32\drivers\mbamswissarmy.sys
[2010/04/29 15:39:24 | 000,019,288 | ---- | M] (Malwarebytes Corporation) -- C:\WINNT\System32\drivers\mbam.sys
[2010/04/28 18:54:09 | 000,027,648 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Transglobal Education Program Coordinator.doc
[2010/04/26 22:06:48 | 000,030,720 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Steveston's Art Connection.doc
[2010/04/25 16:45:03 | 000,028,160 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\CATSA Commissionaires.doc
[2010/04/19 19:02:08 | 000,100,864 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\English Learner Authorizaton.doc
[2010/04/19 16:40:31 | 000,031,232 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Orange Glen High School Escondido Union High School District.doc
[2010/04/19 00:23:20 | 000,333,312 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\HEather as a ghost.doc
[2010/04/16 08:25:29 | 000,030,208 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Juan and Orlando.doc
[2010/04/10 19:10:43 | 000,545,411 | ---- | M] () -- C:\Documents and Settings\Lynda\Desktop\Lynda-Income Tax 2009.pdf
[2010/04/10 19:05:11 | 000,001,043 | ---- | M] () -- C:\Documents and Settings\Lynda\Desktop\LyndaSchmit2009.tax
[2010/04/02 22:16:47 | 000,028,160 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Royal Bank Adjudicator Agent.doc
[7 C:\WINNT\*.tmp files -> C:\WINNT\*.tmp -> ]
[6 C:\Documents and Settings\Lynda\My Documents\*.tmp files -> C:\Documents and Settings\Lynda\My Documents\*.tmp -> ]
[1 C:\WINNT\System32\*.tmp files -> C:\WINNT\System32\*.tmp -> ]
[1 C:\Documents and Settings\Lynda\Application Data\*.tmp files -> C:\Documents and Settings\Lynda\Application Data\*.tmp -> ]

lynsing · 2010/07/01

========== Files Created - No Company Name ==========

[2010/07/01 11:41:38 | 000,016,384 | ---- | C] () -- C:\WINNT\System32\Perflib_Perfdata_284.dat
[2010/07/01 09:06:05 | 000,031,232 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Film Work Resume.doc
[2010/07/01 08:35:17 | 000,020,992 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Natalie's Reference Letter.doc
[2010/06/30 20:05:48 | 000,077,312 | ---- | C] () -- C:\Documents and Settings\Lynda\Desktop\mbr.exe
[2010/06/30 09:41:41 | 000,293,376 | ---- | C] () -- C:\Documents and Settings\Lynda\Desktop\gmer.exe
[2010/06/29 19:42:54 | 000,007,136 | ---- | C] () -- C:\Documents and Settings\Lynda\mbam-log-2010-06-29 (19-42-33).txt
[2010/06/29 14:15:12 | 000,028,160 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Group Home Operator.doc
[2010/06/29 11:21:06 | 000,001,499 | ---- | C] () -- C:\Documents and Settings\Lynda\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010/06/29 11:21:06 | 000,001,481 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2010/06/28 19:50:43 | 000,294,400 | ---- | C] () -- C:\Documents and Settings\Lynda\Desktop\exeHelper.com
[2010/06/28 19:48:46 | 000,363,520 | ---- | C] () -- C:\Documents and Settings\Lynda\Desktop\rkill.com
[2010/06/28 18:10:26 | 000,027,136 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\English Teacher J.doc
[2010/06/28 16:42:03 | 000,028,160 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Essential Skiils Practitioner.doc
[2010/06/28 16:19:26 | 000,000,162 | -H-- | C] () -- C:\Documents and Settings\Lynda\My Documents\~$aining Facilitator.doc
[2010/06/28 13:14:44 | 000,027,136 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\English Teacher Kindergarten.doc
[2010/06/28 13:07:47 | 000,027,648 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\English Teacher Hampton College.doc
[2010/06/27 22:32:33 | 000,000,569 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/06/27 15:58:40 | 000,002,214 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Directions to Windows BBS advice.rtf
[2010/06/27 12:39:00 | 000,499,712 | ---- | C] () -- C:\Documents and Settings\Lynda\Desktop\scxout.dll
[2010/06/27 12:37:54 | 000,179,116 | ---- | C] () -- C:\Documents and Settings\Lynda\Desktop\wmutil151.zip
[2010/06/27 10:25:56 | 000,525,824 | ---- | C] () -- C:\Documents and Settings\Lynda\Desktop\dds.pif
[2010/06/27 09:18:54 | 000,000,735 | ---- | C] () -- C:\Documents and Settings\Lynda\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2010/06/26 21:44:23 | 000,001,558 | ---- | C] () -- C:\Documents and Settings\Lynda\Desktop\PC Scan & Repair by Reimage.lnk
[2010/06/26 19:32:49 | 000,107,792 | ---- | C] () -- C:\WINNT\System32\dllcache\xlog.exe
[2010/06/26 19:32:20 | 000,080,304 | ---- | C] () -- C:\WINNT\System32\dllcache\vslinka.sys
[2010/06/26 19:26:26 | 000,094,208 | ---- | C] () -- C:\WINNT\System32\dllcache\fpencode.dll
[2010/06/26 19:25:32 | 000,612,976 | ---- | C] () -- C:\WINNT\System32\dllcache\diwan.sys
[2010/06/26 19:25:30 | 000,220,944 | ---- | C] () -- C:\WINNT\System32\dllcache\disdnsu.dll
[2010/06/26 19:25:30 | 000,006,928 | ---- | C] () -- C:\WINNT\System32\dllcache\disdnci.dll
[2010/06/26 19:25:28 | 000,068,400 | ---- | C] () -- C:\WINNT\System32\dllcache\dimaint.sys
[2010/06/26 19:24:19 | 000,019,792 | ---- | C] () -- C:\WINNT\System32\dllcache\atixbar.sys
[2010/06/26 19:24:18 | 000,017,968 | ---- | C] () -- C:\WINNT\System32\dllcache\atitunep.sys
[2010/06/25 09:36:30 | 000,000,162 | -H-- | C] () -- C:\Documents and Settings\Lynda\My Documents\~$DICAL ASSESSMENT FORM.doc
[2010/06/24 17:29:42 | 000,000,162 | -H-- | C] () -- C:\Documents and Settings\Lynda\My Documents\~$art Teachers CV Lynda Schmit 2010.doc
[2010/06/24 14:35:00 | 000,028,160 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Mercer Bradley.doc
[2010/06/24 14:03:06 | 000,000,162 | -H-- | C] () -- C:\Documents and Settings\Lynda\My Documents\~$sh green officer posting_16jun10.doc
[2010/06/24 14:02:42 | 000,080,384 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\lush green officer posting_16jun10.doc
[2010/06/24 13:11:42 | 000,027,136 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\D'Hercy Dance Co..doc
[2010/06/24 13:05:45 | 000,000,162 | -H-- | C] () -- C:\Documents and Settings\Lynda\My Documents\~$ndertree.doc
[2010/06/24 13:01:53 | 000,026,624 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Life Skills Worker.doc
[2010/06/24 09:52:30 | 000,070,373 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Lynda Schmit Refund Agreement.pdf
[2010/06/22 14:37:39 | 000,000,162 | -H-- | C] () -- C:\Documents and Settings\Lynda\My Documents\~$haviour Interventionalist.doc
[2010/06/22 12:38:22 | 000,027,136 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\VA Instructor.doc
[2010/06/22 12:30:48 | 000,000,162 | -H-- | C] () -- C:\Documents and Settings\Lynda\My Documents\~$ade 6 Jarvis.doc
[2010/06/22 12:04:58 | 000,028,160 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\KGIC.doc
[2010/06/22 12:00:04 | 000,000,162 | -H-- | C] () -- C:\Documents and Settings\Lynda\My Documents\~$L Teacher.doc
[2010/06/21 16:15:09 | 000,028,160 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Transglobal.doc
[2010/06/21 12:25:17 | 000,000,628 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Yukon Gold.lnk
[2010/06/19 12:26:42 | 000,000,284 | ---- | C] () -- C:\WINNT\tasks\AppleSoftwareUpdate.job
[2010/06/19 11:58:03 | 000,000,162 | -H-- | C] () -- C:\Documents and Settings\Lynda\My Documents\~$ainee Copy Editor.doc
[2010/06/19 11:52:08 | 000,028,672 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Trainee Copy Editor.doc
[2010/06/19 11:39:07 | 000,000,162 | -H-- | C] () -- C:\Documents and Settings\Lynda\My Documents\~$rsonal Assistant.doc
[2010/06/19 11:38:22 | 000,000,162 | -H-- | C] () -- C:\Documents and Settings\Lynda\My Documents\~$aining Group Douglas College.doc
[2010/06/19 11:25:20 | 000,028,672 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Personal Assistant.doc
[2010/06/19 11:19:44 | 000,000,162 | -H-- | C] () -- C:\Documents and Settings\Lynda\My Documents\~$cclaim.doc
[2010/06/18 13:27:40 | 000,048,128 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\APPLICATION_FOR_EMPLOYMENT_FORM01(2).doc
[2010/06/18 13:27:31 | 001,446,812 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Application Form.pdf
[2010/06/18 13:06:41 | 000,001,897 | ---- | C] () -- C:\Documents and Settings\Lynda\Desktop\TELUS Support Centre.lnk
[2010/06/18 12:36:21 | 000,792,362 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Diagnostics.html
[2010/06/17 16:21:51 | 000,000,192 | -HS- | C] () -- C:\BOOT.BAK
[2010/06/17 16:21:50 | 000,229,792 | RHS- | C] () -- C:\cmldr
[2010/06/17 14:05:55 | 000,000,698 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\TELUS Security & Privacy.lnk
[2010/06/17 12:55:10 | 000,602,688 | ---- | C] () -- C:\Documents and Settings\Lynda\Desktop\SP4express_EN.exe
[2010/06/16 13:03:14 | 000,028,160 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Fossil Project.doc
[2010/06/16 12:49:26 | 000,028,160 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Alexander College.doc
[2010/06/16 12:19:56 | 000,028,160 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Acclaim.doc
[2010/06/16 12:11:41 | 000,028,160 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Training Group Douglas College.doc
[2010/06/16 09:54:23 | 000,042,192 | ---- | C] () -- C:\WINNT\System32\dllcache\atibt829.sys
[2010/06/16 09:54:23 | 000,016,976 | ---- | C] () -- C:\WINNT\System32\dllcache\atitvsnd.sys
[2010/06/15 19:45:08 | 000,004,613 | ---- | C] () -- C:\WINNT\imsins.BAK
[2010/06/15 11:51:30 | 000,000,593 | ---- | C] () -- C:\Documents and Settings\Lynda\Application Data\Microsoft\Internet Explorer\Quick Launch\TrojanHunter Scanner.lnk
[2010/06/15 11:51:30 | 000,000,575 | ---- | C] () -- C:\Documents and Settings\Lynda\Desktop\TrojanHunter.lnk
[2010/06/15 11:02:46 | 000,016,576 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\cc_20100615_110225.reg
[2010/06/15 08:40:10 | 000,000,162 | -H-- | C] () -- C:\Documents and Settings\Lynda\My Documents\~$tivity Programmer.doc
[2010/06/15 08:38:03 | 000,000,162 | -H-- | C] () -- C:\Documents and Settings\Lynda\My Documents\~$ne HÃ©bert.doc
[2010/06/14 17:49:14 | 000,015,218 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\cc_20100614_174857.reg
[2010/06/14 17:02:54 | 000,247,024 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\cc_20100614_170229.reg
[2010/06/14 16:44:20 | 000,001,423 | ---- | C] () -- C:\Documents and Settings\Lynda\Desktop\CCleaner.lnk
[2010/06/14 08:54:16 | 000,000,162 | -H-- | C] () -- C:\Documents and Settings\Lynda\My Documents\~$glish Teacher.doc
[2010/06/14 08:47:43 | 000,000,162 | -H-- | C] () -- C:\Documents and Settings\Lynda\My Documents\~$erlitz.doc
[2010/06/12 09:20:54 | 000,001,728 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\F-PROT Antivirus for Windows.lnk
[2010/06/11 16:17:31 | 000,000,032 | ---- | C] () -- C:\WINNT\System32\thxcfg.ini
[2010/06/11 12:26:47 | 000,000,162 | -H-- | C] () -- C:\Documents and Settings\Lynda\My Documents\~$ndaSchmitResume 2010.doc
[2010/06/10 19:00:17 | 000,028,160 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Berlitz.doc
[2010/06/10 18:15:37 | 000,112,033 | ---- | C] () -- C:\WINNT\hpoins07.dat.temp
[2010/06/10 18:15:37 | 000,021,124 | ---- | C] () -- C:\WINNT\hpomdl07.dat.temp
[2010/06/10 17:11:04 | 000,000,702 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Ad-Aware.lnk
[2010/06/10 16:08:36 | 000,097,824 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Yellow Pages Group ABC_eng (8).pdf
[2010/06/09 16:49:09 | 000,000,162 | -H-- | C] () -- C:\Documents and Settings\Lynda\My Documents\~$llow Pages.doc
[2010/06/09 16:21:32 | 000,028,160 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Yellow Pages.doc
[2010/06/08 18:49:51 | 000,027,136 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Winston College.doc
[2010/06/08 10:19:08 | 000,000,162 | -H-- | C] () -- C:\Documents and Settings\Lynda\My Documents\~$UK CV.doc
[2010/06/07 13:10:20 | 000,000,162 | -H-- | C] () -- C:\Documents and Settings\Lynda\My Documents\~$nda Career Change Resume.DOC
[2010/06/07 13:07:04 | 000,048,640 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Education Resume with Personal Info removed.doc
[2010/06/07 12:54:26 | 000,029,696 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Manitongues.doc
[2010/06/07 10:44:22 | 000,000,162 | -H-- | C] () -- C:\Documents and Settings\Lynda\My Documents\~$xwell Canada Paper.doc
[2010/06/07 10:16:33 | 000,027,648 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\HSBC.doc
[2010/06/04 13:15:51 | 000,027,648 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Conversation Club.doc
[2010/06/04 13:10:24 | 000,000,162 | -H-- | C] () -- C:\Documents and Settings\Lynda\My Documents\~$L Instructor Cambridge.doc
[2010/06/03 15:46:04 | 000,020,480 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Paragraph Why ME.doc
[2010/06/03 15:24:08 | 000,027,648 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\ESL Instructor Cambridge.doc
[2010/06/02 18:33:12 | 000,027,136 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Part time Tutor Austin.doc
[2010/06/02 11:59:59 | 000,027,648 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Training Support Specialist.doc
[2010/06/01 15:59:50 | 000,027,648 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\gastown.doc
[2010/06/01 15:36:57 | 000,028,672 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Prosperous International Consultants Inc..doc
[2010/05/31 14:00:28 | 000,028,160 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Lynda's rec letter.doc
[2010/05/31 13:38:26 | 000,027,648 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\North American Sanitas.doc
[2010/05/31 13:07:51 | 000,027,648 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Maxwell Canada Paper.doc
[2010/05/31 12:53:23 | 000,029,184 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\CSA Transportation.doc
[2010/05/31 12:24:38 | 000,029,184 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Unya.doc
[2010/05/31 11:09:13 | 000,028,160 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Career Strategist.doc
[2010/05/31 10:42:25 | 000,028,672 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Host Program Coordinator.doc
[2010/05/30 12:08:57 | 000,000,371 | ---- | C] () -- C:\Documents and Settings\Lynda\Desktop\Video .lnk
[2010/05/30 12:08:57 | 000,000,371 | ---- | C] () -- C:\Documents and Settings\Lynda\Desktop\Pictures .lnk
[2010/05/30 12:08:57 | 000,000,371 | ---- | C] () -- C:\Documents and Settings\Lynda\Desktop\Passwords .lnk
[2010/05/30 12:08:57 | 000,000,371 | ---- | C] () -- C:\Documents and Settings\Lynda\Desktop\New Folder .lnk
[2010/05/30 12:08:57 | 000,000,371 | ---- | C] () -- C:\Documents and Settings\Lynda\Desktop\Music .lnk
[2010/05/30 12:08:57 | 000,000,371 | ---- | C] () -- C:\Documents and Settings\Lynda\Desktop\Documents .lnk
[2010/05/30 12:08:57 | 000,000,125 | RHS- | C] () -- C:\Documents and Settings\Lynda\Desktop\autorun.inf
[2010/05/29 10:31:07 | 005,021,184 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Doc1.doc
[2010/05/28 09:50:50 | 000,023,552 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Cancellation of Agreement with Rich Janitor SBG.doc
[2010/05/28 02:52:20 | 037,350,912 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Heather's DÃ©fi Presentation.ppt
[2010/05/28 01:08:49 | 001,166,450 | ---- | C] () -- C:\Documents and Settings\Lynda\Desktop\lightning thief diable.bmp
[2010/05/27 23:38:16 | 000,058,153 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\IMG_0840.JPG
[2010/05/27 23:38:16 | 000,040,165 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\IMG_0841.JPG
[2010/05/27 22:12:17 | 000,000,120 | ---- | C] () -- C:\WINNT\Ujoziqefameteqar.dat
[2010/05/27 22:12:17 | 000,000,000 | ---- | C] () -- C:\WINNT\Htumimeq.bin
[2010/05/27 12:06:16 | 000,144,306 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\05[1].27.10 Lynda Schmit.pdf
[2010/05/25 13:21:23 | 000,028,160 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Manager of Education Vancouver Career College.doc
[2010/05/25 12:27:42 | 000,028,672 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Diversecity.doc
[2010/05/20 12:05:48 | 000,053,760 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\LSchmit Education Canada Resume.doc
[2010/05/19 20:09:42 | 000,030,208 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Darren.doc
[2010/05/18 16:54:25 | 000,027,648 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\English Teacher.doc
[2010/05/18 09:12:19 | 000,029,696 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Host family application form Happy Home.xls
[2010/05/14 21:51:15 | 000,241,197 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Global Partners Reference Letter.jpg
[2010/05/14 11:33:38 | 000,028,160 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\office admin.doc
[2010/05/14 11:13:22 | 000,028,160 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Data Entry Shipping.doc
[2010/05/13 14:26:53 | 000,028,672 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Case Manager.doc
[2010/05/13 11:00:08 | 000,028,672 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Client Care Coordinator.doc
[2010/05/13 10:59:46 | 000,028,672 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Client Care.doc
[2010/05/12 16:58:48 | 000,000,162 | -H-- | C] () -- C:\Documents and Settings\Lynda\My Documents\~$t Resume Lynda Schmit 2010.doc
[2010/05/12 11:31:37 | 000,028,672 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Clerical Work Reception, Researcher Government Agencies.doc
[2010/05/11 17:18:53 | 000,029,696 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Cornerstone Montesorri.doc
[2010/05/11 17:07:24 | 000,000,162 | -H-- | C] () -- C:\Documents and Settings\Lynda\My Documents\~$Cats Art Studio.doc
[2010/05/11 16:34:20 | 000,027,136 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Training Facilitator.doc
[2010/05/10 16:47:57 | 000,029,696 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\4 Cats Art Studio.doc
[2010/05/10 12:09:10 | 000,027,648 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\CDCI.doc
[2010/05/03 12:02:48 | 000,028,160 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Canadian Mental Health Association Vocational Rehab Counsellor.doc
[2010/05/03 11:37:39 | 000,028,160 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Gastown Business College.doc
[2010/04/28 18:52:59 | 000,027,648 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Transglobal Education Program Coordinator.doc
[2010/04/26 22:06:09 | 000,030,720 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Steveston's Art Connection.doc
[2010/04/25 16:45:03 | 000,028,160 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\CATSA Commissionaires.doc
[2010/04/19 19:02:07 | 000,100,864 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\English Learner Authorizaton.doc
[2010/04/19 16:40:31 | 000,031,232 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Orange Glen High School Escondido Union High School District.doc
[2010/04/19 00:23:19 | 000,333,312 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\HEather as a ghost.doc
[2010/04/15 10:53:05 | 000,030,208 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Juan and Orlando.doc
[2010/04/10 19:10:43 | 000,545,411 | ---- | C] () -- C:\Documents and Settings\Lynda\Desktop\Lynda-Income Tax 2009.pdf
[2010/04/10 19:05:25 | 000,001,043 | ---- | C] () -- C:\Documents and Settings\Lynda\Desktop\LyndaSchmit2009.tax
[2010/04/02 22:16:46 | 000,028,160 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Royal Bank Adjudicator Agent.doc
[2009/07/05 15:52:21 | 000,221,184 | ---- | C] () -- C:\WINNT\System32\lame_enc.dll
[2008/07/03 12:01:31 | 000,059,392 | R--- | C] () -- C:\WINNT\System32\streamhlp.dll
[2008/07/02 16:20:01 | 000,001,152 | ---- | C] () -- C:\WINNT\System32\windrv.sys
[2008/06/21 10:34:24 | 000,000,044 | ---- | C] () -- C:\WINNT\liveup.ini
[2008/06/18 21:20:24 | 000,000,740 | ---- | C] () -- C:\WINNT\cdplayer.ini
[2008/04/25 19:59:33 | 000,000,103 | ---- | C] () -- C:\WINNT\Fashion Magic.ini
[2008/04/25 19:57:56 | 000,000,011 | ---- | C] () -- C:\WINNT\Tank Top Kit.ini
[2008/04/25 09:24:00 | 000,000,000 | ---- | C] () -- C:\WINNT\hpqEmlSz.INI
[2008/04/09 20:39:24 | 000,000,035 | ---- | C] () -- C:\WINNT\InfModM.ini
[2008/04/09 20:34:43 | 000,000,015 | ---- | C] () -- C:\WINNT\wgedit.ini
[2008/03/04 11:36:35 | 000,077,824 | ---- | C] () -- C:\WINNT\System32\asr32312.dll
[2008/03/04 11:12:09 | 000,000,000 | ---- | C] () -- C:\WINNT\SETUP32.INI
[2008/02/14 13:59:50 | 000,354,816 | ---- | C] () -- C:\WINNT\System32\psisdecd.dll
[2008/01/03 15:38:05 | 000,053,248 | ---- | C] () -- C:\WINNT\System32\dsnpstd.dll
[2008/01/03 15:38:05 | 000,015,541 | ---- | C] () -- C:\WINNT\snpstd.ini
[2008/01/03 15:38:00 | 000,301,824 | ---- | C] () -- C:\WINNT\System32\drivers\snpstd.sys
[2007/12/29 19:47:11 | 000,000,000 | ---- | C] () -- C:\WINNT\PCFriend.INI
[2007/12/05 21:22:17 | 000,765,952 | ---- | C] () -- C:\WINNT\System32\xvidcore.dll
[2007/12/05 21:22:17 | 000,180,224 | ---- | C] () -- C:\WINNT\System32\xvidvfw.dll
[2007/10/13 01:15:31 | 000,000,116 | ---- | C] () -- C:\WINNT\NeroDigital.ini
[2007/10/12 21:14:35 | 000,000,035 | ---- | C] () -- C:\WINNT\A5W.INI
[2007/10/09 00:13:00 | 000,000,221 | ---- | C] () -- C:\WINNT\NCLogConfig.ini
[2007/10/08 23:40:59 | 000,000,227 | ---- | C] () -- C:\WINNT\HP_CounterReport_Update_HPSU.ini
[2007/10/08 23:40:28 | 000,000,214 | ---- | C] () -- C:\WINNT\HP_48BitScanUpdatePatch.ini
[2007/10/08 23:12:54 | 000,000,221 | ---- | C] () -- C:\WINNT\HP_RedboxHprblog_HPSU.ini
[2007/10/08 22:27:20 | 000,000,730 | ---- | C] () -- C:\WINNT\ODBC.INI
[2003/01/07 15:05:08 | 000,002,695 | ---- | C] () -- C:\WINNT\System32\OUTLPERF.INI
[2001/07/06 15:30:00 | 000,003,399 | ---- | C] () -- C:\WINNT\System32\hptcpmon.ini
[2001/05/08 05:00:00 | 000,176,400 | ---- | C] () -- C:\WINNT\System32\qcut.dll
[2001/05/08 05:00:00 | 000,033,552 | ---- | C] () -- C:\WINNT\System32\efsadu.dll
[2001/05/08 05:00:00 | 000,007,265 | ---- | C] () -- C:\WINNT\System32\iasperf.ini
[2001/05/08 05:00:00 | 000,001,505 | ---- | C] () -- C:\WINNT\System32\faxperf.ini
[2001/05/08 05:00:00 | 000,000,023 | ---- | C] () -- C:\WINNT\welcome.ini
[1999/09/25 03:36:24 | 000,088,816 | ---- | C] () -- C:\WINNT\System32\drivers\lvcam.sys
[1999/09/25 03:36:22 | 000,017,424 | ---- | C] () -- C:\WINNT\System32\drivers\lvsound.sys
[1998/10/11 01:07:38 | 000,088,576 | ---- | C] () -- C:\WINNT\System32\Iticheck.dll

========== LOP Check ==========

[2008/04/07 22:09:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\4Team
[2009/10/11 11:21:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AGI
[2009/09/01 11:15:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Avanquest Software
[2007/10/12 22:06:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Azureus
[2009/11/05 11:34:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BVRP Software
[2008/08/20 13:56:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\eFax Messenger 4.3 Output
[2008/08/20 13:56:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\eFax Messenger 4.3 Setup
[2007/10/08 14:09:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FRISK Software
[2009/01/02 19:29:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Mediafour
[2010/06/21 13:01:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MGS
[2007/10/24 02:19:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MSScanAppDataDir
[2007/10/09 21:51:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NewsBin
[2010/06/17 13:51:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TELUS
[2008/07/04 12:30:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2008/02/26 12:27:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Transparent
[2010/06/15 11:52:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TrojanHunter
[2010/06/10 17:11:26 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}
[2008/07/03 22:18:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lynda\Application Data\AVGTOOLBAR
[2010/06/14 16:58:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lynda\Application Data\Azureus
[2009/11/26 17:26:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lynda\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2010/06/28 22:51:36 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Lynda\Application Data\drivers
[2007/10/11 19:51:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lynda\Application Data\eFax Messenger
[2010/06/12 09:56:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lynda\Application Data\FRISK Software
[2009/05/22 21:40:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lynda\Application Data\GetRightToGo
[2010/06/04 10:16:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lynda\Application Data\Image Zone Express
[2009/10/02 12:26:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lynda\Application Data\Keynote Systems
[2010/06/27 16:09:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lynda\Application Data\NewsBin
[2010/02/01 13:52:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lynda\Application Data\Printer Info Cache
[2008/06/30 23:36:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lynda\Application Data\SecondLife
[2010/06/18 12:34:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lynda\Application Data\TELUS
[2008/07/03 13:27:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lynda\Application Data\TrojanHunter
[2009/12/20 23:20:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lynda\Application Data\tvp animation 9 pro demo
[2010/07/01 03:00:00 | 000,000,252 | ---- | M] () -- C:\WINNT\Tasks\Backup.job

========== Purity Check ==========

========== Custom Scans ==========

< %SYSTEMDRIVE%\*.* >
[2010/07/01 11:41:11 | 000,025,118 | ---- | M] () -- C:\aaw7boot.log
[2003/06/19 12:05:04 | 000,150,528 | RHS- | M] () -- C:\arcldr.exe
[2003/06/19 12:05:04 | 000,163,840 | RHS- | M] () -- C:\arcsetup.exe
[2007/10/06 15:55:45 | 000,000,000 | -H-- | M] () -- C:\AUTOEXEC.BAT
[2007/10/06 15:46:15 | 000,000,192 | -HS- | M] () -- C:\BOOT.BAK
[2010/06/25 07:23:22 | 000,000,268 | RHS- | M] () -- C:\boot.ini
[2007/10/23 14:51:08 | 000,003,164 | ---- | M] () -- C:\CertExchangeLynda.fdf
[2003/06/19 12:05:04 | 000,229,792 | RHS- | M] () -- C:\cmldr
[2010/07/01 06:50:20 | 000,028,655 | ---- | M] () -- C:\ComboFix.txt
[2007/10/06 15:55:45 | 000,000,000 | -H-- | M] () -- C:\CONFIG.SYS
[2007/10/08 21:55:54 | 000,000,000 | ---- | M] () -- C:\DBS.TXT
[2010/05/13 07:19:34 | 000,001,713 | ---- | M] () -- C:\Google Earth
[2007/11/18 15:53:54 | 000,668,672 | ---- | M] () -- C:\If you need a babysitter on any night of the week.doc
[2007/10/06 15:55:45 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2007/10/06 15:55:45 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2003/06/19 12:05:04 | 000,034,724 | RHS- | M] () -- C:\NTDETECT.COM
[2003/06/19 12:05:04 | 000,214,432 | RHS- | M] () -- C:\ntldr
[2010/07/01 11:41:13 | 402,653,184 | -HS- | M] () -- C:\pagefile.sys
[2008/02/16 09:46:14 | 000,000,186 | ---- | M] () -- C:\picsetup.log
[2010/06/28 19:47:37 | 000,000,369 | ---- | M] () -- C:\rkill log.txt
[2010/06/28 19:52:57 | 000,000,369 | ---- | M] () -- C:\rkill.log
[2010/06/30 18:07:33 | 000,032,710 | ---- | M] () -- C:\TDSSKiller.2.3.2.1_30.06.2010_18.06.26_log.txt
[2007/09/03 23:07:38 | 038,203,392 | ---- | M] () -- C:\TOEIC_Sample.exe
[2009/01/13 11:25:23 | 000,000,594 | ---- | M] () -- C:\updatedatfix.log

< %systemroot%\system32\Spool\prtprocs\w32x86\*.dll >
[2007/04/09 13:23:54 | 000,028,552 | ---- | M] (Microsoft Corporation) -- C:\WINNT\system32\spool\prtprocs\w32x86\mdippr.dll
[2003/06/19 12:05:04 | 000,006,928 | ---- | M] (Microsoft Corporation) -- C:\WINNT\system32\spool\prtprocs\w32x86\sfmpsprt.dll
[2005/09/05 15:48:02 | 000,007,653 | ---- | M] (Windows (R) 2000 DDK provider) -- C:\WINNT\system32\spool\prtprocs\w32x86\vprproc.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINNT\system32\*.tmp files -> C:\WINNT\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2007/10/06 08:32:48 | 000,081,920 | ---- | M] () -- C:\WINNT\system32\config\default.sav
[2007/10/06 08:32:48 | 000,536,576 | ---- | M] () -- C:\WINNT\system32\config\software.sav
[2007/10/06 08:32:48 | 000,360,448 | ---- | M] () -- C:\WINNT\system32\config\system.sav

< %systemroot%\system32\user32.dll /md5 >
[2007/03/06 04:17:48 | 000,381,200 | ---- | M] (Microsoft Corporation) MD5=40023A7103796B1AF6CA41A6DBC54775 -- C:\WINNT\system32\USER32.DLL
[1 C:\WINNT\system32\*.tmp files -> C:\WINNT\system32\*.tmp -> ]

< %systemroot%\system32\ws2_32.dll /md5 >
[2003/06/19 12:05:04 | 000,069,904 | ---- | M] (Microsoft Corporation) MD5=0190C62DE42396D78DB9BE771CF2403E -- C:\WINNT\system32\ws2_32.dll
[1 C:\WINNT\system32\*.tmp files -> C:\WINNT\system32\*.tmp -> ]

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

========== Files - Unicode (All) ==========
[2008/08/19 23:19:18 | 000,000,000 | ---- | M] ()(C:\WINNT\?) -- C:\WINNT\὚
[2008/08/19 23:19:18 | 000,000,000 | ---- | C] ()(C:\WINNT\?) -- C:\WINNT\὚

========== Alternate Data Streams ==========

@Alternate Data Stream - 9928 bytes -> C:\Documents and Settings\Lynda\My Documents\EL Authorization Email Tulare County Office.eml:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 9856 bytes -> C:\Documents and Settings\Lynda\My Documents\thank you for coming over to take care of me.eml:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 9212 bytes -> C:\Documents and Settings\Lynda\My Documents\emotions-2.pdf:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 8148 bytes -> C:\Documents and Settings\Lynda\My Documents\Yellow Pages Group ABC_eng (8).pdf:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 7980 bytes -> C:\Documents and Settings\Lynda\My Documents\Certificated Application.pdf:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 7880 bytes -> C:\Documents and Settings\Lynda\My Documents\Parent%20Teacher%20Conf%20Form07.pdf:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 7828 bytes -> C:\Documents and Settings\Lynda\My Documents\Microsoft Word - Cost Estimate - RVQC 56.pdf:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 7528 bytes -> C:\Documents and Settings\Lynda\My Documents\Universite Laval Transcript Translated.pdf:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 7496 bytes -> C:\Documents and Settings\Lynda\My Documents\sheltie testy.jpg:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 7492 bytes -> C:\Documents and Settings\Lynda\My Documents\Academic_Packet.pdf:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 7352 bytes -> C:\Documents and Settings\Lynda\My Documents\Confirmation.pdf:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 7116 bytes -> C:\Documents and Settings\Lynda\My Documents\Lynda-archive07.pdf:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 7020 bytes -> C:\Documents and Settings\Lynda\My Documents\Eticket.pdf:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 6996 bytes -> C:\Documents and Settings\Lynda\My Documents\Fringe Ep 208 Call Sheet Day 7 of 8.pdf:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 6952 bytes -> C:\Documents and Settings\Lynda\My Documents\Icarus Day 7 Call Sheet.pdf:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 6920 bytes -> C:\Documents and Settings\Lynda\My Documents\NCLB_ResourceGuide.pdf:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 6868 bytes -> C:\Documents and Settings\Lynda\My Documents\Eticket me.pdf:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 6864 bytes -> C:\Documents and Settings\Lynda\My Documents\diorama_template.pdf:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 6844 bytes -> C:\Documents and Settings\Lynda\My Documents\odysseeespece.pdf:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 6816 bytes -> C:\Documents and Settings\Lynda\My Documents\Lynda Schmit Refund Agreement.pdf:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 6804 bytes -> C:\Documents and Settings\Lynda\My Documents\05[1].27.10 Lynda Schmit.pdf:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 6696 bytes -> C:\Documents and Settings\Lynda\My Documents\HI_CallSheet_Ep104_D4_091908_Call0930.pdf:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 6668 bytes -> C:\Documents and Settings\Lynda\My Documents\pass-fail UBC.pdf:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 6532 bytes -> C:\Documents and Settings\Lynda\My Documents\9782895683643corF.pdf:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 6512 bytes -> C:\Documents and Settings\Lynda\My Documents\HI_CallSheet_Ep104_D3_Call0830.pdf:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 6392 bytes -> C:\Documents and Settings\Lynda\My Documents\Host Family Information-Tutor (1).pdf:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 6340 bytes -> C:\Documents and Settings\Lynda\My Documents\Correcteur - FRAL Demande 2010.pdf:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 6292 bytes -> C:\Documents and Settings\Lynda\My Documents\first_teaching_interview.pdf:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 6248 bytes -> C:\Documents and Settings\Lynda\My Documents\terrestrial_foodchain.jpg:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 6212 bytes -> C:\Documents and Settings\Lynda\My Documents\IMG_0840.JPG:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 6048 bytes -> C:\Documents and Settings\Lynda\My Documents\teachingjobbook.pdf:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 5884 bytes -> C:\Documents and Settings\Lynda\My Documents\02_radar_precip_activity.pdf:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 5784 bytes -> C:\Documents and Settings\Lynda\My Documents\French High School Teacher.pdf:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 5772 bytes -> C:\Documents and Settings\Lynda\My Documents\EOCApplication[1].pdf:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 5560 bytes -> C:\Documents and Settings\Lynda\My Documents\EDITABLE LAVAL.pdf:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 5552 bytes -> C:\Documents and Settings\Lynda\My Documents\FSL Teacher Handbook.pdf:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 5452 bytes -> C:\Documents and Settings\Lynda\My Documents\Letter of Reference_.eml:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 5360 bytes -> C:\Documents and Settings\Lynda\My Documents\Application Form.pdf:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 5264 bytes -> C:\Documents and Settings\Lynda\My Documents\french immersion methodology.pdf:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 5192 bytes -> C:\Documents and Settings\Lynda\My Documents\IMG_0841.JPG:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 4952 bytes -> C:\Documents and Settings\Lynda\My Documents\dramastrategies.pdf:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 4944 bytes -> C:\Documents and Settings\Lynda\My Documents\114635337.PDF:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 4856 bytes -> C:\Documents and Settings\Lynda\My Documents\On set Tutor ABC On Set Tutor.eml:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 4448 bytes -> C:\Documents and Settings\Lynda\My Documents\Global Partners Reference Letter.jpg:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 3896 bytes -> C:\Documents and Settings\Lynda\My Documents\CFLP.pdf:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 3008 bytes -> C:\Documents and Settings\Lynda\My Documents\Possible laval trans.pdf:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 1828 bytes -> C:\Documents and Settings\Lynda\My Documents\0 0.htm:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 15632 bytes -> C:\Documents and Settings\Lynda\My Documents\Home Country.htm:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 14892 bytes -> C:\Documents and Settings\Lynda\My Documents\Selected Credential Held Public Search California Commission on Teacher Credentialing.mht:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 14892 bytes -> C:\Documents and Settings\Lynda\My Documents\PublicDetailProxy.htm:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 13748 bytes -> C:\Documents and Settings\Lynda\My Documents\Summary of Application Status and Credentials Held California Commission on Teacher Credentialing.mht:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 12680 bytes -> C:\Documents and Settings\Lynda\My Documents\Job Bank - Results.htm:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 12200 bytes -> C:\Documents and Settings\Lynda\My Documents\fsi-french-08.html:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 12016 bytes -> C:\Documents and Settings\Lynda\My Documents\Lexique culinaire Ã¯¿½ PlanÃ¨te cuisine.htm:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 10868 bytes -> C:\Documents and Settings\Lynda\My Documents\us constitution.htm:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 10760 bytes -> C:\Documents and Settings\Lynda\My Documents\Diagnostics.html:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 106 bytes -> C:\Documents and Settings\All Users\Application Data\TEMPFC5A2B2
@Alternate Data Stream - 102 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:F085C8A1
< End of report >

broni · 2010/07/01

You're not running any AV program.
Please, download and install one of these:
- Avast! free antivirus: http://www.avast.com/eng/download-avast-home.html
- Avira free antivirus: http://www.free-av.com/en/download/1/avira_antivir_personal__free_antivirus.html

===============================================================

Update your Java version here: http://www.java.com/en/download/installed.jsp
Uninstall all previous Java versions, through Add\Remove (Programs & Features in Vista/7).

==============================================================

Run OTL

Under the [color= "#0000FF"]Custom Scans/Fixes[/color] box at the bottom, paste in the following

Code:

:OTL
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O16 - DPF: {0E8D0700-75DF-11D3-8B4A-0008C7450C4A} http://www.lizardtech.com/download/f...trol_en_US.cab  (Reg Error: Key error.)
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} http://download.microsoft.com/downlo...22/wmv9VCM.CAB (Reg Error: Key error.)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get.../ultrashim.cab  (Reg Error: Key error.)
O16 - DPF: CabBuilder http://www.imgag.com/kiw/toolbar/dow...lerControl.cab  (Reg Error: Key error.)
O18 - Protocol\Filter\application/octet-stream - No CLSID value found
O18 - Protocol\Filter\application/x-complus - No CLSID value found
O18 - Protocol\Filter\application/xhtml+xml - No CLSID value found
O18 - Protocol\Filter\application/xhtml+xml; charset=iso-8859-1 - No CLSID value found
O18 - Protocol\Filter\application/xhtml+xml; charset=utf-8 - No CLSID value found
O18 - Protocol\Filter\application/x-msdownload - No CLSID value found
O18 - Protocol\Filter\Class Install Handler - No CLSID value found
O18 - Protocol\Filter\deflate - No CLSID value found
O18 - Protocol\Filter\gzip - No CLSID value found
O18 - Protocol\Filter\lzdhtml - No CLSID value found
O18 - Protocol\Filter\text/webviewhtml - No CLSID value found
O18 - Protocol\Filter\text/xml - No CLSID value found
O18 - Protocol\Filter\text/xml; charset=iso-8859-1 - No CLSID value found
O18 - Protocol\Filter\text/xml; charset=utf-8 - No CLSID value found
O22 - SharedTaskScheduler: {ecc974ae-6ede-44a2-90da-93b996d8eaf8} - frizzed - Reg Error: Key error. File not found
[2010/06/27 20:39:39 | 000,000,120 | ---- | M] () -- C:\WINNT\Ujoziqefameteqar.dat
[2010/05/27 22:12:17 | 000,000,000 | ---- | C] () -- C:\WINNT\Htumimeq.bin
@Alternate Data Stream - 9928 bytes -> C:\Documents and Settings\Lynda\My Documents\EL Authorization Email Tulare County Office.eml:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 9856 bytes -> C:\Documents and Settings\Lynda\My Documents\thank you for coming over to take care of me.eml:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 9212 bytes -> C:\Documents and Settings\Lynda\My Documents\emotions-2.pdf:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 8148 bytes -> C:\Documents and Settings\Lynda\My Documents\Yellow Pages Group ABC_eng (8).pdf:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 7980 bytes -> C:\Documents and Settings\Lynda\My Documents\Certificated Application.pdf:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 7880 bytes -> C:\Documents and Settings\Lynda\My Documents\Parent%20Teacher%20Conf%20Form07.pdf:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 7828 bytes -> C:\Documents and Settings\Lynda\My Documents\Microsoft Word - Cost Estimate - RVQC 56.pdf:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 7528 bytes -> C:\Documents and Settings\Lynda\My Documents\Universite Laval Transcript Translated.pdf:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 7496 bytes -> C:\Documents and Settings\Lynda\My Documents\sheltie testy.jpg:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 7492 bytes -> C:\Documents and Settings\Lynda\My Documents\Academic_Packet.pdf:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 7352 bytes -> C:\Documents and Settings\Lynda\My Documents\Confirmation.pdf:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 7116 bytes -> C:\Documents and Settings\Lynda\My Documents\Lynda-archive07.pdf:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 7020 bytes -> C:\Documents and Settings\Lynda\My Documents\Eticket.pdf:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 6996 bytes -> C:\Documents and Settings\Lynda\My Documents\Fringe Ep 208 Call Sheet Day 7 of 8.pdf:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 6952 bytes -> C:\Documents and Settings\Lynda\My Documents\Icarus Day 7 Call Sheet.pdf:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 6920 bytes -> C:\Documents and Settings\Lynda\My Documents\NCLB_ResourceGuide.pdf:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 6868 bytes -> C:\Documents and Settings\Lynda\My Documents\Eticket me.pdf:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 6864 bytes -> C:\Documents and Settings\Lynda\My Documents\diorama_template.pdf:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 6844 bytes -> C:\Documents and Settings\Lynda\My Documents\odysseeespece.pdf:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 6816 bytes -> C:\Documents and Settings\Lynda\My Documents\Lynda Schmit Refund Agreement.pdf:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 6804 bytes -> C:\Documents and Settings\Lynda\My Documents\05[1].27.10 Lynda Schmit.pdf:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 6696 bytes -> C:\Documents and Settings\Lynda\My Documents\HI_CallSheet_Ep104_D4_091908_Call0930.pdf:Q30lsldxJoudresxAaaqpc awXc
@Alternate Data Stream - 6668 bytes -> C:\Documents and Settings\Lynda\My Documents\pass-fail UBC.pdf:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 6532 bytes -> C:\Documents and Settings\Lynda\My Documents\9782895683643corF.pdf:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 6512 bytes -> C:\Documents and Settings\Lynda\My Documents\HI_CallSheet_Ep104_D3_Call0830.pdf:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 6392 bytes -> C:\Documents and Settings\Lynda\My Documents\Host Family Information-Tutor (1).pdf:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 6340 bytes -> C:\Documents and Settings\Lynda\My Documents\Correcteur - FRAL Demande 2010.pdf:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 6292 bytes -> C:\Documents and Settings\Lynda\My Documents\first_teaching_interview.pdf:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 6248 bytes -> C:\Documents and Settings\Lynda\My Documents\terrestrial_foodchain.jpg:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 6212 bytes -> C:\Documents and Settings\Lynda\My Documents\IMG_0840.JPG:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 6048 bytes -> C:\Documents and Settings\Lynda\My Documents\teachingjobbook.pdf:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 5884 bytes -> C:\Documents and Settings\Lynda\My Documents\02_radar_precip_activity.pdf:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 5784 bytes -> C:\Documents and Settings\Lynda\My Documents\French High School Teacher.pdf:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 5772 bytes -> C:\Documents and Settings\Lynda\My Documents\EOCApplication[1].pdf:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 5560 bytes -> C:\Documents and Settings\Lynda\My Documents\EDITABLE LAVAL.pdf:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 5552 bytes -> C:\Documents and Settings\Lynda\My Documents\FSL Teacher Handbook.pdf:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 5452 bytes -> C:\Documents and Settings\Lynda\My Documents\Letter of Reference_.eml:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 5360 bytes -> C:\Documents and Settings\Lynda\My Documents\Application Form.pdf:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 5264 bytes -> C:\Documents and Settings\Lynda\My Documents\french immersion methodology.pdf:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 5192 bytes -> C:\Documents and Settings\Lynda\My Documents\IMG_0841.JPG:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 4952 bytes -> C:\Documents and Settings\Lynda\My Documents\dramastrategies.pdf:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 4944 bytes -> C:\Documents and Settings\Lynda\My Documents\114635337.PDF:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 4856 bytes -> C:\Documents and Settings\Lynda\My Documents\On set Tutor ABC On Set Tutor.eml:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 4448 bytes -> C:\Documents and Settings\Lynda\My Documents\Global Partners Reference Letter.jpg:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 3896 bytes -> C:\Documents and Settings\Lynda\My Documents\CFLP.pdf:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 3008 bytes -> C:\Documents and Settings\Lynda\My Documents\Possible laval trans.pdf:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 1828 bytes -> C:\Documents and Settings\Lynda\My Documents\0 0.htm:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 15632 bytes -> C:\Documents and Settings\Lynda\My Documents\Home Country.htm:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 14892 bytes -> C:\Documents and Settings\Lynda\My Documents\Selected Credential Held Public Search California Commission on Teacher Credentialing.mht:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 14892 bytes -> C:\Documents and Settings\Lynda\My Documents\PublicDetailProxy.htm:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 13748 bytes -> C:\Documents and Settings\Lynda\My Documents\Summary of Application Status and Credentials Held California Commission on Teacher Credentialing.mht:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 12680 bytes -> C:\Documents and Settings\Lynda\My Documents\Job Bank - Results.htm:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 12200 bytes -> C:\Documents and Settings\Lynda\My Documents\fsi-french-08.html:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 12016 bytes -> C:\Documents and Settings\Lynda\My Documents\Lexique culinaire Ã¯¿½ PlanÃ¨te cuisine.htm:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 10868 bytes -> C:\Documents and Settings\Lynda\My Documents\us constitution.htm:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 10760 bytes -> C:\Documents and Settings\Lynda\My Documents\Diagnostics.html:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 106 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
@Alternate Data Stream - 102 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:F085C8A1

:Services

:Reg

:Files

:Commands
[purity]
[emptytemp]
[emptyflash]
[resethosts]
[Reboot]

Then click the [color= "#FF0000"]Run Fix[/color] button at the top
Let the program run unhindered, reboot the PC when it is done
You will get a log that shows the results of the fix. Please post it.
Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

lynsing · 2010/07/02

All processes killed
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ not found.
Starting removal of ActiveX control {0E8D0700-75DF-11D3-8B4A-0008C7450C4A}
C:\WINNT\Downloaded Program Files\DjVuLite.us.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{0E8D0700-75DF-11D3-8B4A-0008C7450C4A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0E8D0700-75DF-11D3-8B4A-0008C7450C4A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{0E8D0700-75DF-11D3-8B4A-0008C7450C4A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0E8D0700-75DF-11D3-8B4A-0008C7450C4A}\ not found.
Starting removal of ActiveX control {33564D57-0000-0010-8000-00AA00389B71}
C:\WINNT\Downloaded Program Files\WMV9VCM.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{33564D57-0000-0010-8000-00AA00389B71}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{33564D57-0000-0010-8000-00AA00389B71}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{33564D57-0000-0010-8000-00AA00389B71}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{33564D57-0000-0010-8000-00AA00389B71}\ not found.
Starting removal of ActiveX control {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
C:\WINNT\Downloaded Program Files\erma.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Starting removal of ActiveX control CabBuilder
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\CabBuilder\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\CabBuilder\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\CabBuilder\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ deleted successfully.
File Protocol\Filter\Class Install Handler - No CLSID value found not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler\\{ecc974ae-6ede-44a2-90da-93b996d8eaf8} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ecc974ae-6ede-44a2-90da-93b996d8eaf8}\ not found.
C:\WINNT\Ujoziqefameteqar.dat moved successfully.
C:\WINNT\Htumimeq.bin moved successfully.
ADS C:\Documents and Settings\Lynda\My Documents\EL Authorization Email Tulare County Office.eml:Q30lsldxJoudresxAaaqpcawXc deleted successfully.
ADS C:\Documents and Settings\Lynda\My Documents\thank you for coming over to take care of me.eml:Q30lsldxJoudresxAaaqpcawXc deleted successfully.
ADS C:\Documents and Settings\Lynda\My Documents\emotions-2.pdf:Q30lsldxJoudresxAaaqpcawXc deleted successfully.
ADS C:\Documents and Settings\Lynda\My Documents\Yellow Pages Group ABC_eng (8).pdf:Q30lsldxJoudresxAaaqpcawXc deleted successfully.
ADS C:\Documents and Settings\Lynda\My Documents\Certificated Application.pdf:Q30lsldxJoudresxAaaqpcawXc deleted successfully.
ADS C:\Documents and Settings\Lynda\My Documents\Parent%20Teacher%20Conf%20Form07.pdf:Q30lsldxJoudresxAaaqpcawXc deleted successfully.
Unable to delete ADS C:\Documents and Settings\Lynda\My Documents\Microsoft Word - Cost Estimate - RVQC 56.pdf:Q30lsldxJoudresxAaaqpcawXc .
ADS C:\Documents and Settings\Lynda\My Documents\Universite Laval Transcript Translated.pdf:Q30lsldxJoudresxAaaqpcawXc deleted successfully.
ADS C:\Documents and Settings\Lynda\My Documents\sheltie testy.jpg:Q30lsldxJoudresxAaaqpcawXc deleted successfully.
ADS C:\Documents and Settings\Lynda\My Documents\Academic_Packet.pdf:Q30lsldxJoudresxAaaqpcawXc deleted successfully.
ADS C:\Documents and Settings\Lynda\My Documents\Confirmation.pdf:Q30lsldxJoudresxAaaqpcawXc deleted successfully.
ADS C:\Documents and Settings\Lynda\My Documents\Lynda-archive07.pdf:Q30lsldxJoudresxAaaqpcawXc deleted successfully.
ADS C:\Documents and Settings\Lynda\My Documents\Eticket.pdf:Q30lsldxJoudresxAaaqpcawXc deleted successfully.
ADS C:\Documents and Settings\Lynda\My Documents\Fringe Ep 208 Call Sheet Day 7 of 8.pdf:Q30lsldxJoudresxAaaqpcawXc deleted successfully.
ADS C:\Documents and Settings\Lynda\My Documents\Icarus Day 7 Call Sheet.pdf:Q30lsldxJoudresxAaaqpcawXc deleted successfully.
ADS C:\Documents and Settings\Lynda\My Documents\NCLB_ResourceGuide.pdf:Q30lsldxJoudresxAaaqpcawXc deleted successfully.
ADS C:\Documents and Settings\Lynda\My Documents\Eticket me.pdf:Q30lsldxJoudresxAaaqpcawXc deleted successfully.
ADS C:\Documents and Settings\Lynda\My Documents\diorama_template.pdf:Q30lsldxJoudresxAaaqpcawXc deleted successfully.
ADS C:\Documents and Settings\Lynda\My Documents\odysseeespece.pdf:Q30lsldxJoudresxAaaqpcawXc deleted successfully.
ADS C:\Documents and Settings\Lynda\My Documents\Lynda Schmit Refund Agreement.pdf:Q30lsldxJoudresxAaaqpcawXc deleted successfully.
ADS C:\Documents and Settings\Lynda\My Documents\05[1].27.10 Lynda Schmit.pdf:Q30lsldxJoudresxAaaqpcawXc deleted successfully.
Unable to delete ADS C:\Documents and Settings\Lynda\My Documents\HI_CallSheet_Ep104_D4_091908_Call0930.pdf:Q30lsldxJoudresxAaaqpc awXc .
ADS C:\Documents and Settings\Lynda\My Documents\pass-fail UBC.pdf:Q30lsldxJoudresxAaaqpcawXc deleted successfully.
ADS C:\Documents and Settings\Lynda\My Documents\9782895683643corF.pdf:Q30lsldxJoudresxAaaqpcawXc deleted successfully.
ADS C:\Documents and Settings\Lynda\My Documents\HI_CallSheet_Ep104_D3_Call0830.pdf:Q30lsldxJoudresxAaaqpcawXc deleted successfully.
ADS C:\Documents and Settings\Lynda\My Documents\Host Family Information-Tutor (1).pdf:Q30lsldxJoudresxAaaqpcawXc deleted successfully.
ADS C:\Documents and Settings\Lynda\My Documents\Correcteur - FRAL Demande 2010.pdf:Q30lsldxJoudresxAaaqpcawXc deleted successfully.
ADS C:\Documents and Settings\Lynda\My Documents\first_teaching_interview.pdf:Q30lsldxJoudresxAaaqpcawXc deleted successfully.
ADS C:\Documents and Settings\Lynda\My Documents\terrestrial_foodchain.jpg:Q30lsldxJoudresxAaaqpcawXc deleted successfully.
ADS C:\Documents and Settings\Lynda\My Documents\IMG_0840.JPG:Q30lsldxJoudresxAaaqpcawXc deleted successfully.
ADS C:\Documents and Settings\Lynda\My Documents\teachingjobbook.pdf:Q30lsldxJoudresxAaaqpcawXc deleted successfully.
ADS C:\Documents and Settings\Lynda\My Documents\02_radar_precip_activity.pdf:Q30lsldxJoudresxAaaqpcawXc deleted successfully.
ADS C:\Documents and Settings\Lynda\My Documents\French High School Teacher.pdf:Q30lsldxJoudresxAaaqpcawXc deleted successfully.
ADS C:\Documents and Settings\Lynda\My Documents\EOCApplication[1].pdf:Q30lsldxJoudresxAaaqpcawXc deleted successfully.
ADS C:\Documents and Settings\Lynda\My Documents\EDITABLE LAVAL.pdf:Q30lsldxJoudresxAaaqpcawXc deleted successfully.
ADS C:\Documents and Settings\Lynda\My Documents\FSL Teacher Handbook.pdf:Q30lsldxJoudresxAaaqpcawXc deleted successfully.
ADS C:\Documents and Settings\Lynda\My Documents\Letter of Reference_.eml:Q30lsldxJoudresxAaaqpcawXc deleted successfully.
ADS C:\Documents and Settings\Lynda\My Documents\Application Form.pdf:Q30lsldxJoudresxAaaqpcawXc deleted successfully.
ADS C:\Documents and Settings\Lynda\My Documents\french immersion methodology.pdf:Q30lsldxJoudresxAaaqpcawXc deleted successfully.
ADS C:\Documents and Settings\Lynda\My Documents\IMG_0841.JPG:Q30lsldxJoudresxAaaqpcawXc deleted successfully.
ADS C:\Documents and Settings\Lynda\My Documents\dramastrategies.pdf:Q30lsldxJoudresxAaaqpcawXc deleted successfully.
ADS C:\Documents and Settings\Lynda\My Documents\114635337.PDF:Q30lsldxJoudresxAaaqpcawXc deleted successfully.
ADS C:\Documents and Settings\Lynda\My Documents\On set Tutor ABC On Set Tutor.eml:Q30lsldxJoudresxAaaqpcawXc deleted successfully.
ADS C:\Documents and Settings\Lynda\My Documents\Global Partners Reference Letter.jpg:Q30lsldxJoudresxAaaqpcawXc deleted successfully.
ADS C:\Documents and Settings\Lynda\My Documents\CFLP.pdf:Q30lsldxJoudresxAaaqpcawXc deleted successfully.
ADS C:\Documents and Settings\Lynda\My Documents\Possible laval trans.pdf:Q30lsldxJoudresxAaaqpcawXc deleted successfully.
ADS C:\Documents and Settings\Lynda\My Documents\0 0.htm:Q30lsldxJoudresxAaaqpcawXc deleted successfully.
ADS C:\Documents and Settings\Lynda\My Documents\Home Country.htm:Q30lsldxJoudresxAaaqpcawXc deleted successfully.
Unable to delete ADS C:\Documents and Settings\Lynda\My Documents\Selected Credential Held Public Search California Commission on Teacher Credentialing.mht:Q30lsldxJoudresxAaaqpcawXc .
ADS C:\Documents and Settings\Lynda\My Documents\PublicDetailProxy.htm:Q30lsldxJoudresxAaaqpcawXc deleted successfully.
Unable to delete ADS C:\Documents and Settings\Lynda\My Documents\Summary of Application Status and Credentials Held California Commission on Teacher Credentialing.mht:Q30lsldxJoudresxAaaqpcawXc .
ADS C:\Documents and Settings\Lynda\My Documents\Job Bank - Results.htm:Q30lsldxJoudresxAaaqpcawXc deleted successfully.
ADS C:\Documents and Settings\Lynda\My Documents\fsi-french-08.html:Q30lsldxJoudresxAaaqpcawXc deleted successfully.
ADS C:\Documents and Settings\Lynda\My Documents\Lexique culinaire Ã¯¿½ PlanÃ¨te cuisine.htm:Q30lsldxJoudresxAaaqpcawXc deleted successfully.
ADS C:\Documents and Settings\Lynda\My Documents\us constitution.htm:Q30lsldxJoudresxAaaqpcawXc deleted successfully.
ADS C:\Documents and Settings\Lynda\My Documents\Diagnostics.html:Q30lsldxJoudresxAaaqpcawXc deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMPFC5A2B2 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:F085C8A1 deleted successfully.
========== SERVICES/DRIVERS ==========
========== REGISTRY ==========
========== FILES ==========
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 41661 bytes

User: Lynda
->Temp folder emptied: 1567173 bytes
->Temporary Internet Files folder emptied: 4374171 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 54654698 bytes
->Apple Safari cache emptied: 46372 bytes
->Flash cache emptied: 2015148 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 1514076 bytes
%systemroot%\System32 .tmp files removed: 2577 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
RecycleBin emptied: shell32.dll unable to determine bytes removed.

Total Files Cleaned = 61.00 mb

[EMPTYFLASH]

User: All Users

User: Default User
->Flash cache emptied: 0 bytes

User: Lynda
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0.00 mb

C:\WINNT\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

OTL by OldTimer - Version 3.2.7.0 log created on 07022010_093352

Files\Folders moved on Reboot...
File\Folder C:\WINNT\temp\_avast5_\Webshlock.txt not found!

Registry entries deleted on Reboot...

lynsing · 2010/07/02

OTL logfile created on: 02/07/2010 9:56:34 AM - Run 2
OTL by OldTimer - Version 3.2.7.0 Folder = C:\Documents and Settings\Lynda\Desktop
Windows 2000 Professional Edition Service Pack 4 (Version = 5.0.2195) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2800.1106)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy

255.00 Mb Total Physical Memory | 55.00 Mb Available Physical Memory | 21.00% Memory free
614.00 Mb Paging File | 302.00 Mb Available in Paging File | 49.00% Paging File free
Paging file location(s): C:\pagefile.sys 384 1000 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINNT | %ProgramFiles% = C:\Program Files
Drive C: | 37.26 Gb Total Space | 5.44 Gb Free Space | 14.60% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: LYNDA-4F4C00F7A
Current User Name: Lynda
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010/07/01 11:46:49 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Lynda\Desktop\OTL.exe
PRC - [2010/06/29 11:55:49 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010/06/28 13:57:18 | 002,837,864 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2010/06/28 13:57:15 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010/04/29 15:39:34 | 000,304,464 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2010/04/29 15:39:32 | 000,437,584 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2010/03/20 12:22:30 | 001,070,240 | ---- | M] (Mischel Internet Security) -- C:\Program Files\TrojanHunter 5.3\THGuard.exe
PRC - [2009/05/27 13:25:34 | 001,528,832 | ---- | M] (Motive Communications, Inc.) -- C:\Program Files\TELUS\TELUS Support Centre\bin\McciTrayApp.exe
PRC - [2008/06/16 13:11:43 | 000,185,896 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
PRC - [2007/10/07 23:49:20 | 000,068,856 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2004/09/07 08:59:06 | 000,122,128 | ---- | M] (Microsoft Corporation) -- C:\WINNT\system32\mstask.exe
PRC - [2003/12/31 17:39:04 | 000,040,960 | ---- | M] () -- C:\WINNT\vsnpstd.exe
PRC - [2003/06/19 12:05:04 | 000,243,472 | ---- | M] (Microsoft Corporation) -- C:\WINNT\explorer.exe
PRC - [2003/06/19 12:05:04 | 000,196,706 | ---- | M] (Microsoft Corporation) -- C:\WINNT\system32\wbem\winmgmt.exe
PRC - [2003/06/19 12:05:04 | 000,068,368 | ---- | M] (Microsoft Corporation) -- C:\WINNT\system32\regsvc.exe
PRC - [2003/06/19 12:05:04 | 000,061,712 | ---- | M] (Microsoft Corporation) -- C:\WINNT\system32\stisvc.exe

========== Modules (SafeList) ==========

MOD - [2010/07/01 11:46:49 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Lynda\Desktop\OTL.exe
MOD - [2003/06/19 12:05:04 | 000,106,547 | ---- | M] (Microsoft Corporation) -- C:\WINNT\system32\msscript.ocx
MOD - [2003/06/19 12:05:04 | 000,010,000 | ---- | M] (Microsoft Corporation) -- C:\WINNT\system32\lz32.dll

========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (Lavasoft Ad-Aware Service)
SRV - File not found [Disabled | Stopped] -- -- (Ati HotKey Poller)
SRV - [2010/06/28 13:57:15 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV - [2010/06/28 13:57:15 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV - [2010/06/28 13:57:15 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010/04/29 15:39:34 | 000,304,464 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2009/08/27 16:26:02 | 000,075,424 | ---- | M] (FRISK Software International) [Disabled | Stopped] -- C:\Program Files\FRISK Software\F-PROT Antivirus for Windows\FPAVServer.exe -- (FPAVServer)
SRV - [2007/08/09 00:27:52 | 000,073,728 | ---- | M] (HP) [Auto | Stopped] -- C:\WINNT\system32\HPZipm12.exe -- (Pml Driver HPZ12)
SRV - [2004/09/07 08:59:06 | 000,122,128 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINNT\system32\mstask.exe -- (Schedule)
SRV - [2003/06/19 12:05:04 | 000,196,706 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINNT\system32\wbem\winmgmt.exe -- (WinMgmt)
SRV - [2003/06/19 12:05:04 | 000,147,728 | ---- | M] (VERITAS Software Corp.) [On_Demand | Stopped] -- C:\WINNT\System32\dmadmin.exe -- (dmadmin)
SRV - [2003/06/19 12:05:04 | 000,094,992 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINNT\system32\faxsvc.exe -- (Fax)
SRV - [2003/06/19 12:05:04 | 000,068,368 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINNT\system32\regsvc.exe -- (RemoteRegistry)
SRV - [2003/06/19 12:05:04 | 000,061,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINNT\system32\stisvc.exe -- (StiSvc)
SRV - [2003/06/19 12:05:04 | 000,022,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINNT\system32\utilman.exe -- (UtilMan)

========== Driver Services (SafeList) ==========

DRV - [2010/06/28 13:37:52 | 000,046,672 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINNT\system32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2010/06/28 13:37:30 | 000,165,456 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINNT\system32\drivers\aswSP.sys -- (aswSP)
DRV - [2010/06/28 13:33:13 | 000,023,376 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] -- C:\WINNT\system32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2010/06/28 13:32:42 | 000,094,544 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINNT\system32\drivers\aswmon.sys -- (aswMon)
DRV - [2010/06/28 13:32:33 | 000,017,744 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINNT\system32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010/06/28 13:32:16 | 000,028,880 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINNT\system32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2010/06/10 17:22:58 | 000,064,288 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\WINNT\system32\DRIVERS\Lbd.sys -- (Lbd)
DRV - [2010/04/29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\WINNT\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2010/04/29 15:39:24 | 000,019,288 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Running] -- C:\WINNT\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2009/08/27 16:25:54 | 000,682,840 | ---- | M] (FRISK Software International) [File_System | Boot | Running] -- C:\WINNT\system32\DRIVERS\FStopW.sys -- (FPAV_RTP)
DRV - [2009/05/27 13:25:34 | 000,021,248 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MREMP50.sys -- (MREMP50)
DRV - [2009/05/27 13:25:34 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MRESP50.sys -- (MRESP50)
DRV - [2008/08/19 23:18:12 | 000,022,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINNT\system32\drivers\usbsermpt.sys -- (usbsermpt)
DRV - [2008/02/14 13:46:30 | 000,015,172 | ---- | M] (Prassi Technology) [Kernel | Boot | Running] -- C:\WINNT\system32\Drivers\PzWDM.sys -- (PzWDM)
DRV - [2008/01/23 14:25:32 | 000,027,136 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\WINNT\system32\drivers\tapvpn.sys -- (tapvpn)
DRV - [2007/10/19 15:19:19 | 000,058,000 | ---- | M] (Roxio) [Kernel | System | Running] -- C:\WINNT\system32\drivers\cdr4_2K.sys -- (Cdr4_2K)
DRV - [2007/10/19 15:19:19 | 000,023,420 | ---- | M] (Roxio) [Kernel | System | Running] -- C:\WINNT\system32\drivers\cdralw2k.sys -- (Cdralw2k)
DRV - [2007/06/18 15:18:26 | 000,023,680 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINNT\system32\drivers\motmodem.sys -- (motmodem)
DRV - [2007/02/22 11:28:48 | 000,030,864 | ---- | M] (Licensed for Sysinfo Lab) [Kernel | Auto | Running] -- C:\Program Files\ASTRA32\astra32.sys -- (ASTRA32)
DRV - [2006/05/01 22:24:28 | 000,021,376 | R--- | M] (DAVICOM Semiconductor, Inc. ) [Kernel | On_Demand | Stopped] -- C:\WINNT\system32\drivers\dm9usb.sys -- (DM9USB)
DRV - [2004/07/09 03:58:10 | 000,015,104 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINNT\system32\drivers\mpe.sys -- (MPE)
DRV - [2004/04/13 20:20:08 | 000,015,781 | R--- | M] (Meetinghouse Data Communications) [Kernel | Auto | Running] -- C:\WINNT\system32\drivers\mdc8021x.sys -- (MDC8021X) AEGIS Protocol (IEEE 802.1x)
DRV - [2004/03/22 21:52:12 | 000,301,824 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINNT\system32\drivers\snpstd.sys -- (snpstd) USB PC Camera (SN9C102)
DRV - [2003/09/25 14:37:58 | 000,054,528 | R--- | M] (Zero-Knowledge Systems Inc.) [Kernel | On_Demand | Running] -- C:\WINNT\system32\drivers\freedom.sys -- (Freedom)
DRV - [2003/06/19 12:05:04 | 000,369,104 | ---- | M] (VERITAS Software Corp.) [Kernel | Disabled | Stopped] -- C:\WINNT\system32\drivers\dmboot.sys -- (dmboot)
DRV - [2003/06/19 12:05:04 | 000,137,936 | ---- | M] (VERITAS Software Corp.) [Kernel | Boot | Running] -- C:\WINNT\System32\drivers\dmio.sys -- (dmio)
DRV - [2003/06/19 12:05:04 | 000,091,408 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINNT\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2003/06/19 12:05:04 | 000,065,520 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINNT\system32\drivers\nwlnknb.sys -- (NwlnkNb)
DRV - [2003/06/19 12:05:04 | 000,060,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINNT\system32\drivers\parallel.sys -- (Parallel)
DRV - [2003/06/19 12:05:04 | 000,032,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINNT\system32\drivers\uhcd.sys -- (uhcd)
DRV - [2003/06/19 12:05:04 | 000,027,440 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Running] -- C:\WINNT\system32\drivers\efs.sys -- (EFS)
DRV - [2003/06/19 12:05:04 | 000,024,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINNT\system32\drivers\openhci.sys -- (openhci)
DRV - [2003/06/19 12:05:04 | 000,007,728 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINNT\system32\drivers\diskperf.sys -- (Diskperf)
DRV - [2003/06/19 12:05:04 | 000,007,312 | ---- | M] (VERITAS Software Corp.) [Kernel | Boot | Running] -- C:\WINNT\System32\drivers\dmload.sys -- (dmload)
DRV - [2003/06/19 05:05:04 | 000,049,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINNT\system32\drivers\usbhub20.sys -- (usbhub20)
DRV - [2002/07/17 09:53:02 | 000,016,877 | ---- | M] (Adaptec) [Kernel | Auto | Running] -- C:\WINNT\system32\drivers\ASPI32.SYS -- (Aspi32)
DRV - [2001/05/08 05:00:00 | 000,102,160 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINNT\system32\drivers\nbf.sys -- (Nbf)
DRV - [2001/05/08 05:00:00 | 000,058,480 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINNT\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)
DRV - [2001/05/08 05:00:00 | 000,021,712 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINNT\system32\drivers\rca.sys -- (RCA)
DRV - [2001/05/08 05:00:00 | 000,009,680 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINNT\system32\drivers\netdtect.sys -- (NetDetect)
DRV - [2000/06/29 10:36:42 | 000,260,841 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINNT\system32\drivers\ati2mtaa.sys -- (ati2mtaa)
DRV - [1999/11/06 03:11:56 | 000,044,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINNT\system32\drivers\es1371mp.sys -- (es1371) Creative AudioPCI (ES1371,ES1373) (WDM)
DRV - [1999/09/30 16:25:32 | 000,016,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINNT\system32\drivers\ne2000.sys -- (ne2000)
DRV - [1999/09/24 12:17:18 | 000,018,704 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINNT\system32\drivers\RTL8139.sys -- (rtl8139)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Search
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.Google.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKLM\Software\Microsoft\Internet Explorer\SearchURL\w, = http://www.Google.com/

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Google "
FF - prefs.js..browser.search.defaulturl: "http://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q= "
FF - prefs.js..browser.startup.homepage: "http://www.google.ca/ "
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/06/29 11:55:54 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/07/02 09:31:30 | 000,000,000 | ---D | M]

[2010/04/20 15:31:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lynda\Application Data\Mozilla\Extensions
[2010/07/02 09:46:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lynda\Application Data\Mozilla\Firefox\Profiles\io85391o.default\extensions
[2010/06/29 11:54:51 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Documents and Settings\Lynda\Application Data\Mozilla\Firefox\Profiles\io85391o.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2008/07/02 12:14:02 | 000,000,276 | ---- | M] () -- C:\Documents and Settings\Lynda\Application Data\Mozilla\Firefox\Profiles\io85391o.default\searchplugins\search.xml
[2010/07/02 09:46:38 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/07/02 09:31:36 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2007/07/26 16:06:34 | 000,479,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\msvcm80.dll
[2007/07/26 16:06:34 | 000,548,864 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\msvcp80.dll
[2007/07/26 16:06:34 | 000,626,688 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\msvcr80.dll
[2010/07/02 09:30:51 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll

O1 HOSTS File: ([2010/07/02 09:34:17 | 000,000,098 | ---- | M]) - C:\WINNT\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (@msdxmLC.dll,-1@1033,&Radio) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx ()
O3 - HKCU\..\Toolbar\ShellBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (@msdxmLC.dll,-1@1033,&Radio) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx ()
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [eFax 4.3] C:\Program Files\eFax Messenger 4.3\J2GDllCmd.exe (j2 Global Communications, Inc.)
O4 - HKLM..\Run: [GlobeCom_Full_Client_McciTrayApp] C:\Program Files\TELUS\TELUS Support Centre\bin\McciTrayApp.exe (Motive Communications, Inc.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [MBBalloon] C:\Program Files\HOTALBUMMyBOX\MBBalloon.exe (PLANNING Co., Ltd.)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINNT\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [snpstd] C:\WINNT\vsnpstd.exe ()
O4 - HKLM..\Run: [THGuard] C:\Program Files\TrojanHunter 5.3\THGuard.exe (Mischel Internet Security)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKCU..\Run: [NBJ] C:\Program Files\Ahead\Nero BackItUp\nbj.exe (Ahead Software AG)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKCU..\RunOnce: [Shockwave Updater] C:\WINNT\System32\Adobe\SHOCKW~1\SWHELP~3.EXE -Update -1103472 -Mozilla\4.0 ( File not found
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\eFax 4.3.lnk = C:\Program Files\eFax Messenger 4.3\J2GTray.exe (j2 Global Communications, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: RestrictRun = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: RestrictRun = 0
O9 - Extra Button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll (Apple Inc.)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: @shdoclc.dll,-866 - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\Web\related.htm ()
O9 - Extra 'Tools' menuitem : @shdoclc.dll,-864 - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\Web\related.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINNT\system32\rnr20.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINNT\system32\NWPROVAU.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000029 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000030 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000031 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000032 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000033 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000034 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000035 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000036 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000037 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000038 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000039 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000040 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000041 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000042 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000043 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000044 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000045 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000046 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000047 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000048 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://www.apple.com/qtactivex/qtplugin.cab (QuickTime Object)
O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} https://oas.support.microsoft.com/ActiveX/MSDcode.cab (Microsoft Data Collection Control)
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase6087.cab (Windows Live Safety Center Base Module)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1276470283938 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1276470217753 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (RealPlayer G2 Control)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINNT\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\wzcnotif: DllName - wzcdlg.dll - C:\WINNT\System32\wzcdlg.dll (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Lynda\My Documents\My Pictures\2009_09_12\IMG_0422.JPG
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Lynda\Application Data\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/10/06 15:55:45 | 000,000,000 | -H-- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\WINNT\System32\lsdelete.exe ()
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 90 Days ==========

[2010/07/02 09:33:52 | 000,000,000 | ---D | C] -- C:\_OTL
[2010/07/02 09:32:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sun
[2010/07/02 09:32:30 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2010/07/01 20:30:03 | 000,017,744 | ---- | C] (ALWIL Software) -- C:\WINNT\System32\drivers\aswFsBlk.sys
[2010/07/01 20:30:01 | 000,165,456 | ---- | C] (ALWIL Software) -- C:\WINNT\System32\drivers\aswSP.sys
[2010/07/01 20:29:57 | 000,023,376 | ---- | C] (ALWIL Software) -- C:\WINNT\System32\drivers\aswRdr.sys
[2010/07/01 20:29:54 | 000,046,672 | ---- | C] (ALWIL Software) -- C:\WINNT\System32\drivers\aswTdi.sys
[2010/07/01 20:29:45 | 000,100,176 | ---- | C] (ALWIL Software) -- C:\WINNT\System32\drivers\aswmon2.sys
[2010/07/01 20:29:45 | 000,094,544 | ---- | C] (ALWIL Software) -- C:\WINNT\System32\drivers\aswmon.sys
[2010/07/01 20:29:43 | 000,028,880 | ---- | C] (ALWIL Software) -- C:\WINNT\System32\drivers\aavmker4.sys
[2010/07/01 20:28:05 | 000,038,848 | ---- | C] (ALWIL Software) -- C:\WINNT\avastSS.scr
[2010/07/01 20:28:03 | 000,165,032 | ---- | C] (AVAST Software) -- C:\WINNT\System32\aswBoot.exe
[2010/07/01 20:27:37 | 000,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2010/07/01 20:27:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2010/07/01 11:46:51 | 000,574,464 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Lynda\Desktop\OTL.exe
[2010/07/01 11:37:39 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010/07/01 11:36:37 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010/07/01 11:36:00 | 000,000,000 | ---D | C] -- C:\32788R22FWJFW
[2010/07/01 06:37:04 | 000,000,000 | ---D | C] -- C:\WINNT\temp
[2010/06/30 17:40:47 | 001,015,120 | ---- | C] (Kaspersky Lab) -- C:\Documents and Settings\Lynda\Desktop\TDSSKiller.exe
[2010/06/28 20:55:12 | 000,000,000 | ---D | C] -- C:\WINNT\ERDNT
[2010/06/27 22:32:30 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINNT\System32\drivers\mbamswissarmy.sys
[2010/06/27 22:32:20 | 000,019,288 | ---- | C] (Malwarebytes Corporation) -- C:\WINNT\System32\drivers\mbam.sys
[2010/06/27 16:11:14 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/06/27 15:57:02 | 006,153,352 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Lynda\Desktop\mbam-setup-1.46.exe
[2010/06/27 12:39:00 | 000,040,960 | ---- | C] (SLCOCHRAN) -- C:\Documents and Settings\Lynda\Desktop\WMUtil.exe
[2010/06/27 10:25:56 | 000,000,000 | -H-D | C] -- C:\WINNT\PIF
[2010/06/27 09:09:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lynda\Desktop\temp msoe
[2010/06/26 21:44:21 | 000,000,000 | ---D | C] -- C:\rei
[2010/06/26 21:44:11 | 000,000,000 | ---D | C] -- C:\Program Files\Reimage
[2010/06/26 19:32:48 | 000,017,168 | ---- | C] (US Robotics MCD (Megahertz)) -- C:\WINNT\System32\dllcache\xem336n5.sys
[2010/06/26 19:32:47 | 000,024,848 | ---- | C] (Lucent Technologies) -- C:\WINNT\System32\dllcache\wvlan48.sys
[2010/06/26 19:32:39 | 000,035,088 | ---- | C] (Raytheon Corp.) -- C:\WINNT\System32\dllcache\wlandrv2.sys
[2010/06/26 19:32:30 | 000,088,576 | ---- | C] (Comtrol® Corporation) -- C:\WINNT\System32\dllcache\wcom32.exe
[2010/06/26 19:32:26 | 000,007,440 | ---- | C] (Eastman Software, Inc., A Kodak Business) -- C:\WINNT\System32\dllcache\wangimg.exe
[2010/06/26 19:32:23 | 000,018,704 | ---- | C] (Winbond Electronics Corporation) -- C:\WINNT\System32\dllcache\w940nd.sys
[2010/06/26 19:32:23 | 000,017,264 | ---- | C] (Winbond Electronics Corporation) -- C:\WINNT\System32\dllcache\w926nd.sys
[2010/06/26 19:32:20 | 000,253,200 | ---- | C] (Comtrol® Corporation) -- C:\WINNT\System32\dllcache\vssetup.dll
[2010/06/26 19:32:20 | 000,053,008 | ---- | C] (3Dfx Interactive, Inc.) -- C:\WINNT\System32\dllcache\voodoo3.sys
[2010/06/26 19:32:19 | 000,333,168 | ---- | C] (3Dfx Interactive, Inc.) -- C:\WINNT\System32\dllcache\voodoo3.dll
[2010/06/26 19:32:02 | 000,154,384 | ---- | C] (Trident Microsystems Inc.) -- C:\WINNT\System32\dllcache\tridkbm.sys
[2010/06/26 19:32:01 | 000,523,408 | ---- | C] (Trident Microsystems Inc.) -- C:\WINNT\System32\dllcache\tridkb.dll
[2010/06/26 19:32:01 | 000,277,520 | ---- | C] (Trident Microsystems Inc.) -- C:\WINNT\System32\dllcache\trid3d.dll
[2010/06/26 19:32:01 | 000,191,888 | ---- | C] (Trident Microsystems Inc.) -- C:\WINNT\System32\dllcache\trid3dm.sys
[2010/06/26 19:32:00 | 000,028,672 | ---- | C] (IBM) -- C:\WINNT\System32\dllcache\tp4res.dll
[2010/06/26 19:31:59 | 000,086,288 | ---- | C] (IBM) -- C:\WINNT\System32\dllcache\tp4mon.exe
[2010/06/26 19:31:59 | 000,035,088 | ---- | C] (IBM) -- C:\WINNT\System32\dllcache\tp4.dll
[2010/06/26 19:31:55 | 000,123,856 | ---- | C] (Tiger Jet Network) -- C:\WINNT\System32\dllcache\tjisdn.sys
[2010/06/26 19:31:54 | 000,141,136 | ---- | C] (Trident Microsystems Inc.) -- C:\WINNT\System32\dllcache\tgiulnt5.sys
[2010/06/26 19:31:54 | 000,079,024 | ---- | C] (Trident Microsystems Inc.) -- C:\WINNT\System32\dllcache\tgiul50.dll
[2010/06/26 19:31:53 | 000,072,784 | ---- | C] (M-Systems) -- C:\WINNT\System32\dllcache\tffsport.sys
[2010/06/26 19:31:50 | 000,010,800 | ---- | C] (Thomas-Conrad Corporation) -- C:\WINNT\System32\dllcache\tcarc.sys
[2010/06/26 19:31:48 | 000,037,104 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINNT\System32\dllcache\t2r4mini.sys
[2010/06/26 19:31:47 | 000,251,312 | ---- | C] (Number Nine Visual Technology) -- C:\WINNT\System32\dllcache\t2r4disp.dll
[2010/06/26 19:31:42 | 000,021,136 | ---- | C] (Symbios Inc.) -- C:\WINNT\System32\dllcache\sym_hi.sys
[2010/06/26 19:31:41 | 000,097,936 | ---- | C] (Specialix International Ltd. ) -- C:\WINNT\System32\dllcache\sx.sys
[2010/06/26 19:31:30 | 000,019,376 | ---- | C] (Adaptec, Inc.) -- C:\WINNT\System32\dllcache\sparrow.sys
[2010/06/26 19:31:13 | 000,036,112 | ---- | C] (SMC) -- C:\WINNT\System32\dllcache\smcirda.sys
[2010/06/26 19:31:13 | 000,023,824 | ---- | C] (Standard Microsystems Corporation) -- C:\WINNT\System32\dllcache\smc8000n.sys
[2010/06/26 19:31:13 | 000,021,008 | ---- | C] (SMC Networks, Inc.) -- C:\WINNT\System32\dllcache\smcpwr2n.sys
[2010/06/26 19:31:11 | 000,052,736 | ---- | C] (Symbol Technologies) -- C:\WINNT\System32\dllcache\slant.sys
[2010/06/26 19:31:11 | 000,019,728 | ---- | C] (MicroGate Corporation) -- C:\WINNT\System32\dllcache\slpp.dll
[2010/06/26 19:31:10 | 000,091,920 | ---- | C] (SysKonnect, a business unit of Schneider & Koch & Co. Datensysteme GmbH.) -- C:\WINNT\System32\dllcache\sk98win.sys
[2010/06/26 19:31:04 | 000,493,424 | ---- | C] (Trident Microsystems Inc.) -- C:\WINNT\System32\dllcache\sgiul50.dll
[2010/06/26 19:31:04 | 000,097,808 | ---- | C] (Trident Microsystems Inc.) -- C:\WINNT\System32\dllcache\sgiulnt5.sys
[2010/06/26 19:31:04 | 000,006,992 | ---- | C] (SGI) -- C:\WINNT\System32\dllcache\sglfb.sys
[2010/06/26 19:30:46 | 000,246,256 | ---- | C] (S3 Incorporated) -- C:\WINNT\System32\dllcache\s3sav4.dll
[2010/06/26 19:30:46 | 000,065,072 | ---- | C] (S3 Incorporated) -- C:\WINNT\System32\dllcache\s3sav4m.sys
[2010/06/26 19:30:46 | 000,016,048 | ---- | C] (DigitalScape) -- C:\WINNT\System32\dllcache\s53c885.sys
[2010/06/26 19:30:45 | 000,304,688 | ---- | C] (S3 Incorporated) -- C:\WINNT\System32\dllcache\s3mvirge.dll
[2010/06/26 19:30:45 | 000,213,776 | ---- | C] (S3 Incorporated) -- C:\WINNT\System32\dllcache\s3sav3d.dll
[2010/06/26 19:30:45 | 000,062,960 | ---- | C] (S3 Incorporated) -- C:\WINNT\System32\dllcache\s3sav3dm.sys
[2010/06/26 19:30:44 | 000,293,456 | ---- | C] (S3 Incorporated) -- C:\WINNT\System32\dllcache\s3mt3d.dll
[2010/06/26 19:30:44 | 000,168,112 | ---- | C] (S3 Incorporated) -- C:\WINNT\System32\dllcache\s3m.sys
[2010/06/26 19:30:44 | 000,061,968 | ---- | C] (S3 Incorporated) -- C:\WINNT\System32\dllcache\s3mtrio.dll
[2010/06/26 19:30:44 | 000,041,008 | ---- | C] (S3 Incorporated) -- C:\WINNT\System32\dllcache\s3mt3d.sys
[2010/06/26 19:30:38 | 000,071,216 | ---- | C] (Comtrol Corporation) -- C:\WINNT\System32\dllcache\rocket.sys
[2010/06/26 19:30:37 | 000,037,808 | ---- | C] (RadioLAN) -- C:\WINNT\System32\dllcache\rlnet5.sys
[2010/06/26 19:30:37 | 000,036,480 | ---- | C] (RNS, a division of Meret Communications, Inc.) -- C:\WINNT\System32\dllcache\rnsfnet.sys
[2010/06/26 19:30:13 | 000,149,264 | ---- | C] (Comtrol® Corporation) -- C:\WINNT\System32\dllcache\portmon.exe
[2010/06/26 19:30:05 | 000,077,072 | ---- | C] (PHILIPS ) -- C:\WINNT\System32\dllcache\philcam1.sys
[2010/06/26 19:30:05 | 000,040,720 | ---- | C] ( ) -- C:\WINNT\System32\dllcache\philcam1.dll
[2010/06/26 19:30:03 | 000,108,304 | ---- | C] (Comtrol® Corporation) -- C:\WINNT\System32\dllcache\peer.exe
[2010/06/26 19:30:03 | 000,035,088 | ---- | C] (Aironet Wireless Communications Inc.) -- C:\WINNT\System32\dllcache\pcx500.sys
[2010/06/26 19:30:01 | 000,024,016 | ---- | C] (Linksys) -- C:\WINNT\System32\dllcache\pc100nds.sys
[2010/06/26 19:29:47 | 000,175,376 | ---- | C] (Olicom A/S ) -- C:\WINNT\System32\dllcache\oct3xnd5.sys
[2010/06/26 19:29:47 | 000,065,808 | ---- | C] (Olicom A/S ) -- C:\WINNT\System32\dllcache\oct4pnd5.sys
[2010/06/26 19:29:47 | 000,057,936 | ---- | C] (Olicom A/S ) -- C:\WINNT\System32\dllcache\oce5xnd5.sys
[2010/06/26 19:29:46 | 000,035,600 | ---- | C] (Olicom A/S ) -- C:\WINNT\System32\dllcache\oce2xnd5.sys
[2010/06/26 19:29:46 | 000,031,984 | ---- | C] (Olicom A/S ) -- C:\WINNT\System32\dllcache\oce4xnd5.sys
[2010/06/26 19:29:46 | 000,023,824 | ---- | C] (Olicom A/S ) -- C:\WINNT\System32\dllcache\oce3xnd5.sys
[2010/06/26 19:29:45 | 000,041,648 | ---- | C] (Olicom A/S ) -- C:\WINNT\System32\dllcache\oca2pnd5.sys
[2010/06/26 19:29:45 | 000,038,960 | ---- | C] (Olicom A/S ) -- C:\WINNT\System32\dllcache\oca1pnd5.sys
[2010/06/26 19:29:17 | 000,026,832 | ---- | C] (Compaq Computer Corp.) -- C:\WINNT\System32\dllcache\netflx.sys
[2010/06/26 19:29:15 | 000,039,888 | ---- | C] (NeoMagic Corporation) -- C:\WINNT\System32\dllcache\neo20xx.sys
[2010/06/26 19:29:14 | 000,060,944 | ---- | C] (NeoMagic Corporation) -- C:\WINNT\System32\dllcache\neo20xx.dll
[2010/06/26 19:29:12 | 000,128,240 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINNT\System32\dllcache\n9i3disp.dll
[2010/06/26 19:29:11 | 000,100,592 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINNT\System32\dllcache\n9i128v2.dll
[2010/06/26 19:29:11 | 000,033,392 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINNT\System32\dllcache\n9i128v2.sys
[2010/06/26 19:29:11 | 000,028,240 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINNT\System32\dllcache\n9i3d.sys
[2010/06/26 19:29:10 | 000,035,760 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINNT\System32\dllcache\n9i128.dll
[2010/06/26 19:29:10 | 000,013,936 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINNT\System32\dllcache\n9i128.sys
[2010/06/26 19:29:08 | 000,020,112 | ---- | C] (Macronix International Co., Ltd. ) -- C:\WINNT\System32\dllcache\mxnic.sys
[2010/06/26 19:28:19 | 000,009,488 | ---- | C] (American MegaTrends Inc.) -- C:\WINNT\System32\dllcache\mraid35x.sys
[2010/06/26 19:28:05 | 000,008,976 | ---- | C] (MicroGate Corporation) -- C:\WINNT\System32\dllcache\mgwantr5.sys
[2010/06/26 19:28:04 | 000,091,408 | ---- | C] (MicroGate Corp) -- C:\WINNT\System32\dllcache\mgwan.exe
[2010/06/26 19:28:04 | 000,067,504 | ---- | C] (MicroGate Corporation) -- C:\WINNT\System32\dllcache\mgwan5.sys
[2010/06/26 19:28:04 | 000,041,984 | ---- | C] (MicroGate Corporation) -- C:\WINNT\System32\dllcache\mgwanpp.dll
[2010/06/26 19:28:03 | 000,063,760 | ---- | C] (MicroGate Corporation) -- C:\WINNT\System32\dllcache\mgfrpp.dll
[2010/06/26 19:28:03 | 000,040,944 | ---- | C] (MicroGate Corporation) -- C:\WINNT\System32\dllcache\mgsl5.sys
[2010/06/26 19:28:03 | 000,033,840 | ---- | C] (MicroGate Corporation) -- C:\WINNT\System32\dllcache\mgsync5.sys
[2010/06/26 19:28:03 | 000,021,264 | ---- | C] (MicroGate Corporation) -- C:\WINNT\System32\dllcache\mgslpp.dll
[2010/06/26 19:28:03 | 000,010,000 | ---- | C] (MicroGate Corporation) -- C:\WINNT\System32\dllcache\mgfrtrc5.sys
[2010/06/26 19:28:02 | 000,097,040 | ---- | C] (MicroGate Corporation) -- C:\WINNT\System32\dllcache\mgfrmon.exe
[2010/06/26 19:28:02 | 000,053,232 | ---- | C] (MicroGate Corporation) -- C:\WINNT\System32\dllcache\mgfr5.sys
[2010/06/26 19:27:55 | 000,150,992 | ---- | C] (Madge Networks Ltd) -- C:\WINNT\System32\dllcache\mdgndis5.sys
[2010/06/26 19:27:50 | 000,410,832 | ---- | C] (LT) -- C:\WINNT\System32\dllcache\ltmdmntt.sys
[2010/06/26 19:27:49 | 000,543,056 | ---- | C] (LT) -- C:\WINNT\System32\dllcache\ltmdmntl.sys
[2010/06/26 19:27:49 | 000,408,016 | ---- | C] (LT) -- C:\WINNT\System32\dllcache\ltmdmntc.sys
[2010/06/26 19:27:48 | 000,413,712 | ---- | C] (LT) -- C:\WINNT\System32\dllcache\ltmdmnt.sys
[2010/06/26 19:27:48 | 000,055,120 | ---- | C] (Logitech) -- C:\WINNT\System32\dllcache\lsermous.sys
[2010/06/26 19:27:46 | 000,033,328 | ---- | C] (Emulex Corporation) -- C:\WINNT\System32\dllcache\lp6nds35.sys
[2010/06/26 19:27:43 | 000,030,992 | ---- | C] (Linksys Group, Inc.) -- C:\WINNT\System32\dllcache\lne100tx.sys
[2010/06/26 19:27:39 | 000,025,360 | ---- | C] (Legend Technology Limited) -- C:\WINNT\System32\dllcache\le56n5.sys
[2010/06/26 19:27:38 | 000,026,640 | ---- | C] (SMSC) -- C:\WINNT\System32\dllcache\lanepic5.sys
[2010/06/26 19:27:15 | 000,046,160 | ---- | C] (Interphase (R) Corporation a Windows (R) 2000 DDK driver provider) -- C:\WINNT\System32\dllcache\ip5515.sys
[2010/06/26 19:27:15 | 000,036,592 | ---- | C] (Specialix International Ltd. ) -- C:\WINNT\System32\dllcache\io8.sys
[2010/06/26 19:26:54 | 000,019,216 | ---- | C] (IBM) -- C:\WINNT\System32\dllcache\ibmeimp.sys
[2010/06/26 19:26:36 | 000,027,408 | ---- | C] (Generic) -- C:\WINNT\System32\dllcache\genan5.sys
[2010/06/26 19:26:36 | 000,025,360 | ---- | C] (Generic) -- C:\WINNT\System32\dllcache\genbn5.sys
[2010/06/26 19:26:34 | 000,404,528 | ---- | C] (AVM Berlin) -- C:\WINNT\System32\dllcache\fxusbase.sys
[2010/06/26 19:26:32 | 000,404,912 | ---- | C] (AVM Berlin) -- C:\WINNT\System32\dllcache\fusbbase.sys
[2010/06/26 19:26:28 | 000,387,248 | ---- | C] (AVM Berlin) -- C:\WINNT\System32\dllcache\fpnpbase.sys
[2010/06/26 19:26:24 | 000,388,272 | ---- | C] (AVM Berlin) -- C:\WINNT\System32\dllcache\fpcmbase.sys
[2010/06/26 19:26:23 | 000,387,440 | ---- | C] (AVM Berlin) -- C:\WINNT\System32\dllcache\fpcibase.sys
[2010/06/26 19:26:14 | 000,076,912 | ---- | C] (Mylex,Corp.) -- C:\WINNT\System32\dllcache\flashpnt.sys
[2010/06/26 19:26:11 | 000,161,040 | ---- | C] (Fujitsu Computer Product of America) -- C:\WINNT\System32\dllcache\fcpatwc.dll
[2010/06/26 19:26:09 | 000,387,536 | ---- | C] (AVM Berlin) -- C:\WINNT\System32\dllcache\fbase.sys
[2010/06/26 19:26:06 | 000,012,048 | ---- | C] (FUJITSU LIMITED) -- C:\WINNT\System32\dllcache\f3ab18xi.sys
[2010/06/26 19:26:06 | 000,011,536 | ---- | C] (FUJITSU LIMITED) -- C:\WINNT\System32\dllcache\f3ab18xj.sys
[2010/06/26 19:26:01 | 000,013,584 | ---- | C] (KTI Networks Inc.) -- C:\WINNT\System32\dllcache\et32nt.sys
[2010/06/26 19:26:00 | 000,227,120 | ---- | C] (ESS Technology Inc.) -- C:\WINNT\System32\dllcache\es56pci.sys
[2010/06/26 19:25:58 | 000,051,152 | ---- | C] (Efficient Networks, Inc.) -- C:\WINNT\System32\dllcache\eni25p.sys
[2010/06/26 19:25:57 | 000,027,408 | ---- | C] (Accton Technology Corporation) -- C:\WINNT\System32\dllcache\en22265.sys
[2010/06/26 19:25:51 | 000,133,200 | ---- | C] (Eicon Technology Corporation) -- C:\WINNT\System32\dllcache\ecndis.sys
[2010/06/26 19:25:51 | 000,070,784 | ---- | C] (Eicon Technology Corporation) -- C:\WINNT\System32\dllcache\ecwani.sys
[2010/06/26 19:25:51 | 000,070,784 | ---- | C] (Eicon Technology Corporation) -- C:\WINNT\System32\dllcache\ecwan.sys
[2010/06/26 19:25:32 | 000,250,640 | ---- | C] (Eicon Technology) -- C:\WINNT\System32\dllcache\ditrace.exe
[2010/06/26 19:25:21 | 000,029,232 | ---- | C] (Digital Equipment Corporation.) -- C:\WINNT\System32\dllcache\defea.sys
[2010/06/26 19:25:21 | 000,021,360 | ---- | C] (Digital Equipment Corporation) -- C:\WINNT\System32\dllcache\defpa.sys
[2010/06/26 19:25:13 | 000,248,080 | ---- | C] (Comtrol® Corporation) -- C:\WINNT\System32\dllcache\ctmasetp.dll
[2010/06/26 19:25:13 | 000,012,560 | ---- | C] (Comtrol® Corporation) -- C:\WINNT\System32\dllcache\ctmvclas.dll
[2010/06/26 19:25:13 | 000,012,560 | ---- | C] (Comtrol® Corporation) -- C:\WINNT\System32\dllcache\ctmrclas.dll
[2010/06/26 19:25:12 | 000,093,456 | ---- | C] (Chips And Technologies, Inc.) -- C:\WINNT\System32\dllcache\ctlegacy.dll
[2010/06/26 19:25:12 | 000,028,848 | ---- | C] (Chips and Technologies, Inc.) -- C:\WINNT\System32\dllcache\ctlegacy.sys
[2010/06/26 19:25:08 | 000,107,376 | ---- | C] (Compaq Computer Corp.) -- C:\WINNT\System32\dllcache\cpqtrnd4.sys
[2010/06/26 19:25:08 | 000,061,072 | ---- | C] (Compaq Computers Inc) -- C:\WINNT\System32\dllcache\cpqtrnd5.sys
[2010/06/26 19:24:39 | 000,027,408 | ---- | C] (Xircom, Inc.) -- C:\WINNT\System32\dllcache\ce3n5.sys
[2010/06/26 19:24:39 | 000,025,360 | ---- | C] (Xircom, Inc.) -- C:\WINNT\System32\dllcache\cem56n5.sys
[2010/06/26 19:24:39 | 000,022,288 | ---- | C] (Xircom, Inc.) -- C:\WINNT\System32\dllcache\cem33n5.sys
[2010/06/26 19:24:39 | 000,022,288 | ---- | C] (Xircom, Inc.) -- C:\WINNT\System32\dllcache\cem28n5.sys
[2010/06/26 19:24:38 | 000,021,776 | ---- | C] (Xircom, Inc.) -- C:\WINNT\System32\dllcache\ce2n5.sys
[2010/06/26 19:24:35 | 000,040,208 | ---- | C] (Xircom, Inc.) -- C:\WINNT\System32\dllcache\cben5.sys
[2010/06/26 19:24:29 | 000,038,928 | ---- | C] (3Dfx Interactive, Inc.) -- C:\WINNT\System32\dllcache\banshee.sys
[2010/06/26 19:24:28 | 000,257,264 | ---- | C] (3Dfx Interactive, Inc.) -- C:\WINNT\System32\dllcache\banshee.dll
[2010/06/26 19:24:28 | 000,063,088 | ---- | C] (AVM Berlin) -- C:\WINNT\System32\dllcache\b1cbase.sys
[2010/06/26 19:24:26 | 000,062,224 | ---- | C] (AVM Berlin) -- C:\WINNT\System32\dllcache\avmcoins.dll
[2010/06/26 19:24:26 | 000,029,968 | ---- | C] (AVM Berlin) -- C:\WINNT\System32\dllcache\avmwan.sys
[2010/06/26 19:24:17 | 000,077,648 | ---- | C] (ATI Technologies, Inc.) -- C:\WINNT\System32\dllcache\ati.sys
[2010/06/26 19:24:15 | 000,097,552 | ---- | C] (Bay Networks, Inc.) -- C:\WINNT\System32\dllcache\aspndis3.sys
[2010/06/26 19:24:10 | 000,022,064 | ---- | C] (AMD Corporation) -- C:\WINNT\System32\dllcache\amd751.sys
[2010/06/26 19:24:09 | 000,055,056 | ---- | C] (AmbiCom, Inc.) -- C:\WINNT\System32\dllcache\ambcbl.sys
[2010/06/26 19:24:08 | 000,597,776 | ---- | C] (Alteon WebSystems Inc.) -- C:\WINNT\System32\dllcache\altnd5.sys
[2010/06/26 19:24:07 | 000,041,744 | ---- | C] (Acer Labs Inc) -- C:\WINNT\System32\dllcache\alifir.sys
[2010/06/26 19:24:06 | 000,095,536 | ---- | C] (Adaptec, Inc.) -- C:\WINNT\System32\dllcache\aic116x.sys
[2010/06/26 19:23:58 | 000,036,368 | ---- | C] (Adaptec, Inc ) -- C:\WINNT\System32\dllcache\adptsf50.sys
[2010/06/26 19:23:48 | 000,387,536 | ---- | C] (AVM Berlin) -- C:\WINNT\System32\dllcache\a1base.sys
[2010/06/26 19:23:46 | 000,019,728 | ---- | C] (Winbond Electronics Corporation) -- C:\WINNT\System32\dllcache\w840nd.sys
[2010/06/26 19:23:42 | 000,176,400 | ---- | C] (Stallion Technologies) -- C:\WINNT\System32\dllcache\stlnprop.dll
[2010/06/26 19:23:41 | 000,280,912 | ---- | C] (Stallion Technologies) -- C:\WINNT\System32\dllcache\stlnata.sys
[2010/06/22 09:06:41 | 000,000,000 | ---D | C] -- C:\Program Files\Resource Kit
[2010/06/21 13:01:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\MGS
[2010/06/21 12:18:10 | 000,000,000 | ---D | C] -- C:\Microgaming
[2010/06/20 13:09:32 | 000,000,000 | ---D | C] -- C:\2ee63a6d2f15f2bc6933a6663abb32d1
[2010/06/20 12:07:00 | 000,000,000 | ---D | C] -- C:\602119c08bc7fc2f3510a95ca86
[2010/06/19 12:37:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lynda\Local Settings\Application Data\Apple Computer
[2010/06/19 12:37:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lynda\Application Data\Apple Computer
[2010/06/19 12:33:21 | 000,000,000 | ---D | C] -- C:\Program Files\Safari
[2010/06/19 12:28:04 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2010/06/19 12:26:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lynda\Local Settings\Application Data\Apple
[2010/06/19 12:25:42 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
[2010/06/19 12:25:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Apple
[2010/06/18 13:05:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lynda\Application Data\Motive
[2010/06/18 12:50:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Motive
[2010/06/18 12:48:21 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Motive
[2010/06/18 12:34:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lynda\Application Data\TELUS
[2010/06/17 16:21:39 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2010/06/17 14:04:53 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Command Software
[2010/06/17 14:04:35 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PestPatrol
[2010/06/17 14:04:33 | 000,000,000 | ---D | C] -- C:\Program Files\TELUS
[2010/06/17 13:51:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TELUS
[2010/06/17 13:19:41 | 000,000,000 | ---D | C] -- C:\1a2687b8e65ac33ffdb2d3d0865a2b64
[2010/06/16 10:17:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lynda\Desktop\Copy of directx
[2010/06/16 10:17:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lynda\Desktop\directx
[2010/06/16 10:02:42 | 000,771,824 | ---- | C] (Rockwell) -- C:\WINNT\System32\dllcache\winacisa.sys
[2010/06/16 10:02:28 | 000,420,624 | ---- | C] (Specialix International Ltd.) -- C:\WINNT\System32\dllcache\spxports.dll
[2010/06/16 10:02:27 | 000,104,656 | ---- | C] (SysKonnect, a business unit of Schneider & Koch & Co. Datensysteme GmbH.) -- C:\WINNT\System32\dllcache\skfpwin.sys
[2010/06/16 09:59:50 | 000,013,680 | ---- | C] (Rainbow Technologies Inc.) -- C:\WINNT\System32\dllcache\rnbo3531.sys
[2010/06/16 09:59:29 | 000,043,792 | ---- | C] (Ositech Communications, Inc.) -- C:\WINNT\System32\dllcache\otceth5.sys
[2010/06/16 09:59:29 | 000,030,064 | ---- | C] (FORE Systems, Inc.) -- C:\WINNT\System32\dllcache\pca200e.sys
[2010/06/16 09:59:28 | 000,030,992 | ---- | C] (NETGEAR Corporation.) -- C:\WINNT\System32\dllcache\ngrpci.sys
[2010/06/16 09:54:54 | 000,019,408 | ---- | C] (Logitech, Inc.) -- C:\WINNT\System32\dllcache\lwusbhid.sys
[2010/06/16 09:54:54 | 000,018,576 | ---- | C] (Logitech, Inc.) -- C:\WINNT\System32\dllcache\lwadihid.sys
[2010/06/16 09:54:52 | 000,015,952 | ---- | C] (Litronic Industries) -- C:\WINNT\System32\dllcache\lit220p.sys
[2010/06/16 09:54:51 | 000,035,856 | ---- | C] (Level One Communications) -- C:\WINNT\System32\dllcache\jt1nd5.sys
[2010/06/16 09:54:40 | 000,038,464 | ---- | C] (Eicon Technology Corporation) -- C:\WINNT\System32\dllcache\ecnb.sys
[2010/06/16 09:54:40 | 000,032,528 | ---- | C] (FORE Systems, Inc.) -- C:\WINNT\System32\dllcache\forehe.sys
[2010/06/16 09:54:40 | 000,017,856 | ---- | C] (Eicon Technology Corporation) -- C:\WINNT\System32\dllcache\ecwandd.sys
[2010/06/16 09:54:39 | 000,033,792 | ---- | C] (Eicon Technology Corporation) -- C:\WINNT\System32\dllcache\ecpagex.dll
[2010/06/16 09:54:39 | 000,023,664 | ---- | C] (Eicon Technology Corporation) -- C:\WINNT\System32\dllcache\eclandd.sys
[2010/06/16 09:54:38 | 000,100,432 | ---- | C] (Eicon Technology Corporation) -- C:\WINNT\System32\dllcache\eccommdd.sys
[2010/06/16 09:54:38 | 000,021,680 | ---- | C] (Eicon Technology Corporation) -- C:\WINNT\System32\dllcache\ecpinst.dll
[2010/06/16 09:54:38 | 000,008,960 | ---- | C] (Eicon Technology Corporation) -- C:\WINNT\System32\dllcache\ecsnadd.sys
[2010/06/16 09:54:38 | 000,007,648 | ---- | C] (Eicon Technology Corporation) -- C:\WINNT\System32\dllcache\ecvbus.sys
[2010/06/16 09:54:38 | 000,007,648 | ---- | C] (Eicon Technology Corporation) -- C:\WINNT\System32\dllcache\ecdtrace.sys
[2010/06/16 09:54:32 | 000,023,216 | ---- | C] (D-Link Corporation) -- C:\WINNT\System32\dllcache\dlh5xnd5.sys
[2010/06/16 09:54:23 | 000,039,680 | ---- | C] (Silicom Ltd.) -- C:\WINNT\System32\dllcache\cb325.sys
[2010/06/16 09:54:23 | 000,031,888 | ---- | C] (BreezeCOM) -- C:\WINNT\System32\dllcache\brzwlan.sys
[2010/06/16 09:54:22 | 000,017,168 | ---- | C] (AmbiCom, Inc.) -- C:\WINNT\System32\dllcache\amb8002.sys
[2010/06/16 09:53:35 | 000,801,072 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINNT\System32\dllcache\3cpciadi.sys
[2010/06/16 09:53:34 | 000,792,176 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINNT\System32\dllcache\3cisaadi.sys
[2010/06/16 09:53:34 | 000,774,928 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINNT\System32\dllcache\3cisati.sys
[2010/06/16 09:53:33 | 000,763,024 | ---- | C] (3Com, Inc.) -- C:\WINNT\System32\dllcache\3cwmcru.sys
[2010/06/15 11:51:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TrojanHunter
[2010/06/15 11:50:54 | 000,000,000 | ---D | C] -- C:\Program Files\TrojanHunter 5.3
[2010/06/14 17:37:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lynda\Application Data\Malwarebytes
[2010/06/14 17:37:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/06/14 16:45:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lynda\Application Data\Yahoo!
[2010/06/14 16:44:35 | 000,000,000 | ---D | C] -- C:\Program Files\Yahoo!
[2010/06/14 16:44:13 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2010/06/13 17:29:16 | 000,000,000 | ---D | C] -- C:\WINNT\Local Settings
[2010/06/13 12:45:53 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live Safety Center
[2010/06/12 09:56:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lynda\Application Data\FRISK Software
[2010/06/12 09:20:39 | 000,682,840 | ---- | C] (FRISK Software International) -- C:\WINNT\System32\drivers\FStopW.sys
[2010/06/12 09:19:54 | 000,000,000 | ---D | C] -- C:\Program Files\FRISK Software

lynsing · 2010/07/02

[2010/06/10 17:26:56 | 000,064,288 | ---- | C] (Lavasoft AB) -- C:\WINNT\System32\drivers\Lbd.sys
[2010/06/10 17:26:03 | 000,095,024 | ---- | C] (Sunbelt Software) -- C:\WINNT\System32\drivers\SBREDrv.sys
[2010/06/10 17:11:19 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}
[2010/06/02 05:12:14 | 000,352,513 | ---- | C] (Avira GmbH) -- C:\WINNT\System32\savapi3.dll
[2010/05/27 22:19:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lynda\Desktop\Heather's DÃ©fi
[2010/05/13 07:19:33 | 000,000,000 | ---D | C] -- C:\Google Earth
[2010/05/10 13:51:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\My Documents
[2010/04/19 00:08:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lynda\My Documents\100419000751
[2010/04/19 00:01:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lynda\My Documents\Ghost pic ...hehe
[2010/04/14 22:18:31 | 000,000,000 | ---D | C] -- C:\temp
[2008/01/03 15:37:52 | 000,061,440 | ---- | C] ( ) -- C:\WINNT\System32\csnpstd.dll
[2008/01/03 15:37:52 | 000,040,960 | ---- | C] ( ) -- C:\WINNT\System32\rsnpstd.dll
[2008/01/03 15:37:52 | 000,036,864 | ---- | C] ( ) -- C:\WINNT\System32\vsnpstd.dll
[6 C:\Documents and Settings\Lynda\My Documents\*.tmp files -> C:\Documents and Settings\Lynda\My Documents\*.tmp -> ]
[1 C:\Documents and Settings\Lynda\Application Data\*.tmp files -> C:\Documents and Settings\Lynda\Application Data\*.tmp -> ]

========== Files - Modified Within 90 Days ==========

[2010/07/02 10:20:08 | 000,000,886 | ---- | M] () -- C:\WINNT\tasks\GoogleUpdateTaskMachineUA.job
[2010/07/02 10:09:33 | 005,120,000 | -H-- | M] () -- C:\Documents and Settings\Lynda\NTUSER.DAT
[2010/07/02 09:36:57 | 000,000,882 | ---- | M] () -- C:\WINNT\tasks\GoogleUpdateTaskMachineCore.job
[2010/07/02 09:36:32 | 000,000,006 | -H-- | M] () -- C:\WINNT\tasks\SA.DAT
[2010/07/02 09:36:25 | 000,016,384 | ---- | M] () -- C:\WINNT\System32\Perflib_Perfdata_298.dat
[2010/07/02 09:34:29 | 000,000,278 | -HS- | M] () -- C:\Documents and Settings\Lynda\ntuser.ini
[2010/07/02 09:34:17 | 000,000,098 | ---- | M] () -- C:\WINNT\System32\drivers\etc\Hosts
[2010/07/01 20:30:07 | 000,001,544 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2010/07/01 20:29:46 | 000,000,051 | ---- | M] () -- C:\WINNT\System32\config.nt
[2010/07/01 15:43:53 | 000,028,160 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Employment Coach.doc
[2010/07/01 13:29:24 | 000,001,960 | ---- | M] () -- C:\WINNT\System32\d3d9caps.dat
[2010/07/01 11:46:49 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Lynda\Desktop\OTL.exe
[2010/07/01 11:41:38 | 000,016,384 | ---- | M] () -- C:\WINNT\System32\Perflib_Perfdata_284.dat
[2010/07/01 11:39:13 | 000,745,364 | -H-- | M] () -- C:\WINNT\ShellIconCache
[2010/07/01 11:30:54 | 000,052,736 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\UK CV.doc
[2010/07/01 11:17:26 | 000,055,296 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\LyndaSchmitResume 2010.doc
[2010/07/01 09:13:23 | 000,031,232 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Film Work Resume.doc
[2010/07/01 09:13:14 | 000,075,776 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Set Resume and Production Assist together.doc
[2010/07/01 08:39:13 | 000,061,440 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Set Tutor Resume Lynda Schmit 2010.doc
[2010/07/01 08:35:17 | 000,020,992 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Natalie's Reference Letter.doc
[2010/07/01 06:42:34 | 000,000,215 | ---- | M] () -- C:\WINNT\system.ini
[2010/07/01 03:00:00 | 000,000,252 | ---- | M] () -- C:\WINNT\tasks\Backup.job
[2010/06/30 20:05:30 | 000,077,312 | ---- | M] () -- C:\Documents and Settings\Lynda\Desktop\mbr.exe
[2010/06/30 17:40:21 | 001,015,120 | ---- | M] (Kaspersky Lab) -- C:\Documents and Settings\Lynda\Desktop\TDSSKiller.exe
[2010/06/30 09:29:11 | 000,000,630 | ---- | M] () -- C:\Documents and Settings\Lynda\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Microsoft Office Outlook.lnk
[2010/06/30 09:28:52 | 000,355,874 | ---- | M] () -- C:\WINNT\System32\perfh009.dat
[2010/06/30 09:28:51 | 000,407,036 | ---- | M] () -- C:\WINNT\System32\PerfStringBackup.INI
[2010/06/30 09:28:51 | 000,047,564 | ---- | M] () -- C:\WINNT\System32\perfc009.dat
[2010/06/30 03:26:30 | 000,000,188 | ---- | M] () -- C:\WINNT\win.ini
[2010/06/29 21:51:40 | 000,000,588 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Acrobat_com.lnk
[2010/06/29 14:15:12 | 000,028,160 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Group Home Operator.doc
[2010/06/29 12:33:16 | 000,001,499 | ---- | M] () -- C:\Documents and Settings\Lynda\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010/06/29 11:42:54 | 000,001,968 | ---- | M] () -- C:\WINNT\imsins.BAK
[2010/06/29 11:24:46 | 000,216,856 | ---- | M] () -- C:\WINNT\System32\FNTCACHE.DAT
[2010/06/29 11:21:06 | 000,001,481 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2010/06/29 10:14:51 | 000,000,880 | ---- | M] () -- C:\WINNT\setup.inf
[2010/06/29 10:14:51 | 000,000,283 | ---- | M] () -- C:\WINNT\setup.rpt
[2010/06/28 19:50:49 | 000,294,400 | ---- | M] () -- C:\Documents and Settings\Lynda\Desktop\exeHelper.com
[2010/06/28 19:18:57 | 000,363,520 | ---- | M] () -- C:\Documents and Settings\Lynda\Desktop\rkill.com
[2010/06/28 18:10:27 | 000,027,136 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\English Teacher J.doc
[2010/06/28 16:42:03 | 000,028,160 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Essential Skiils Practitioner.doc
[2010/06/28 16:19:26 | 000,000,162 | -H-- | M] () -- C:\Documents and Settings\Lynda\My Documents\~$aining Facilitator.doc
[2010/06/28 13:57:33 | 000,038,848 | ---- | M] (ALWIL Software) -- C:\WINNT\avastSS.scr
[2010/06/28 13:57:12 | 000,165,032 | ---- | M] (AVAST Software) -- C:\WINNT\System32\aswBoot.exe
[2010/06/28 13:37:52 | 000,046,672 | ---- | M] (ALWIL Software) -- C:\WINNT\System32\drivers\aswTdi.sys
[2010/06/28 13:37:30 | 000,165,456 | ---- | M] (ALWIL Software) -- C:\WINNT\System32\drivers\aswSP.sys
[2010/06/28 13:33:13 | 000,023,376 | ---- | M] (ALWIL Software) -- C:\WINNT\System32\drivers\aswRdr.sys
[2010/06/28 13:32:45 | 000,100,176 | ---- | M] (ALWIL Software) -- C:\WINNT\System32\drivers\aswmon2.sys
[2010/06/28 13:32:42 | 000,094,544 | ---- | M] (ALWIL Software) -- C:\WINNT\System32\drivers\aswmon.sys
[2010/06/28 13:32:33 | 000,017,744 | ---- | M] (ALWIL Software) -- C:\WINNT\System32\drivers\aswFsBlk.sys
[2010/06/28 13:32:16 | 000,028,880 | ---- | M] (ALWIL Software) -- C:\WINNT\System32\drivers\aavmker4.sys
[2010/06/28 13:14:44 | 000,027,136 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\English Teacher Kindergarten.doc
[2010/06/28 13:07:47 | 000,027,648 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\English Teacher Hampton College.doc
[2010/06/27 22:32:33 | 000,000,569 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/06/27 15:58:41 | 000,002,214 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Directions to Windows BBS advice.rtf
[2010/06/27 15:57:02 | 006,153,352 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Lynda\Desktop\mbam-setup-1.46.exe
[2010/06/27 12:37:54 | 000,179,116 | ---- | M] () -- C:\Documents and Settings\Lynda\Desktop\wmutil151.zip
[2010/06/27 10:26:02 | 000,525,824 | ---- | M] () -- C:\Documents and Settings\Lynda\Desktop\dds.pif
[2010/06/27 09:18:56 | 000,000,735 | ---- | M] () -- C:\Documents and Settings\Lynda\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2010/06/26 21:44:23 | 000,001,558 | ---- | M] () -- C:\Documents and Settings\Lynda\Desktop\PC Scan & Repair by Reimage.lnk
[2010/06/26 10:53:00 | 000,000,284 | ---- | M] () -- C:\WINNT\tasks\AppleSoftwareUpdate.job
[2010/06/26 10:23:52 | 000,241,197 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Global Partners Reference Letter.jpg
[2010/06/25 09:36:30 | 000,000,162 | -H-- | M] () -- C:\Documents and Settings\Lynda\My Documents\~$DICAL ASSESSMENT FORM.doc
[2010/06/25 07:23:22 | 000,000,268 | RHS- | M] () -- C:\boot.ini
[2010/06/24 21:08:07 | 000,069,632 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Smart Teachers CV Lynda Schmit 2010.doc
[2010/06/24 17:29:42 | 000,000,162 | -H-- | M] () -- C:\Documents and Settings\Lynda\My Documents\~$art Teachers CV Lynda Schmit 2010.doc
[2010/06/24 14:35:06 | 000,028,160 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Mercer Bradley.doc
[2010/06/24 14:03:06 | 000,000,162 | -H-- | M] () -- C:\Documents and Settings\Lynda\My Documents\~$sh green officer posting_16jun10.doc
[2010/06/24 14:02:42 | 000,080,384 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\lush green officer posting_16jun10.doc
[2010/06/24 13:11:42 | 000,027,136 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\D'Hercy Dance Co..doc
[2010/06/24 13:05:45 | 000,000,162 | -H-- | M] () -- C:\Documents and Settings\Lynda\My Documents\~$ndertree.doc
[2010/06/24 13:01:54 | 000,026,624 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Life Skills Worker.doc
[2010/06/24 09:52:30 | 000,070,373 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Lynda Schmit Refund Agreement.pdf
[2010/06/22 14:37:39 | 000,000,162 | -H-- | M] () -- C:\Documents and Settings\Lynda\My Documents\~$haviour Interventionalist.doc
[2010/06/22 12:38:22 | 000,027,136 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\VA Instructor.doc
[2010/06/22 12:30:48 | 000,000,162 | -H-- | M] () -- C:\Documents and Settings\Lynda\My Documents\~$ade 6 Jarvis.doc
[2010/06/22 12:08:56 | 000,028,160 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\KGIC.doc
[2010/06/22 12:00:04 | 000,000,162 | -H-- | M] () -- C:\Documents and Settings\Lynda\My Documents\~$L Teacher.doc
[2010/06/21 16:15:10 | 000,028,160 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Transglobal.doc
[2010/06/21 12:25:17 | 000,000,628 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Yukon Gold.lnk
[2010/06/19 16:01:47 | 000,000,702 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Ad-Aware.lnk
[2010/06/19 11:59:36 | 000,028,672 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Trainee Copy Editor.doc
[2010/06/19 11:58:03 | 000,000,162 | -H-- | M] () -- C:\Documents and Settings\Lynda\My Documents\~$ainee Copy Editor.doc
[2010/06/19 11:39:07 | 000,000,162 | -H-- | M] () -- C:\Documents and Settings\Lynda\My Documents\~$rsonal Assistant.doc
[2010/06/19 11:38:22 | 000,000,162 | -H-- | M] () -- C:\Documents and Settings\Lynda\My Documents\~$aining Group Douglas College.doc
[2010/06/19 11:25:20 | 000,028,672 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Personal Assistant.doc
[2010/06/19 11:19:44 | 000,000,162 | -H-- | M] () -- C:\Documents and Settings\Lynda\My Documents\~$cclaim.doc
[2010/06/18 17:13:48 | 000,027,648 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\English Teacher.doc
[2010/06/18 13:27:40 | 000,048,128 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\APPLICATION_FOR_EMPLOYMENT_FORM01(2).doc
[2010/06/18 13:27:32 | 001,446,812 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Application Form.pdf
[2010/06/18 13:06:41 | 000,001,897 | ---- | M] () -- C:\Documents and Settings\Lynda\Desktop\TELUS Support Centre.lnk
[2010/06/18 12:36:21 | 000,792,362 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Diagnostics.html
[2010/06/18 07:04:59 | 000,002,338 | RHS- | M] () -- C:\Documents and Settings\All Users\ntuser.pol
[2010/06/17 14:05:55 | 000,000,698 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\TELUS Security & Privacy.lnk
[2010/06/16 13:03:14 | 000,028,160 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Fossil Project.doc
[2010/06/16 12:49:26 | 000,028,160 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Alexander College.doc
[2010/06/16 12:19:56 | 000,028,160 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Acclaim.doc
[2010/06/16 12:11:42 | 000,028,160 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Training Group Douglas College.doc
[2010/06/16 09:57:32 | 000,602,688 | ---- | M] () -- C:\Documents and Settings\Lynda\Desktop\SP4express_EN.exe
[2010/06/15 11:55:56 | 000,000,032 | ---- | M] () -- C:\WINNT\System32\thxcfg.ini
[2010/06/15 11:51:30 | 000,000,593 | ---- | M] () -- C:\Documents and Settings\Lynda\Application Data\Microsoft\Internet Explorer\Quick Launch\TrojanHunter Scanner.lnk
[2010/06/15 11:51:30 | 000,000,575 | ---- | M] () -- C:\Documents and Settings\Lynda\Desktop\TrojanHunter.lnk
[2010/06/15 11:02:52 | 000,016,576 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\cc_20100615_110225.reg
[2010/06/15 08:40:10 | 000,000,162 | -H-- | M] () -- C:\Documents and Settings\Lynda\My Documents\~$tivity Programmer.doc
[2010/06/15 08:38:03 | 000,000,162 | -H-- | M] () -- C:\Documents and Settings\Lynda\My Documents\~$ne HÃ©bert.doc
[2010/06/14 17:49:16 | 000,015,218 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\cc_20100614_174857.reg
[2010/06/14 17:03:55 | 000,247,024 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\cc_20100614_170229.reg
[2010/06/14 16:44:20 | 000,001,423 | ---- | M] () -- C:\Documents and Settings\Lynda\Desktop\CCleaner.lnk
[2010/06/14 08:54:16 | 000,000,162 | -H-- | M] () -- C:\Documents and Settings\Lynda\My Documents\~$glish Teacher.doc
[2010/06/14 08:47:43 | 000,000,162 | -H-- | M] () -- C:\Documents and Settings\Lynda\My Documents\~$erlitz.doc
[2010/06/12 09:20:54 | 000,001,728 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\F-PROT Antivirus for Windows.lnk
[2010/06/12 00:07:49 | 000,111,967 | ---- | M] () -- C:\WINNT\hpoins07.dat
[2010/06/11 12:26:47 | 000,000,162 | -H-- | M] () -- C:\Documents and Settings\Lynda\My Documents\~$ndaSchmitResume 2010.doc
[2010/06/10 19:00:18 | 000,028,160 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Berlitz.doc
[2010/06/10 18:24:33 | 000,112,033 | ---- | M] () -- C:\WINNT\hpoins07.dat.temp
[2010/06/10 17:25:44 | 000,095,024 | ---- | M] (Sunbelt Software) -- C:\WINNT\System32\drivers\SBREDrv.sys
[2010/06/10 17:22:58 | 000,064,288 | ---- | M] (Lavasoft AB) -- C:\WINNT\System32\drivers\Lbd.sys
[2010/06/10 16:08:36 | 000,097,824 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Yellow Pages Group ABC_eng (8).pdf
[2010/06/09 16:49:09 | 000,000,162 | -H-- | M] () -- C:\Documents and Settings\Lynda\My Documents\~$llow Pages.doc
[2010/06/09 16:22:04 | 000,028,160 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Yellow Pages.doc
[2010/06/08 18:49:52 | 000,027,136 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Winston College.doc
[2010/06/08 10:19:08 | 000,000,162 | -H-- | M] () -- C:\Documents and Settings\Lynda\My Documents\~$UK CV.doc
[2010/06/07 13:10:20 | 000,000,162 | -H-- | M] () -- C:\Documents and Settings\Lynda\My Documents\~$nda Career Change Resume.DOC
[2010/06/07 13:07:05 | 000,048,640 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Education Resume with Personal Info removed.doc
[2010/06/07 12:54:26 | 000,029,696 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Manitongues.doc
[2010/06/07 10:44:22 | 000,000,162 | -H-- | M] () -- C:\Documents and Settings\Lynda\My Documents\~$xwell Canada Paper.doc
[2010/06/07 10:16:33 | 000,027,648 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\HSBC.doc
[2010/06/04 13:15:51 | 000,027,648 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Conversation Club.doc
[2010/06/04 13:10:24 | 000,000,162 | -H-- | M] () -- C:\Documents and Settings\Lynda\My Documents\~$L Instructor Cambridge.doc
[2010/06/03 15:46:04 | 000,020,480 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Paragraph Why ME.doc
[2010/06/03 15:24:08 | 000,027,648 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\ESL Instructor Cambridge.doc
[2010/06/02 18:33:12 | 000,027,136 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Part time Tutor Austin.doc
[2010/06/02 12:00:00 | 000,027,648 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Training Support Specialist.doc
[2010/06/02 05:12:14 | 000,352,513 | ---- | M] (Avira GmbH) -- C:\WINNT\System32\savapi3.dll
[2010/06/01 15:59:51 | 000,027,648 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\gastown.doc
[2010/06/01 15:36:58 | 000,028,672 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Prosperous International Consultants Inc..doc
[2010/05/31 14:00:28 | 000,028,160 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Lynda's rec letter.doc
[2010/05/31 13:58:34 | 000,029,184 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\CSA Transportation.doc
[2010/05/31 13:38:26 | 000,027,648 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\North American Sanitas.doc
[2010/05/31 13:07:52 | 000,027,648 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Maxwell Canada Paper.doc
[2010/05/31 12:24:38 | 000,029,184 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Unya.doc
[2010/05/31 11:09:14 | 000,028,160 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Career Strategist.doc
[2010/05/31 11:03:43 | 000,037,376 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Lynda Career Change Resume.DOC
[2010/05/31 10:42:25 | 000,028,672 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Host Program Coordinator.doc
[2010/05/30 12:08:57 | 000,000,371 | ---- | M] () -- C:\Documents and Settings\Lynda\Desktop\Video .lnk
[2010/05/30 12:08:57 | 000,000,371 | ---- | M] () -- C:\Documents and Settings\Lynda\Desktop\Pictures .lnk
[2010/05/30 12:08:57 | 000,000,371 | ---- | M] () -- C:\Documents and Settings\Lynda\Desktop\Passwords .lnk
[2010/05/30 12:08:57 | 000,000,371 | ---- | M] () -- C:\Documents and Settings\Lynda\Desktop\New Folder .lnk
[2010/05/30 12:08:57 | 000,000,371 | ---- | M] () -- C:\Documents and Settings\Lynda\Desktop\Music .lnk
[2010/05/30 12:08:57 | 000,000,371 | ---- | M] () -- C:\Documents and Settings\Lynda\Desktop\Documents .lnk
[2010/05/30 12:08:57 | 000,000,125 | RHS- | M] () -- C:\Documents and Settings\Lynda\Desktop\autorun.inf
[2010/05/29 11:20:07 | 000,023,552 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Cancellation of Agreement with Rich Janitor SBG.doc
[2010/05/29 10:31:11 | 005,021,184 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Doc1.doc
[2010/05/28 12:18:22 | 037,350,912 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Heather's DÃ©fi Presentation.ppt
[2010/05/28 01:08:49 | 001,166,450 | ---- | M] () -- C:\Documents and Settings\Lynda\Desktop\lightning thief diable.bmp
[2010/05/27 12:06:16 | 000,144,306 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\05[1].27.10 Lynda Schmit.pdf
[2010/05/25 13:21:23 | 000,028,160 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Manager of Education Vancouver Career College.doc
[2010/05/25 12:27:42 | 000,028,672 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Diversecity.doc
[2010/05/20 12:05:48 | 000,053,760 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\LSchmit Education Canada Resume.doc
[2010/05/19 20:09:42 | 000,030,208 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Darren.doc
[2010/05/18 09:12:19 | 000,029,696 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Host family application form Happy Home.xls
[2010/05/14 11:33:38 | 000,028,160 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\office admin.doc
[2010/05/14 11:13:22 | 000,028,160 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Data Entry Shipping.doc
[2010/05/13 14:26:54 | 000,028,672 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Case Manager.doc
[2010/05/13 14:22:13 | 000,049,152 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Lynda Office and Teaching Merged .doc
[2010/05/13 11:00:08 | 000,028,672 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Client Care Coordinator.doc
[2010/05/13 10:59:47 | 000,028,672 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Client Care.doc
[2010/05/13 07:19:34 | 000,001,713 | ---- | M] () -- C:\Google Earth.lnk
[2010/05/12 18:21:46 | 000,027,648 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\CDCI.doc
[2010/05/12 16:58:48 | 000,000,162 | -H-- | M] () -- C:\Documents and Settings\Lynda\My Documents\~$t Resume Lynda Schmit 2010.doc
[2010/05/12 12:01:18 | 000,000,116 | ---- | M] () -- C:\WINNT\NeroDigital.ini
[2010/05/12 11:31:37 | 000,028,672 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Clerical Work Reception, Researcher Government Agencies.doc
[2010/05/11 17:18:53 | 000,029,696 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Cornerstone Montesorri.doc
[2010/05/11 17:07:24 | 000,000,162 | -H-- | M] () -- C:\Documents and Settings\Lynda\My Documents\~$Cats Art Studio.doc
[2010/05/11 16:34:21 | 000,027,136 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Training Facilitator.doc
[2010/05/10 16:54:11 | 000,029,696 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\4 Cats Art Studio.doc
[2010/05/03 12:02:49 | 000,028,160 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Canadian Mental Health Association Vocational Rehab Counsellor.doc
[2010/05/03 11:37:40 | 000,028,160 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Gastown Business College.doc
[2010/05/02 02:04:29 | 000,002,194 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2010/04/29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINNT\System32\drivers\mbamswissarmy.sys
[2010/04/29 15:39:24 | 000,019,288 | ---- | M] (Malwarebytes Corporation) -- C:\WINNT\System32\drivers\mbam.sys
[2010/04/28 18:54:09 | 000,027,648 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Transglobal Education Program Coordinator.doc
[2010/04/26 22:06:48 | 000,030,720 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Steveston's Art Connection.doc
[2010/04/25 16:45:03 | 000,028,160 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\CATSA Commissionaires.doc
[2010/04/19 19:02:08 | 000,100,864 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\English Learner Authorizaton.doc
[2010/04/19 16:40:31 | 000,031,232 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Orange Glen High School Escondido Union High School District.doc
[2010/04/19 00:23:20 | 000,333,312 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\HEather as a ghost.doc
[2010/04/16 08:25:29 | 000,030,208 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Juan and Orlando.doc
[2010/04/10 19:10:43 | 000,545,411 | ---- | M] () -- C:\Documents and Settings\Lynda\Desktop\Lynda-Income Tax 2009.pdf
[2010/04/10 19:05:11 | 000,001,043 | ---- | M] () -- C:\Documents and Settings\Lynda\Desktop\LyndaSchmit2009.tax
[6 C:\Documents and Settings\Lynda\My Documents\*.tmp files -> C:\Documents and Settings\Lynda\My Documents\*.tmp -> ]
[1 C:\Documents and Settings\Lynda\Application Data\*.tmp files -> C:\Documents and Settings\Lynda\Application Data\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/07/02 09:36:25 | 000,016,384 | ---- | C] () -- C:\WINNT\System32\Perflib_Perfdata_298.dat
[2010/07/01 20:30:07 | 000,001,544 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2010/07/01 15:43:53 | 000,028,160 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Employment Coach.doc
[2010/07/01 11:41:38 | 000,016,384 | ---- | C] () -- C:\WINNT\System32\Perflib_Perfdata_284.dat
[2010/07/01 09:06:05 | 000,031,232 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Film Work Resume.doc
[2010/07/01 08:35:17 | 000,020,992 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Natalie's Reference Letter.doc
[2010/06/30 20:05:48 | 000,077,312 | ---- | C] () -- C:\Documents and Settings\Lynda\Desktop\mbr.exe
[2010/06/30 09:41:41 | 000,293,376 | ---- | C] () -- C:\Documents and Settings\Lynda\Desktop\gmer.exe
[2010/06/29 19:42:54 | 000,007,136 | ---- | C] () -- C:\Documents and Settings\Lynda\mbam-log-2010-06-29 (19-42-33).txt
[2010/06/29 14:15:12 | 000,028,160 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Group Home Operator.doc
[2010/06/29 11:21:06 | 000,001,499 | ---- | C] () -- C:\Documents and Settings\Lynda\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010/06/29 11:21:06 | 000,001,481 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2010/06/28 19:50:43 | 000,294,400 | ---- | C] () -- C:\Documents and Settings\Lynda\Desktop\exeHelper.com
[2010/06/28 19:48:46 | 000,363,520 | ---- | C] () -- C:\Documents and Settings\Lynda\Desktop\rkill.com
[2010/06/28 18:10:26 | 000,027,136 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\English Teacher J.doc
[2010/06/28 16:42:03 | 000,028,160 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Essential Skiils Practitioner.doc
[2010/06/28 16:19:26 | 000,000,162 | -H-- | C] () -- C:\Documents and Settings\Lynda\My Documents\~$aining Facilitator.doc
[2010/06/28 13:14:44 | 000,027,136 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\English Teacher Kindergarten.doc
[2010/06/28 13:07:47 | 000,027,648 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\English Teacher Hampton College.doc
[2010/06/27 22:32:33 | 000,000,569 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/06/27 15:58:40 | 000,002,214 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Directions to Windows BBS advice.rtf
[2010/06/27 12:39:00 | 000,499,712 | ---- | C] () -- C:\Documents and Settings\Lynda\Desktop\scxout.dll
[2010/06/27 12:37:54 | 000,179,116 | ---- | C] () -- C:\Documents and Settings\Lynda\Desktop\wmutil151.zip
[2010/06/27 10:25:56 | 000,525,824 | ---- | C] () -- C:\Documents and Settings\Lynda\Desktop\dds.pif
[2010/06/27 09:18:54 | 000,000,735 | ---- | C] () -- C:\Documents and Settings\Lynda\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2010/06/26 21:44:23 | 000,001,558 | ---- | C] () -- C:\Documents and Settings\Lynda\Desktop\PC Scan & Repair by Reimage.lnk
[2010/06/26 19:32:49 | 000,107,792 | ---- | C] () -- C:\WINNT\System32\dllcache\xlog.exe
[2010/06/26 19:32:20 | 000,080,304 | ---- | C] () -- C:\WINNT\System32\dllcache\vslinka.sys
[2010/06/26 19:26:26 | 000,094,208 | ---- | C] () -- C:\WINNT\System32\dllcache\fpencode.dll
[2010/06/26 19:25:32 | 000,612,976 | ---- | C] () -- C:\WINNT\System32\dllcache\diwan.sys
[2010/06/26 19:25:30 | 000,220,944 | ---- | C] () -- C:\WINNT\System32\dllcache\disdnsu.dll
[2010/06/26 19:25:30 | 000,006,928 | ---- | C] () -- C:\WINNT\System32\dllcache\disdnci.dll
[2010/06/26 19:25:28 | 000,068,400 | ---- | C] () -- C:\WINNT\System32\dllcache\dimaint.sys
[2010/06/26 19:24:19 | 000,019,792 | ---- | C] () -- C:\WINNT\System32\dllcache\atixbar.sys
[2010/06/26 19:24:18 | 000,017,968 | ---- | C] () -- C:\WINNT\System32\dllcache\atitunep.sys
[2010/06/25 09:36:30 | 000,000,162 | -H-- | C] () -- C:\Documents and Settings\Lynda\My Documents\~$DICAL ASSESSMENT FORM.doc
[2010/06/24 17:29:42 | 000,000,162 | -H-- | C] () -- C:\Documents and Settings\Lynda\My Documents\~$art Teachers CV Lynda Schmit 2010.doc
[2010/06/24 14:35:00 | 000,028,160 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Mercer Bradley.doc
[2010/06/24 14:03:06 | 000,000,162 | -H-- | C] () -- C:\Documents and Settings\Lynda\My Documents\~$sh green officer posting_16jun10.doc
[2010/06/24 14:02:42 | 000,080,384 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\lush green officer posting_16jun10.doc
[2010/06/24 13:11:42 | 000,027,136 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\D'Hercy Dance Co..doc
[2010/06/24 13:05:45 | 000,000,162 | -H-- | C] () -- C:\Documents and Settings\Lynda\My Documents\~$ndertree.doc
[2010/06/24 13:01:53 | 000,026,624 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Life Skills Worker.doc
[2010/06/24 09:52:30 | 000,070,373 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Lynda Schmit Refund Agreement.pdf
[2010/06/22 14:37:39 | 000,000,162 | -H-- | C] () -- C:\Documents and Settings\Lynda\My Documents\~$haviour Interventionalist.doc
[2010/06/22 12:38:22 | 000,027,136 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\VA Instructor.doc
[2010/06/22 12:30:48 | 000,000,162 | -H-- | C] () -- C:\Documents and Settings\Lynda\My Documents\~$ade 6 Jarvis.doc
[2010/06/22 12:04:58 | 000,028,160 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\KGIC.doc
[2010/06/22 12:00:04 | 000,000,162 | -H-- | C] () -- C:\Documents and Settings\Lynda\My Documents\~$L Teacher.doc
[2010/06/21 16:15:09 | 000,028,160 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Transglobal.doc
[2010/06/21 12:25:17 | 000,000,628 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Yukon Gold.lnk
[2010/06/19 12:26:42 | 000,000,284 | ---- | C] () -- C:\WINNT\tasks\AppleSoftwareUpdate.job
[2010/06/19 11:58:03 | 000,000,162 | -H-- | C] () -- C:\Documents and Settings\Lynda\My Documents\~$ainee Copy Editor.doc
[2010/06/19 11:52:08 | 000,028,672 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Trainee Copy Editor.doc
[2010/06/19 11:39:07 | 000,000,162 | -H-- | C] () -- C:\Documents and Settings\Lynda\My Documents\~$rsonal Assistant.doc
[2010/06/19 11:38:22 | 000,000,162 | -H-- | C] () -- C:\Documents and Settings\Lynda\My Documents\~$aining Group Douglas College.doc
[2010/06/19 11:25:20 | 000,028,672 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Personal Assistant.doc
[2010/06/19 11:19:44 | 000,000,162 | -H-- | C] () -- C:\Documents and Settings\Lynda\My Documents\~$cclaim.doc
[2010/06/18 13:27:40 | 000,048,128 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\APPLICATION_FOR_EMPLOYMENT_FORM01(2).doc
[2010/06/18 13:27:31 | 001,446,812 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Application Form.pdf
[2010/06/18 13:06:41 | 000,001,897 | ---- | C] () -- C:\Documents and Settings\Lynda\Desktop\TELUS Support Centre.lnk
[2010/06/18 12:36:21 | 000,792,362 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Diagnostics.html
[2010/06/17 16:21:51 | 000,000,192 | -HS- | C] () -- C:\BOOT.BAK
[2010/06/17 16:21:50 | 000,229,792 | RHS- | C] () -- C:\cmldr
[2010/06/17 14:05:55 | 000,000,698 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\TELUS Security & Privacy.lnk
[2010/06/17 12:55:10 | 000,602,688 | ---- | C] () -- C:\Documents and Settings\Lynda\Desktop\SP4express_EN.exe
[2010/06/16 13:03:14 | 000,028,160 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Fossil Project.doc
[2010/06/16 12:49:26 | 000,028,160 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Alexander College.doc
[2010/06/16 12:19:56 | 000,028,160 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Acclaim.doc
[2010/06/16 12:11:41 | 000,028,160 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Training Group Douglas College.doc
[2010/06/16 09:54:23 | 000,042,192 | ---- | C] () -- C:\WINNT\System32\dllcache\atibt829.sys
[2010/06/16 09:54:23 | 000,016,976 | ---- | C] () -- C:\WINNT\System32\dllcache\atitvsnd.sys
[2010/06/15 19:45:08 | 000,001,968 | ---- | C] () -- C:\WINNT\imsins.BAK
[2010/06/15 11:51:30 | 000,000,593 | ---- | C] () -- C:\Documents and Settings\Lynda\Application Data\Microsoft\Internet Explorer\Quick Launch\TrojanHunter Scanner.lnk
[2010/06/15 11:51:30 | 000,000,575 | ---- | C] () -- C:\Documents and Settings\Lynda\Desktop\TrojanHunter.lnk
[2010/06/15 11:02:46 | 000,016,576 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\cc_20100615_110225.reg
[2010/06/15 08:40:10 | 000,000,162 | -H-- | C] () -- C:\Documents and Settings\Lynda\My Documents\~$tivity Programmer.doc
[2010/06/15 08:38:03 | 000,000,162 | -H-- | C] () -- C:\Documents and Settings\Lynda\My Documents\~$ne HÃ©bert.doc
[2010/06/14 17:49:14 | 000,015,218 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\cc_20100614_174857.reg
[2010/06/14 17:02:54 | 000,247,024 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\cc_20100614_170229.reg
[2010/06/14 16:44:20 | 000,001,423 | ---- | C] () -- C:\Documents and Settings\Lynda\Desktop\CCleaner.lnk
[2010/06/14 08:54:16 | 000,000,162 | -H-- | C] () -- C:\Documents and Settings\Lynda\My Documents\~$glish Teacher.doc
[2010/06/14 08:47:43 | 000,000,162 | -H-- | C] () -- C:\Documents and Settings\Lynda\My Documents\~$erlitz.doc
[2010/06/12 09:20:54 | 000,001,728 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\F-PROT Antivirus for Windows.lnk
[2010/06/11 16:17:31 | 000,000,032 | ---- | C] () -- C:\WINNT\System32\thxcfg.ini
[2010/06/11 12:26:47 | 000,000,162 | -H-- | C] () -- C:\Documents and Settings\Lynda\My Documents\~$ndaSchmitResume 2010.doc
[2010/06/10 19:00:17 | 000,028,160 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Berlitz.doc
[2010/06/10 18:15:37 | 000,112,033 | ---- | C] () -- C:\WINNT\hpoins07.dat.temp
[2010/06/10 18:15:37 | 000,021,124 | ---- | C] () -- C:\WINNT\hpomdl07.dat.temp
[2010/06/10 17:11:04 | 000,000,702 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Ad-Aware.lnk
[2010/06/10 16:08:36 | 000,097,824 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Yellow Pages Group ABC_eng (8).pdf
[2010/06/09 16:49:09 | 000,000,162 | -H-- | C] () -- C:\Documents and Settings\Lynda\My Documents\~$llow Pages.doc
[2010/06/09 16:21:32 | 000,028,160 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Yellow Pages.doc
[2010/06/08 18:49:51 | 000,027,136 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Winston College.doc
[2010/06/08 10:19:08 | 000,000,162 | -H-- | C] () -- C:\Documents and Settings\Lynda\My Documents\~$UK CV.doc
[2010/06/07 13:10:20 | 000,000,162 | -H-- | C] () -- C:\Documents and Settings\Lynda\My Documents\~$nda Career Change Resume.DOC
[2010/06/07 13:07:04 | 000,048,640 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Education Resume with Personal Info removed.doc
[2010/06/07 12:54:26 | 000,029,696 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Manitongues.doc
[2010/06/07 10:44:22 | 000,000,162 | -H-- | C] () -- C:\Documents and Settings\Lynda\My Documents\~$xwell Canada Paper.doc
[2010/06/07 10:16:33 | 000,027,648 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\HSBC.doc
[2010/06/04 13:15:51 | 000,027,648 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Conversation Club.doc
[2010/06/04 13:10:24 | 000,000,162 | -H-- | C] () -- C:\Documents and Settings\Lynda\My Documents\~$L Instructor Cambridge.doc
[2010/06/03 15:46:04 | 000,020,480 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Paragraph Why ME.doc
[2010/06/03 15:24:08 | 000,027,648 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\ESL Instructor Cambridge.doc
[2010/06/02 18:33:12 | 000,027,136 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Part time Tutor Austin.doc
[2010/06/02 11:59:59 | 000,027,648 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Training Support Specialist.doc
[2010/06/01 15:59:50 | 000,027,648 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\gastown.doc
[2010/06/01 15:36:57 | 000,028,672 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Prosperous International Consultants Inc..doc
[2010/05/31 14:00:28 | 000,028,160 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Lynda's rec letter.doc
[2010/05/31 13:38:26 | 000,027,648 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\North American Sanitas.doc
[2010/05/31 13:07:51 | 000,027,648 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Maxwell Canada Paper.doc
[2010/05/31 12:53:23 | 000,029,184 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\CSA Transportation.doc
[2010/05/31 12:24:38 | 000,029,184 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Unya.doc
[2010/05/31 11:09:13 | 000,028,160 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Career Strategist.doc
[2010/05/31 10:42:25 | 000,028,672 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Host Program Coordinator.doc
[2010/05/30 12:08:57 | 000,000,371 | ---- | C] () -- C:\Documents and Settings\Lynda\Desktop\Video .lnk
[2010/05/30 12:08:57 | 000,000,371 | ---- | C] () -- C:\Documents and Settings\Lynda\Desktop\Pictures .lnk
[2010/05/30 12:08:57 | 000,000,371 | ---- | C] () -- C:\Documents and Settings\Lynda\Desktop\Passwords .lnk
[2010/05/30 12:08:57 | 000,000,371 | ---- | C] () -- C:\Documents and Settings\Lynda\Desktop\New Folder .lnk
[2010/05/30 12:08:57 | 000,000,371 | ---- | C] () -- C:\Documents and Settings\Lynda\Desktop\Music .lnk
[2010/05/30 12:08:57 | 000,000,371 | ---- | C] () -- C:\Documents and Settings\Lynda\Desktop\Documents .lnk
[2010/05/30 12:08:57 | 000,000,125 | RHS- | C] () -- C:\Documents and Settings\Lynda\Desktop\autorun.inf
[2010/05/29 10:31:07 | 005,021,184 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Doc1.doc
[2010/05/28 09:50:50 | 000,023,552 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Cancellation of Agreement with Rich Janitor SBG.doc
[2010/05/28 02:52:20 | 037,350,912 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Heather's DÃ©fi Presentation.ppt
[2010/05/28 01:08:49 | 001,166,450 | ---- | C] () -- C:\Documents and Settings\Lynda\Desktop\lightning thief diable.bmp
[2010/05/27 23:38:16 | 000,058,153 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\IMG_0840.JPG
[2010/05/27 23:38:16 | 000,040,165 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\IMG_0841.JPG
[2010/05/27 12:06:16 | 000,144,306 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\05[1].27.10 Lynda Schmit.pdf
[2010/05/25 13:21:23 | 000,028,160 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Manager of Education Vancouver Career College.doc
[2010/05/25 12:27:42 | 000,028,672 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Diversecity.doc
[2010/05/20 12:05:48 | 000,053,760 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\LSchmit Education Canada Resume.doc
[2010/05/19 20:09:42 | 000,030,208 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Darren.doc
[2010/05/18 16:54:25 | 000,027,648 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\English Teacher.doc
[2010/05/18 09:12:19 | 000,029,696 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Host family application form Happy Home.xls
[2010/05/14 21:51:15 | 000,241,197 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Global Partners Reference Letter.jpg
[2010/05/14 11:33:38 | 000,028,160 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\office admin.doc
[2010/05/14 11:13:22 | 000,028,160 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Data Entry Shipping.doc
[2010/05/13 14:26:53 | 000,028,672 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Case Manager.doc
[2010/05/13 11:00:08 | 000,028,672 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Client Care Coordinator.doc
[2010/05/13 10:59:46 | 000,028,672 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Client Care.doc
[2010/05/12 16:58:48 | 000,000,162 | -H-- | C] () -- C:\Documents and Settings\Lynda\My Documents\~$t Resume Lynda Schmit 2010.doc
[2010/05/12 11:31:37 | 000,028,672 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Clerical Work Reception, Researcher Government Agencies.doc
[2010/05/11 17:18:53 | 000,029,696 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Cornerstone Montesorri.doc
[2010/05/11 17:07:24 | 000,000,162 | -H-- | C] () -- C:\Documents and Settings\Lynda\My Documents\~$Cats Art Studio.doc
[2010/05/11 16:34:20 | 000,027,136 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Training Facilitator.doc
[2010/05/10 16:47:57 | 000,029,696 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\4 Cats Art Studio.doc
[2010/05/10 12:09:10 | 000,027,648 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\CDCI.doc
[2010/05/03 12:02:48 | 000,028,160 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Canadian Mental Health Association Vocational Rehab Counsellor.doc
[2010/05/03 11:37:39 | 000,028,160 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Gastown Business College.doc
[2010/04/28 18:52:59 | 000,027,648 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Transglobal Education Program Coordinator.doc
[2010/04/26 22:06:09 | 000,030,720 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Steveston's Art Connection.doc
[2010/04/25 16:45:03 | 000,028,160 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\CATSA Commissionaires.doc
[2010/04/19 19:02:07 | 000,100,864 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\English Learner Authorizaton.doc
[2010/04/19 16:40:31 | 000,031,232 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Orange Glen High School Escondido Union High School District.doc
[2010/04/19 00:23:19 | 000,333,312 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\HEather as a ghost.doc
[2010/04/15 10:53:05 | 000,030,208 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Juan and Orlando.doc
[2010/04/10 19:10:43 | 000,545,411 | ---- | C] () -- C:\Documents and Settings\Lynda\Desktop\Lynda-Income Tax 2009.pdf
[2010/04/10 19:05:25 | 000,001,043 | ---- | C] () -- C:\Documents and Settings\Lynda\Desktop\LyndaSchmit2009.tax
[2009/07/05 15:52:21 | 000,221,184 | ---- | C] () -- C:\WINNT\System32\lame_enc.dll
[2008/07/03 12:01:31 | 000,059,392 | R--- | C] () -- C:\WINNT\System32\streamhlp.dll
[2008/07/02 16:20:01 | 000,001,152 | ---- | C] () -- C:\WINNT\System32\windrv.sys
[2008/06/21 10:34:24 | 000,000,044 | ---- | C] () -- C:\WINNT\liveup.ini
[2008/06/18 21:20:24 | 000,000,740 | ---- | C] () -- C:\WINNT\cdplayer.ini
[2008/04/25 19:59:33 | 000,000,103 | ---- | C] () -- C:\WINNT\Fashion Magic.ini
[2008/04/25 19:57:56 | 000,000,011 | ---- | C] () -- C:\WINNT\Tank Top Kit.ini
[2008/04/25 09:24:00 | 000,000,000 | ---- | C] () -- C:\WINNT\hpqEmlSz.INI
[2008/04/09 20:39:24 | 000,000,035 | ---- | C] () -- C:\WINNT\InfModM.ini
[2008/04/09 20:34:43 | 000,000,015 | ---- | C] () -- C:\WINNT\wgedit.ini
[2008/03/04 11:36:35 | 000,077,824 | ---- | C] () -- C:\WINNT\System32\asr32312.dll
[2008/03/04 11:12:09 | 000,000,000 | ---- | C] () -- C:\WINNT\SETUP32.INI
[2008/02/14 13:59:50 | 000,354,816 | ---- | C] () -- C:\WINNT\System32\psisdecd.dll
[2008/01/03 15:38:05 | 000,053,248 | ---- | C] () -- C:\WINNT\System32\dsnpstd.dll
[2008/01/03 15:38:05 | 000,015,541 | ---- | C] () -- C:\WINNT\snpstd.ini
[2008/01/03 15:38:00 | 000,301,824 | ---- | C] () -- C:\WINNT\System32\drivers\snpstd.sys
[2007/12/29 19:47:11 | 000,000,000 | ---- | C] () -- C:\WINNT\PCFriend.INI
[2007/12/05 21:22:17 | 000,765,952 | ---- | C] () -- C:\WINNT\System32\xvidcore.dll
[2007/12/05 21:22:17 | 000,180,224 | ---- | C] () -- C:\WINNT\System32\xvidvfw.dll
[2007/10/13 01:15:31 | 000,000,116 | ---- | C] () -- C:\WINNT\NeroDigital.ini
[2007/10/12 21:14:35 | 000,000,035 | ---- | C] () -- C:\WINNT\A5W.INI
[2007/10/09 00:13:00 | 000,000,221 | ---- | C] () -- C:\WINNT\NCLogConfig.ini
[2007/10/08 23:40:59 | 000,000,227 | ---- | C] () -- C:\WINNT\HP_CounterReport_Update_HPSU.ini
[2007/10/08 23:40:28 | 000,000,214 | ---- | C] () -- C:\WINNT\HP_48BitScanUpdatePatch.ini
[2007/10/08 23:12:54 | 000,000,221 | ---- | C] () -- C:\WINNT\HP_RedboxHprblog_HPSU.ini
[2007/10/08 22:27:20 | 000,000,730 | ---- | C] () -- C:\WINNT\ODBC.INI
[2003/01/07 15:05:08 | 000,002,695 | ---- | C] () -- C:\WINNT\System32\OUTLPERF.INI
[2001/07/06 15:30:00 | 000,003,399 | ---- | C] () -- C:\WINNT\System32\hptcpmon.ini
[2001/05/08 05:00:00 | 000,176,400 | ---- | C] () -- C:\WINNT\System32\qcut.dll
[2001/05/08 05:00:00 | 000,033,552 | ---- | C] () -- C:\WINNT\System32\efsadu.dll
[2001/05/08 05:00:00 | 000,007,265 | ---- | C] () -- C:\WINNT\System32\iasperf.ini
[2001/05/08 05:00:00 | 000,001,505 | ---- | C] () -- C:\WINNT\System32\faxperf.ini
[2001/05/08 05:00:00 | 000,000,023 | ---- | C] () -- C:\WINNT\welcome.ini
[1999/09/25 03:36:24 | 000,088,816 | ---- | C] () -- C:\WINNT\System32\drivers\lvcam.sys
[1999/09/25 03:36:22 | 000,017,424 | ---- | C] () -- C:\WINNT\System32\drivers\lvsound.sys
[1998/10/11 01:07:38 | 000,088,576 | ---- | C] () -- C:\WINNT\System32\Iticheck.dll

========== LOP Check ==========

[2008/04/07 22:09:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\4Team
[2009/10/11 11:21:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AGI
[2010/07/01 20:27:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2009/09/01 11:15:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Avanquest Software
[2007/10/12 22:06:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Azureus
[2009/11/05 11:34:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BVRP Software
[2008/08/20 13:56:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\eFax Messenger 4.3 Output
[2008/08/20 13:56:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\eFax Messenger 4.3 Setup
[2007/10/08 14:09:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FRISK Software
[2009/01/02 19:29:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Mediafour
[2010/06/21 13:01:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MGS
[2007/10/24 02:19:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MSScanAppDataDir
[2007/10/09 21:51:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NewsBin
[2010/06/17 13:51:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TELUS
[2008/07/04 12:30:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2008/02/26 12:27:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Transparent
[2010/06/15 11:52:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TrojanHunter
[2010/06/10 17:11:26 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}
[2008/07/03 22:18:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lynda\Application Data\AVGTOOLBAR
[2010/06/14 16:58:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lynda\Application Data\Azureus
[2009/11/26 17:26:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lynda\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2010/06/28 22:51:36 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Lynda\Application Data\drivers
[2007/10/11 19:51:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lynda\Application Data\eFax Messenger
[2010/06/12 09:56:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lynda\Application Data\FRISK Software
[2009/05/22 21:40:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lynda\Application Data\GetRightToGo
[2010/06/04 10:16:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lynda\Application Data\Image Zone Express
[2009/10/02 12:26:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lynda\Application Data\Keynote Systems
[2010/06/27 16:09:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lynda\Application Data\NewsBin
[2010/02/01 13:52:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lynda\Application Data\Printer Info Cache
[2008/06/30 23:36:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lynda\Application Data\SecondLife
[2010/06/18 12:34:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lynda\Application Data\TELUS
[2008/07/03 13:27:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lynda\Application Data\TrojanHunter
[2009/12/20 23:20:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lynda\Application Data\tvp animation 9 pro demo
[2010/07/01 03:00:00 | 000,000,252 | ---- | M] () -- C:\WINNT\Tasks\Backup.job

lynsing · 2010/07/02

[2010/06/10 17:26:56 | 000,064,288 | ---- | C] (Lavasoft AB) -- C:\WINNT\System32\drivers\Lbd.sys
[2010/06/10 17:26:03 | 000,095,024 | ---- | C] (Sunbelt Software) -- C:\WINNT\System32\drivers\SBREDrv.sys
[2010/06/10 17:11:19 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}
[2010/06/02 05:12:14 | 000,352,513 | ---- | C] (Avira GmbH) -- C:\WINNT\System32\savapi3.dll
[2010/05/27 22:19:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lynda\Desktop\Heather's DÃ©fi
[2010/05/13 07:19:33 | 000,000,000 | ---D | C] -- C:\Google Earth
[2010/05/10 13:51:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\My Documents
[2010/04/19 00:08:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lynda\My Documents\100419000751
[2010/04/19 00:01:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lynda\My Documents\Ghost pic ...hehe
[2010/04/14 22:18:31 | 000,000,000 | ---D | C] -- C:\temp
[2008/01/03 15:37:52 | 000,061,440 | ---- | C] ( ) -- C:\WINNT\System32\csnpstd.dll
[2008/01/03 15:37:52 | 000,040,960 | ---- | C] ( ) -- C:\WINNT\System32\rsnpstd.dll
[2008/01/03 15:37:52 | 000,036,864 | ---- | C] ( ) -- C:\WINNT\System32\vsnpstd.dll
[6 C:\Documents and Settings\Lynda\My Documents\*.tmp files -> C:\Documents and Settings\Lynda\My Documents\*.tmp -> ]
[1 C:\Documents and Settings\Lynda\Application Data\*.tmp files -> C:\Documents and Settings\Lynda\Application Data\*.tmp -> ]

========== Files - Modified Within 90 Days ==========

[2010/07/02 10:20:08 | 000,000,886 | ---- | M] () -- C:\WINNT\tasks\GoogleUpdateTaskMachineUA.job
[2010/07/02 10:09:33 | 005,120,000 | -H-- | M] () -- C:\Documents and Settings\Lynda\NTUSER.DAT
[2010/07/02 09:36:57 | 000,000,882 | ---- | M] () -- C:\WINNT\tasks\GoogleUpdateTaskMachineCore.job
[2010/07/02 09:36:32 | 000,000,006 | -H-- | M] () -- C:\WINNT\tasks\SA.DAT
[2010/07/02 09:36:25 | 000,016,384 | ---- | M] () -- C:\WINNT\System32\Perflib_Perfdata_298.dat
[2010/07/02 09:34:29 | 000,000,278 | -HS- | M] () -- C:\Documents and Settings\Lynda\ntuser.ini
[2010/07/02 09:34:17 | 000,000,098 | ---- | M] () -- C:\WINNT\System32\drivers\etc\Hosts
[2010/07/01 20:30:07 | 000,001,544 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2010/07/01 20:29:46 | 000,000,051 | ---- | M] () -- C:\WINNT\System32\config.nt
[2010/07/01 15:43:53 | 000,028,160 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Employment Coach.doc
[2010/07/01 13:29:24 | 000,001,960 | ---- | M] () -- C:\WINNT\System32\d3d9caps.dat
[2010/07/01 11:46:49 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Lynda\Desktop\OTL.exe
[2010/07/01 11:41:38 | 000,016,384 | ---- | M] () -- C:\WINNT\System32\Perflib_Perfdata_284.dat
[2010/07/01 11:39:13 | 000,745,364 | -H-- | M] () -- C:\WINNT\ShellIconCache
[2010/07/01 11:30:54 | 000,052,736 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\UK CV.doc
[2010/07/01 11:17:26 | 000,055,296 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\LyndaSchmitResume 2010.doc
[2010/07/01 09:13:23 | 000,031,232 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Film Work Resume.doc
[2010/07/01 09:13:14 | 000,075,776 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Set Resume and Production Assist together.doc
[2010/07/01 08:39:13 | 000,061,440 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Set Tutor Resume Lynda Schmit 2010.doc
[2010/07/01 08:35:17 | 000,020,992 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Natalie's Reference Letter.doc
[2010/07/01 06:42:34 | 000,000,215 | ---- | M] () -- C:\WINNT\system.ini
[2010/07/01 03:00:00 | 000,000,252 | ---- | M] () -- C:\WINNT\tasks\Backup.job
[2010/06/30 20:05:30 | 000,077,312 | ---- | M] () -- C:\Documents and Settings\Lynda\Desktop\mbr.exe
[2010/06/30 17:40:21 | 001,015,120 | ---- | M] (Kaspersky Lab) -- C:\Documents and Settings\Lynda\Desktop\TDSSKiller.exe
[2010/06/30 09:29:11 | 000,000,630 | ---- | M] () -- C:\Documents and Settings\Lynda\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Microsoft Office Outlook.lnk
[2010/06/30 09:28:52 | 000,355,874 | ---- | M] () -- C:\WINNT\System32\perfh009.dat
[2010/06/30 09:28:51 | 000,407,036 | ---- | M] () -- C:\WINNT\System32\PerfStringBackup.INI
[2010/06/30 09:28:51 | 000,047,564 | ---- | M] () -- C:\WINNT\System32\perfc009.dat
[2010/06/30 03:26:30 | 000,000,188 | ---- | M] () -- C:\WINNT\win.ini
[2010/06/29 21:51:40 | 000,000,588 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Acrobat_com.lnk
[2010/06/29 14:15:12 | 000,028,160 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Group Home Operator.doc
[2010/06/29 12:33:16 | 000,001,499 | ---- | M] () -- C:\Documents and Settings\Lynda\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010/06/29 11:42:54 | 000,001,968 | ---- | M] () -- C:\WINNT\imsins.BAK
[2010/06/29 11:24:46 | 000,216,856 | ---- | M] () -- C:\WINNT\System32\FNTCACHE.DAT
[2010/06/29 11:21:06 | 000,001,481 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2010/06/29 10:14:51 | 000,000,880 | ---- | M] () -- C:\WINNT\setup.inf
[2010/06/29 10:14:51 | 000,000,283 | ---- | M] () -- C:\WINNT\setup.rpt
[2010/06/28 19:50:49 | 000,294,400 | ---- | M] () -- C:\Documents and Settings\Lynda\Desktop\exeHelper.com
[2010/06/28 19:18:57 | 000,363,520 | ---- | M] () -- C:\Documents and Settings\Lynda\Desktop\rkill.com
[2010/06/28 18:10:27 | 000,027,136 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\English Teacher J.doc
[2010/06/28 16:42:03 | 000,028,160 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Essential Skiils Practitioner.doc
[2010/06/28 16:19:26 | 000,000,162 | -H-- | M] () -- C:\Documents and Settings\Lynda\My Documents\~$aining Facilitator.doc
[2010/06/28 13:57:33 | 000,038,848 | ---- | M] (ALWIL Software) -- C:\WINNT\avastSS.scr
[2010/06/28 13:57:12 | 000,165,032 | ---- | M] (AVAST Software) -- C:\WINNT\System32\aswBoot.exe
[2010/06/28 13:37:52 | 000,046,672 | ---- | M] (ALWIL Software) -- C:\WINNT\System32\drivers\aswTdi.sys
[2010/06/28 13:37:30 | 000,165,456 | ---- | M] (ALWIL Software) -- C:\WINNT\System32\drivers\aswSP.sys
[2010/06/28 13:33:13 | 000,023,376 | ---- | M] (ALWIL Software) -- C:\WINNT\System32\drivers\aswRdr.sys
[2010/06/28 13:32:45 | 000,100,176 | ---- | M] (ALWIL Software) -- C:\WINNT\System32\drivers\aswmon2.sys
[2010/06/28 13:32:42 | 000,094,544 | ---- | M] (ALWIL Software) -- C:\WINNT\System32\drivers\aswmon.sys
[2010/06/28 13:32:33 | 000,017,744 | ---- | M] (ALWIL Software) -- C:\WINNT\System32\drivers\aswFsBlk.sys
[2010/06/28 13:32:16 | 000,028,880 | ---- | M] (ALWIL Software) -- C:\WINNT\System32\drivers\aavmker4.sys
[2010/06/28 13:14:44 | 000,027,136 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\English Teacher Kindergarten.doc
[2010/06/28 13:07:47 | 000,027,648 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\English Teacher Hampton College.doc
[2010/06/27 22:32:33 | 000,000,569 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/06/27 15:58:41 | 000,002,214 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Directions to Windows BBS advice.rtf
[2010/06/27 15:57:02 | 006,153,352 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Lynda\Desktop\mbam-setup-1.46.exe
[2010/06/27 12:37:54 | 000,179,116 | ---- | M] () -- C:\Documents and Settings\Lynda\Desktop\wmutil151.zip
[2010/06/27 10:26:02 | 000,525,824 | ---- | M] () -- C:\Documents and Settings\Lynda\Desktop\dds.pif
[2010/06/27 09:18:56 | 000,000,735 | ---- | M] () -- C:\Documents and Settings\Lynda\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2010/06/26 21:44:23 | 000,001,558 | ---- | M] () -- C:\Documents and Settings\Lynda\Desktop\PC Scan & Repair by Reimage.lnk
[2010/06/26 10:53:00 | 000,000,284 | ---- | M] () -- C:\WINNT\tasks\AppleSoftwareUpdate.job
[2010/06/26 10:23:52 | 000,241,197 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Global Partners Reference Letter.jpg
[2010/06/25 09:36:30 | 000,000,162 | -H-- | M] () -- C:\Documents and Settings\Lynda\My Documents\~$DICAL ASSESSMENT FORM.doc
[2010/06/25 07:23:22 | 000,000,268 | RHS- | M] () -- C:\boot.ini
[2010/06/24 21:08:07 | 000,069,632 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Smart Teachers CV Lynda Schmit 2010.doc
[2010/06/24 17:29:42 | 000,000,162 | -H-- | M] () -- C:\Documents and Settings\Lynda\My Documents\~$art Teachers CV Lynda Schmit 2010.doc
[2010/06/24 14:35:06 | 000,028,160 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Mercer Bradley.doc
[2010/06/24 14:03:06 | 000,000,162 | -H-- | M] () -- C:\Documents and Settings\Lynda\My Documents\~$sh green officer posting_16jun10.doc
[2010/06/24 14:02:42 | 000,080,384 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\lush green officer posting_16jun10.doc
[2010/06/24 13:11:42 | 000,027,136 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\D'Hercy Dance Co..doc
[2010/06/24 13:05:45 | 000,000,162 | -H-- | M] () -- C:\Documents and Settings\Lynda\My Documents\~$ndertree.doc
[2010/06/24 13:01:54 | 000,026,624 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Life Skills Worker.doc
[2010/06/24 09:52:30 | 000,070,373 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Lynda Schmit Refund Agreement.pdf
[2010/06/22 14:37:39 | 000,000,162 | -H-- | M] () -- C:\Documents and Settings\Lynda\My Documents\~$haviour Interventionalist.doc
[2010/06/22 12:38:22 | 000,027,136 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\VA Instructor.doc
[2010/06/22 12:30:48 | 000,000,162 | -H-- | M] () -- C:\Documents and Settings\Lynda\My Documents\~$ade 6 Jarvis.doc
[2010/06/22 12:08:56 | 000,028,160 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\KGIC.doc
[2010/06/22 12:00:04 | 000,000,162 | -H-- | M] () -- C:\Documents and Settings\Lynda\My Documents\~$L Teacher.doc
[2010/06/21 16:15:10 | 000,028,160 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Transglobal.doc
[2010/06/21 12:25:17 | 000,000,628 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Yukon Gold.lnk
[2010/06/19 16:01:47 | 000,000,702 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Ad-Aware.lnk
[2010/06/19 11:59:36 | 000,028,672 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Trainee Copy Editor.doc
[2010/06/19 11:58:03 | 000,000,162 | -H-- | M] () -- C:\Documents and Settings\Lynda\My Documents\~$ainee Copy Editor.doc
[2010/06/19 11:39:07 | 000,000,162 | -H-- | M] () -- C:\Documents and Settings\Lynda\My Documents\~$rsonal Assistant.doc
[2010/06/19 11:38:22 | 000,000,162 | -H-- | M] () -- C:\Documents and Settings\Lynda\My Documents\~$aining Group Douglas College.doc
[2010/06/19 11:25:20 | 000,028,672 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Personal Assistant.doc
[2010/06/19 11:19:44 | 000,000,162 | -H-- | M] () -- C:\Documents and Settings\Lynda\My Documents\~$cclaim.doc
[2010/06/18 17:13:48 | 000,027,648 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\English Teacher.doc
[2010/06/18 13:27:40 | 000,048,128 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\APPLICATION_FOR_EMPLOYMENT_FORM01(2).doc
[2010/06/18 13:27:32 | 001,446,812 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Application Form.pdf
[2010/06/18 13:06:41 | 000,001,897 | ---- | M] () -- C:\Documents and Settings\Lynda\Desktop\TELUS Support Centre.lnk
[2010/06/18 12:36:21 | 000,792,362 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Diagnostics.html
[2010/06/18 07:04:59 | 000,002,338 | RHS- | M] () -- C:\Documents and Settings\All Users\ntuser.pol
[2010/06/17 14:05:55 | 000,000,698 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\TELUS Security & Privacy.lnk
[2010/06/16 13:03:14 | 000,028,160 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Fossil Project.doc
[2010/06/16 12:49:26 | 000,028,160 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Alexander College.doc
[2010/06/16 12:19:56 | 000,028,160 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Acclaim.doc
[2010/06/16 12:11:42 | 000,028,160 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Training Group Douglas College.doc
[2010/06/16 09:57:32 | 000,602,688 | ---- | M] () -- C:\Documents and Settings\Lynda\Desktop\SP4express_EN.exe
[2010/06/15 11:55:56 | 000,000,032 | ---- | M] () -- C:\WINNT\System32\thxcfg.ini
[2010/06/15 11:51:30 | 000,000,593 | ---- | M] () -- C:\Documents and Settings\Lynda\Application Data\Microsoft\Internet Explorer\Quick Launch\TrojanHunter Scanner.lnk
[2010/06/15 11:51:30 | 000,000,575 | ---- | M] () -- C:\Documents and Settings\Lynda\Desktop\TrojanHunter.lnk
[2010/06/15 11:02:52 | 000,016,576 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\cc_20100615_110225.reg
[2010/06/15 08:40:10 | 000,000,162 | -H-- | M] () -- C:\Documents and Settings\Lynda\My Documents\~$tivity Programmer.doc
[2010/06/15 08:38:03 | 000,000,162 | -H-- | M] () -- C:\Documents and Settings\Lynda\My Documents\~$ne HÃ©bert.doc
[2010/06/14 17:49:16 | 000,015,218 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\cc_20100614_174857.reg
[2010/06/14 17:03:55 | 000,247,024 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\cc_20100614_170229.reg
[2010/06/14 16:44:20 | 000,001,423 | ---- | M] () -- C:\Documents and Settings\Lynda\Desktop\CCleaner.lnk
[2010/06/14 08:54:16 | 000,000,162 | -H-- | M] () -- C:\Documents and Settings\Lynda\My Documents\~$glish Teacher.doc
[2010/06/14 08:47:43 | 000,000,162 | -H-- | M] () -- C:\Documents and Settings\Lynda\My Documents\~$erlitz.doc
[2010/06/12 09:20:54 | 000,001,728 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\F-PROT Antivirus for Windows.lnk
[2010/06/12 00:07:49 | 000,111,967 | ---- | M] () -- C:\WINNT\hpoins07.dat
[2010/06/11 12:26:47 | 000,000,162 | -H-- | M] () -- C:\Documents and Settings\Lynda\My Documents\~$ndaSchmitResume 2010.doc
[2010/06/10 19:00:18 | 000,028,160 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Berlitz.doc
[2010/06/10 18:24:33 | 000,112,033 | ---- | M] () -- C:\WINNT\hpoins07.dat.temp
[2010/06/10 17:25:44 | 000,095,024 | ---- | M] (Sunbelt Software) -- C:\WINNT\System32\drivers\SBREDrv.sys
[2010/06/10 17:22:58 | 000,064,288 | ---- | M] (Lavasoft AB) -- C:\WINNT\System32\drivers\Lbd.sys
[2010/06/10 16:08:36 | 000,097,824 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Yellow Pages Group ABC_eng (8).pdf
[2010/06/09 16:49:09 | 000,000,162 | -H-- | M] () -- C:\Documents and Settings\Lynda\My Documents\~$llow Pages.doc
[2010/06/09 16:22:04 | 000,028,160 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Yellow Pages.doc
[2010/06/08 18:49:52 | 000,027,136 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Winston College.doc
[2010/06/08 10:19:08 | 000,000,162 | -H-- | M] () -- C:\Documents and Settings\Lynda\My Documents\~$UK CV.doc
[2010/06/07 13:10:20 | 000,000,162 | -H-- | M] () -- C:\Documents and Settings\Lynda\My Documents\~$nda Career Change Resume.DOC
[2010/06/07 13:07:05 | 000,048,640 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Education Resume with Personal Info removed.doc
[2010/06/07 12:54:26 | 000,029,696 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Manitongues.doc
[2010/06/07 10:44:22 | 000,000,162 | -H-- | M] () -- C:\Documents and Settings\Lynda\My Documents\~$xwell Canada Paper.doc
[2010/06/07 10:16:33 | 000,027,648 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\HSBC.doc
[2010/06/04 13:15:51 | 000,027,648 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Conversation Club.doc
[2010/06/04 13:10:24 | 000,000,162 | -H-- | M] () -- C:\Documents and Settings\Lynda\My Documents\~$L Instructor Cambridge.doc
[2010/06/03 15:46:04 | 000,020,480 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Paragraph Why ME.doc
[2010/06/03 15:24:08 | 000,027,648 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\ESL Instructor Cambridge.doc
[2010/06/02 18:33:12 | 000,027,136 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Part time Tutor Austin.doc
[2010/06/02 12:00:00 | 000,027,648 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Training Support Specialist.doc
[2010/06/02 05:12:14 | 000,352,513 | ---- | M] (Avira GmbH) -- C:\WINNT\System32\savapi3.dll
[2010/06/01 15:59:51 | 000,027,648 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\gastown.doc
[2010/06/01 15:36:58 | 000,028,672 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Prosperous International Consultants Inc..doc
[2010/05/31 14:00:28 | 000,028,160 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Lynda's rec letter.doc
[2010/05/31 13:58:34 | 000,029,184 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\CSA Transportation.doc
[2010/05/31 13:38:26 | 000,027,648 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\North American Sanitas.doc
[2010/05/31 13:07:52 | 000,027,648 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Maxwell Canada Paper.doc
[2010/05/31 12:24:38 | 000,029,184 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Unya.doc
[2010/05/31 11:09:14 | 000,028,160 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Career Strategist.doc
[2010/05/31 11:03:43 | 000,037,376 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Lynda Career Change Resume.DOC
[2010/05/31 10:42:25 | 000,028,672 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Host Program Coordinator.doc
[2010/05/30 12:08:57 | 000,000,371 | ---- | M] () -- C:\Documents and Settings\Lynda\Desktop\Video .lnk
[2010/05/30 12:08:57 | 000,000,371 | ---- | M] () -- C:\Documents and Settings\Lynda\Desktop\Pictures .lnk
[2010/05/30 12:08:57 | 000,000,371 | ---- | M] () -- C:\Documents and Settings\Lynda\Desktop\Passwords .lnk
[2010/05/30 12:08:57 | 000,000,371 | ---- | M] () -- C:\Documents and Settings\Lynda\Desktop\New Folder .lnk
[2010/05/30 12:08:57 | 000,000,371 | ---- | M] () -- C:\Documents and Settings\Lynda\Desktop\Music .lnk
[2010/05/30 12:08:57 | 000,000,371 | ---- | M] () -- C:\Documents and Settings\Lynda\Desktop\Documents .lnk
[2010/05/30 12:08:57 | 000,000,125 | RHS- | M] () -- C:\Documents and Settings\Lynda\Desktop\autorun.inf
[2010/05/29 11:20:07 | 000,023,552 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Cancellation of Agreement with Rich Janitor SBG.doc
[2010/05/29 10:31:11 | 005,021,184 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Doc1.doc
[2010/05/28 12:18:22 | 037,350,912 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Heather's DÃ©fi Presentation.ppt
[2010/05/28 01:08:49 | 001,166,450 | ---- | M] () -- C:\Documents and Settings\Lynda\Desktop\lightning thief diable.bmp
[2010/05/27 12:06:16 | 000,144,306 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\05[1].27.10 Lynda Schmit.pdf
[2010/05/25 13:21:23 | 000,028,160 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Manager of Education Vancouver Career College.doc
[2010/05/25 12:27:42 | 000,028,672 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Diversecity.doc
[2010/05/20 12:05:48 | 000,053,760 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\LSchmit Education Canada Resume.doc
[2010/05/19 20:09:42 | 000,030,208 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Darren.doc
[2010/05/18 09:12:19 | 000,029,696 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Host family application form Happy Home.xls
[2010/05/14 11:33:38 | 000,028,160 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\office admin.doc
[2010/05/14 11:13:22 | 000,028,160 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Data Entry Shipping.doc
[2010/05/13 14:26:54 | 000,028,672 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Case Manager.doc
[2010/05/13 14:22:13 | 000,049,152 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Lynda Office and Teaching Merged .doc
[2010/05/13 11:00:08 | 000,028,672 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Client Care Coordinator.doc
[2010/05/13 10:59:47 | 000,028,672 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Client Care.doc
[2010/05/13 07:19:34 | 000,001,713 | ---- | M] () -- C:\Google Earth.lnk
[2010/05/12 18:21:46 | 000,027,648 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\CDCI.doc
[2010/05/12 16:58:48 | 000,000,162 | -H-- | M] () -- C:\Documents and Settings\Lynda\My Documents\~$t Resume Lynda Schmit 2010.doc
[2010/05/12 12:01:18 | 000,000,116 | ---- | M] () -- C:\WINNT\NeroDigital.ini
[2010/05/12 11:31:37 | 000,028,672 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Clerical Work Reception, Researcher Government Agencies.doc
[2010/05/11 17:18:53 | 000,029,696 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Cornerstone Montesorri.doc
[2010/05/11 17:07:24 | 000,000,162 | -H-- | M] () -- C:\Documents and Settings\Lynda\My Documents\~$Cats Art Studio.doc
[2010/05/11 16:34:21 | 000,027,136 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Training Facilitator.doc
[2010/05/10 16:54:11 | 000,029,696 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\4 Cats Art Studio.doc
[2010/05/03 12:02:49 | 000,028,160 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Canadian Mental Health Association Vocational Rehab Counsellor.doc
[2010/05/03 11:37:40 | 000,028,160 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Gastown Business College.doc
[2010/05/02 02:04:29 | 000,002,194 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2010/04/29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINNT\System32\drivers\mbamswissarmy.sys
[2010/04/29 15:39:24 | 000,019,288 | ---- | M] (Malwarebytes Corporation) -- C:\WINNT\System32\drivers\mbam.sys
[2010/04/28 18:54:09 | 000,027,648 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Transglobal Education Program Coordinator.doc
[2010/04/26 22:06:48 | 000,030,720 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Steveston's Art Connection.doc
[2010/04/25 16:45:03 | 000,028,160 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\CATSA Commissionaires.doc
[2010/04/19 19:02:08 | 000,100,864 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\English Learner Authorizaton.doc
[2010/04/19 16:40:31 | 000,031,232 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Orange Glen High School Escondido Union High School District.doc
[2010/04/19 00:23:20 | 000,333,312 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\HEather as a ghost.doc
[2010/04/16 08:25:29 | 000,030,208 | ---- | M] () -- C:\Documents and Settings\Lynda\My Documents\Juan and Orlando.doc
[2010/04/10 19:10:43 | 000,545,411 | ---- | M] () -- C:\Documents and Settings\Lynda\Desktop\Lynda-Income Tax 2009.pdf
[2010/04/10 19:05:11 | 000,001,043 | ---- | M] () -- C:\Documents and Settings\Lynda\Desktop\LyndaSchmit2009.tax
[6 C:\Documents and Settings\Lynda\My Documents\*.tmp files -> C:\Documents and Settings\Lynda\My Documents\*.tmp -> ]
[1 C:\Documents and Settings\Lynda\Application Data\*.tmp files -> C:\Documents and Settings\Lynda\Application Data\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/07/02 09:36:25 | 000,016,384 | ---- | C] () -- C:\WINNT\System32\Perflib_Perfdata_298.dat
[2010/07/01 20:30:07 | 000,001,544 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2010/07/01 15:43:53 | 000,028,160 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Employment Coach.doc
[2010/07/01 11:41:38 | 000,016,384 | ---- | C] () -- C:\WINNT\System32\Perflib_Perfdata_284.dat
[2010/07/01 09:06:05 | 000,031,232 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Film Work Resume.doc
[2010/07/01 08:35:17 | 000,020,992 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Natalie's Reference Letter.doc
[2010/06/30 20:05:48 | 000,077,312 | ---- | C] () -- C:\Documents and Settings\Lynda\Desktop\mbr.exe
[2010/06/30 09:41:41 | 000,293,376 | ---- | C] () -- C:\Documents and Settings\Lynda\Desktop\gmer.exe
[2010/06/29 19:42:54 | 000,007,136 | ---- | C] () -- C:\Documents and Settings\Lynda\mbam-log-2010-06-29 (19-42-33).txt
[2010/06/29 14:15:12 | 000,028,160 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Group Home Operator.doc
[2010/06/29 11:21:06 | 000,001,499 | ---- | C] () -- C:\Documents and Settings\Lynda\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010/06/29 11:21:06 | 000,001,481 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2010/06/28 19:50:43 | 000,294,400 | ---- | C] () -- C:\Documents and Settings\Lynda\Desktop\exeHelper.com
[2010/06/28 19:48:46 | 000,363,520 | ---- | C] () -- C:\Documents and Settings\Lynda\Desktop\rkill.com
[2010/06/28 18:10:26 | 000,027,136 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\English Teacher J.doc
[2010/06/28 16:42:03 | 000,028,160 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Essential Skiils Practitioner.doc
[2010/06/28 16:19:26 | 000,000,162 | -H-- | C] () -- C:\Documents and Settings\Lynda\My Documents\~$aining Facilitator.doc
[2010/06/28 13:14:44 | 000,027,136 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\English Teacher Kindergarten.doc
[2010/06/28 13:07:47 | 000,027,648 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\English Teacher Hampton College.doc
[2010/06/27 22:32:33 | 000,000,569 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/06/27 15:58:40 | 000,002,214 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Directions to Windows BBS advice.rtf
[2010/06/27 12:39:00 | 000,499,712 | ---- | C] () -- C:\Documents and Settings\Lynda\Desktop\scxout.dll
[2010/06/27 12:37:54 | 000,179,116 | ---- | C] () -- C:\Documents and Settings\Lynda\Desktop\wmutil151.zip
[2010/06/27 10:25:56 | 000,525,824 | ---- | C] () -- C:\Documents and Settings\Lynda\Desktop\dds.pif
[2010/06/27 09:18:54 | 000,000,735 | ---- | C] () -- C:\Documents and Settings\Lynda\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2010/06/26 21:44:23 | 000,001,558 | ---- | C] () -- C:\Documents and Settings\Lynda\Desktop\PC Scan & Repair by Reimage.lnk
[2010/06/26 19:32:49 | 000,107,792 | ---- | C] () -- C:\WINNT\System32\dllcache\xlog.exe
[2010/06/26 19:32:20 | 000,080,304 | ---- | C] () -- C:\WINNT\System32\dllcache\vslinka.sys
[2010/06/26 19:26:26 | 000,094,208 | ---- | C] () -- C:\WINNT\System32\dllcache\fpencode.dll
[2010/06/26 19:25:32 | 000,612,976 | ---- | C] () -- C:\WINNT\System32\dllcache\diwan.sys
[2010/06/26 19:25:30 | 000,220,944 | ---- | C] () -- C:\WINNT\System32\dllcache\disdnsu.dll
[2010/06/26 19:25:30 | 000,006,928 | ---- | C] () -- C:\WINNT\System32\dllcache\disdnci.dll
[2010/06/26 19:25:28 | 000,068,400 | ---- | C] () -- C:\WINNT\System32\dllcache\dimaint.sys
[2010/06/26 19:24:19 | 000,019,792 | ---- | C] () -- C:\WINNT\System32\dllcache\atixbar.sys
[2010/06/26 19:24:18 | 000,017,968 | ---- | C] () -- C:\WINNT\System32\dllcache\atitunep.sys
[2010/06/25 09:36:30 | 000,000,162 | -H-- | C] () -- C:\Documents and Settings\Lynda\My Documents\~$DICAL ASSESSMENT FORM.doc
[2010/06/24 17:29:42 | 000,000,162 | -H-- | C] () -- C:\Documents and Settings\Lynda\My Documents\~$art Teachers CV Lynda Schmit 2010.doc
[2010/06/24 14:35:00 | 000,028,160 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Mercer Bradley.doc
[2010/06/24 14:03:06 | 000,000,162 | -H-- | C] () -- C:\Documents and Settings\Lynda\My Documents\~$sh green officer posting_16jun10.doc
[2010/06/24 14:02:42 | 000,080,384 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\lush green officer posting_16jun10.doc
[2010/06/24 13:11:42 | 000,027,136 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\D'Hercy Dance Co..doc
[2010/06/24 13:05:45 | 000,000,162 | -H-- | C] () -- C:\Documents and Settings\Lynda\My Documents\~$ndertree.doc
[2010/06/24 13:01:53 | 000,026,624 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Life Skills Worker.doc
[2010/06/24 09:52:30 | 000,070,373 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Lynda Schmit Refund Agreement.pdf
[2010/06/22 14:37:39 | 000,000,162 | -H-- | C] () -- C:\Documents and Settings\Lynda\My Documents\~$haviour Interventionalist.doc
[2010/06/22 12:38:22 | 000,027,136 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\VA Instructor.doc
[2010/06/22 12:30:48 | 000,000,162 | -H-- | C] () -- C:\Documents and Settings\Lynda\My Documents\~$ade 6 Jarvis.doc
[2010/06/22 12:04:58 | 000,028,160 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\KGIC.doc
[2010/06/22 12:00:04 | 000,000,162 | -H-- | C] () -- C:\Documents and Settings\Lynda\My Documents\~$L Teacher.doc
[2010/06/21 16:15:09 | 000,028,160 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Transglobal.doc
[2010/06/21 12:25:17 | 000,000,628 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Yukon Gold.lnk
[2010/06/19 12:26:42 | 000,000,284 | ---- | C] () -- C:\WINNT\tasks\AppleSoftwareUpdate.job
[2010/06/19 11:58:03 | 000,000,162 | -H-- | C] () -- C:\Documents and Settings\Lynda\My Documents\~$ainee Copy Editor.doc
[2010/06/19 11:52:08 | 000,028,672 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Trainee Copy Editor.doc
[2010/06/19 11:39:07 | 000,000,162 | -H-- | C] () -- C:\Documents and Settings\Lynda\My Documents\~$rsonal Assistant.doc
[2010/06/19 11:38:22 | 000,000,162 | -H-- | C] () -- C:\Documents and Settings\Lynda\My Documents\~$aining Group Douglas College.doc
[2010/06/19 11:25:20 | 000,028,672 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Personal Assistant.doc
[2010/06/19 11:19:44 | 000,000,162 | -H-- | C] () -- C:\Documents and Settings\Lynda\My Documents\~$cclaim.doc
[2010/06/18 13:27:40 | 000,048,128 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\APPLICATION_FOR_EMPLOYMENT_FORM01(2).doc
[2010/06/18 13:27:31 | 001,446,812 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Application Form.pdf
[2010/06/18 13:06:41 | 000,001,897 | ---- | C] () -- C:\Documents and Settings\Lynda\Desktop\TELUS Support Centre.lnk
[2010/06/18 12:36:21 | 000,792,362 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Diagnostics.html
[2010/06/17 16:21:51 | 000,000,192 | -HS- | C] () -- C:\BOOT.BAK
[2010/06/17 16:21:50 | 000,229,792 | RHS- | C] () -- C:\cmldr
[2010/06/17 14:05:55 | 000,000,698 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\TELUS Security & Privacy.lnk
[2010/06/17 12:55:10 | 000,602,688 | ---- | C] () -- C:\Documents and Settings\Lynda\Desktop\SP4express_EN.exe
[2010/06/16 13:03:14 | 000,028,160 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Fossil Project.doc
[2010/06/16 12:49:26 | 000,028,160 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Alexander College.doc
[2010/06/16 12:19:56 | 000,028,160 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Acclaim.doc
[2010/06/16 12:11:41 | 000,028,160 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Training Group Douglas College.doc
[2010/06/16 09:54:23 | 000,042,192 | ---- | C] () -- C:\WINNT\System32\dllcache\atibt829.sys
[2010/06/16 09:54:23 | 000,016,976 | ---- | C] () -- C:\WINNT\System32\dllcache\atitvsnd.sys
[2010/06/15 19:45:08 | 000,001,968 | ---- | C] () -- C:\WINNT\imsins.BAK
[2010/06/15 11:51:30 | 000,000,593 | ---- | C] () -- C:\Documents and Settings\Lynda\Application Data\Microsoft\Internet Explorer\Quick Launch\TrojanHunter Scanner.lnk
[2010/06/15 11:51:30 | 000,000,575 | ---- | C] () -- C:\Documents and Settings\Lynda\Desktop\TrojanHunter.lnk
[2010/06/15 11:02:46 | 000,016,576 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\cc_20100615_110225.reg
[2010/06/15 08:40:10 | 000,000,162 | -H-- | C] () -- C:\Documents and Settings\Lynda\My Documents\~$tivity Programmer.doc
[2010/06/15 08:38:03 | 000,000,162 | -H-- | C] () -- C:\Documents and Settings\Lynda\My Documents\~$ne HÃ©bert.doc
[2010/06/14 17:49:14 | 000,015,218 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\cc_20100614_174857.reg
[2010/06/14 17:02:54 | 000,247,024 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\cc_20100614_170229.reg
[2010/06/14 16:44:20 | 000,001,423 | ---- | C] () -- C:\Documents and Settings\Lynda\Desktop\CCleaner.lnk
[2010/06/14 08:54:16 | 000,000,162 | -H-- | C] () -- C:\Documents and Settings\Lynda\My Documents\~$glish Teacher.doc
[2010/06/14 08:47:43 | 000,000,162 | -H-- | C] () -- C:\Documents and Settings\Lynda\My Documents\~$erlitz.doc
[2010/06/12 09:20:54 | 000,001,728 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\F-PROT Antivirus for Windows.lnk
[2010/06/11 16:17:31 | 000,000,032 | ---- | C] () -- C:\WINNT\System32\thxcfg.ini
[2010/06/11 12:26:47 | 000,000,162 | -H-- | C] () -- C:\Documents and Settings\Lynda\My Documents\~$ndaSchmitResume 2010.doc
[2010/06/10 19:00:17 | 000,028,160 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Berlitz.doc
[2010/06/10 18:15:37 | 000,112,033 | ---- | C] () -- C:\WINNT\hpoins07.dat.temp
[2010/06/10 18:15:37 | 000,021,124 | ---- | C] () -- C:\WINNT\hpomdl07.dat.temp
[2010/06/10 17:11:04 | 000,000,702 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Ad-Aware.lnk
[2010/06/10 16:08:36 | 000,097,824 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Yellow Pages Group ABC_eng (8).pdf
[2010/06/09 16:49:09 | 000,000,162 | -H-- | C] () -- C:\Documents and Settings\Lynda\My Documents\~$llow Pages.doc
[2010/06/09 16:21:32 | 000,028,160 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Yellow Pages.doc
[2010/06/08 18:49:51 | 000,027,136 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Winston College.doc
[2010/06/08 10:19:08 | 000,000,162 | -H-- | C] () -- C:\Documents and Settings\Lynda\My Documents\~$UK CV.doc
[2010/06/07 13:10:20 | 000,000,162 | -H-- | C] () -- C:\Documents and Settings\Lynda\My Documents\~$nda Career Change Resume.DOC
[2010/06/07 13:07:04 | 000,048,640 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Education Resume with Personal Info removed.doc
[2010/06/07 12:54:26 | 000,029,696 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Manitongues.doc
[2010/06/07 10:44:22 | 000,000,162 | -H-- | C] () -- C:\Documents and Settings\Lynda\My Documents\~$xwell Canada Paper.doc
[2010/06/07 10:16:33 | 000,027,648 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\HSBC.doc
[2010/06/04 13:15:51 | 000,027,648 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Conversation Club.doc
[2010/06/04 13:10:24 | 000,000,162 | -H-- | C] () -- C:\Documents and Settings\Lynda\My Documents\~$L Instructor Cambridge.doc
[2010/06/03 15:46:04 | 000,020,480 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Paragraph Why ME.doc
[2010/06/03 15:24:08 | 000,027,648 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\ESL Instructor Cambridge.doc
[2010/06/02 18:33:12 | 000,027,136 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Part time Tutor Austin.doc
[2010/06/02 11:59:59 | 000,027,648 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Training Support Specialist.doc
[2010/06/01 15:59:50 | 000,027,648 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\gastown.doc
[2010/06/01 15:36:57 | 000,028,672 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Prosperous International Consultants Inc..doc
[2010/05/31 14:00:28 | 000,028,160 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Lynda's rec letter.doc
[2010/05/31 13:38:26 | 000,027,648 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\North American Sanitas.doc
[2010/05/31 13:07:51 | 000,027,648 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Maxwell Canada Paper.doc
[2010/05/31 12:53:23 | 000,029,184 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\CSA Transportation.doc
[2010/05/31 12:24:38 | 000,029,184 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Unya.doc
[2010/05/31 11:09:13 | 000,028,160 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Career Strategist.doc
[2010/05/31 10:42:25 | 000,028,672 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Host Program Coordinator.doc
[2010/05/30 12:08:57 | 000,000,371 | ---- | C] () -- C:\Documents and Settings\Lynda\Desktop\Video .lnk
[2010/05/30 12:08:57 | 000,000,371 | ---- | C] () -- C:\Documents and Settings\Lynda\Desktop\Pictures .lnk
[2010/05/30 12:08:57 | 000,000,371 | ---- | C] () -- C:\Documents and Settings\Lynda\Desktop\Passwords .lnk
[2010/05/30 12:08:57 | 000,000,371 | ---- | C] () -- C:\Documents and Settings\Lynda\Desktop\New Folder .lnk
[2010/05/30 12:08:57 | 000,000,371 | ---- | C] () -- C:\Documents and Settings\Lynda\Desktop\Music .lnk
[2010/05/30 12:08:57 | 000,000,371 | ---- | C] () -- C:\Documents and Settings\Lynda\Desktop\Documents .lnk
[2010/05/30 12:08:57 | 000,000,125 | RHS- | C] () -- C:\Documents and Settings\Lynda\Desktop\autorun.inf
[2010/05/29 10:31:07 | 005,021,184 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Doc1.doc
[2010/05/28 09:50:50 | 000,023,552 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Cancellation of Agreement with Rich Janitor SBG.doc
[2010/05/28 02:52:20 | 037,350,912 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Heather's DÃ©fi Presentation.ppt
[2010/05/28 01:08:49 | 001,166,450 | ---- | C] () -- C:\Documents and Settings\Lynda\Desktop\lightning thief diable.bmp
[2010/05/27 23:38:16 | 000,058,153 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\IMG_0840.JPG
[2010/05/27 23:38:16 | 000,040,165 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\IMG_0841.JPG
[2010/05/27 12:06:16 | 000,144,306 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\05[1].27.10 Lynda Schmit.pdf
[2010/05/25 13:21:23 | 000,028,160 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Manager of Education Vancouver Career College.doc
[2010/05/25 12:27:42 | 000,028,672 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Diversecity.doc
[2010/05/20 12:05:48 | 000,053,760 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\LSchmit Education Canada Resume.doc
[2010/05/19 20:09:42 | 000,030,208 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Darren.doc
[2010/05/18 16:54:25 | 000,027,648 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\English Teacher.doc
[2010/05/18 09:12:19 | 000,029,696 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Host family application form Happy Home.xls
[2010/05/14 21:51:15 | 000,241,197 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Global Partners Reference Letter.jpg
[2010/05/14 11:33:38 | 000,028,160 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\office admin.doc
[2010/05/14 11:13:22 | 000,028,160 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Data Entry Shipping.doc
[2010/05/13 14:26:53 | 000,028,672 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Case Manager.doc
[2010/05/13 11:00:08 | 000,028,672 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Client Care Coordinator.doc
[2010/05/13 10:59:46 | 000,028,672 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Client Care.doc
[2010/05/12 16:58:48 | 000,000,162 | -H-- | C] () -- C:\Documents and Settings\Lynda\My Documents\~$t Resume Lynda Schmit 2010.doc
[2010/05/12 11:31:37 | 000,028,672 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Clerical Work Reception, Researcher Government Agencies.doc
[2010/05/11 17:18:53 | 000,029,696 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Cornerstone Montesorri.doc
[2010/05/11 17:07:24 | 000,000,162 | -H-- | C] () -- C:\Documents and Settings\Lynda\My Documents\~$Cats Art Studio.doc
[2010/05/11 16:34:20 | 000,027,136 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Training Facilitator.doc
[2010/05/10 16:47:57 | 000,029,696 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\4 Cats Art Studio.doc
[2010/05/10 12:09:10 | 000,027,648 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\CDCI.doc
[2010/05/03 12:02:48 | 000,028,160 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Canadian Mental Health Association Vocational Rehab Counsellor.doc
[2010/05/03 11:37:39 | 000,028,160 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Gastown Business College.doc
[2010/04/28 18:52:59 | 000,027,648 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Transglobal Education Program Coordinator.doc
[2010/04/26 22:06:09 | 000,030,720 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Steveston's Art Connection.doc
[2010/04/25 16:45:03 | 000,028,160 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\CATSA Commissionaires.doc
[2010/04/19 19:02:07 | 000,100,864 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\English Learner Authorizaton.doc
[2010/04/19 16:40:31 | 000,031,232 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Orange Glen High School Escondido Union High School District.doc
[2010/04/19 00:23:19 | 000,333,312 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\HEather as a ghost.doc
[2010/04/15 10:53:05 | 000,030,208 | ---- | C] () -- C:\Documents and Settings\Lynda\My Documents\Juan and Orlando.doc
[2010/04/10 19:10:43 | 000,545,411 | ---- | C] () -- C:\Documents and Settings\Lynda\Desktop\Lynda-Income Tax 2009.pdf
[2010/04/10 19:05:25 | 000,001,043 | ---- | C] () -- C:\Documents and Settings\Lynda\Desktop\LyndaSchmit2009.tax
[2009/07/05 15:52:21 | 000,221,184 | ---- | C] () -- C:\WINNT\System32\lame_enc.dll
[2008/07/03 12:01:31 | 000,059,392 | R--- | C] () -- C:\WINNT\System32\streamhlp.dll
[2008/07/02 16:20:01 | 000,001,152 | ---- | C] () -- C:\WINNT\System32\windrv.sys
[2008/06/21 10:34:24 | 000,000,044 | ---- | C] () -- C:\WINNT\liveup.ini
[2008/06/18 21:20:24 | 000,000,740 | ---- | C] () -- C:\WINNT\cdplayer.ini
[2008/04/25 19:59:33 | 000,000,103 | ---- | C] () -- C:\WINNT\Fashion Magic.ini
[2008/04/25 19:57:56 | 000,000,011 | ---- | C] () -- C:\WINNT\Tank Top Kit.ini
[2008/04/25 09:24:00 | 000,000,000 | ---- | C] () -- C:\WINNT\hpqEmlSz.INI
[2008/04/09 20:39:24 | 000,000,035 | ---- | C] () -- C:\WINNT\InfModM.ini
[2008/04/09 20:34:43 | 000,000,015 | ---- | C] () -- C:\WINNT\wgedit.ini
[2008/03/04 11:36:35 | 000,077,824 | ---- | C] () -- C:\WINNT\System32\asr32312.dll
[2008/03/04 11:12:09 | 000,000,000 | ---- | C] () -- C:\WINNT\SETUP32.INI
[2008/02/14 13:59:50 | 000,354,816 | ---- | C] () -- C:\WINNT\System32\psisdecd.dll
[2008/01/03 15:38:05 | 000,053,248 | ---- | C] () -- C:\WINNT\System32\dsnpstd.dll
[2008/01/03 15:38:05 | 000,015,541 | ---- | C] () -- C:\WINNT\snpstd.ini
[2008/01/03 15:38:00 | 000,301,824 | ---- | C] () -- C:\WINNT\System32\drivers\snpstd.sys
[2007/12/29 19:47:11 | 000,000,000 | ---- | C] () -- C:\WINNT\PCFriend.INI
[2007/12/05 21:22:17 | 000,765,952 | ---- | C] () -- C:\WINNT\System32\xvidcore.dll
[2007/12/05 21:22:17 | 000,180,224 | ---- | C] () -- C:\WINNT\System32\xvidvfw.dll
[2007/10/13 01:15:31 | 000,000,116 | ---- | C] () -- C:\WINNT\NeroDigital.ini
[2007/10/12 21:14:35 | 000,000,035 | ---- | C] () -- C:\WINNT\A5W.INI
[2007/10/09 00:13:00 | 000,000,221 | ---- | C] () -- C:\WINNT\NCLogConfig.ini
[2007/10/08 23:40:59 | 000,000,227 | ---- | C] () -- C:\WINNT\HP_CounterReport_Update_HPSU.ini
[2007/10/08 23:40:28 | 000,000,214 | ---- | C] () -- C:\WINNT\HP_48BitScanUpdatePatch.ini
[2007/10/08 23:12:54 | 000,000,221 | ---- | C] () -- C:\WINNT\HP_RedboxHprblog_HPSU.ini
[2007/10/08 22:27:20 | 000,000,730 | ---- | C] () -- C:\WINNT\ODBC.INI
[2003/01/07 15:05:08 | 000,002,695 | ---- | C] () -- C:\WINNT\System32\OUTLPERF.INI
[2001/07/06 15:30:00 | 000,003,399 | ---- | C] () -- C:\WINNT\System32\hptcpmon.ini
[2001/05/08 05:00:00 | 000,176,400 | ---- | C] () -- C:\WINNT\System32\qcut.dll
[2001/05/08 05:00:00 | 000,033,552 | ---- | C] () -- C:\WINNT\System32\efsadu.dll
[2001/05/08 05:00:00 | 000,007,265 | ---- | C] () -- C:\WINNT\System32\iasperf.ini
[2001/05/08 05:00:00 | 000,001,505 | ---- | C] () -- C:\WINNT\System32\faxperf.ini
[2001/05/08 05:00:00 | 000,000,023 | ---- | C] () -- C:\WINNT\welcome.ini
[1999/09/25 03:36:24 | 000,088,816 | ---- | C] () -- C:\WINNT\System32\drivers\lvcam.sys
[1999/09/25 03:36:22 | 000,017,424 | ---- | C] () -- C:\WINNT\System32\drivers\lvsound.sys
[1998/10/11 01:07:38 | 000,088,576 | ---- | C] () -- C:\WINNT\System32\Iticheck.dll

========== LOP Check ==========

[2008/04/07 22:09:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\4Team
[2009/10/11 11:21:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AGI
[2010/07/01 20:27:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2009/09/01 11:15:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Avanquest Software
[2007/10/12 22:06:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Azureus
[2009/11/05 11:34:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BVRP Software
[2008/08/20 13:56:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\eFax Messenger 4.3 Output
[2008/08/20 13:56:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\eFax Messenger 4.3 Setup
[2007/10/08 14:09:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FRISK Software
[2009/01/02 19:29:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Mediafour
[2010/06/21 13:01:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MGS
[2007/10/24 02:19:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MSScanAppDataDir
[2007/10/09 21:51:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NewsBin
[2010/06/17 13:51:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TELUS
[2008/07/04 12:30:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2008/02/26 12:27:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Transparent
[2010/06/15 11:52:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TrojanHunter
[2010/06/10 17:11:26 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}
[2008/07/03 22:18:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lynda\Application Data\AVGTOOLBAR
[2010/06/14 16:58:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lynda\Application Data\Azureus
[2009/11/26 17:26:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lynda\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2010/06/28 22:51:36 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Lynda\Application Data\drivers
[2007/10/11 19:51:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lynda\Application Data\eFax Messenger
[2010/06/12 09:56:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lynda\Application Data\FRISK Software
[2009/05/22 21:40:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lynda\Application Data\GetRightToGo
[2010/06/04 10:16:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lynda\Application Data\Image Zone Express
[2009/10/02 12:26:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lynda\Application Data\Keynote Systems
[2010/06/27 16:09:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lynda\Application Data\NewsBin
[2010/02/01 13:52:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lynda\Application Data\Printer Info Cache
[2008/06/30 23:36:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lynda\Application Data\SecondLife
[2010/06/18 12:34:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lynda\Application Data\TELUS
[2008/07/03 13:27:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lynda\Application Data\TrojanHunter
[2009/12/20 23:20:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lynda\Application Data\tvp animation 9 pro demo
[2010/07/01 03:00:00 | 000,000,252 | ---- | M] () -- C:\WINNT\Tasks\Backup.job

lynsing · 2010/07/02

========== Purity Check ==========

========== Files - Unicode (All) ==========
[2008/08/19 23:19:18 | 000,000,000 | ---- | M] ()(C:\WINNT\?) -- C:\WINNT\὚
[2008/08/19 23:19:18 | 000,000,000 | ---- | C] ()(C:\WINNT\?) -- C:\WINNT\὚

========== Alternate Data Streams ==========

@Alternate Data Stream - 7828 bytes -> C:\Documents and Settings\Lynda\My Documents\Microsoft Word - Cost Estimate - RVQC 56.pdf:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 6696 bytes -> C:\Documents and Settings\Lynda\My Documents\HI_CallSheet_Ep104_D4_091908_Call0930.pdf:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 14892 bytes -> C:\Documents and Settings\Lynda\My Documents\Selected Credential Held Public Search California Commission on Teacher Credentialing.mht:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 13748 bytes -> C:\Documents and Settings\Lynda\My Documents\Summary of Application Status and Credentials Held California Commission on Teacher Credentialing.mht:Q30lsldxJoudresxAaaqpcawXc
< End of report >

broni · 2010/07/02

Good

Download Temp File Cleaner (TFC)
Double click on TFC.exe to run the program.
Click on Start button to begin cleaning process.
TFC will close all running programs, and it may ask you to restart computer.

========================================================

Disable your antivirus program.
Go to Kaspersky website and perform an online antivirus scan.

1. Read through the requirements and privacy statement and click on Accept button.
2. It will start downloading and installing the scanner and virus definitions. You will be prompted to install an application from Kaspersky. Click Run.
3. When the downloads have finished, click on Settings.
4. Make sure these boxes are checked (ticked). If they are not, please tick them and click on the Save button:

Spyware, Adware, Dialers, and other potentially dangerous programs
[*] Archives
[*] Mail databases

5. Click on My Computer under Scan.
6. Once the scan is complete, it will display the results. Click on View Scan Report.
7. You will see a list of infected items there. Click on Save Report As....
8. Save this report to a convenient place. Change the Files of type to Text file (.txt before clicking on the Save button. Then post it here.

lynsing · 2010/07/03

cannot run the Kapersky Online Scanner. Tried several times over the last two days. It may start and then stop and hang or not start at all.

broni · 2010/07/04

No problem

Please run a free online scan with the ESET Online Scanner

Disable your antivirus program

Tick the box next to YES, I accept the Terms of Use

Click Start

Accept any security warnings from your browser.

Check Scan archives

Click Start

ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.

When the scan completes, push List of found threats

Push Export to text file , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.

lynsing · 2010/07/04

C:\Documents and Settings\All Users\My Documents\HSS-1.12-install-anchorfree-76-conduit.zip a variant of Win32/HotSpotShield application
C:\Documents and Settings\Lynda\Desktop\autorun.inf INF/Autorun virus
C:\Documents and Settings\Lynda\My Documents\Nero-6.6.1.15d_wch.exe Win32/Toolbar.AskSBar application
C:\Microgaming\Casino\YukonGold\install.exe Win32/PrimeCasino application
C:\Program Files\blah blah\bar\1.bin\F3CJPEG.DLL Win32/Toolbar.MyWebSearch application
C:\Program Files\blah blah\bar\1.bin\F3DTACTL.DLL Win32/Adware.FunWeb application
C:\Program Files\blah blah\bar\1.bin\F3HISTSW.DLL Win32/Adware.FunWeb application
C:\Program Files\blah blah\bar\1.bin\F3HTMLMU.DLL Win32/Toolbar.MyWebSearch.B application
C:\Program Files\blah blah\bar\1.bin\F3HTTPCT.DLL Win32/FunWeb application
C:\Program Files\blah blah\bar\1.bin\F3IMSTUB.DLL Win32/Toolbar.MyWebSearch application
C:\Program Files\blah blah\bar\1.bin\F3POPSWT.DLL Win32/Toolbar.MyWebSearch.C application
C:\Program Files\blah blah\bar\1.bin\F3PSSAVR.SCR Win32/Toolbar.MyWebSearch application
C:\Program Files\blah blah\bar\1.bin\F3REPROX.DLL Win32/Toolbar.MyWebSearch.D application
C:\Program Files\blah blah\bar\1.bin\F3RESTUB.DLL Win32/Toolbar.MyWebSearch application
C:\Program Files\blah blah\bar\1.bin\F3SCHMON.EXE Win32/Adware.FunWeb application
C:\Program Files\blah blah\bar\1.bin\F3SCRCTR.DLL Win32/Toolbar.MyWebSearch application
C:\Program Files\blah blah\bar\1.bin\M3FFXTBR.JAR Win32/Toolbar.MyWebSearch application
C:\Program Files\blah blah\bar\1.bin\M3HIGHIN.EXE Win32/Toolbar.MyWebSearch application
C:\Program Files\blah blah\bar\1.bin\M3HTML.DLL Win32/Toolbar.MyWebSearch application
C:\Program Files\blah blah\bar\1.bin\M3IDLE.DLL Win32/Toolbar.MyWebSearch application
C:\Program Files\blah blah\bar\1.bin\M3IMPIPE.EXE Win32/Toolbar.MyWebSearch application
C:\Program Files\blah blah\bar\1.bin\M3MEDINT.EXE Win32/Toolbar.MyWebSearch application
C:\Program Files\blah blah\bar\1.bin\M3MSG.DLL Win32/Toolbar.MyWebSearch application
C:\Program Files\blah blah\bar\1.bin\M3NTSTBR.JAR Win32/Toolbar.MyWebSearch application
C:\Program Files\blah blah\bar\1.bin\M3OUTLCN.DLL Win32/Toolbar.MyWebSearch application
C:\Program Files\blah blah\bar\1.bin\M3PLUGIN.DLL Win32/Toolbar.MyWebSearch application
C:\Program Files\blah blah\bar\1.bin\M3SKIN.DLL Win32/Toolbar.MyWebSearch application
C:\Program Files\blah blah\bar\1.bin\M3SKPLAY.EXE Win32/Toolbar.MyWebSearch application
C:\Program Files\blah blah\bar\1.bin\M3SLSRCH.EXE Win32/Toolbar.MyWebSearch application
C:\Program Files\blah blah\bar\1.bin\M3SRCHMN.EXE Win32/Toolbar.MyWebSearch application
C:\Program Files\blah blah\bar\1.bin\MWSBAR.DLL Win32/Toolbar.MyWebSearch application
C:\Program Files\blah blah\bar\1.bin\MWSOEMON.EXE Win32/Toolbar.MyWebSearch application
C:\Program Files\blah blah\bar\1.bin\MWSOEPLG.DLL Win32/Toolbar.MyWebSearch application
C:\Program Files\blah blah\bar\1.bin\MWSOESTB.DLL Win32/Toolbar.MyWebSearch application
C:\Program Files\blah blah\bar\1.bin\MWSSVC.EXE Win32/Toolbar.MyWebSearch application
C:\Program Files\blah blah\bar\1.bin\NPMYWEBS.DLL Win32/Toolbar.MyWebSearch application
C:\Program Files\blah blah\SrchAstt\1.bin\MWSSRCAS.DLL Win32/Toolbar.MyWebSearch application
C:\Program Files\MSN Messenger\msimg32.dll Win32/Toolbar.MyWebSearch application
C:\Program Files\Reimage\Reimage Repair\REI_AxControl.dll probably a variant of Win32/Genetik trojan
C:\Set Up Installation Programs\Macromedia.Flash.Professional.v8.0.Incl.Keymaker-ZWT\KEYGEN.EXE Win32/Virut.NAK virus
C:\WINNT\Help\F3C74E3FA248.xe a variant of Win32/Pacex.Gen virus

broni · 2010/07/04

I hope, you never attempted to use this:

C:\Set Up Installation Programs\Macromedia.Flash.Professional.v8.0.Incl.Keymaker-ZWT\KEYGEN.EXE Win32/Virut.NAK virus
Click to expand...

As you can see, it contains Virut virus, which is not curable.

Run OTL
Under the [color= "#0000FF"]Custom Scans/Fixes[/color] box at the bottom, paste in the following
Code:
:OTL

:Services

:Reg

:Files
C:\Documents and Settings\All Users\My Documents\HSS-1.12-install-anchorfree-76-conduit.zip 
C:\Documents and Settings\Lynda\Desktop\autorun.inf 
C:\Documents and Settings\Lynda\My Documents\Nero-6.6.1.15d_wch.exe 
C:\Microgaming\Casino\YukonGold\install.exe 
C:\Program Files\blah blah
C:\Program Files\MSN Messenger\msimg32.dll 
C:\Program Files\Reimage\Reimage Repair\REI_AxControl.dll 
C:\Set Up Installation Programs\Macromedia.Flash.Professional.v8.0.Incl.Keymaker-ZWT\KEYGEN.EXE 
C:\WINNT\Help\F3C74E3FA248.xe

:Commands
[purity]
[emptytemp]
[emptyflash]
[resethosts]
[Reboot]
Then click the [color= "#FF0000"]Run Fix[/color] button at the top

Let the program run unhindered, reboot the PC when it is done

You will get a log that shows the results of the fix. Please post it.

lynsing · 2010/07/04

Yes, thanks I believe that file has not been opened since I had to have the system reinstalled before.

All processes killed
========== OTL ==========
========== SERVICES/DRIVERS ==========
========== REGISTRY ==========
========== FILES ==========
C:\Documents and Settings\All Users\My Documents\HSS-1.12-install-anchorfree-76-conduit.zip moved successfully.
C:\Documents and Settings\Lynda\Desktop\autorun.inf moved successfully.
C:\Documents and Settings\Lynda\My Documents\Nero-6.6.1.15d_wch.exe moved successfully.
C:\Microgaming\Casino\YukonGold\install.exe moved successfully.
C:\Program Files\blah blah\SrchAstt\1.bin folder moved successfully.
C:\Program Files\blah blah\SrchAstt folder moved successfully.
C:\Program Files\blah blah\bar\Settings folder moved successfully.
C:\Program Files\blah blah\bar\Notifier folder moved successfully.
C:\Program Files\blah blah\bar\Message folder moved successfully.
C:\Program Files\blah blah\bar\icons folder moved successfully.
C:\Program Files\blah blah\bar\History folder moved successfully.
C:\Program Files\blah blah\bar\Game folder moved successfully.
C:\Program Files\blah blah\bar\Cache folder moved successfully.
C:\Program Files\blah blah\bar\Avatar\COMMON folder moved successfully.
C:\Program Files\blah blah\bar\Avatar folder moved successfully.
C:\Program Files\blah blah\bar\1.bin folder moved successfully.
C:\Program Files\blah blah\bar folder moved successfully.
C:\Program Files\blah blah folder moved successfully.
C:\Program Files\MSN Messenger\msimg32.dll moved successfully.
C:\Program Files\Reimage\Reimage Repair\REI_AxControl.dll moved successfully.
C:\Set Up Installation Programs\Macromedia.Flash.Professional.v8.0.Incl.Keymaker-ZWT\KEYGEN.EXE moved successfully.
C:\WINNT\Help\F3C74E3FA248.xe moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 0 bytes

User: Lynda
->Temp folder emptied: 137197408 bytes
->Temporary Internet Files folder emptied: 35864 bytes
->Java cache emptied: 128094 bytes
->FireFox cache emptied: 64472713 bytes
->Apple Safari cache emptied: 0 bytes
->Flash cache emptied: 938 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
RecycleBin emptied: shell32.dll unable to determine bytes removed.

Total Files Cleaned = 193.00 mb

[EMPTYFLASH]

User: All Users

User: Default User
->Flash cache emptied: 0 bytes

User: Lynda
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0.00 mb

C:\WINNT\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

OTL by OldTimer - Version 3.2.7.0 log created on 07042010_180554

Files\Folders moved on Reboot...
File move failed. C:\WINNT\temp\_avast5_\Webshlock.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...

Log in or Sign up

Solved Google redirect

broni Moderator Malware Analyst

lynsing Inactive Thread Starter

broni Moderator Malware Analyst

lynsing Inactive Thread Starter

lynsing Inactive Thread Starter

lynsing Inactive Thread Starter

lynsing Inactive Thread Starter

lynsing Inactive Thread Starter

broni Moderator Malware Analyst

lynsing Inactive Thread Starter

lynsing Inactive Thread Starter

lynsing Inactive Thread Starter

lynsing Inactive Thread Starter

lynsing Inactive Thread Starter

broni Moderator Malware Analyst

lynsing Inactive Thread Starter

broni Moderator Malware Analyst

lynsing Inactive Thread Starter

broni Moderator Malware Analyst

lynsing Inactive Thread Starter

Share This Page

Log in or Sign up

Solved Google redirect

broni Moderator Malware Analyst

lynsing Inactive Thread Starter

broni Moderator Malware Analyst

lynsing Inactive Thread Starter

lynsing Inactive Thread Starter

lynsing Inactive Thread Starter

lynsing Inactive Thread Starter

lynsing Inactive Thread Starter

broni Moderator Malware Analyst

lynsing Inactive Thread Starter

lynsing Inactive Thread Starter

lynsing Inactive Thread Starter

lynsing Inactive Thread Starter

lynsing Inactive Thread Starter

broni Moderator Malware Analyst

lynsing Inactive Thread Starter

broni Moderator Malware Analyst

lynsing Inactive Thread Starter

broni Moderator Malware Analyst

lynsing Inactive Thread Starter

Share This Page

Useful Searches