Help!
When I started my computer yesterday, a window for Spyguard 2009 (I think) opens and starts scanning with a “demo” for whatever this is. I stopped the scan and found a way to close it. I am seeing this: sysguard.exe
Thanks in advance for your help.
I also ran Windows Defender. It found Trojan:Win32/FakeSpypro, Trojan:Win32/Insebro.C, TrojanDropper:Win32/Insebro.A. The last two were from last month.
Here are my MBAM, OTListIt, and Security check log files.
Malwarebytes' Anti-Malware 1.36
Database version: 2079
Windows 5.1.2600 Service Pack 3
5/5/2009 3:09:40 PM
mbam-log-2009-05-05 (15-09-40).txt
Scan type: Quick Scan
Objects scanned: 101023
Time elapsed: 13 minute(s), 0 second(s)
Memory Processes Infected: 1
Memory Modules Infected: 5
Registry Keys Infected: 154
Registry Values Infected: 11
Registry Data Items Infected: 3
Folders Infected: 18
Files Infected: 100
Memory Processes Infected:
C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE (Adware.MyWebSearch) -> Unloaded process successfully.
Memory Modules Infected:
C:\Program Files\MyWebSearch\bar\1.bin\MWSOESTB.DLL (Adware.MyWebSearch) -> Delete on reboot.
C:\Program Files\MyWebSearch\bar\1.bin\M3OUTLCN.DLL (Adware.MyWeb) -> Delete on reboot.
C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL (Adware.MyWeb) -> Delete on reboot.
C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL (Adware.MyWeb) -> Delete on reboot.
C:\Program Files\MyWebSearch\bar\1.bin\F3HTMLMU.DLL (Adware.MyWebSearch) -> Delete on reboot.
Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{bbd4551a-9b23-41cd-9bcd-818aa2da7b63} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{bbd4551a-9b23-41cd-9bcd-818aa2da7b63} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{adb01e81-3c79-4272-a0f1-7b2be7a782dc} (Adware.MyWeb) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWeb) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWeb) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWeb) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{00a6faf6-072e-44cf-8957-5838f569a31d} (Adware.MyWeb) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{07b18ea0-a523-4961-b6bb-170de4475cca} (Adware.MyWeb) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{07b18eaa-a523-4961-b6bb-170de4475cca} (Adware.MyWeb) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{07b18eac-a523-4961-b6bb-170de4475cca} (Adware.MyWeb) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{f87d7fb5-9dc5-4c8c-b998-d8dfe02e2978} (Adware.MyWeb) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{07b18ea1-a523-4961-b6bb-170de4475cca} (Adware.MyWeb) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea1-a523-4961-b6bb-170de4475cca} (Adware.MyWeb) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{07b18ea1-a523-4961-b6bb-170de4475cca} (Adware.MyWeb) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWeb) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{07b18eab-a523-4961-b6bb-170de4475cca} (Adware.MyWeb) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18eab-a523-4961-b6bb-170de4475cca} (Adware.MyWeb) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{07b18eab-a523-4961-b6bb-170de4475cca} (Adware.MyWeb) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{53ced2d0-5e9a-4761-9005-648404e6f7e5} (Adware.MyWeb) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.datacontrol (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{c8cecde3-1ae1-4c4a-ad82-6d5b00212144} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{17de5e5e-bfe3-4e83-8e1f-8755795359ec} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{1f52a5fa-a705-4415-b975-88503b291728} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{a626cdbd-3d13-4f78-b819-440a28d7e8fc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{25560540-9571-4d7b-9389-0f166788785a} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{25560540-9571-4d7b-9389-0f166788785a} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.datacontrol.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.historykillerscheduler (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{8ca01f0e-987c-49c3-b852-2f1ac4a7094c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{1093995a-ba37-41d2-836e-091067c4ad17} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{120927bf-1700-43bc-810f-fab92549b390} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{247a115f-06c2-4fb3-967d-2d62d3cf4f0a} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{3e53e2cb-86db-4a4a-8bd9-ffeb7a64df82} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{90449521-d834-4703-bb4e-d3aa44042ff8} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{991aac62-b100-47ce-8b75-253965244f69} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{bbabdc90-f3d5-4801-863a-ee6ae529862d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{d6ff3684-ad3b-48eb-bbb4-b9e6c5a355c1} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{eb9e5c1c-b1f9-4c2b-be8a-27d6446fdaf8} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{0f8ecf4f-3646-4c3a-8881-8e138ffcaf70} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{b813095c-81c0-4e40-aa14-67520372b987} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c9d7be3e-141a-4c85-8cd6-32461f3df2c7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{cff4ce82-3aa2-451f-9b77-7165605fb835} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.historykillerscheduler.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.historyswattercontrolbar (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.historyswattercontrolbar.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.htmlmenu (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{e47caee0-deea-464a-9326-3f2801535a4d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{3e1656ed-f60e-4597-b6aa-b6a58e171495} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{741de825-a6f0-4497-9aa6-8023cf9b0fff} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{3dc201fb-e9c9-499c-a11f-23c360d7c3f8} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{3dc201fb-e9c9-499c-a11f-23c360d7c3f8} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3dc201fb-e9c9-499c-a11f-23c360d7c3f8} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{98d9753d-d73b-42d5-8c85-4469cda897ab} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{98d9753d-d73b-42d5-8c85-4469cda897ab} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.htmlmenu.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.htmlmenu.2 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.iecookiesmanager (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.iecookiesmanager.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.killerobjmanager (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.killerobjmanager.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.popswatterbarbutton (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{8e6f1830-9607-4440-8530-13be7c4b1d14} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{63d0ed2b-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{63d0ed2d-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{63d0ed2c-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{63d0ed2c-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{8e6f1832-9607-4440-8530-13be7c4b1d14} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a9571378-68a1-443d-b082-284f960c6d17} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.popswatterbarbutton.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.popswattersettingscontrol (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.popswattersettingscontrol.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ieocxapp.ieocx (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ieocxapp.ieocx.1 (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.chatsessionplugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{e79dfbc0-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{72ee7f04-15bd-4845-a005-d6711144d86a} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{e79dfbc9-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{e79dfbcb-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{e79dfbca-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{e79dfbca-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.chatsessionplugin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.htmlpanel (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{3e720450-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{3e720451-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{3e720453-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{3e720452-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3e720452-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.htmlpanel.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.outlookaddin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.outlookaddin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.pseudotransparentplugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{7473d290-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{7473d291-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{7473d293-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{7473d295-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{7473d297-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{7473d292-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{7473d294-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7473d294-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{7473d296-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.pseudotransparentplugin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearchtoolbar.settingsplugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearchtoolbar.settingsplugin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearchtoolbar.toolbarplugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearchtoolbar.toolbarplugin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\screensavercontrol.screensaverinstaller (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{29d67d3c-509a-4544-903f-c8c1b8236554} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{2e3537fc-cf2f-4f56-af54-5a6a3dd375cc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{2e9937fc-cf2f-4f56-af54-5a6a3dd375cc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{938aa51a-996c-4884-98ce-80dd16a5c9da} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{9ff05104-b030-46fc-94b8-81276e4e27df} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{9ff05104-b030-46fc-94b8-81276e4e27df} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9ff05104-b030-46fc-94b8-81276e4e27df} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\screensavercontrol.screensaverinstaller.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{6e74766c-4d93-4cc0-96d1-47b8e07ff9ca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{cf54be1c-9359-4395-8533-1657cf209cfe} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{de38c398-b328-4f4c-a3ad-1b5e4ed93477} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{e342af55-b78a-4cd0-a2bb-da7f52d9d25e} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{e342af55-b78a-4cd0-a2bb-da7f52d9d25f} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{147a976f-eee1-4377-8ea7-4716e4cdd239} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{1E0DE227-5CE4-4ea3-AB0C-8B03E1AA76BC} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{84da4fdf-a1cf-4195-8688-3e961f505983} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a4730ebe-43a6-443e-9776-36915d323ad3} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{d9fffb27-d62a-4d64-8cec-1ff006528805} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{0d26bc71-a633-4e71-ad31-eadc3a1b6a3a} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{d518921a-4a03-425e-9873-b9a71756821e} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{f42228fb-e84e-479e-b922-fbbd096e792c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{7545d8c8-f53c-4e2f-8fa0-d248ef4a6e61} (Rogue.Installer) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59c7fc09-1c83-4648-b3e6-003d2bbc7481} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68af847f-6e91-45dd-9b68-d6a12c30e5d7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170b96c-28d4-4626-8358-27e6caeef907} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d1a71fa0-ff48-48dd-9b6d-7a13a3e42127} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ddb1968e-ead6-40fd-8dae-ff14757f60c7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f138d901-86f0-4383-99b6-9cdd406036da} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{bbd4551a-9b23-41cd-9bcd-818aa2da7b63} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\mywebsearchservice (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\mywebsearchservice (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\mywebsearchservice (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\WinPC Defender (Rogue.WinPCDefender) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWay) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyWebSearch bar Uninstall (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Outlook\Addins\MyWebSearch.OutlookAddin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Word\Addins\MyWebSearch.OutlookAddin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\FunWebProducts (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\AvScan (Malware.Trace) -> Quarantined and deleted successfully.
Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\mywebsearch email plugin (Adware.MyWeb) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\mywebsearch email plugin (Adware.MyWeb) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{00a6faf6-072e-44cf-8957-5838f569a31d} (Adware.MyWeb) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\my web search bar (Adware.MyWeb) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\mywebsearch plugin (Adware.MyWeb) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\system tool (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\&Search\ (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Media\WMSDK\Sources\f3PopularScreensavers (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform\FunWebProducts (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Control Panel\don't load\scui.cpl (Hijack.SecurityCenter) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Control Panel\don't load\wscui.cpl (Hijack.SecurityCenter) -> Quarantined and deleted successfully.
Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
Folders Infected:
C:\Program Files\MyWebSearch (Adware.MyWebSearch) -> Delete on reboot.
C:\Program Files\MyWebSearch\bar (Adware.MyWebSearch) -> Delete on reboot.
C:\Program Files\MyWebSearch\bar\1.bin (Adware.MyWebSearch) -> Delete on reboot.
C:\Program Files\MyWebSearch\bar\Avatar (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Game (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\History (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\icons (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Message (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Notifier (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Settings (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\SrchAstt (Adware.MyWebSearch) -> Delete on reboot.
C:\Program Files\MyWebSearch\SrchAstt\1.bin (Adware.MyWebSearch) -> Delete on reboot.
C:\Program Files\FunWebProducts (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\ScreenSaver (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\ScreenSaver\Images (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\Shared (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\Shared\Cache (Adware.MyWebSearch) -> Quarantined and deleted successfully.
Files Infected:
C:\WINDOWS\system32\iehelper.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\MWSOESTB.DLL (Adware.MyWeb) -> Delete on reboot.
C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE (Adware.MyWeb) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3OUTLCN.DLL (Adware.MyWeb) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL (Adware.MyWeb) -> Delete on reboot.
C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL (Adware.MyWeb) -> Delete on reboot.
C:\Program Files\MyWebSearch\bar\1.bin\M3PLUGIN.DLL (Adware.MyWeb) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3DTACTL.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3HISTSW.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3HTMLMU.DLL (Adware.MyWebSearch) -> Delete on reboot.
C:\Program Files\MyWebSearch\bar\1.bin\F3POPSWT.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3MSG.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3HTML.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3SKIN.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3SCRCTR.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3CJPEG.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3HTTPCT.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3REPROX.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\MWSOEPLG.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\f3PSSavr.scr (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Documents and Settings\RLinkhart\Application Data\BIT5.tmp (Rogue.WinPcDefender) -> Quarantined and deleted successfully.
C:\Program Files\Internet Explorer\msimg32.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3BKGERR.JPG (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3IMSTUB.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3PSSAVR.SCR (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3RESTUB.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3SCHMON.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3SPACER.WMV (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3WALLPP.DAT (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3WPHOOK.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\FWPBUDDY.PNG (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3FFXTBR.JAR (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3FFXTBR.MANIFEST (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3HIGHIN.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3IDLE.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3IMPIPE.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3MEDINT.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3NTSTBR.JAR (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3NTSTBR.MANIFEST (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3SKPLAY.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3SLSRCH.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3SRCHMN.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\MWSSVC.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\NPMYWEBS.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Avatar\COMMON.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\0010FA5F (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\003C0DC7.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\003C0F8C.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\01F06228 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\01F066BC (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\01F068A0.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\01F06B6F.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\01F07051.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\01F07255.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\03B1D879 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\files.ini (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Game\CHECKERS.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Game\CHESS.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Game\REVERSI.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\History\search3 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\icons\CM.ICO (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\icons\MFC.ICO (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\icons\PSS.ICO (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\icons\SMILEY.ICO (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\icons\WB.ICO (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\icons\ZWINKY.ICO (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Message\COMMON.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Notifier\COMMON.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Notifier\DOG.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Notifier\FISH.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Notifier\KUNGFU.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Notifier\LIFEGARD.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Notifier\MAID.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Notifier\MAILBOX.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Notifier\OPERA.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Notifier\ROBOT.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Notifier\SEDUCT.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Notifier\SURFER.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Settings\prevcfg2.htm (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Settings\setting2.htm (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Settings\settings.dat (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Settings\s_pid.dat (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\Shared\Cache\CursorManiaBtn.html (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\Shared\Cache\SmileyCentralBtn.html (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\Shared\Cache\WebfettiBtn.html (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\WINDOWS\sysguard.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\RLinkhart\Local Settings\Temp\bng2.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\RLinkhart\Local Settings\Temp\bng3.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\RLinkhart\Local Settings\Temp\bng4.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\RLinkhart\Local Settings\Temp\bng5.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\RLinkhart\Local Settings\Temp\bng6.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\RLinkhart\Local Settings\Temp\bng7.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\RLinkhart\Local Settings\Temp\bng8.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\RLinkhart\Local Settings\Temp\bng9.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\RLinkhart\Local Settings\Temp\bngA.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\RLinkhart\Local Settings\Temp\bngB.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\RLinkhart\Local Settings\Temp\bngC.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\RLinkhart\Local Settings\Temp\bngD.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\RLinkhart\Local Settings\Temp\bngE.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\RLinkhart\Local Settings\Temp\bngF.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
----------------------------------
OTListIt logfile created on: 5/5/2009 3:20:34 PM - Run 1
OTListIt2 by OldTimer - Version 2.0.15.3 Folder = C:\Documents and Settings\RLinkhart\Desktop
Windows XP Tablet PC Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1014.04 Mb Total Physical Memory | 423.16 Mb Available Physical Memory | 41.73% Memory free
2.38 Gb Paging File | 1.85 Gb Available in Paging File | 77.77% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 50.02 Gb Total Space | 32.92 Gb Free Space | 65.81% Space Free | Partition Type: NTFS
Drive D: | 5.85 Gb Total Space | 4.16 Gb Free Space | 71.09% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: LT703631
Current User Name: RLinkhart
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Output = Standard
File Age = 30 Days
Company Name Whitelist: On
========== Processes (SafeList) ==========
PRC - [2006/11/03 18:19:58 | 00,013,592 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MsMpEng.exe
PRC - [2006/08/02 00:39:20 | 00,434,176 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
PRC - [2008/04/13 18:12:23 | 00,029,696 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Ink\KeyboardSurrogate.exe
PRC - [2008/04/13 18:12:40 | 00,293,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SYSTEM32\WISPTIS.EXE
PRC - [2002/08/29 11:41:28 | 00,035,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\tabbtnu.exe
PRC - [2008/04/13 18:12:19 | 01,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXE
PRC - [2006/08/02 00:31:22 | 00,937,984 | ---- | M] (Intel Corporation ) -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
PRC - [2008/07/10 09:47:18 | 00,116,040 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PRC - [2007/07/24 15:17:08 | 00,229,376 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
PRC - [1999/12/12 11:01:00 | 00,044,032 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\CTsvcCDA.exe
PRC - [2004/03/01 03:00:00 | 00,024,576 | ---- | M] (Oki Data Corporation) -- C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\OPHALDCS.EXE
PRC - [2005/10/12 13:30:24 | 00,086,140 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
PRC - [2004/04/06 16:13:54 | 00,139,536 | ---- | M] (Computer Associates International, Inc.) -- C:\Program Files\CA\eTrust Antivirus\InoRpc.exe
PRC - [2004/04/06 16:13:56 | 00,241,936 | ---- | M] (Computer Associates International, Inc.) -- C:\Program Files\CA\eTrust Antivirus\InoRT.exe
PRC - [2009/04/21 08:00:39 | 00,133,104 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\GoogleUpdate.exe
PRC - [2004/04/06 16:14:10 | 00,254,224 | ---- | M] (Computer Associates International, Inc.) -- C:\Program Files\CA\eTrust Antivirus\InoTask.exe
PRC - [2006/09/13 10:19:37 | 00,196,608 | ---- | M] (New Boundary Technologies, Inc.) -- C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
PRC - [2006/08/02 00:24:22 | 00,327,680 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
PRC - [2008/12/01 18:58:30 | 00,047,104 | ---- | M] (Absolute Software Corp.) -- C:\WINDOWS\system32\rpcnet.exe
PRC - [2008/04/13 18:12:37 | 00,043,520 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Ink\TCServer.exe
PRC - [2008/04/13 18:12:41 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wscntfy.exe
PRC - [2008/04/13 18:12:37 | 00,271,872 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Ink\TabTip.exe
PRC - [2005/01/12 04:01:32 | 00,032,768 | ---- | M] (Cyberlink Corp.) -- C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
PRC - [2004/11/05 08:47:00 | 00,098,394 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
PRC - [2004/11/05 08:47:00 | 00,688,218 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
PRC - [2005/10/12 13:30:42 | 00,139,264 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
PRC - [2005/12/27 11:20:14 | 00,413,696 | ---- | M] (SigmaTel, Inc.) -- C:\WINDOWS\stsystra.exe
PRC - [2006/05/23 20:22:36 | 00,573,440 | ---- | M] (Motorola Inc.) -- C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
PRC - [2006/03/23 13:13:40 | 00,077,824 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\hkcmd.exe
PRC - [2006/03/23 13:17:50 | 00,118,784 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxpers.exe
PRC - [2006/03/23 13:13:30 | 00,163,840 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxsrvc.exe
PRC - [2004/04/06 16:14:48 | 00,504,080 | ---- | M] (Computer Associates International, Inc.) -- C:\Program Files\CA\eTrust Antivirus\Realmon.exe
PRC - [2006/08/02 00:38:30 | 00,802,816 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
PRC - [2006/08/02 00:32:44 | 00,696,320 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
PRC - [2006/11/03 18:20:12 | 00,866,584 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2006/10/16 19:40:00 | 01,197,648 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
PRC - [2008/07/10 10:51:32 | 00,289,064 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunesHelper.exe
PRC - [2006/08/02 00:27:54 | 00,479,232 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
PRC - [2008/04/14 10:30:14 | 00,357,680 | ---- | M] (Boingo Wireless, Inc.) -- C:\Program Files\Boingo\GoBoingo\GoBoingo.exe
PRC - [2009/04/21 08:02:33 | 00,198,160 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
PRC - [2007/09/11 12:18:25 | 00,068,856 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2006/08/07 10:06:38 | 00,700,416 | ---- | M] () -- C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe
PRC - [2004/06/09 14:16:08 | 00,471,040 | ---- | M] (PalmSource, Inc) -- C:\Program Files\palmOne\Hotsync.exe
PRC - [2005/03/16 16:56:24 | 00,159,744 | ---- | M] () -- C:\Program Files\Okidata\OKI LPR Utility\okilpr.exe
PRC - [2007/04/19 13:49:52 | 00,064,864 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE
PRC - [2008/07/10 10:51:22 | 00,532,264 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe
PRC - [2009/05/05 14:47:11 | 01,503,376 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) -- C:\Documents and Settings\RLinkhart\Local Settings\Application Data\Citrix\GoToAssist\GoToAssist_chat2way_service_570_en.exe
PRC - [2009/05/05 15:13:18 | 00,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) -- C:\Documents and Settings\RLinkhart\Local Settings\Temp\Citrix\GoToAssist\570\g2a7.tmp\G2AInstaller.exe
PRC - [2009/05/05 15:13:18 | 00,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) -- C:\Documents and Settings\RLinkhart\Local Settings\Temp\Citrix\GoToAssist\570\g2a7.tmp\g2aservice.exe
PRC - [2009/05/05 15:13:18 | 00,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) -- C:\Documents and Settings\RLinkhart\Local Settings\Temp\Citrix\GoToAssist\570\g2a7.tmp\g2acomm.exe
PRC - [2009/05/05 15:13:18 | 00,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) -- C:\Documents and Settings\RLinkhart\Local Settings\Temp\Citrix\GoToAssist\570\g2a7.tmp\g2alaunchercustomer.exe
PRC - [2009/05/05 15:13:18 | 00,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) -- C:\Documents and Settings\RLinkhart\Local Settings\Temp\Citrix\GoToAssist\570\g2a7.tmp\g2auicustomer.exe
PRC - [2009/05/05 15:13:18 | 00,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) -- C:\Documents and Settings\RLinkhart\Local Settings\Temp\Citrix\GoToAssist\570\g2a7.tmp\g2asessioncontrol.exe
PRC - [2009/05/05 15:13:18 | 00,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) -- C:\Documents and Settings\RLinkhart\Local Settings\Temp\Citrix\GoToAssist\570\g2a7.tmp\g2achat.exe
PRC - [2009/05/05 15:13:18 | 00,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) -- C:\Documents and Settings\RLinkhart\Local Settings\Temp\Citrix\GoToAssist\570\g2a7.tmp\g2ahost.exe
PRC - [2009/05/05 15:13:18 | 00,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) -- C:\Documents and Settings\RLinkhart\Local Settings\Temp\Citrix\GoToAssist\570\g2a7.tmp\g2aremotediagnostics.exe
PRC - [2009/05/05 15:13:18 | 00,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) -- C:\Documents and Settings\RLinkhart\Local Settings\Temp\Citrix\GoToAssist\570\g2a7.tmp\g2afiletransfer.exe
PRC - [2008/04/13 18:12:22 | 00,093,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe
PRC - [2009/05/05 15:19:03 | 00,501,248 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\RLinkhart\Desktop\OTListIt2.exe
========== Win32 Services (SafeList) ==========
SRV - [2008/07/10 09:47:18 | 00,116,040 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device [Auto | Running])
SRV - [2007/10/24 01:47:22 | 00,033,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])
SRV - [2007/07/24 15:17:08 | 00,229,376 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service [Auto | Running])
SRV - [2007/10/24 01:47:40 | 00,070,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
SRV - [1999/12/12 11:01:00 | 00,044,032 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\CTsvcCDA.exe -- (Creative Service for CDROM Access [Auto | Running])
SRV - [2004/03/01 03:00:00 | 00,024,576 | ---- | M] (Oki Data Corporation) -- C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\OPHALDCS.EXE -- (DCSLoader [Auto | Running])
SRV - [2006/08/02 00:39:20 | 00,434,176 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe -- (EvtEng [Auto | Running])
SRV - [2006/10/20 20:21:24 | 00,036,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped])
SRV - [2009/04/21 08:00:39 | 00,133,104 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\GoogleUpdate.exe -- (gupdate1c9c289a2ffea5d [Auto | Stopped])
SRV - [2009/04/23 09:43:46 | 00,182,768 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc [On_Demand | Stopped])
SRV - [2008/04/13 18:12:02 | 00,038,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running])
SRV - [2005/10/12 13:30:24 | 00,086,140 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe -- (IAANTMon [Auto | Running])
SRV - [2006/10/30 02:33:58 | 00,741,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [Unknown | Stopped])
SRV - [2004/04/06 16:13:54 | 00,139,536 | ---- | M] (Computer Associates International, Inc.) -- C:\Program Files\CA\eTrust Antivirus\InoRpc.exe -- (InoRPC [Auto | Running])
SRV - [2004/04/06 16:13:56 | 00,241,936 | ---- | M] (Computer Associates International, Inc.) -- C:\Program Files\CA\eTrust Antivirus\InoRT.exe -- (InoRT [Auto | Running])
SRV - [2004/04/06 16:14:10 | 00,254,224 | ---- | M] (Computer Associates International, Inc.) -- C:\Program Files\CA\eTrust Antivirus\InoTask.exe -- (InoTask [Auto | Running])
SRV - [2008/07/10 10:51:22 | 00,532,264 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service [On_Demand | Running])
SRV - [2006/10/30 02:34:02 | 00,122,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped])
SRV - [2003/07/28 13:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])
SRV - [2006/09/13 10:19:37 | 00,196,608 | ---- | M] (New Boundary Technologies, Inc.) -- C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS -- (PrismXL [Auto | Running])
SRV - [2006/08/02 00:24:22 | 00,327,680 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe -- (RegSrvc [Auto | Running])
SRV - [2008/12/01 18:58:30 | 00,047,104 | ---- | M] (Absolute Software Corp.) -- C:\WINDOWS\system32\rpcnet.exe -- (Rpcnet [Auto | Running])
SRV - [2006/08/02 00:31:22 | 00,937,984 | ---- | M] (Intel Corporation ) -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe -- (S24EventMonitor [Auto | Running])
SRV - [2006/11/03 18:19:58 | 00,013,592 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend [Auto | Running])
SRV - [2006/10/18 20:05:24 | 00,913,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\WMPNetwk.exe -- (WMPNetworkSvc [On_Demand | Stopped])
========== Driver Services (SafeList) ==========
DRV - [2007/01/03 05:15:54 | 00,021,419 | ---- | M] (Meetinghouse Data Communications) -- C:\WINDOWS\system32\DRIVERS\AegisP.sys -- (AegisP [Auto | Running])
DRV - [2001/08/17 21:51:56 | 00,005,248 | ---- | M] (Acer Laboratories Inc.) -- C:\WINDOWS\system32\DRIVERS\aliide.sys -- (AliIde [Boot | Stopped])
DRV - [2008/04/13 12:36:39 | 00,043,008 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\system32\DRIVERS\amdagp.sys -- (amdagp [Boot | Stopped])
DRV - [2001/08/17 21:52:00 | 00,026,496 | ---- | M] (Advanced System Products, Inc.) -- C:\WINDOWS\system32\DRIVERS\asc.sys -- (asc [Boot | Stopped])
DRV - [2001/08/17 21:51:58 | 00,014,848 | ---- | M] (Advanced System Products, Inc.) -- C:\WINDOWS\system32\DRIVERS\asc3550.sys -- (asc3550 [Boot | Stopped])
DRV - [2001/08/17 21:51:54 | 00,006,656 | ---- | M] (CMD Technology, Inc.) -- C:\WINDOWS\system32\DRIVERS\cmdide.sys -- (CmdIde [Boot | Stopped])
DRV - [2001/08/17 21:52:16 | 00,179,584 | ---- | M] (Mylex Corporation) -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys -- (dac2w2k [Boot | Stopped])
DRV - [2005/09/14 20:24:08 | 00,179,200 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\DRIVERS\e1e5132.sys -- (e1express [On_Demand | Running])
DRV - [2006/10/30 11:17:20 | 00,024,736 | ---- | M] (FinePoint Innovations) -- C:\WINDOWS\system32\DRIVERS\FpHidDrv.sys -- (FinePnt [On_Demand | Running])
DRV - [2008/01/29 12:01:28 | 00,016,168 | ---- | M] (GEAR Software Inc.) -- C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys -- (GEARAspiWDM [On_Demand | Running])
DRV - [2008/04/13 10:36:05 | 00,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) -- C:\WINDOWS\system32\DRIVERS\HDAudBus.sys -- (HDAudBus [On_Demand | Running])
DRV - [2006/03/23 13:47:06 | 01,166,972 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\DRIVERS\ialmnt5.sys -- (ialm [On_Demand | Running])
DRV - [2005/10/12 13:07:12 | 00,874,240 | ---- | M] (Intel Corporation) -- C:\WINDOWS\SYSTEM32\DRIVERS\IASTOR.SYS -- (iaStor [Boot | Running])
DRV - [2003/12/08 17:55:14 | 00,019,712 | R--- | M] (Computer Associates) -- C:\WINDOWS\system32\Drivers\ino_flpy.sys -- (INO_FLPY [Boot | Running])
DRV - [2004/06/06 05:06:16 | 00,152,704 | ---- | M] (Computer Associates) -- C:\WINDOWS\system32\Drivers\ino_fltr.sys -- (INO_FLTR [Auto | Running])
DRV - [2001/08/17 21:52:12 | 00,017,280 | ---- | M] (American Megatrends Inc.) -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys -- (mraid35x [Boot | Stopped])
DRV - [2007/03/09 09:40:02 | 00,010,496 | ---- | M] (Quanta Computer Inc.) -- C:\WINDOWS\system32\DRIVERS\MSTabBtn.sys -- (MSTabBtn [On_Demand | Running])
DRV - [2006/09/27 02:36:24 | 01,709,696 | ---- | M] (Intel® Corporation) -- C:\WINDOWS\system32\DRIVERS\NETw3x32.sys -- (NETw3x32 [On_Demand | Running])
DRV - [2007/10/15 13:20:52 | 00,016,694 | ---- | M] (PalmSource, Inc.) -- C:\WINDOWS\system32\drivers\PalmUSBD.sys -- (PalmUSBD [On_Demand | Stopped])
DRV - [2008/04/14 10:12:44 | 00,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\WINDOWS\System32\Drivers\PCASp50.sys -- (PCASp50 [On_Demand | Running])
DRV - [2004/08/04 13:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\system32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running])
DRV - [2001/08/17 21:52:20 | 00,040,320 | ---- | M] (QLogic Corporation) -- C:\WINDOWS\system32\DRIVERS\ql1080.sys -- (ql1080 [Boot | Stopped])
DRV - [2001/08/17 21:52:20 | 00,045,312 | ---- | M] (QLogic Corporation) -- C:\WINDOWS\system32\DRIVERS\ql12160.sys -- (ql12160 [Boot | Stopped])
DRV - [2001/08/17 21:52:18 | 00,049,024 | ---- | M] (QLogic Corporation) -- C:\WINDOWS\system32\DRIVERS\ql1280.sys -- (ql1280 [Boot | Stopped])
DRV - [2006/08/02 01:27:48 | 00,012,544 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\DRIVERS\s24trans.sys -- (s24trans [Auto | Running])
DRV - [2007/11/13 04:25:53 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\system32\DRIVERS\secdrv.sys -- (Secdrv [On_Demand | Stopped])
DRV - [2004/06/28 13:08:56 | 00,042,752 | ---- | M] (Prolific Technology Inc.) -- C:\WINDOWS\system32\DRIVERS\ser2pl.sys -- (Ser2pl [On_Demand | Stopped])
DRV - [2008/04/13 12:36:39 | 00,040,960 | ---- | M] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\system32\DRIVERS\sisagp.sys -- (sisagp [Boot | Stopped])
DRV - [2006/05/23 20:30:06 | 00,893,952 | ---- | M] (Motorola Inc.) -- C:\WINDOWS\system32\DRIVERS\smserial.sys -- (smserial [On_Demand | Running])
DRV - [2001/08/17 22:07:44 | 00,019,072 | ---- | M] (Adaptec, Inc.) -- C:\WINDOWS\system32\DRIVERS\sparrow.sys -- (Sparrow [Boot | Stopped])
DRV - [2006/06/15 16:28:04 | 01,179,784 | ---- | M] (SigmaTel, Inc.) -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA [On_Demand | Running])
DRV - [2001/08/17 22:07:34 | 00,016,256 | ---- | M] (Symbios Logic Inc.) -- C:\WINDOWS\system32\DRIVERS\symc810.sys -- (symc810 [Boot | Stopped])
DRV - [2001/08/17 22:07:36 | 00,032,640 | ---- | M] (LSI Logic) -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys -- (symc8xx [Boot | Stopped])
DRV - [2001/08/17 22:07:40 | 00,028,384 | ---- | M] (LSI Logic) -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys -- (sym_hi [Boot | Stopped])
DRV - [2001/08/17 22:07:42 | 00,030,688 | ---- | M] (LSI Logic) -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys -- (sym_u3 [Boot | Stopped])
DRV - [2004/11/05 08:47:00 | 00,185,824 | ---- | M] (Synaptics, Inc.) -- C:\WINDOWS\system32\DRIVERS\SynTP.sys -- (SynTP [On_Demand | Running])
DRV - [2005/09/20 10:30:56 | 00,162,432 | ---- | M] (Texas Instruments) -- C:\WINDOWS\system32\drivers\tifm21.sys -- (tifm21 [On_Demand | Running])
DRV - [2001/08/17 21:52:22 | 00,036,736 | ---- | M] (Promise Technology, Inc.) -- C:\WINDOWS\system32\DRIVERS\ultra.sys -- (ultra [Boot | Stopped])
DRV - [2005/12/05 01:55:30 | 01,428,096 | ---- | M] (Intel® Corporation) -- C:\WINDOWS\system32\DRIVERS\w39n51.sys -- (w39n51 [On_Demand | Stopped])
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.gateway.com/g/startpage.html?Ch...TB&M=M285-E
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.gateway.com/g/startpage.html?Ch...TB&M=M285-E
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.cofchrist.org/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.defaulturl: "http://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q="
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\PROGRAM FILES\REAL\REALPLAYER\BROWSERRECORD [2009/04/21 08:02:57 | 00,000,000 | ---D | M]
[2008/03/28 02:10:16 | 00,000,000 | ---D | M] -- C:\Documents and Settings\RLinkhart\Application Data\mozilla\Firefox\Profiles\adh6musm.default\extensions
[2008/03/28 02:10:16 | 00,000,000 | ---D | M] -- C:\Documents and Settings\RLinkhart\Application Data\mozilla\Firefox\Profiles\adh6musm.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2008/03/28 02:10:16 | 00,000,000 | ---D | M] -- C:\Documents and Settings\RLinkhart\Application Data\mozilla\Firefox\Profiles\adh6musm.default\extensions\staged-xpis
[2008/03/28 03:07:05 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2008/03/28 02:08:41 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
O1 HOSTS File: (152 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 94.232.248.66 browser-security.microsoft.com
O1 - Hosts: 94.232.248.66 antivguardian.com
O1 - Hosts: 94.232.248.66 www.antivguardian.com
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (EWPBrowseObject Class) - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll ()
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.)
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll (Google Inc.)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\windows\system32\BAE.dll (Gateway Inc.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Easy-WebPrint) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll ()
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {A057A204-BACC-4D26-8087-36EE87E26986} - Reg Error: Key error. File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-8087-36EE87E26986} - Reg Error: Key error. File not found
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon (CANON INC.)
O4 - HKLM..\Run: [GoBoingo] C:\Program Files\Boingo\GoBoingo\GoBoingo.lnk ()
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless (Intel Corporation)
O4 - HKLM..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe" (Intel Corporation)
O4 - HKLM..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" (Apple Inc.)
O4 - HKLM..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime (Apple Inc.)
O4 - HKLM..\Run: [Realtime Monitor] C:\PROGRA~1\CA\ETRUST~1\realmon.exe -s (Computer Associates International, Inc.)
O4 - HKLM..\Run: [Recguard] %WINDIR%\SMINST\RECGUARD.EXE ()
O4 - HKLM..\Run: [Reminder] %WINDIR%\Creator\Remind_XP.exe (SoftThinks)
O4 - HKLM..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" (Cyberlink Corp.)
O4 - HKLM..\Run: [SigmatelSysTrayApp] stsystra.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe (Motorola Inc.)
O4 - HKLM..\Run: [Snippet] "C:\Program Files\Microsoft Experience Pack\Snipping Tool\SnippingTool.exe" /i (Microsoft Corporation)
O4 - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [TabletTip] "C:\Program Files\Common Files\microsoft shared\ink\tabtip.exe" /resume (Microsoft Corporation)
O4 - HKLM..\Run: [TabletWizard] C:\WINDOWS\help\SplshWrp.exe (Microsoft Corporation)
O4 - HKLM..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot (RealNetworks, Inc.)
O4 - HKLM..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide (Microsoft Corporation)
O4 - HKCU..\Run: [CTSyncU.exe] "C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe" ()
O4 - HKCU..\Run: [Power2GoExpress] NA File not found
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HotSync Manager.lnk = C:\Program Files\palmOne\Hotsync.exe (PalmSource, Inc)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\OKI LPR Utility.lnk = C:\Program Files\Okidata\OKI LPR Utility\okilpr.exe ()
O4 - Startup: C:\Documents and Settings\RLinkhart\Start Menu\Programs\Startup\Microsoft Office OneNote 2003 Quick Launch.lnk = C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableProfileQuota = 1
O8 - Extra context menu item: &Search - Reg Error: Value error. File not found
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000 (Microsoft Corporation)
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html ()
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html ()
O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html ()
O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html ()
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [mdnsNSP] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebook.com/controls/2008.1...toUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/microsoftupdat...b?1189532734156 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftupdat...b?1189532670062 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/products/plugin/autodl...indows-i586.cab (Java Plug-in 1.4.2)
O16 - DPF: {CAFEEFAC-0014-0002-0000-ABCDEFFEDCBA} http://java.sun.com/products/plugin/autodl...indows-i586.cab (Java Plug-in 1.4.2)
O16 - DPF: {CB50428B-657F-47DF-9B32-671F82AA73F7} http://www.photodex.com/pxplay.cab (Photodex Presenter AX control)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwa...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: B3467D2D-E10C-41A6-B671-2B07A1445DC4 http://confmgr.cofchrist.org/Downloads/cmW32client.cab (Reg Error: Key error.)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter: - x-sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll (Google Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\loginkey: DllName - C:\Program Files\Common Files\Microsoft Shared\Ink\loginkey.dll - C:\Program Files\Common Files\Microsoft Shared\Ink\loginkey.dll (Microsoft Corporation)
O20 - Winlogon\Notify\NavLogon: DllName - Reg Error: Value error. - Reg Error: Value error. File not found
O20 - Winlogon\Notify\TabBtnWL: DllName - TabBtnWL.dll - C:\WINDOWS\system32\TabBtnWL.dll (Microsoft Corporation)
O20 - Winlogon\Notify\tpgwlnotify: DllName - tpgwlnot.dll - C:\WINDOWS\system32\tpgwlnot.dll (Microsoft Corporation)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/06/22 22:19:40 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2004/09/13 13:15:24 | 00,000,053 | -HS- | M] () - D:\Autorun.inf -- [ FAT32 ]
O33 - MountPoints2\{60aa2406-889b-11dc-83f2-001b7753c21c}\Shell - "" = AutoRun
O33 - MountPoints2\{60aa2406-889b-11dc-83f2-001b7753c21c}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{60aa2406-889b-11dc-83f2-001b7753c21c}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -- File not found
O33 - MountPoints2\{60aa2408-889b-11dc-83f2-001b7753c21c}\Shell - "" = AutoRun
O33 - MountPoints2\{60aa2408-889b-11dc-83f2-001b7753c21c}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{60aa2408-889b-11dc-83f2-001b7753c21c}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -- File not found
O33 - MountPoints2\{6893b084-830e-11dc-83e9-001b7753c21c}\Shell\AutoRun\command - "" = F:\rescued.exe -- File not found
O33 - MountPoints2\{d21ed407-4e4a-11db-92ea-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{d21ed407-4e4a-11db-92ea-806d6172696f}\Shell\AutoRun - "" = Auto&Play
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
========== Files/Folders - Created Within 30 Days ==========
[2 C:\WINDOWS\System32\*.tmp files]
[2 C:\Documents and Settings\RLinkhart\My Documents\*.tmp files]
[2009/05/05 15:19:01 | 00,501,248 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\RLinkhart\Desktop\OTListIt2.exe
[2009/05/05 15:10:29 | 00,000,200 | ---- | C] () -- C:\Documents and Settings\RLinkhart\Desktop\Guidelines-Instructions for Posting in this Forum - Gladiator Security Forum.url
[2009/05/05 14:54:38 | 00,000,925 | ---- | C] () -- C:\Documents and Settings\RLinkhart\Desktop\Shortcut to ATF-Cleaner.exe.lnk
[2009/05/05 14:51:38 | 00,000,000 | ---D | C] -- C:\Documents and Settings\RLinkhart\Application Data\Malwarebytes
[2009/05/05 14:51:37 | 00,015,504 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/05/05 14:51:37 | 00,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/05/05 14:51:35 | 00,038,496 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/05/05 14:51:34 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2009/05/05 14:51:33 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/05/05 14:50:15 | 02,967,800 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\RLinkhart\Desktop\mbam-setup.exe
[2009/05/05 14:48:24 | 00,001,734 | ---- | C] () -- C:\Documents and Settings\RLinkhart\Desktop\HijackThis.lnk
[2009/05/05 14:48:24 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2009/05/05 10:54:49 | 00,029,696 | ---- | C] () -- C:\Documents and Settings\RLinkhart\My Documents\RMMC - DeziRae Meetings.doc
[2009/05/05 09:12:35 | 00,034,304 | ---- | C] () -- C:\Documents and Settings\RLinkhart\My Documents\IHQ Missionary May 5 meeting RL notes.doc
[2009/05/05 08:21:16 | 00,072,704 | ---- | C] () -- C:\Documents and Settings\RLinkhart\My Documents\IHQ Missionary Team Charter2.doc
[2009/05/04 21:04:41 | 00,147,152 | ---- | C] () -- C:\Documents and Settings\RLinkhart\My Documents\Microsoft PowerPoint - SITE Friday Night.pdf
[2009/05/04 21:04:08 | 02,223,487 | ---- | C] () -- C:\Documents and Settings\RLinkhart\My Documents\Microsoft PowerPoint - SITE DC Restoration.pdf
[2009/05/04 21:03:13 | 00,690,350 | ---- | C] () -- C:\Documents and Settings\RLinkhart\My Documents\Microsoft PowerPoint - SITE DC 1.pdf
[2009/05/04 21:01:42 | 03,466,069 | ---- | C] () -- C:\Documents and Settings\RLinkhart\My Documents\Microsoft PowerPoint - SITE Book of Mormon.pdf
[2009/05/04 20:53:40 | 01,739,832 | ---- | C] () -- C:\Documents and Settings\RLinkhart\My Documents\Andrew Fellowship.pdf
[2009/05/04 20:51:46 | 01,739,832 | ---- | C] () -- C:\Documents and Settings\RLinkhart\My Documents\QuickTime.pdf
[2009/05/04 20:37:38 | 00,098,053 | ---- | C] () -- C:\Documents and Settings\RLinkhart\My Documents\Andrew 3.pdf
[2009/05/04 20:35:52 | 00,045,270 | ---- | C] () -- C:\Documents and Settings\RLinkhart\My Documents\Andrew 1.pdf
[2009/05/04 20:17:16 | 00,025,088 | ---- | C] () -- C:\Documents and Settings\RLinkhart\My Documents\Recipe Dilly Bread 2.doc
[2009/05/04 20:15:39 | 00,024,576 | ---- | C] () -- C:\Documents and Settings\RLinkhart\My Documents\Recipe Tangy Pork Chops.doc
[2009/05/03 09:40:40 | 00,024,576 | ---- | C] () -- C:\Documents and Settings\RLinkhart\My Documents\Prayer of Devotion.doc
[2009/05/03 05:16:39 | 00,027,136 | ---- | C] () -- C:\Documents and Settings\RLinkhart\My Documents\prayer 5-09.doc
[2009/05/02 18:48:35 | 00,025,088 | ---- | C] () -- C:\Documents and Settings\RLinkhart\My Documents\SITE Billings Make Up Assignment.doc
[2009/05/02 10:26:52 | 00,038,912 | ---- | C] () -- C:\Documents and Settings\RLinkhart\My Documents\SITE CLW Equivalent Options.doc
[2009/05/02 09:11:34 | 00,029,184 | ---- | C] () -- C:\Documents and Settings\RLinkhart\My Documents\SITE Testimony Feedback - Jannetta.doc
[2009/05/02 07:57:08 | 00,025,088 | ---- | C] () -- C:\Documents and Settings\RLinkhart\My Documents\Inland West May-09 Growing the Community of Christ Boise.doc
[2009/05/01 15:09:26 | 00,028,160 | ---- | C] () -- C:\Documents and Settings\RLinkhart\My Documents\SITE Schedule May 09.doc
[2009/05/01 07:32:53 | 00,208,896 | ---- | C] () -- C:\Documents and Settings\RLinkhart\My Documents\Longmont May 2009 Newsletter.doc
[2009/05/01 07:32:45 | 00,082,432 | ---- | C] () -- C:\Documents and Settings\RLinkhart\My Documents\Longmont May 09 Calendar.doc
[2009/04/30 20:21:28 | 00,063,488 | ---- | C] () -- C:\Documents and Settings\RLinkhart\My Documents\Sermon Prep I John 4-7-14.doc
[2009/04/30 06:23:51 | 00,000,000 | ---D | C] -- C:\Documents and Settings\RLinkhart\My Documents\Discipleship NOW Brocure etc (print ready)
[2009/04/29 20:19:19 | 01,657,523 | ---- | C] () -- C:\Documents and Settings\RLinkhart\My Documents\Discipleship NOW Brochure Design - FINISHED Version.pdf
[2009/04/29 20:15:58 | 00,176,132 | ---- | C] () -- C:\Documents and Settings\RLinkhart\My Documents\Discipleship NOW Logo (no tagline).JPG
[2009/04/29 18:32:41 | 00,025,088 | ---- | C] () -- C:\Documents and Settings\RLinkhart\My Documents\SITE Smith Book of Mormon seminar reflection.doc
[2009/04/29 14:04:45 | 00,220,424 | ---- | C] () -- C:\Documents and Settings\RLinkhart\My Documents\Discipleship NOW Logo 1.JPG
[2009/04/29 14:04:08 | 01,657,523 | ---- | C] () -- C:\Documents and Settings\RLinkhart\My Documents\Discipleship NOW Brochure Design - 4-29-2009 FINAL (wChanges).pdf
[2009/04/29 14:03:04 | 00,088,064 | ---- | C] () -- C:\Documents and Settings\RLinkhart\My Documents\AZMC Conference 090502 Agenda.doc
[2009/04/29 13:33:38 | 00,028,160 | ---- | C] () -- C:\Documents and Settings\RLinkhart\My Documents\Discipleship NOW Instructor Plan 2010.doc
[2009/04/29 09:34:29 | 00,159,744 | ---- | C] () -- C:\Documents and Settings\RLinkhart\My Documents\Discipleship NOW GreenSky communications.doc
[2009/04/29 09:20:13 | 00,037,376 | ---- | C] () -- C:\Documents and Settings\RLinkhart\My Documents\SITE McLaughlin syllabus Final 10-09.doc
[2009/04/29 08:11:57 | 00,193,601 | ---- | C] () -- C:\Documents and Settings\RLinkhart\My Documents\Balanced Living Swine Flu Special Edition.pdf
[2009/04/29 06:43:57 | 01,654,581 | ---- | C] () -- C:\Documents and Settings\RLinkhart\My Documents\Discipleship NOW Brochure Design Copy 2 - 4-29-09.pdf
[2009/04/29 06:39:20 | 01,654,581 | ---- | C] () -- C:\Documents and Settings\RLinkhart\My Documents\Discipleship NOW Brochure Design Final A - 4-29-09.pdf
[2009/04/28 07:24:58 | 01,303,696 | ---- | C] () -- C:\Documents and Settings\RLinkhart\My Documents\Microsoft PowerPoint - Discipleship NOW Brochure Design green.pdf
[2009/04/27 06:48:04 | 00,000,000 | ---D | C] -- C:\Documents and Settings\RLinkhart\Application Data\Creative
[2009/04/27 05:47:16 | 00,424,070 | ---- | C] () -- C:\Documents and Settings\RLinkhart\My Documents\Discipleship NOW Hand Copy Logo Variations.pdf
[2009/04/27 05:45:53 | 00,424,070 | ---- | C] () -- C:\Documents and Settings\RLinkhart\My Documents\Discipleship NOW Hand Logo Variations.pdf
[2009/04/25 11:53:25 | 00,043,520 | ---- | C] () -- C:\Documents and Settings\RLinkhart\My Documents\Discipleship NOW General Info.doc
[2009/04/24 15:34:54 | 00,034,304 | ---- | C] () -- C:\Documents and Settings\RLinkhart\My Documents\Morden Grant Fund Report West Central USA Mission Field 1 page summary 042409.doc
[2009/04/24 13:12:31 | 00,015,360 | ---- | C] () -- C:\Documents and Settings\RLinkhart\My Documents\NOW Morden Budget thru 2010.xls
[2009/04/24 09:28:50 | 00,104,960 | ---- | C] () -- C:\Documents and Settings\RLinkhart\My Documents\Morden Grant Fund Report West Central USA Mission Field full report 042409.doc
[2009/04/24 08:34:37 | 00,051,200 | ---- | C] () -- C:\Documents and Settings\RLinkhart\My Documents\NOW PowerPoint Text Only.doc
[2009/04/24 07:47:09 | 00,025,600 | ---- | C] () -- C:\Documents and Settings\RLinkhart\My Documents\Sunstone SLC Women & the Priesthood Proposal.doc
[2009/04/23 16:39:06 | 00,014,336 | ---- | C] () -- C:\Documents and Settings\RLinkhart\My Documents\Matt Budget Recap.xls
[2009/04/23 11:34:42 | 00,075,264 | ---- | C] () -- C:\Documents and Settings\RLinkhart\My Documents\MACM Leadership Paper #3.doc
[2009/04/23 11:08:39 | 00,304,462 | ---- | C] () -- C:\Documents and Settings\RLinkhart\My Documents\Sunstone SLC Call for Papers.pdf
[2009/04/22 23:05:04 | 11,747,280 | ---- | C] () -- C:\Documents and Settings\RLinkhart\My Documents\Rob Bell 111608.mp3
[2009/04/22 23:02:41 | 13,410,304 | ---- | C] () -- C:\Documents and Settings\RLinkhart\My Documents\Rob Bell 091607.mp3
[2009/04/22 23:01:01 | 07,862,880 | ---- | C] () -- C:\Documents and Settings\RLinkhart\My Documents\Rob Bell 090306.mp3
[2009/04/22 22:59:39 | 00,024,576 | ---- | C] () -- C:\Documents and Settings\RLinkhart\My Documents\Medical Centerpoint FAX.doc
[2009/04/22 22:47:54 | 08,194,652 | ---- | C] () -- C:\Documents and Settings\RLinkhart\My Documents\Rob Bell 121105.mp3
[2009/04/22 22:42:51 | 05,900,489 | ---- | C] () -- C:\Documents and Settings\RLinkhart\My Documents\Rob Bell 050904.mp3
[2009/04/22 17:29:07 | 00,043,008 | ---- | C] () -- C:\Documents and Settings\RLinkhart\My Documents\Barnett-Linkhart dialogue.doc
[2009/04/22 14:10:52 | 00,227,082 | ---- | C] () -- C:\Documents and Settings\RLinkhart\My Documents\Astle - RMMC - Discernment Series.pdf
[2009/04/21 13:14:02 | 00,468,302 | ---- | C] () -- C:\Documents and Settings\RLinkhart\My Documents\Inland West Spring Newsletter 2009.pdf
[2009/04/21 08:24:37 | 00,000,000 | ---D | C] -- C:\Documents and Settings\RLinkhart\My Documents\Downloads
[2009/04/21 08:02:59 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\xing shared
[2009/04/21 08:02:57 | 00,000,897 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\RealPlayer.lnk
[2009/04/21 08:01:39 | 00,001,773 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[2009/04/21 08:01:15 | 00,000,882 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachine.job
[2009/04/21 07:34:03 | 00,047,616 | ---- | C] () -- C:\Documents and Settings\RLinkhart\My Documents\IHQ Q&A 2009.doc
[2009/04/20 20:49:15 | 00,151,552 | ---- | C] () -- C:\Documents and Settings\RLinkhart\My Documents\Linkhart 200807 special corrected1.xls
[2009/04/20 20:46:59 | 00,154,112 | ---- | C] () -- C:\Documents and Settings\RLinkhart\My Documents\Linkhart 200902 corrected1.xls
[2009/04/20 20:44:09 | 00,154,112 | ---- | C] () -- C:\Documents and Settings\RLinkhart\My Documents\Linkhart 200808 corrected1.xls
[2009/04/20 20:43:05 | 00,151,552 | ---- | C] () -- C:\Documents and Settings\RLinkhart\My Documents\Linkhart 200807 corrected 1.xls
[2009/04/20 15:37:28 | 00,161,280 | ---- | C] () -- C:\Documents and Settings\RLinkhart\My Documents\Linkhart 200903.xls
[2009/04/20 12:43:14 | 00,037,888 | ---- | C] () -- C:\Documents and Settings\RLinkhart\My Documents\Morden Missionary Training Grant Update - 2008 North Atlantic Mission Field.doc
[2009/04/17 10:32:21 | 00,025,088 | ---- | C] () -- C:\Documents and Settings\RLinkhart\My Documents\Ordination Charge.doc
[2009/04/17 06:45:49 | 00,026,624 | ---- | C] () -- C:\Documents and Settings\RLinkhart\My Documents\Ordination Prayer - Seventy.doc
[2009/04/16 12:04:45 | 01,747,196 | ---- | C] () -- C:\Documents and Settings\RLinkhart\My Documents\Midlands Conference Bulletin 041809.pdf
[2009/04/16 11:36:17 | 00,024,450 | ---- | C] () -- C:\Documents and Settings\RLinkhart\My Documents\Full page fax print.pdf
[2009/04/16 11:34:49 | 00,086,421 | ---- | C] () -- C:\Documents and Settings\RLinkhart\My Documents\Disipleship NOW Extra Logo.JPG
[2009/04/16 11:32:16 | 00,077,258 | ---- | C] () -- C:\Documents and Settings\RLinkhart\My Documents\Discipleship NOW Logos.pdf
[2009/04/16 11:29:25 | 00,729,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lsasrv.dll
[2009/04/16 11:29:25 | 00,473,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fastprox.dll
[2009/04/16 11:29:25 | 00,453,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiprvsd.dll
[2009/04/16 11:29:25 | 00,401,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rpcss.dll
[2009/04/16 11:29:25 | 00,284,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pdh.dll
[2009/04/16 11:29:25 | 00,227,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiprvse.exe
[2009/04/16 11:29:24 | 00,714,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntdll.dll
[2009/04/16 11:29:24 | 00,617,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\advapi32.dll
[2009/04/16 11:27:42 | 00,485,016 | ---- | C] () -- C:\Documents and Settings\RLinkhart\My Documents\Discipleship NOW 4-09 cofc_letter_of_intent.pdf
[2009/04/16 11:26:58 | 00,002,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpsp4res.dll
[2009/04/16 11:26:57 | 01,203,922 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sysmain.sdb
[2009/04/16 11:26:57 | 00,215,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wordpad.exe
[2009/04/14 07:13:11 | 00,296,478 | ---- | C] () -- C:\Documents and Settings\RLinkhart\My Documents\Discipleship NOW Young Airline Ticket 4_7_09.pdf
[2009/04/12 00:07:23 | 00,057,856 | ---- | C] () -- C:\Documents and Settings\RLinkhart\My Documents\Sermon John 20-1-18 2009.doc
[2009/04/11 09:58:21 | 00,050,176 | ---- | C] () -- C:\Documents and Settings\RLinkhart\My Documents\Inland West 4.9.2009.doc
[2009/04/10 07:10:46 | 00,029,184 | ---- | C] () -- C:\Documents and Settings\RLinkhart\My Documents\Good Friday St Joe 2009.doc
[2009/04/09 22:12:52 | 00,059,392 | ---- | C] () -- C:\Documents and Settings\RLinkhart\My Documents\Sermon Research John 20-1-18.doc
[2009/04/09 10:26:27 | 02,000,182 | ---- | C] () -- C:\Documents and Settings\RLinkhart\My Documents\Quilt Pattern QMMP-090600-TW.pdf
[2009/04/09 09:04:59 | 00,049,152 | ---- | C] () -- C:\Documents and Settings\RLinkhart\My Documents\Veazey Address to Church Outline 2009-04-05.doc
[2009/04/08 22:12:38 | 00,210,385 | ---- | C] () -- C:\Documents and Settings\RLinkhart\My Documents\Discipleship Now Brochure 3 (RL feedback).pdf
[2009/04/08 22:12:27 | 00,140,288 | ---- | C] () -- C:\Documents and Settings\RLinkhart\My Documents\Discipleship Now Brochure 3 (RL feedback).pub
[2009/04/08 22:10:27 | 00,210,507 | ---- | C] () -- C:\Documents and Settings\RLinkhart\My Documents\Discipleship Now Brochure 2 (RL feedback).pdf
[2009/04/08 22:10:18 | 00,140,288 | ---- | C] () -- C:\Documents and Settings\RLinkhart\My Documents\Discipleship Now Brochure 2 (RL feedback).pub
[2009/04/08 22:08:38 | 00,374,939 | ---- | C] () -- C:\Documents and Settings\RLinkhart\My Documents\Discipleship Now Brochure (RL feedback).pdf
[2009/04/08 12:01:15 | 00,117,760 | ---- | C] () -- C:\Documents and Settings\RLinkhart\My Documents\SITE Scherer - Summary Mapping BoM Historicity Debates.doc
[2009/04/08 11:12:17 | 00,296,544 | ---- | C] () -- C:\Documents and Settings\RLinkhart\My Documents\SEVENTY NEWSLETTER WINTER 2009.pdf
[2009/04/08 09:48:56 | 00,013,344 | ---- | C] () -- C:\Documents and Settings\RLinkhart\My Documents\Express Toll Stmt_2174115_2_21_2009.pdf
[2009/04/08 09:48:25 | 00,012,453 | ---- | C] () -- C:\Documents and Settings\RLinkhart\My Documents\Express Toll Stmt_2174115_1_21_2009.pdf
[2009/04/08 09:48:00 | 00,009,557 | ---- | C] () -- C:\Documents and Settings\RLinkhart\My Documents\Express Toll Stmt_2174115_12_21_2008.pdf
[2009/04/08 09:47:36 | 00,011,057 | ---- | C] () -- C:\Documents and Settings\RLinkhart\My Documents\Express Toll Stmt_2174115_11_21_2008.pdf
[2009/04/08 09:47:15 | 00,009,568 | ---- | C] () -- C:\Documents and Settings\RLinkhart\My Documents\Express Toll Stmt_2174115_10_21_2008.pdf
[2009/04/08 00:07:29 | 00,037,376 | ---- | C] () -- C:\Documents and Settings\RLinkhart\My Documents\Congo Story.doc
[2009/04/07 14:08:23 | 00,228,532 | ---- | C] () -- C:\Documents and Settings\RLinkhart\My Documents\Tax 2008 Mollie Linkhart f1040ez.pdf
[2009/04/07 09:11:11 | 00,033,280 | ---- | C] () -- C:\Documents and Settings\RLinkhart\My Documents\Easter 2009 drama in the Springs.doc
[2009/04/07 09:10:58 | 00,073,728 | ---- | C] () -- C:\Documents and Settings\RLinkhart\My Documents\Easter 2009 Worship in the Springs.doc
[2009/04/06 17:25:54 | 00,053,248 | ---- | C] () -- C:\Documents and Settings\RLinkhart\My Documents\Sermon John 14-1-7 Good Friday 2009.doc
[2009/04/06 16:40:44 | 00,035,840 | ---- | C] () -- C:\Documents and Settings\RLinkhart\My Documents\Easter Resources.doc
[2009/04/06 13:24:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData
[2009/04/06 13:01:23 | 00,088,576 | ---- | C] () -- C:\Documents and Settings\RLinkhart\My Documents\SITE Scherer Syllabus Final.doc
[2009/04/06 00:00:49 | 13,440,698 | ---- | C] () -- C:\Documents and Settings\RLinkhart\My Documents\Rob Bell Easter 042207.mp3
[2009/04/05 22:40:32 | 00,070,656 | ---- | C] () -- C:\Documents and Settings\RLinkhart\My Documents\Veazey A Defining Moment.doc
[2008/11/14 15:15:41 | 00,110,592 | R--- | C] () -- C:\WINDOWS\System32\JPEG32.DLL
[2008/05/10 07:52:24 | 00,000,028 | ---- | C] () -- C:\WINDOWS\pdf995.ini
[2008/04/05 21:42:04 | 00,051,716 | ---- | C] () -- C:\WINDOWS\System32\pdf995mon.dll
[2008/04/05 21:42:04 | 00,000,142 | ---- | C] () -- C:\WINDOWS\wpd99.drv
[2008/02/11 09:05:42 | 00,000,100 | ---- | C] () -- C:\WINDOWS\OPHA.ini
[2007/11/08 13:45:47 | 00,007,680 | ---- | C] () -- C:\WINDOWS\System32\CNMVS71.DLL
[2007/10/15 13:40:01 | 00,000,000 | ---- | C] () -- C:\WINDOWS\QuickInstall.INI
[2007/10/05 15:58:41 | 00,000,000 | ---- | C] () -- C:\WINDOWS\webica.ini
[2006/11/06 16:49:36 | 00,000,310 | ---- | C] () -- C:\WINDOWS\primopdf.ini
[2006/09/27 12:30:40 | 00,176,235 | ---- | C] () -- C:\WINDOWS\System32\Primomonnt.dll
[2006/09/27 11:40:37 | 00,017,408 | ---- | C] () -- C:\WINDOWS\System32\rpcnetp.dll
[2006/09/13 10:22:57 | 00,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2006/09/13 10:17:55 | 00,023,552 | ---- | C] () -- C:\WINDOWS\System32\jesterss.dll
[2006/09/13 10:08:58 | 00,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/09/13 09:53:08 | 00,103,968 | ---- | C] () -- C:\WINDOWS\System32\FpWinTab.dll
[2006/06/27 01:59:05 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/06/23 21:43:07 | 00,167,936 | R--- | C] () -- C:\WINDOWS\System32\GBInf.dll
[2006/06/22 15:07:41 | 00,001,254 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2006/06/22 15:07:41 | 00,000,481 | ---- | C] () -- C:\WINDOWS\System32\emver.ini
[2006/06/22 15:07:00 | 00,000,613 | ---- | C] () -- C:\WINDOWS\win.ini
[2006/06/22 15:06:58 | 00,000,288 | ---- | C] () -- C:\WINDOWS\system.ini
[2004/09/01 16:56:40 | 00,003,584 | ---- | C] () -- C:\WINDOWS\System32\wceprv.dll
========== Files - Modified Within 30 Days ==========
[2 C:\WINDOWS\System32\*.tmp files]
[1 C:\WINDOWS\*.tmp files]
[2 C:\Documents and Settings\RLinkhart\My Documents\*.tmp files]
[2009/05/05 15:19:03 | 00,501,248 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\RLinkhart\Desktop\OTListIt2.exe
[2009/05/05 15:15:20 | 00,000,330 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2009/05/05 15:13:02 | 00,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/05/05 15:12:29 | 00,017,408 | ---- | M] () -- C:\WINDOWS\System32\rpcnetp.exe
[2009/05/05 15:12:20 | 00,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachine.job
[2009/05/05 15:12:19 | 00,047,104 | ---- | M] (Absolute Software Corp.) -- C:\WINDOWS\System32\rpcnet.dll
[2009/05/05 15:12:17 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/05/05 15:12:16 | 00,000,062 | -HS- | M] () -- C:\Documents and Settings\RLinkhart\Local Settings\desktop.ini
[2009/05/05 15:12:14 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/05/05 15:10:29 | 00,000,200 | ---- | M] () -- C:\Documents and Settings\RLinkhart\Desktop\Guidelines-Instructions for Posting in this Forum - Gladiator Security Forum.url
[2009/05/05 14:54:38 | 00,000,925 | ---- | M] () -- C:\Documents and Settings\RLinkhart\Desktop\Shortcut to ATF-Cleaner.exe.lnk
[2009/05/05 14:51:37 | 00,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/05/05 14:51:16 | 02,967,800 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\RLinkhart\Desktop\mbam-setup.exe
[2009/05/05 14:48:24 | 00,001,734 | ---- | M] () -- C:\Documents and Settings\RLinkhart\Desktop\HijackThis.lnk
[2009/05/05 14:27:49 | 00,002,521 | ---- | M] () -- C:\Documents and Settings\RLinkhart\Desktop\Microsoft Office Outlook 2003.lnk
[2009/05/05 11:20:09 | 00,029,696 | ---- | M] () -- C:\Documents and Settings\RLinkhart\My Documents\RMMC - DeziRae Meetings.doc
[2009/05/05 10:18:23 | 00,002,497 | ---- | M] () -- C:\Documents and Settings\RLinkhart\Desktop\Microsoft Office Word 2003.lnk
[2009/05/05 09:57:57 | 00,034,304 | ---- | M] () -- C:\Documents and Settings\RLinkhart\My Documents\IHQ Missionary May 5 meeting RL notes.doc
[2009/05/05 08:21:01 | 00,072,704 | ---- | M] () -- C:\Documents and Settings\RLinkhart\My Documents\IHQ Missionary Team Charter2.doc
[2009/05/04 21:04:43 | 00,147,152 | ---- | M] () -- C:\Documents and Settings\RLinkhart\My Documents\Microsoft PowerPoint - SITE Friday Night.pdf
[2009/05/04 21:04:12 | 02,223,487 | ---- | M] () -- C:\Documents and Settings\RLinkhart\My Documents\Microsoft PowerPoint - SITE DC Restoration.pdf
[2009/05/04 21:03:14 | 00,690,350 | ---- | M] () -- C:\Documents and Settings\RLinkhart\My Documents\Microsoft PowerPoint - SITE DC 1.pdf
[2009/05/04 21:01:50 | 03,466,069 | ---- | M] () -- C:\Documents and Settings\RLinkhart\My Documents\Microsoft PowerPoint - SITE Book of Mormon.pdf
[2009/05/04 20:53:41 | 01,739,832 | ---- | M] () -- C:\Documents and Settings\RLinkhart\My Documents\Andrew Fellowship.pdf
[2009/05/04 20:51:48 | 01,739,832 | ---- | M] () -- C:\Documents and Settings\RLinkhart\My Documents\QuickTime.pdf
[2009/05/04 20:37:38 | 00,098,053 | ---- | M] () -- C:\Documents and Settings\RLinkhart\My Documents\Andrew 3.pdf
[2009/05/04 20:35:52 | 00,045,270 | ---- | M] () -- C:\Documents and Settings\RLinkhart\My Documents\Andrew 1.pdf
[2009/05/04 20:17:17 | 00,025,088 | ---- | M] () -- C:\Documents and Settings\RLinkhart\My Documents\Recipe Dilly Bread 2.doc
[2009/05/04 20:15:39 | 00,024,576 | ---- | M] () -- C:\Documents and Settings\RLinkhart\My Documents\Recipe Tangy Pork Chops.doc
[2009/05/03 09:55:11 | 00,024,576 | ---- | M] () -- C:\Documents and Settings\RLinkhart\My Documents\Prayer of Devotion.doc
[2009/05/03 09:03:21 | 00,088,576 | ---- | M] () -- C:\Documents and Settings\RLinkhart\My Documents\SITE Scherer Syllabus Final.doc
[2009/05/03 05:16:39 | 00,027,136 | ---- | M] () -- C:\Documents and Settings\RLinkhart\My Documents\prayer 5-09.doc
[2009/05/02 18:49:28 | 00,025,088 | ---- | M] () -- C:\Documents and Settings\RLinkhart\My Documents\SITE Billings Make Up Assignment.doc
[2009/05/02 11:33:14 | 00,038,912 | ---- | M] () -- C:\Documents and Settings\RLinkhart\My Documents\SITE CLW Equivalent Options.doc
[2009/05/02 09:15:33 | 00,029,184 | ---- | M] () -- C:\Documents and Settings\RLinkhart\My Documents\SITE Testimony Feedback - Jannetta.doc
[2009/05/02 07:54:52 | 00,025,088 | ---- | M] () -- C:\Documents and Settings\RLinkhart\My Documents\Inland West May-09 Growing the Community of Christ Boise.doc
[2009/05/01 15:18:18 | 00,028,160 | ---- | M] () -- C:\Documents and Settings\RLinkhart\My Documents\SITE Schedule May 09.doc
[2009/05/01 07:19:15 | 00,208,896 | ---- | M] () -- C:\Documents and Settings\RLinkhart\My Documents\Longmont May 2009 Newsletter.doc
[2009/05/01 07:19:15 | 00,082,432 | ---- | M] () -- C:\Documents and Settings\RLinkhart\My Documents\Longmont May 09 Calendar.doc
[2009/04/30 20:40:34 | 00,063,488 | ---- | M] () -- C:\Documents and Settings\RLinkhart\My Documents\Sermon Prep I John 4-7-14.doc
[2009/04/30 06:14:14 | 00,159,744 | ---- | M] () -- C:\Documents and Settings\RLinkhart\My Documents\Discipleship NOW GreenSky communications.doc
[2009/04/29 20:19:19 | 01,657,523 | ---- | M] () -- C:\Documents and Settings\RLinkhart\My Documents\Discipleship NOW Brochure Design - FINISHED Version.pdf
[2009/04/29 20:15:58 | 00,176,132 | ---- | M] () -- C:\Documents and Settings\RLinkhart\My Documents\Discipleship NOW Logo (no tagline).JPG
[2009/04/29 14:04:45 | 00,220,424 | ---- | M] () -- C:\Documents and Settings\RLinkhart\My Documents\Discipleship NOW Logo 1.JPG
[2009/04/29 14:04:08 | 01,657,523 | ---- | M] () -- C:\Documents and Settings\RLinkhart\My Documents\Discipleship NOW Brochure Design - 4-29-2009 FINAL (wChanges).pdf
[2009/04/29 13:33:38 | 00,028,160 | ---- | M] () -- C:\Documents and Settings\RLinkhart\My Documents\Discipleship NOW Instructor Plan 2010.doc
[2009/04/29 09:16:39 | 00,037,376 | ---- | M] () -- C:\Documents and Settings\RLinkhart\My Documents\SITE McLaughlin syllabus Final 10-09.doc
[2009/04/29 08:11:57 | 00,193,601 | ---- | M] () -- C:\Documents and Settings\RLinkhart\My Documents\Balanced Living Swine Flu Special Edition.pdf
[2009/04/29 06:43:58 | 01,654,581 | ---- | M] () -- C:\Documents and Settings\RLinkhart\My Documents\Discipleship NOW Brochure Design Copy 2 - 4-29-09.pdf
[2009/04/29 06:39:20 | 01,654,581 | ---- | M] () -- C:\Documents and Settings\RLinkhart\My Documents\Discipleship NOW Brochure Design Final A - 4-29-09.pdf
[2009/04/28 07:24:58 | 01,303,696 | ---- | M] () -- C:\Documents and Settings\RLinkhart\My Documents\Microsoft PowerPoint - Discipleship NOW Brochure Design green.pdf
[2009/04/27 06:27:15 | 00,034,304 | ---- | M] () -- C:\Documents and Settings\RLinkhart\My Documents\Morden Grant Fund Report West Central USA Mission Field 1 page summary 042409.doc
[2009/04/27 06:23:34 | 00,104,960 | ---- | M] () -- C:\Documents and Settings\RLinkhart\My Documents\Morden Grant Fund Report West Central USA Mission Field full report 042409.doc
[2009/04/27 05:47:16 | 00,424,070 | ---- | M] () -- C:\Documents and Settings\RLinkhart\My Documents\Discipleship NOW Hand Copy Logo Variations.pdf
[2009/04/27 05:45:54 | 00,424,070 | ---- | M] () -- C:\Documents and Settings\RLinkhart\My Documents\Discipleship NOW Hand Logo Variations.pdf
[2009/04/25 21:11:03 | 00,088,064 | ---- | M] () -- C:\Documents and Settings\RLinkhart\My Documents\AZMC Conference 090502 Agenda.doc
[2009/04/25 20:40:37 | 00,001,773 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[2009/04/25 12:17:25 | 00,043,520 | ---- | M] () -- C:\Documents and Settings\RLinkhart\My Documents\Discipleship NOW General Info.doc
[2009/04/24 17:32:47 | 00,015,360 | ---- | M] () -- C:\Documents and Settings\RLinkhart\My Documents\NOW Morden Budget thru 2010.xls
[2009/04/24 10:05:50 | 00,051,200 | ---- | M] () -- C:\Documents and Settings\RLinkhart\My Documents\NOW PowerPoint Text Only.doc
[2009/04/23 16:57:00 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2009/04/23 16:39:06 | 00,014,336 | ---- | M] () -- C:\Documents and Settings\RLinkhart\My Documents\Matt Budget Recap.xls
[2009/04/23 11:34:42 | 00,075,264 | ---- | M] () -- C:\Documents and Settings\RLinkhart\My Documents\MACM Leadership Paper #3.doc
[2009/04/23 11:08:39 | 00,304,462 | ---- | M] () -- C:\Documents and Settings\RLinkhart\My Documents\Sunstone SLC Call for Papers.pdf
[2009/04/23 11:08:39 | 00,025,600 | ---- | M] () -- C:\Documents and Settings\RLinkhart\My Documents\Sunstone SLC Women & the Priesthood Proposal.doc
[2009/04/22 23:05:05 | 11,747,280 | ---- | M] () -- C:\Documents and Settings\RLinkhart\My Documents\Rob Bell 111608.mp3
[2009/04/22 23:02:41 | 13,410,304 | ---- | M] () -- C:\Documents and Settings\RLinkhart\My Documents\Rob Bell 091607.mp3
[2009/04/22 23:01:01 | 07,862,880 | ---- | M] () -- C:\Documents and Settings\RLinkhart\My Documents\Rob Bell 090306.mp3
[2009/04/22 22:59:39 | 00,024,576 | ---- | M] () -- C:\Documents and Settings\RLinkhart\My Documents\Medical Centerpoint FAX.doc
[2009/04/22 22:47:54 | 08,194,652 | ---- | M] () -- C:\Documents and Settings\RLinkhart\My Documents\Rob Bell 121105.mp3
[2009/04/22 22:42:52 | 05,900,489 | ---- | M] () -- C:\Documents and Settings\RLinkhart\My Documents\Rob Bell 050904.mp3
[2009/04/22 21:03:13 | 00,024,064 | ---- | M] () -- C:\Documents and Settings\RLinkhart\My Documents\MR fax cover sheet.doc
[2009/04/22 17:29:07 | 00,043,008 | ---- | M] () -- C:\Documents and Settings\RLinkhart\My Documents\Barnett-Linkhart dialogue.doc
[2009/04/22 14:10:52 | 00,227,082 | ---- | M] () -- C:\Documents and Settings\RLinkhart\My Documents\Astle - RMMC - Discernment Series.pdf
[2009/04/22 09:20:50 | 00,030,720 | ---- | M] () -- C:\Documents and Settings\RLinkhart\My Documents\Matthew Billing Oct 2008.doc
[2009/04/21 13:14:02 | 00,468,302 | ---- | M] () -- C:\Documents and Settings\RLinkhart\My Documents\Inland West Spring Newsletter 2009.pdf
[2009/04/21 08:40:17 | 00,161,280 | ---- | M] () -- C:\Documents and Settings\RLinkhart\My Documents\Linkhart 200903.xls
[2009/04/21 08:02:57 | 00,000,897 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\RealPlayer.lnk
[2009/04/21 08:02:36 | 00,278,528 | ---- | M] (Real Networks, Inc) -- C:\WINDOWS\System32\pncrt.dll
[2009/04/21 07:34:03 | 00,047,616 | ---- | M] () -- C:\Documents and Settings\RLinkhart\My Documents\IHQ Q&A 2009.doc
[2009/04/20 20:49:15 | 00,151,552 | ---- | M] () -- C:\Documents and Settings\RLinkhart\My Documents\Linkhart 200807 special corrected1.xls
[2009/04/20 20:46:59 | 00,154,112 | ---- | M] () -- C:\Documents and Settings\RLinkhart\My Documents\Linkhart 200902 corrected1.xls
[2009/04/20 20:44:09 | 00,154,112 | ---- | M] () -- C:\Documents and Settings\RLinkhart\My Documents\Linkhart 200808 corrected1.xls
[2009/04/20 20:43:05 | 00,151,552 | ---- | M] () -- C:\Documents and Settings\RLinkhart\My Documents\Linkhart 200807 corrected 1.xls
[2009/04/17 22:25:06 | 00,025,088 | ---- | M] () -- C:\Documents and Settings\RLinkhart\My Documents\Ordination Charge.doc
[2009/04/17 22:20:31 | 00,026,624 | ---- | M] () -- C:\Documents and Settings\RLinkhart\My Documents\Ordination Prayer - Seventy.doc
[2009/04/17 07:18:03 | 00,527,076 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/04/17 07:18:03 | 00,446,592 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/04/17 07:18:03 | 00,073,692 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009/04/17 06:51:08 | 00,037,888 | ---- | M] () -- C:\Documents and Settings\RLinkhart\My Documents\Morden Missionary Training Grant Update - 2008 North Atlantic Mission Field.doc
[2009/04/16 13:55:54 | 00,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2009/04/16 13:53:32 | 00,000,613 | ---- | M] () -- C:\WINDOWS\win.ini
[2009/04/16 12:04:45 | 01,747,196 | ---- | M] () -- C:\Documents and Settings\RLinkhart\My Documents\Midlands Conference Bulletin 041809.pdf
[2009/04/16 11:36:17 | 00,024,450 | ---- | M] () -- C:\Documents and Settings\RLinkhart\My Documents\Full page fax print.pdf
[2009/04/16 11:34:49 | 00,086,421 | ---- | M] () -- C:\Documents and Settings\RLinkhart\My Documents\Disipleship NOW Extra Logo.JPG
[2009/04/16 11:33:39 | 00,077,258 | ---- | M] () -- C:\Documents and Settings\RLinkhart\My Documents\Discipleship NOW Logos.pdf
[2009/04/16 11:27:43 | 00,485,016 | ---- | M] () -- C:\Documents and Settings\RLinkhart\My Documents\Discipleship NOW 4-09 cofc_letter_of_intent.pdf
[2009/04/14 07:13:11 | 00,296,478 | ---- | M] () -- C:\Documents and Settings\RLinkhart\My Documents\Discipleship NOW Young Airline Ticket 4_7_09.pdf
[2009/04/12 00:07:23 | 00,057,856 | ---- | M] () -- C:\Documents and Settings\RLinkhart\My Documents\Sermon John 20-1-18 2009.doc
[2009/04/11 09:52:54 | 00,050,176 | ---- | M] () -- C:\Documents and Settings\RLinkhart\My Documents\Inland West 4.9.2009.doc
[2009/04/10 09:07:00 | 00,053,248 | ---- | M] () -- C:\Documents and Settings\RLinkhart\My Documents\Sermon John 14-1-7 Good Friday 2009.doc
[2009/04/10 07:10:46 | 00,029,184 | ---- | M] () -- C:\Documents and Settings\RLinkhart\My Documents\Good Friday St Joe 2009.doc
[2009/04/09 22:12:52 | 00,059,392 | ---- | M] () -- C:\Documents and Settings\RLinkhart\My Documents\Sermon Research John 20-1-18.doc
[2009/04/09 10:26:39 | 02,000,182 | ---- | M] () -- C:\Documents and Settings\RLinkhart\My Documents\Quilt Pattern QMMP-090600-TW.pdf
[2009/04/09 07:12:36 | 00,049,152 | ---- | M] () -- C:\Documents and Settings\RLinkhart\My Documents\Veazey Address to Church Outline 2009-04-05.doc
[2009/04/08 22:12:52 | 00,140,288 | ---- | M] () -- C:\Documents and Settings\RLinkhart\My Documents\Discipleship Now Brochure 3 (RL feedback).pub
[2009/04/08 22:12:39 | 00,210,385 | ---- | M] () -- C:\Documents and Settings\RLinkhart\My Documents\Discipleship Now Brochure 3 (RL feedback).pdf
[2009/04/08 22:10:28 | 00,210,507 | ---- | M] () -- C:\Documents and Settings\RLinkhart\My Documents\Discipleship Now Brochure 2 (RL feedback).pdf
[2009/04/08 22:10:18 | 00,140,288 | ---- | M] () -- C:\Documents and Settings\RLinkhart\My Documents\Discipleship Now Brochure 2 (RL feedback).pub
[2009/04/08 22:08:48 | 00,140,288 | ---- | M] () -- C:\Documents and Settings\RLinkhart\My Documents\Discipleship Now Brochure (RL feedback).pub
[2009/04/08 22:08:40 | 00,374,939 | ---- | M] () -- C:\Documents and Settings\RLinkhart\My Documents\Discipleship Now Brochure (RL feedback).pdf
[2009/04/08 11:24:27 | 00,117,760 | ---- | M] () -- C:\Documents and Settings\RLinkhart\My Documents\SITE Scherer - Summary Mapping BoM Historicity Debates.doc
[2009/04/08 11:12:17 | 00,296,544 | ---- | M] () -- C:\Documents and Settings\RLinkhart\My Documents\SEVENTY NEWSLETTER WINTER 2009.pdf
[2009/04/08 09:48:56 | 00,013,344 | ---- | M] () -- C:\Documents and Settings\RLinkhart\My Documents\Express Toll Stmt_2174115_2_21_2009.pdf
[2009/04/08 09:48:25 | 00,012,453 | ---- | M] () -- C:\Documents and Settings\RLinkhart\My Documents\Express Toll Stmt_2174115_1_21_2009.pdf
[2009/04/08 09:48:00 | 00,009,557 | ---- | M] () -- C:\Documents and Settings\RLinkhart\My Documents\Express Toll Stmt_2174115_12_21_2008.pdf
[2009/04/08 09:47:36 | 00,011,057 | ---- | M] () -- C:\Documents and Settings\RLinkhart\My Documents\Express Toll Stmt_2174115_11_21_2008.pdf
[2009/04/08 09:47:15 | 00,009,568 | ---- | M] () -- C:\Documents and Settings\RLinkhart\My Documents\Express Toll Stmt_2174115_10_21_2008.pdf
[2009/04/08 00:07:29 | 00,037,376 | ---- | M] () -- C:\Documents and Settings\RLinkhart\My Documents\Congo Story.doc
[2009/04/07 14:08:23 | 00,228,532 | ---- | M] () -- C:\Documents and Settings\RLinkhart\My Documents\Tax 2008 Mollie Linkhart f1040ez.pdf
[2009/04/06 22:19:30 | 00,073,728 | ---- | M] () -- C:\Documents and Settings\RLinkhart\My Documents\Easter 2009 Worship in the Springs.doc
[2009/04/06 22:19:30 | 00,033,280 | ---- | M] () -- C:\Documents and Settings\RLinkhart\My Documents\Easter 2009 drama in the Springs.doc
[2009/04/06 16:40:45 | 00,035,840 | ---- | M] () -- C:\Documents and Settings\RLinkhart\My Documents\Easter Resources.doc
[2009/04/06 15:32:54 | 00,038,496 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/04/06 15:32:46 | 00,015,504 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/04/06 11:17:06 | 00,002,187 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Safari.lnk
[2009/04/06 08:57:24 | 24,921,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MRT.exe
[2009/04/06 00:00:51 | 13,440,698 | ---- | M] () -- C:\Documents and Settings\RLinkhart\My Documents\Rob Bell Easter 042207.mp3
========== LOP Check ==========
[2009/05/05 14:51:34 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Application Data
[2008/02/11 16:50:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2006/06/23 21:42:51 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Agilix
[2006/06/23 21:43:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Agilix GoBinder
[2007/10/26 13:21:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple
[2007/10/26 13:22:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple Computer
[2008/09/11 21:25:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Creative
[2008/07/30 21:19:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CyberLink
[2008/08/08 08:43:18 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GoBoingo
[2008/12/20 12:51:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Google
[2007/10/15 09:03:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HotSync
[2007/01/03 05:15:18 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Intel
[2009/05/05 14:51:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2008/11/05 22:17:13 | 00,000,000 | --SD | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2009/01/23 17:59:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\pdf995
[2006/06/27 00:16:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Prism Deploy
[2008/10/15 11:21:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Skype
[2008/11/14 15:15:51 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sonexis
[2006/09/27 11:39:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Symantec
[2008/04/05 21:40:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TaxCut
[2006/09/27 12:31:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[2009/05/05 15:09:40 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\RLinkhart\Application Data
[2007/10/12 11:48:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\RLinkhart\Application Data\Adobe
[2008/07/18 11:53:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\RLinkhart\Application Data\Apple Computer
[2007/10/31 09:40:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\RLinkhart\Application Data\Arcsoft
[2009/04/27 06:48:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\RLinkhart\Application Data\Creative
[2008/07/30 21:19:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\RLinkhart\Application Data\CyberLink
[2007/09/11 11:44:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\RLinkhart\Application Data\Google
[2007/10/15 13:39:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\RLinkhart\Application Data\Help
[2007/10/15 09:03:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\RLinkhart\Application Data\HotSync
[2007/10/05 15:59:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\RLinkhart\Application Data\ICAClient
[2006/06/22 22:19:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\RLinkhart\Application Data\Identities
[2008/11/14 15:15:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\RLinkhart\Application Data\InstallShield
[2007/01/03 05:15:18 | 00,000,000 | ---D | M] -- C:\Documents and Settings\RLinkhart\Application Data\Intel
[2007/10/10 16:28:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\RLinkhart\Application Data\Macromedia
[2009/05/05 14:51:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\RLinkhart\Application Data\Malwarebytes
[2007/10/22 09:46:37 | 00,000,000 | --SD | M] -- C:\Documents and Settings\RLinkhart\Application Data\Microsoft
[2008/03/28 02:09:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\RLinkhart\Application Data\Mozilla
[2007/12/20 14:28:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\RLinkhart\Application Data\Netscape
[2008/12/01 14:16:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\RLinkhart\Application Data\ooVoo Details
[2008/05/10 07:52:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\RLinkhart\Application Data\pdf995
[2008/03/28 02:16:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\RLinkhart\Application Data\Real
[2006/09/13 10:09:16 | 00,000,000 | ---D | M] -- C:\Documents and Settings\RLinkhart\Application Data\SampleView
[2009/04/29 09:24:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\RLinkhart\Application Data\Skype
[2009/04/29 08:01:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\RLinkhart\Application Data\skypePM
[2008/12/10 17:17:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\RLinkhart\Application Data\Sun
[2006/09/13 10:16:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\RLinkhart\Application Data\Symantec
[2008/03/28 02:10:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\RLinkhart\Application Data\Talkback
[2008/05/10 07:52:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\RLinkhart\Application Data\TaxCut
[2008/09/13 13:44:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\RLinkhart\Application Data\U3
[2009/04/23 16:57:00 | 00,000,284 | ---- | M] () -- C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
[2004/08/04 13:00:00 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\desktop.ini
[2009/05/05 15:12:20 | 00,000,882 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachine.job
[2006/09/27 11:31:07 | 00,000,258 | ---- | M] () -- C:\WINDOWS\Tasks\ISP signup reminder 1.job
[2006/09/27 11:31:07 | 00,000,258 | ---- | M] () -- C:\WINDOWS\Tasks\ISP signup reminder 2.job
[2006/09/27 11:31:07 | 00,000,258 | ---- | M] () -- C:\WINDOWS\Tasks\ISP signup reminder 3.job
[2009/05/05 15:15:20 | 00,000,330 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job
[2009/05/05 15:12:17 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT
========== Purity Check ==========
< End of report >
----------------------------
OTListIt Extras logfile created on: 5/5/2009 3:20:34 PM - Run 1
OTListIt2 by OldTimer - Version 2.0.15.3 Folder = C:\Documents and Settings\RLinkhart\Desktop
Windows XP Tablet PC Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1014.04 Mb Total Physical Memory | 423.16 Mb Available Physical Memory | 41.73% Memory free
2.38 Gb Paging File | 1.85 Gb Available in Paging File | 77.77% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 50.02 Gb Total Space | 32.92 Gb Free Space | 65.81% Space Free | Partition Type: NTFS
Drive D: | 5.85 Gb Total Space | 4.16 Gb Free Space | 71.09% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: LT703631
Current User Name: RLinkhart
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Output = Standard
File Age = 30 Days
Company Name Whitelist: On
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
"EnableFirewall" = 1
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"443:TCP" = 443:TCP:*:Enabled:ooVoo TCP port 443
"443:UDP" = 443:UDP:*:Enabled:ooVoo UDP port 443
"37674:TCP" = 37674:TCP:*:Enabled:ooVoo TCP port 37674
"37674:UDP" = 37674:UDP:*:Enabled:ooVoo UDP port 37674
"37675:UDP" = 37675:UDP:*:Enabled:ooVoo UDP port 37675
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[2008/04/13 12:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation) -- %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
[2009/04/21 08:02:36 | 00,214,536 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealPlayer\realplay.exe:*:Enabled:RealPlayer
[2007/07/24 15:17:08 | 00,229,376 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour
[2008/07/10 10:51:26 | 20,246,824 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes
[2008/04/13 12:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation) -- %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000
[2008/11/20 15:45:36 | 14,202,672 | ---- | M] (ooVoo) -- C:\Program Files\ooVoo\ooVoo.exe:*:Enabled:ooVoo
[2008/09/29 17:57:48 | 21,755,688 | R--- | M] (Skype Technologies S.A.) -- C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02DFF6B1-1654-411C-8D7B-FD6052EF016F}" = Apple Software Update
"{0759CACC-6CF9-4C3C-92C5-39668679AB16}" = Microsoft Ink Desktop
"{08CA9554-B5FE-4313-938F-D4A417B81175}" = QuickTime
"{0CAD092C-5D1E-48AD-A845-E1EBA9AF1AF8}" = Tablet PC Tutorials for Microsoft Windows XP SP2
"{0E2B0B41-7E08-4F9F-B21F-41C4133F43B7}" = mLogView
"{12723C3A-0FF8-4A0C-8BD3-DC958F388F67}" = GoBoingo!
"{14081443-583A-4605-BB91-83D38ADAC939}" = Microsoft Windows XP Tablet PC Edition 2005 Recognizer Pack
"{15095BF3-A3D7-4DDF-B193-3A496881E003}" = Microsoft .NET Framework 3.0
"{15377C3E-9655-400F-B441-E69F0A6BEAFE}" = Recovery Software Suite Gateway
"{1759CACC-6CF9-4C3C-92C5-39668679AB17}" = Microsoft Ink Crossword
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1FBEE61B-F90E-4EE3-AE94-FCB8BD6EC443}" = Ink Art
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = DVD Solution
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{23FB368F-1399-4EAC-817C-4B83ECBE3D83}" = mProSafe
"{29B3AB59-6634-41EB-8674-90F74E276285}" = ConferenceManager Print Driver
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35B91753-5789-4517-9CF1-2CCE3A8CF4F1}" = Apple Mobile Device Support
"{3E9D596A-61D4-4239-BD19-2DB984D2A16F}" = mIWA
"{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}" = Browser Address Error Redirector
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go 4.0
"{40FFC202-F842-44C7-ACBE-8B0EA690B1A3}" = Microsoft Education Pack for Windows XP Tablet PC Edition
"{4732D4A0-5A47-44D8-9B84-B3BD4906D30D}" = TaxCut Premium 2007
"{47BF1BD6-DCAC-468F-A0AD-E5DECC2211C3}" = Bonjour
"{491DD792-AD81-429C-9EB4-86DD3D22E333}" = Windows Communication Foundation
"{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}" = Skype™ 3.8
"{5E71102C-2CEB-4C8B-99D3-D33B9741EEDA}" = Agilix GoBinder Lite
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{7148F0A8-6813-11D6-A77B-00B0D0142000}" = Java 2 Runtime Environment, SE v1.4.2
"{7D1B85BD-AA07-48B8-808D-67A4067FC6BD}" = Windows Workflow Foundation
"{8853C080-7F5C-4020-B663-C57FE29BB858}" = Microsoft Snipping Tool 2.0
"{885744A4-1A01-44B0-858A-0AE6738CBCF7}" = PrimoPDF Redistribution Package
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel® Graphics Media Accelerator Driver
"{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}" = mPfMgr
"{8C6BB412-D3A8-4AAE-A01B-35B681789D68}" = mHelp
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel Matrix Storage Manager
"{90B0D222-8C21-4B35-9262-53B042F18AF9}" = mPfWiz
"{90CC4231-94AC-45CD-991A-0253BFAC0650}" = mDrWiFi
"{91110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{91A10409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office OneNote 2003
"{94658027-9F16-4509-BBD7-A59FE57C3023}" = mZConfig
"{9862E0CB-4727-4FFC-963A-E22A9E9EC10C}" = Creative ZEN V Series (R2)
"{99747F0D-D4F8-4877-9CA0-4AE96D963633}" = CA eTrust Antivirus
"{9CC89556-3578-48DD-8408-04E66EBEF401}" = mXML
"{A06275F4-324B-4E85-95E6-87B2CD729401}" = Windows Defender
"{A0F925BF-5C55-44C2-A4E7-5A4C59791C29}" = mDriver
"{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}" = SigmaTel Audio
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-A81200000003}" = Adobe Reader 8.1.2
"{B508B3F1-A24A-32C0-B310-85786919EF28}" = Microsoft .NET Framework 2.0 Service Pack 1
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{BDCF27CA-BFC4-4F49-8D24-A925C9505AB8}" = Windows Rights Management Client with Service Pack 2
"{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}" = Creative MediaSource 5
"{C12EB29D-9D64-4ACA-84C2-33D8729AABD3}" = Microsoft Experience Pack for Tablet PC
"{C63E7C60-25EB-11D3-8EDA-00A0C911E8E5}" = Microsoft Outlook Personal Folders Backup
"{C9D96682-5A4D-45FA-BA3E-DDCB2B0CB868}" = Safari
"{C9E4932C-8417-4E4C-A0E3-EE534810AB4D}" = ClearType Tuning Control Panel Applet
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{DF1D5FEC-D67C-43C8-9230-41F5DF350196}" = MetaFrame Presentation Server Client
"{E81667C6-2856-46D6-ABEA-6A2F42166779}" = mCore
"{EC905264-BCFE-423B-9C42-C3A106266790}" = Windows Rights Management Client Backwards Compatibility SP2
"{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}" = PL-2303 USB-to-Serial
"{EF6C4600-306D-4F6A-A119-C2A877D25B4A}" = iTunes
"{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}" = mMHouse
"{F6C2D09F-6C82-48BB-A9D5-6A0478F52BD6}" = Microsoft Media Transfer
"{FA7314E7-9428-4866-80A8-762A538444DB}" = Microsoft Energy Blue Theme Pack
"{FAA7F8FF-3C05-4A61-8F14-D8A6E9ED6623}" = ooVoo
"{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}" = mWlsSafe
"{FF8157AA-F640-45BD-B7C2-BAA1016B267A}" = palmOne
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"AudibleManager" = AudibleManager
"Canon iP90 series User Registration" = Canon iP90 series User Registration
"Canon iP90 Setup Utility" = Canon iP90 Setup Utility
"CANONBJ_Deinstall_CNMCP71.DLL" = Canon iP90
"CanonMyPrinter" = Canon My Printer
"Creative Removable Disk Manager" = Creative Removable Disk Manager
"Easy-PhotoPrint" = Canon Utilities Easy-PhotoPrint
"Easy-WebPrint" = Easy-WebPrint
"Google Chrome" = Google Chrome
"HijackThis" = HijackThis 2.0.2
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.0" = Microsoft .NET Framework 3.0
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"OKI LPR Utility" = OKI LPR Utility
"Pdf995" = Pdf995 (installed by TaxCut)
"PdfEdit995" = PdfEdit995 (installed by TaxCut)
"Photodex Presenter" = Photodex Presenter
"PrimoPDF3.0" = PrimoPDF
"PrimoPDF3.2" = PrimoPDF
"ProInst" = Intel® PROSet/Wireless Software
"PROSet" = Intel® PRO Network Connections Drivers
"RealPlayer 6.0" = RealPlayer
"SMSERIAL" = Motorola SM56 Data Fax Modem
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"SysInfo" = Creative System Information
"Tweak UI 2.10" = Tweak UI
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinPhlash" = WinPhlash
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"ZENcast Organizer" = ZENcast Organizer
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 4/27/2009 9:29:10 PM | Computer Name = LT703631 | Source = Application Hang | ID = 1002
Description = Hanging application OUTLOOK.EXE, version 11.0.8217.0, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 4/27/2009 9:58:29 PM | Computer Name = LT703631 | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 6.0.2900.5512, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 4/28/2009 9:29:19 AM | Computer Name = LT703631 | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
with error: This operation returned because the timeout period expired.
Error - 4/28/2009 9:29:19 AM | Computer Name = LT703631 | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
with error: The specified server cannot perform the requested operation.
Error - 5/4/2009 9:43:27 AM | Computer Name = LT703631 | Source = Application Hang | ID = 1002
Description = Hanging application OUTLOOK.EXE, version 11.0.8217.0, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 5/4/2009 10:03:24 AM | Computer Name = LT703631 | Source = Application Hang | ID = 1002
Description = Hanging application sysguard.exe, version 5.1.2600.0, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 5/4/2009 1:12:35 PM | Computer Name = LT703631 | Source = Application Hang | ID = 1002
Description = Hanging application sysguard.exe, version 5.1.2600.0, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 5/4/2009 1:12:55 PM | Computer Name = LT703631 | Source = Application Hang | ID = 1001
Description = Fault bucket 1212453183.
Error - 5/4/2009 2:10:48 PM | Computer Name = LT703631 | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 6.0.2900.5512, faulting
module ntdll.dll, version 5.1.2600.5755, fault address 0x0001aa21.
Error - 5/5/2009 6:20:05 AM | Computer Name = LT703631 | Source = Application Hang | ID = 1002
Description = Hanging application sysguard.exe, version 5.1.2600.0, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
[ System Events ]
Error - 5/4/2009 11:03:11 PM | Computer Name = LT703631 | Source = SideBySide | ID = 16842811
Description = Generate Activation Context failed for C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\MFC80U.DLL.
Reference
error message: The operation completed successfully. .
Error - 5/4/2009 11:04:06 PM | Computer Name = LT703631 | Source = SideBySide | ID = 16842784
Description = Dependent Assembly Microsoft.VC80.MFCLOC could not be found and Last
Error was The referenced assembly is not installed on your system.
Error - 5/4/2009 11:04:06 PM | Computer Name = LT703631 | Source = SideBySide | ID = 16842811
Description = Resolve Partial Assembly failed for Microsoft.VC80.MFCLOC. Reference
error message: The referenced assembly is not installed on your system. .
Error - 5/4/2009 11:04:06 PM | Computer Name = LT703631 | Source = SideBySide | ID = 16842811
Description = Generate Activation Context failed for C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\MFC80U.DLL.
Reference
error message: The operation completed successfully. .
Error - 5/4/2009 11:04:39 PM | Computer Name = LT703631 | Source = SideBySide | ID = 16842784
Description = Dependent Assembly Microsoft.VC80.MFCLOC could not be found and Last
Error was The referenced assembly is not installed on your system.
Error - 5/4/2009 11:04:39 PM | Computer Name = LT703631 | Source = SideBySide | ID = 16842811
Description = Resolve Partial Assembly failed for Microsoft.VC80.MFCLOC. Reference
error message: The referenced assembly is not installed on your system. .
Error - 5/4/2009 11:04:39 PM | Computer Name = LT703631 | Source = SideBySide | ID = 16842811
Description = Generate Activation Context failed for C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\MFC80U.DLL.
Reference
error message: The operation completed successfully. .
Error - 5/4/2009 11:21:59 PM | Computer Name = LT703631 | Source = Dhcp | ID = 1001
Description = Your computer was not assigned an address from the network (by the
DHCP Server) for the Network Card with network address 001B7753C21C. The following
error occurred: %%1223. Your computer will continue to try and obtain an address
on its own from the network address (DHCP) server.
Error - 5/5/2009 5:12:17 PM | Computer Name = LT703631 | Source = sr | ID = 1
Description = The System Restore filter encountered the unexpected error '0xC0000001'
while processing the file '' on the volume 'HarddiskVolume1'. It has stopped monitoring
the volume.
Error - 5/5/2009 5:12:30 PM | Computer Name = LT703631 | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
abp480n5 adpu160m agp440 agpCPQ Aha154x aic78u2 aic78xx AliIde alim1541 amdagp amsint asc asc3350p
asc3550
cbidf
cd20xrnt
CmdIde
Cpqarray
dac2w2k
dac960nt
dpti2o
hpn
i2omp
ini910u
IntelIde
mraid35x
perc2
perc2hib
ql1080
Ql10wnt
ql12160
ql1240
ql1280
sisagp
Sparrow
symc810
symc8xx
sym_hi
sym_u3
TosIde
ultra
viaagp
ViaIde
< End of report >
---------
Results of screen317's Security Check version 0.98.3
Windows XP Service Pack 3
``````````````````````````````
Antivirus/Firewall Check:
``````````````````````````````
Windows Firewall Enabled!
CAeTrustAntivirus
TaxCutPremium2007
ECHO is off.
Error obtaining update status for antivirus!
``````````````````````````````
Anti-malware/Other Utilities Check:
``````````````````````````````
Windows Defender
Malwarebytes' Anti-Malware
HijackThis 2.0.2
Java 2 Runtime Environment, SE v1.4.2
``````````````````````````````
Process Check:
objlist.exe by Laurent
``````````````````````````````
Windows Defender MSMpEng.exe
Windows Defender MSASCui.exe
CA eTrust Antivirus InoRpc.exe
CA eTrust Antivirus InoRT.exe
CA eTrust Antivirus InoTask.exe
CA ETRUST~1 realmon.exe
``````````````````````````````
DNS Vulnerability Check:
``````````````````````````````
Scan took 37 seconds.
`````````End of Log```````````