Solved Health check, please - after Grinler's tutorial re: XP Security 2012 rogue

B00kWyrm

Posts: 992   +39
Hello Bobbye, Broni, et al

A friend approached me for help with a computer that had been basically bricked by xp security 2012. They are not "savvy" and feared not being able to follow directions. In order to help them regain some semblance of normal function, and gain access to the internet, I found Grinler's tutorial at Bleeping, and downloaded the tools to my own computer. I needed to run them in safe mode first, then reran them in Normal mode. This included RKILL and Kaspersky's TDSS Killer, as well as MBAM. The computer seems to be back to healthy, so started proceding with some updates (SP2 ->SP3, Java was out of Date, Adobe not successfully updating, some automatic updates keep repeating eg - KB2416447, and some refuse to complete - eg Office 2003). Still, knowing that malware is not always this "simple", thought I should get a health check from you, my trusted professionals in the field.

SO... here are the logs from my friends computer...

=====
GMER 1.0.15.15641 - http://www.gmer.net
Rootkit quick scan 2012-01-06 11:20:04
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 Maxtor_6Y080L0 rev.YAR41BW0
Running: 7tegdzu6.exe; Driver: C:\DOCUME~1\BECKIP~1\LOCALS~1\Temp\kfliipod.sys


---- Devices - GMER 1.0.15 ----

AttachedDevice \FileSystem\Ntfs \Ntfs mozy.sys (Mozy Change Monitor Filter Driver/Mozy, Inc.)
AttachedDevice \FileSystem\Fastfat \Fat mozy.sys (Mozy Change Monitor Filter Driver/Mozy, Inc.)
AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)

---- EOF - GMER 1.0.15 ----
=====
.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.18702
Run by Becki Price at 11:36:46 on 2012-01-06
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2047.1189 [GMT -5:00]
.
AV: Avira Desktop *Disabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\system32\CTHELPER.EXE
svchost.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Canon\MultiPASS4\MPSERVIC.EXE
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS\System32\svchost.exe -k imgsvc
C:\WINDOWS\System32\MsPMSPSv.exe
C:\WINDOWS\System32\dllhost.exe
C:\Program Files\MozyHome\mozybackup.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
.
============== Pseudo HJT Report ===============
.
uSearch Bar = hxxp://www.google.com/ie
uStart Page = hxxp://www.google.com/
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
mURLSearchHooks: H - No File
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll
BHO: WormRadar.com IESiteBlocker.NavFilter: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - AVG Safe Search
BHO: AOL Toolbar Loader: {3ef64538-8b54-4573-b48f-4d34b0238ab2} - c:\program files\aol toolbar\aoltb.dll
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: hpBHO Class: {abd3b5e1-b268-407b-a150-2641dab8d898} - c:\program files\common files\homepage protection\HomepageProtection.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.2.4204.1700\swg.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: MapQuest Toolbar Loader: {e34f0e11-ab79-487c-9773-36c594dff5aa} - c:\program files\mapquest toolbar\mqtb.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\program files\yahoo!\companion\installs\cpn\YTSingleInstance.dll
TB: MapQuest Toolbar: {57abf0dd-577c-4ec6-855c-8dc29768c2b0} - c:\program files\mapquest toolbar\mqtb.dll
TB: AOL Toolbar: {ba00b7b1-0351-477a-b948-23e3ee5a73d4} - c:\program files\aol toolbar\aoltb.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
TB: {4982D40A-C53B-4615-B15B-B5B5E98D167C} - No File
TB: {A057A204-BACC-4D26-9990-79A187E2698E} - No File
uRun: [updateMgr] c:\program files\adobe\acrobat 7.0\reader\AdobeUpdateManager.exe AcRdB7_0_9
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [Uniblue RegistryBooster 2] c:\program files\uniblue\registrybooster 2\RegistryBooster.exe /S
uRun: [Picasa Media Detector] c:\program files\picasa2\PicasaMediaDetector.exe
uRun: [Uniblue RegistryBooster 2009] c:\program files\uniblue\registrybooster\RegistryBooster.exe /S
uRun: [Uniblue SpeedUpMyPC] c:\program files\uniblue\speedupmypc 3\SpeedUpMyPC.exe -s
uRun: [ISUSPM] "c:\program files\common files\installshield\updateservice\ISUSPM.exe" -scheduler
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [IAAnotif] c:\program files\intel\intel application accelerator\iaanotif.exe
mRun: [CTSysVol] c:\program files\creative\sbaudigy2\surround mixer\CTSysVol.exe
mRun: [CTDVDDet] c:\program files\creative\sbaudigy2\dvdaudio\CTDVDDet.EXE
mRun: [CTHelper] CTHELPER.EXE
mRun: [AsioReg] REGSVR32.EXE /S CTASIO.DLL
mRun: [UpdReg] c:\windows\UpdReg.EXE
mRun: [monitr32] c:\program files\canon\multipass4\monitr32.exe
mRun: [fxredir] c:\windows\system32\fxredir.exe
mRun: [MPTBox] c:\program files\canon\multipass4\MPTBox.exe
mRun: [GhostStartTrayApp] c:\program files\symantec\norton ghost 2003\GhostStartTrayApp.exe
mRun: [Microsoft Works Portfolio] c:\program files\microsoft works\WksSb.exe /AllUsers
mRun: [Microsoft Works Update Detection] c:\program files\microsoft works\WkDetect.exe
mRun: [AOLDialer] c:\program files\common files\aol\acs\AOLDial.exe
mRun: [<NO NAME>]
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [RoxWatchTray] "c:\program files\common files\roxio shared\9.0\sharedcom\RoxWatchTray9.exe"
mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
mRun: [HostManager] c:\program files\common files\aol\1283354042\ee\AOLSoftware.exe
mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [Malwarebytes' Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript
mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min
mRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adober~1.lnk - c:\program files\adobe\reader\reader_sl.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\billmi~1.lnk - c:\quickenw\BILLMIND.EXE
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpphot~1.lnk - c:\program files\hp\digital imaging\bin\hpqthb08.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\micros~1.lnk - c:\program files\common files\microsoft shared\works shared\wkcalrem.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\mozyho~1.lnk - c:\program files\mozyhome\mozystat.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\quickb~1.lnk - c:\program files\common files\intuit\quickbooks\qbupdate\qbupdate.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\quicke~1.lnk - c:\quickenw\QWDLLS.EXE
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\winzip~1.lnk - c:\program files\winzip\WZQKPICK.EXE
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\mi1933~1\office12\EXCEL.EXE/3000
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE}
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBC} - c:\program files\java\jre6\bin\jp2iexp.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\mi1933~1\office12\REFIEBAR.DLL
LSP: mswsock.dll
Trusted Zone: allstate.com
Trusted Zone: allstate.com\agencygateway
Trusted Zone: allstate.com\agencygateway1
Trusted Zone: allstate.com\agencygateway2
Trusted Zone: allstate.com\allianceweb
Trusted Zone: allstate.com\mymail
Trusted Zone: allstatehelp.com
Trusted Zone: custhelp.com
Trusted Zone: gotoassist.com
Trusted Zone: intuit.com\ttlc
Trusted Zone: sumtotalsystems.com
Trusted Zone: turbotax.com
DPF: {01113300-3E00-11D2-8470-0060089874ED} - hxxps://activatemyfios.verizon.net/sdcCommon/download/FIOS/tgctlcm.cab
DPF: {0C4A9D28-66B5-4A70-B915-B6AEA5112472} - hxxp://wowjoy.net/js/ShortCut.cab
DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - hxxp://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {1A99AD04-C72C-484A-9EEE-1B29B1243263} - hxxp://down.ad-killer.net/adkiller/activex/ADKiller.cab
DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} - hxxp://office.microsoft.com/officeupdate/content/opuc2.cab
DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} - hxxp://aolcc.aol.com/computercheckup/qdiagcc.cab
DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} - hxxp://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab
DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {8BBDC81D-81B3-49EE-87E8-47B7A707FAE8} - hxxps://www.gotomeeting.com/default/applets/g2mdlax.cab
DPF: {938527D1-CDB7-4147-998A-B20FCA5CC976} - hxxp://cafeimg.hanmail.net/cab9_1/dmcc2.cab
DPF: {A00B2A53-60D9-4477-ADA3-60490770C5E0} - hxxp://wwl514.daum.net/hanmail-ax/hanmail.cab
DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} - hxxp://www.sibelius.com/download/software/win/ActiveXPlugin.cab
DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} - hxxp://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
DPF: {BDF9A7C7-F4DC-455D-B5C2-045D74788295} - hxxps://objects.aol.com/filebackup/AOLRegistrationWizard.cab
DPF: {BF17C411-9ADA-4C73-B12C-BD814BDE187F} - hxxp://allstate.sumtotalsystems.com/sumtotal/core/common/ScheduleServices/ScheduleServices.cab
DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} - hxxps://allstate.webex.com/client/T26L10NSP49EP12/webex/ieatgpc.cab
.
============= SERVICES / DRIVERS ===============
.
R1 avkmgr;avkmgr;c:\windows\system32\drivers\avkmgr.sys [2012-1-7 36000]
R1 GhPciScan;GhostPciScanner;c:\program files\symantec\norton ghost 2003\GhPciScan.sys [2003-12-17 5632]
R2 AntiVirSchedulerService;Avira Scheduler;c:\program files\avira\antivir desktop\sched.exe [2012-1-7 86224]
R2 AntiVirService;Avira Realtime Protection;c:\program files\avira\antivir desktop\avguard.exe [2012-1-7 110032]
R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2012-1-7 74640]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2012-1-6 652872]
R2 mrtRate;mrtRate;c:\windows\system32\drivers\MrtRate.sys [2005-5-7 34916]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-1-6 20464]
S1 SBRE;SBRE;\??\c:\windows\system32\drivers\sbredrv.sys --> c:\windows\system32\drivers\SBREdrv.sys [?]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-1-5 135664]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-1-5 135664]
.
=============== Created Last 30 ================
.
2012-01-08 01:00:34 -------- d-----w- c:\documents and settings\becki price\application data\Avira
2012-01-08 00:54:28 74640 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2012-01-08 00:54:28 36000 ----a-w- c:\windows\system32\drivers\avkmgr.sys
2012-01-08 00:54:27 -------- d-----w- c:\program files\Avira
2012-01-08 00:54:27 -------- d-----w- c:\documents and settings\all users\application data\Avira
2012-01-07 21:44:27 978944 -c----w- c:\windows\system32\dllcache\mfc42.dll
2012-01-07 21:44:27 953856 -c----w- c:\windows\system32\dllcache\mfc40u.dll
2012-01-07 21:43:49 617472 -c----w- c:\windows\system32\dllcache\comctl32.dll
2012-01-07 21:43:00 40960 -c----w- c:\windows\system32\dllcache\ndproxy.sys
2012-01-07 21:41:07 139656 -c----w- c:\windows\system32\dllcache\rdpwd.sys
2012-01-07 21:41:06 105472 -c----w- c:\windows\system32\dllcache\mup.sys
2012-01-07 21:36:29 10496 -c----w- c:\windows\system32\dllcache\ndistapi.sys
2012-01-07 21:32:34 45568 -c----w- c:\windows\system32\dllcache\wab.exe
2012-01-07 21:32:23 590848 -c----w- c:\windows\system32\dllcache\rpcrt4.dll
2012-01-07 18:32:02 8192 -c----w- c:\windows\system32\dllcache\asferror.dll
2012-01-07 18:32:01 695808 -c----w- c:\windows\system32\dllcache\drmv2clt.dll
2012-01-07 18:32:01 299520 -c----w- c:\windows\system32\dllcache\drmclien.dll
2012-01-07 18:32:01 294912 -c----w- c:\windows\system32\dllcache\dlimport.exe
2012-01-07 18:29:54 144384 ------w- c:\windows\system32\drivers\hdaudbus.sys
2012-01-07 18:29:53 10240 ------w- c:\windows\system32\drivers\sffp_mmc.sys
2012-01-07 18:27:26 19569 ----a-w- c:\windows\006245_.tmp
2012-01-06 22:04:01 -------- d-----w- c:\documents and settings\becki price\application data\Malwarebytes
2012-01-06 21:01:03 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes
2012-01-06 21:00:59 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-01-06 21:00:59 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-01-03 05:52:25 21504 ----a-w- c:\windows\system32\hidserv.dll
2012-01-03 05:52:20 12160 ----a-w- c:\windows\system32\drivers\mouhid.sys
2012-01-03 05:52:14 14592 ----a-w- c:\windows\system32\drivers\kbdhid.sys
2012-01-03 05:52:00 10368 ----a-w- c:\windows\system32\drivers\hidusb.sys
2011-12-30 22:31:32 -------- d-----w- c:\program files\8FA95
2011-12-30 22:30:48 -------- d-----w- c:\documents and settings\becki price\application data\4C68F
2011-12-30 22:30:41 -------- d-----w- c:\program files\LP
2011-12-30 22:30:21 -------- d-----w- c:\documents and settings\becki price\application data\wpHs7E8TqYwIrOA
2011-12-30 22:30:17 -------- d-----w- c:\documents and settings\becki price\application data\xwwjCCelIBtPyc
2011-12-30 22:30:14 -------- d-----w- c:\documents and settings\becki price\application data\cllIIBtzP
2011-12-30 22:29:58 -------- d-----w- c:\documents and settings\becki price\application data\fvDD2F4m5sJ7E8g
2011-12-30 22:29:24 -------- d-----w- c:\windows\system32\LogFiles
2011-12-29 19:33:57 -------- d-----w- c:\program files\GFI Software
2011-12-26 17:37:54 54776 ----a-w- c:\windows\system32\drivers\mozy.sys
2011-12-26 17:37:49 -------- d-----w- c:\program files\MozyHome
.
==================== Find3M ====================
.
2011-11-23 13:25:32 1859584 ----a-w- c:\windows\system32\win32k.sys
2011-11-17 23:47:39 256 ----a-w- c:\windows\system32\pool.bin
2011-11-10 10:54:13 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-11-10 08:27:10 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-11-04 19:20:51 916992 ----a-w- c:\windows\system32\wininet.dll
2011-11-04 19:20:51 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-11-04 19:20:51 1469440 ------w- c:\windows\system32\inetcpl.cpl
2011-11-04 11:23:59 385024 ----a-w- c:\windows\system32\html.iec
2011-11-03 21:17:46 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-11-01 16:07:10 1288704 ----a-w- c:\windows\system32\ole32.dll
2011-10-28 05:31:48 33280 ----a-w- c:\windows\system32\csrsrv.dll
2011-10-25 13:37:08 2148864 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-10-25 12:52:02 2027008 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-10-18 11:13:22 186880 ----a-w- c:\windows\system32\encdec.dll
2011-10-10 14:22:41 692736 ----a-w- c:\windows\system32\inetcomm.dll
.
============= FINISH: 11:38:50.51 ===============
 
Final Log ---
=====
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 5/6/2005 9:40:53 PM
System Uptime: 1/5/2012 9:56:05 PM (14 hours ago)
.
Motherboard: Dell Computer Corp. | | 0U2424
Processor: Intel(R) Pentium(R) 4 CPU 3.20GHz | Microprocessor | 3191/800mhz
.
==== Disk Partitions =========================
.
A: is Removable
C: is FIXED (NTFS) - 74 GiB total, 37.565 GiB free.
D: is CDROM (CDFS)
E: is CDROM ()
F: is FIXED (NTFS) - 149 GiB total, 55.218 GiB free.
.
==== Disabled Device Manager Items =============
.
Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description: PCI Modem
Device ID: PCI\VEN_8086&DEV_1080&SUBSYS_10001028&REV_04\4&1C660DD6&0&08F0
Manufacturer:
Name: PCI Modem
PNP Device ID: PCI\VEN_8086&DEV_1080&SUBSYS_10001028&REV_04\4&1C660DD6&0&08F0
Service:
.
==== System Restore Points ===================
.
RP2437: 1/7/2012 2:14:38 PM - Installed Windows XP KB973687.
RP2438: 1/7/2012 2:16:13 PM - Installed Windows XP KB955759.
RP2439: 1/7/2012 2:17:52 PM - Installed Windows XP KB956572.
RP2440: 1/7/2012 2:19:43 PM - Installed Windows XP KB956802.
RP2441: 1/7/2012 2:21:26 PM - Installed Windows XP KB956803.
RP2442: 1/7/2012 2:23:03 PM - Installed Windows XP KB956841.
RP2443: 1/7/2012 2:24:45 PM - Installed Windows XP KB956844.
RP2444: 1/7/2012 2:26:30 PM - Installed Windows XP KB957095.
RP2445: 1/7/2012 2:28:05 PM - Installed Windows XP KB957097.
RP2446: 1/7/2012 2:29:32 PM - Installed Windows XP KB958644.
RP2447: 1/7/2012 2:31:02 PM - Installed Windows XP KB958687.
RP2448: 1/7/2012 2:32:41 PM - Installed Windows XP KB958690.
RP2449: 1/7/2012 2:34:23 PM - Installed Windows XP KB959426.
RP2450: 1/7/2012 2:35:57 PM - Installed Windows XP KB960225.
RP2451: 1/7/2012 2:37:38 PM - Installed Windows XP KB960803.
RP2452: 1/7/2012 2:39:35 PM - Installed Windows XP KB960859.
RP2453: 1/7/2012 2:41:24 PM - Installed Windows XP KB961118.
RP2454: 1/7/2012 2:43:37 PM - Installed Windows XP KB961371-v2.
RP2455: 1/7/2012 2:45:21 PM - Installed Windows XP KB961373.
RP2456: 1/7/2012 2:46:56 PM - Installed Windows XP KB961501.
RP2457: 1/7/2012 2:48:54 PM - Installed Windows XP KB967715.
RP2458: 1/7/2012 2:50:43 PM - Installed Windows XP KB968389.
RP2459: 1/7/2012 2:52:27 PM - Installed Windows XP KB969059.
RP2460: 1/7/2012 2:54:43 PM - Installed Windows XP KB969947.
RP2461: 1/7/2012 4:50:42 PM - Software Distribution Service 3.0
RP2462: 1/4/2012 11:36:41 PM - Software Distribution Service 3.0
RP2463: 1/4/2012 11:53:14 PM - Software Distribution Service 3.0
RP2464: 1/5/2012 3:00:24 AM - Software Distribution Service 3.0
RP2465: 1/5/2012 12:34:52 PM - Software Distribution Service 3.0
RP2466: 1/5/2012 12:45:27 PM - Installed Java(TM) 6 Update 30
RP2467: 1/5/2012 12:49:16 PM - Removed Java(TM) 6 Update 5
RP2468: 1/5/2012 12:51:35 PM - Removed Java(TM) 6 Update 3
RP2469: 1/5/2012 12:51:54 PM - Removed Java(TM) 6 Update 2
RP2470: 1/5/2012 4:45:08 PM - Software Distribution Service 3.0
RP2471: 1/5/2012 9:13:41 PM - Software Distribution Service 3.0
RP2472: 1/5/2012 9:22:57 PM - Removed Adobe Reader X (10.1.0).
RP2473: 1/5/2012 9:31:38 PM - Software Distribution Service 3.0
RP2474: 1/6/2012 3:01:44 AM - Software Distribution Service 3.0
RP2475: 1/6/2012 10:55:27 AM - Software Distribution Service 3.0
RP2476: 1/6/2012 11:11:49 AM - Software Distribution Service 3.0
RP2477: 1/6/2012 11:28:58 AM - Software Distribution Service 3.0
RP2478: 1/6/2012 11:34:40 AM - Software Distribution Service 3.0
RP2479: 1/6/2012 11:35:50 AM - Software Distribution Service 3.0
.
==== Installed Programs ======================
.
.
32 Bit HP CIO Components Installer
3ivx MPEG-4 5.0.3 (remove only)
6300
6300_Help
6300Trb
7500_7600_7700_Help
Acrobat.com
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Shockwave Player 11
AiO_Scan_CDA
AiOSoftwareNPI
AnswerWorks 4.0 Runtime - English
AnswerWorks 5.0 English Runtime
AOL Deskbar
AOL Toolbar
AOL Uninstaller (Choose which Products to Remove)
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Avira Free Antivirus
BlackBerry Desktop Software 4.3
Bonjour
BPD_HPSU
BPD_Scan
BPDfax
BPDSoftware
BPDSoftware_Ini
BufferChm
Business Contact Manager for Outlook 2007 SP2
CameraDrivers
CameraUserGuides
Canon Digital Camera USB WIA Driver
Canon MultiPASS Suite 4.00
Citrix Presentation Server Client - Web Only
CP_AtenaShokunin1Config
CP_CalendarTemplates1
cp_OnlineProjectsConfig
CP_Package_Basic1
CP_Package_Variety1
CP_Package_Variety2
CP_Package_Variety3
CP_Panorama1Config
cp_PosterPrintConfig
Creative MediaSource
CueTour
CustomerResearchQFolder
DAO 3.5
DeductionPro 2009
Dell ResourceCD
Destinations
DeviceFunctionQFolder
DeviceManagementQFolder
DocProc
DocProcQFolder
DocumentViewer
DocumentViewerQFolder
Download Updater (AOL LLC)
DR Systems Web Ambassador
Fax_CDA
FlipShare
FoneSync
GdiplusUpgrade
Google Earth
Google Update Helper
Google Updater
GoToMeeting/GoToWebinar 3.0.0.198
H&R Block Maryland 2009
H&R Block Premium + Efile + State 2009
Homepage Protection
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows XP (KB2633952)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
HP Customer Participation Program 7.0
HP Document Viewer 6.1
HP Imaging Device Functions 7.0
HP Officejet Pro All-In-One Series
HP Photosmart Cameras 6.0
HP Photosmart Essential
HP Photosmart Premier Software 6.1
HP Product Assistant
HP Product Detection
HP PSC & OfficeJet 6.1.A
HP Solution Center 7.0
HP Update
hpiCamDrvQFolder
HPPhotoSmartExpress
HPProductAssistant
InstantShareAlert
InstantShareDevices
InstantShareDevicesMFC
Intel Application Accelerator RAID Edition
Intel(R) PRO Network Adapters and Drivers
Intel(R) PROSet
iTunes
Java(TM) 6 Update 30
L7600
Learn2 Player (Uninstall Only)
Malwarebytes Anti-Malware version 1.60.0.1800
MapQuest Toolbar for Internet Explorer
MarketResearch
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB928366)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting
Microsoft Digital Image Library 10
Microsoft Digital Image Library 9 - Blocker
Microsoft Digital Image Pro 10
Microsoft Digital Image Suite 10
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office 2003 Web Components
Microsoft Office 2007 Primary Interop Assemblies
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Accounting 2008
Microsoft Office Accounting 2008 Equifax Addin
Microsoft Office Accounting 2008 Fixed Asset Manager
Microsoft Office Accounting 2008 PayPal Addin
Microsoft Office Accounting ADP Payroll Addin
Microsoft Office Excel MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office PowerPoint Viewer 2003
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Small Business 2007
Microsoft Office Small Business Connectivity Components
Microsoft Office Standard Edition 2003
Microsoft Office Word MUI (English) 2007
Microsoft Software Update for Web Folders (English) 12
Microsoft SQL Server 2005
Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
Microsoft SQL Server 2005 Tools Express Edition
Microsoft SQL Server Native Client
Microsoft SQL Server Setup Support Files (English)
Microsoft SQL Server VSS Writer
Microsoft VC9 runtime libraries
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Works 6.0
MobileMe Control Panel
MozyHome
MPM
MSN Messenger 7.0
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 6 Service Pack 2 (KB973686)
Musicnotes Software Suite 1.5.5
Napster Download Manager
NewCopy_CDA
Norton Ghost
NVIDIA DVD Decoder
NVIDIA Windows 2000/XP Display Drivers
OCR Software by I.R.I.S 7.0
OGA Notifier 2.0.0048.0
PanoStandAlone
PhotoGallery
Picasa 3
PrimoDVD (English)
ProductContext
ProductContextNPI
QuickBooks Pro Edition 2003
Quicken 2006
Quicken Basic 2000
QuickTime
RandMap
Readme
RealPlayer
Rhapsody
Roxio Media Manager
Safari
Scan
ScannerCopy
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition
Security Update for Microsoft Windows (KB2564958)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 7 (KB974455)
Security Update for Windows Internet Explorer 7 (KB976325)
Security Update for Windows Internet Explorer 7 (KB978207)
Security Update for Windows Internet Explorer 7 (KB982381)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2544521)
Security Update for Windows Internet Explorer 8 (KB2618444)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player (KB979402)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows Media Player 9 (KB911565)
Security Update for Windows Media Player 9 (KB917734)
Security Update for Windows Media Player 9 (KB936782)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479943)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2544893-v2)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2567680)
Security Update for Windows XP (KB2570222)
Security Update for Windows XP (KB2570947)
Security Update for Windows XP (KB2592799)
Security Update for Windows XP (KB2618451)
Security Update for Windows XP (KB2619339)
Security Update for Windows XP (KB2620712)
Security Update for Windows XP (KB2624667)
Security Update for Windows XP (KB2633171)
Security Update for Windows XP (KB2639417)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371-v2)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981349)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982665)
SkinsHP1
SolutionCenter
Sonic RecordNow!
Sonic_PrimoSDK
Sound Blaster Audigy 2
Status
SureThing CD Labeler 3.1 Primera Edition
TaxACT 2010
TaxACT 2010 Maryland
Toolbox
TrayApp
TurboTax 2008
TurboTax 2008 WinPerFedFormset
TurboTax 2008 WinPerProgramHelp
TurboTax 2008 WinPerReleaseEngine
TurboTax 2008 WinPerTaxSupport
TurboTax 2008 WinPerUserEducation
TurboTax 2008 wrapper
TurboTax 2010
TurboTax 2010 WinPerFedFormset
TurboTax 2010 WinPerReleaseEngine
TurboTax 2010 WinPerTaxSupport
TurboTax 2010 wmdiper
TurboTax 2010 wrapper
TurboTax Basic 2004
TurboTax Basic 2005
TurboTax Basic 2006
TurboTax Home & Business 2007
TurboTax ItsDeductible 2005
TurboTax ItsDeductible 2006
Unload
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition
Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition
Update for Outlook 2007 Junk Email Filter (KB2596560)
Update for Windows Internet Explorer 7 (KB976749)
Update for Windows Internet Explorer 7 (KB980182)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB982632)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2541763)
Update for Windows XP (KB2641690)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Viewpoint Media Player
WebEx
WebFldrs XP
WebReg
WexTech AnswerWorks
Windows Genuine Advantage Notifications (KB905474)
Windows Imaging Component
Windows Internet Explorer 7
Windows Internet Explorer 8
Windows Media Format Runtime
Windows Media Player 9 Hotfix [See KB885492 for more information]
Windows XP Service Pack 3
WinZip 11.1
WinZip Self-Extractor
WordPerfect Office 11
Works Suite OS Pack
Works Synchronization
Yahoo! Toolbar
.
==== Event Viewer Messages From Past Week ========
.
12/30/2011 5:29:24 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the HTTP SSL service to connect.
12/30/2011 5:29:24 PM, error: Service Control Manager [7000] - The HTTP SSL service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
12/30/2011 3:01:50 AM, error: Windows Update Agent [20] - Installation Failure: Windows failed to install the following update with error 0x80070670: Update for Microsoft Office 2003 (KB2539581).
12/30/2011 3:01:22 AM, error: Windows Update Agent [20] - Installation Failure: Windows failed to install the following update with error 0x80070670: Security Update for Microsoft Office 2003 (KB2288613).
12/30/2011 12:07:26 AM, error: Disk [11] - The driver detected a controller error on \Device\Harddisk4\D.
1/7/2012 4:53:25 PM, error: Windows Update Agent [20] - Installation Failure: Windows failed to install the following update with error 0x80070670: Security Update for Microsoft Office Web Components (KB947319).
1/7/2012 4:01:27 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the AOL Connectivity Service service to connect.
1/7/2012 4:01:27 PM, error: Service Control Manager [7000] - The AOL Connectivity Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
1/7/2012 3:57:57 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: SBRE
1/7/2012 3:57:55 PM, error: Service Control Manager [7000] - The MCSTRM service failed to start due to the following error: The system cannot find the file specified.
1/7/2012 11:56:01 AM, error: W32Time [34] - The time service has detected that the system time needs to be changed by -259209 seconds. The time service will not change the system time by more than -54000 seconds. Verify that your time and time zone are correct, and that the time source time.windows.com (ntp.m|0x1|192.168.1.3:123->207.46.250.85:123) is working properly.
1/6/2012 9:35:42 AM, error: atapi [9] - The device, \Device\Ide\IdePort1, did not respond within the timeout period.
1/6/2012 5:06:10 PM, error: NetBT [4321] - The name "WORKGROUP :1d" could not be registered on the Interface with IP address 192.168.1.3. The machine with the IP address 192.168.1.2 did not allow the name to be claimed by this machine.
1/6/2012 4:53:04 PM, error: Service Control Manager [7034] - The VIPRE Antivirus service terminated unexpectedly. It has done this 1 time(s).
1/6/2012 4:53:04 PM, error: Service Control Manager [7034] - The Creative Service for CDROM Access service terminated unexpectedly. It has done this 1 time(s).
1/6/2012 4:52:51 PM, error: Service Control Manager [7031] - The MozyHome Backup Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 1000 milliseconds: Restart the service.
1/6/2012 4:52:05 PM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
1/6/2012 4:51:55 PM, error: Service Control Manager [7034] - The Intuit Update Service service terminated unexpectedly. It has done this 1 time(s).
1/6/2012 4:51:51 PM, error: Service Control Manager [7034] - The GhostStartService service terminated unexpectedly. It has done this 1 time(s).
1/6/2012 4:51:40 PM, error: Service Control Manager [7034] - The SB Recovery Service service terminated unexpectedly. It has done this 1 time(s).
1/6/2012 4:51:35 PM, error: Service Control Manager [7034] - The Java Quick Starter service terminated unexpectedly. It has done this 1 time(s).
1/6/2012 4:48:19 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Roxio Hard Drive Watcher 9 service to connect.
1/6/2012 4:42:37 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
1/6/2012 4:42:18 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
1/6/2012 4:01:08 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}
1/6/2012 3:58:25 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
1/6/2012 3:55:34 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD Fips intelppm IPSec mozyFilter MRxSmb NetBIOS NetBT OMCI RasAcd Rdbss sbaphd SbTis Tcpip
1/6/2012 3:55:34 PM, error: Service Control Manager [7022] - The VIPRE Antivirus service hung on starting.
1/6/2012 3:55:00 PM, error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the AFD Networking Support Environment service which failed to start because of the following error: A device attached to the system is not functioning.
1/6/2012 3:55:00 PM, error: Service Control Manager [7001] - The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error: A device attached to the system is not functioning.
1/6/2012 3:55:00 PM, error: Service Control Manager [7001] - The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
1/6/2012 3:55:00 PM, error: Service Control Manager [7001] - The DHCP Client service depends on the NetBT service which failed to start because of the following error: A device attached to the system is not functioning.
1/6/2012 3:55:00 PM, error: Service Control Manager [7001] - The Bonjour Service service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
1/6/2012 3:55:00 PM, error: Service Control Manager [7001] - The Apple Mobile Device service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
1/6/2012 11:36:49 AM, error: Service Control Manager [7016] - The MpService service has reported an invalid current state 0.
1/6/2012 11:14:08 AM, error: Service Control Manager [7034] - The iPod Service service terminated unexpectedly. It has done this 1 time(s).
1/5/2012 4:50:58 PM, error: Service Control Manager [7034] - The MBAMService service terminated unexpectedly. It has done this 1 time(s).
1/5/2012 4:50:57 PM, error: Service Control Manager [7034] - The IAA Event Monitor service terminated unexpectedly. It has done this 1 time(s).
1/5/2012 4:50:57 PM, error: Service Control Manager [7034] - The FlipShare Service service terminated unexpectedly. It has done this 1 time(s).
1/5/2012 4:50:56 PM, error: Service Control Manager [7034] - The Business Contact Manager SQL Server Startup Service service terminated unexpectedly. It has done this 1 time(s).
1/5/2012 4:50:56 PM, error: Service Control Manager [7034] - The Bonjour Service service terminated unexpectedly. It has done this 1 time(s).
1/5/2012 12:09:24 AM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Intuit Update Service service to connect.
1/5/2012 12:09:24 AM, error: Service Control Manager [7000] - The Intuit Update Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
1/5/2012 10:00:36 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the NVIDIA Driver Helper Service service to connect.
1/5/2012 10:00:36 PM, error: Service Control Manager [7000] - The NVIDIA Driver Helper Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
.
==== End Of File ===========================
 
One more --- MBAM
=====
Malwarebytes Anti-Malware (Trial) 1.60.0.1800
www.malwarebytes.org

Database version: v2012.01.03.04

Windows XP Service Pack 2 x86 NTFS
Internet Explorer 8.0.6001.18702
Becki Price :: BALTIMOR-1MBHXM [administrator]

Protection: Disabled

1/6/2012 5:06:15 PM
mbam-log-2012-01-06 (17-06-15).txt

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 415168
Time elapsed: 18 hour(s), 41 minute(s), 32 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{AFD4AD01-58C1-47DB-A404-FBE00A6C5486} (Trojan.BHO) -> Quarantined and deleted successfully.

Registry Values Detected: 3
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|U66ddEK8RZ9YXkU (Trojan.Dropper.PE4) -> Data: C:\Documents and Settings\Becki Price\Application Data\dwme.exe -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|38A.exe (Trojan.Dropper.PE4) -> Data: C:\Program Files\LP\0154\38A.exe -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon|Shell (Hijack.Shell.Gen) -> Data: explorer.exe,C:\Documents and Settings\Becki Price\Application Data\4C68F\00001.exe -> Quarantined and deleted successfully.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 1
C:\Documents and Settings\Becki Price\Start Menu\Programs\Cloud AV 2012 (Rogue.CloudAV2012) -> Quarantined and deleted successfully.

Files Detected: 31
C:\Documents and Settings\Becki Price\Application Data\dwme.exe (Trojan.Dropper.PE4) -> Quarantined and deleted successfully.
C:\Program Files\LP\0154\38A.exe (Trojan.Dropper.PE4) -> Quarantined and deleted successfully.
C:\Documents and Settings\Becki Price\Application Data\4C68F\00001.exe (Trojan.Downloader.BH) -> Quarantined and deleted successfully.
C:\Documents and Settings\Becki Price\Local Settings\Temp\dwme.exe (Trojan.Dropper.PE4) -> Quarantined and deleted successfully.
C:\Documents and Settings\Becki Price\Local Settings\Temp\~!#E2.tmp (Trojan.FakeMS) -> Quarantined and deleted successfully.
C:\Documents and Settings\Becki Price\Local Settings\Temp\~!#E6.tmp (Trojan.Dropper.PE4) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Application Data\Sun\Java\Deployment\cache\6.0\23\7f899517-68a375fe (Trojan.FakeMS) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Application Data\Sun\Java\Deployment\cache\6.0\26\44bde69a-2e4fc070 (Trojan.FakeMS) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Application Data\Sun\Java\Deployment\cache\6.0\27\4456791b-69c99f76 (Trojan.FakeMS) -> Quarantined and deleted successfully.
C:\Program Files\LP\0154\126.exe (Trojan.Downloader.BH) -> Quarantined and deleted successfully.
C:\Program Files\LP\0154\3D.exe (Trojan.Downloader.BH) -> Quarantined and deleted successfully.
C:\Program Files\LP\0154\4.exe (Trojan.Downloader.BH) -> Quarantined and deleted successfully.
C:\Program Files\LP\0154\7.tmp (Trojan.Dropper.PE4) -> Quarantined and deleted successfully.
C:\Program Files\LP\0154\8.exe (Trojan.Downloader.BH) -> Quarantined and deleted successfully.
C:\Program Files\LP\0154\E8.tmp (Trojan.Dropper.PE4) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{6ECF2390-9585-4A03-8A3C-0931B14685C2}\RP2415\A0253185.exe (Trojan.Dropper.PE4) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{6ECF2390-9585-4A03-8A3C-0931B14685C2}\RP2415\A0255242.exe (Trojan.Downloader.BH) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{6ECF2390-9585-4A03-8A3C-0931B14685C2}\RP2415\A0255243.exe (Trojan.Downloader.BH) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{6ECF2390-9585-4A03-8A3C-0931B14685C2}\RP2415\A0255244.exe (Trojan.Dropper.PE4) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{6ECF2390-9585-4A03-8A3C-0931B14685C2}\RP2415\A0257301.exe (Spyware.OnLineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{6ECF2390-9585-4A03-8A3C-0931B14685C2}\RP2415\A0257302.exe (Trojan.FakeMS) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{6ECF2390-9585-4A03-8A3C-0931B14685C2}\RP2415\A0258308.exe (Trojan.Downloader.BH) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\329.5340.exe (Trojan.FakeMS) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\538.3837.exe (Trojan.FakeMS) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\693.4027.exe (Trojan.FakeMS) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\oiu0.7722876816732417.exe (Trojan.FakeMS) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\oiu0.9812427077185099.exe (Trojan.FakeMS) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\wera0.5834648216268049.exe (Trojan.FakeMS) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\wera0.6072925083981093.exe (Trojan.FakeMS) -> Quarantined and deleted successfully.
C:\Documents and Settings\Becki Price\Application Data\ahst.lni (Malware.Trace) -> Quarantined and deleted successfully.
C:\Documents and Settings\Becki Price\Start Menu\Programs\Cloud AV 2012\Cloud AV 2012.lnk (Rogue.CloudAV2012) -> Quarantined and deleted successfully.

(end)
 
Please, observe following rules:
  • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
  • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
  • Please refrain from running tools or applying updates other than those I suggest.
  • Never run more than one scan at a time.
  • Keep updating me regarding your computer behavior, good, or bad.
  • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
  • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
  • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

===============================================================

MBAM version is outdated.
Update it, run another scan and post new log.

Then....

Download aswMBR to your desktop.
Double click the aswMBR.exe to run it.
If you see this question: Would you like to download latest Avast! virus definitions?" say "Yes".
Click the "Scan" button to start scan.
On completion of the scan click "Save log", save it to your desktop and post in your next reply.

NOTE. aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.

==============================================================

Please download ComboFix from Here or Here to your Desktop.

**Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**
  1. Please, never rename Combofix unless instructed.
  2. Close any open browsers.
  3. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
    • Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
    • Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
    NOTE1. If Combofix asks you to install Recovery Console, please allow it.
    NOTE 2. If Combofix asks you to update the program, always do so.
    • Close any open browsers.
    • WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
    • Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
    • If there is no internet connection after running Combofix, then restart your computer to restore back your connection.
  4. Double click on combofix.exe & follow the prompts.
  5. When finished, it will produce a report for you.
  6. Please post the "C:\ComboFix.txt"
**Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall
**Note 2 for AVG and CA Internet Security users: ComboFix will not run until AVG/CA Internet Security is uninstalled as a protective measure against the anti-virus. This is because AVG/CA Internet Security "falsely" detects ComboFix (or its embedded files) as a threat and may remove them resulting in the tool not working correctly which in turn can cause "unpredictable results". Since AVG/CA Internet Security cannot be effectively disabled before running ComboFix, the author recommends you to uninstall AVG/CA Internet Security first.
Use AppRemover to uninstall it: https://www.techspot.com/downloads/5514-appremover.html
We can reinstall it when we're done with CF.

**Note 3: If you receive an error "Illegal operation attempted on a registery key that has been marked for deletion", restart computer to fix the issue.



Make sure, you re-enable your security programs, when you're done with Combofix.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

NOTE.
If, for some reason, Combofix refuses to run, try one of the following:

1. Run Combofix from Safe Mode (How to...)

2. Delete Combofix file, download fresh one, but rename combofix.exe to yourname.exe BEFORE saving it to your desktop.
Do NOT run it yet.

Please download and run the below tool named Rkill (courtesy of BleepingComputer.com) which may help allow other programs to run.

There are 4 different versions. If one of them won't run then download and try to run the other one.

Vista and Win7 users need to right click Rkill and choose Run as Administrator

You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

Rkill.com
Rkill.scr
Rkill.exe

  • Double-click on the Rkill desktop icon to run the tool.
  • If using Vista or Windows 7 right-click on it and choose Run As Administrator.
  • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
  • If not, delete the file, then download and use the one provided in Link 2.
  • If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
  • Do not reboot until instructed.
  • If the tool does not run from any of the links provided, please let me know.

Once you've gotten one of them to run, immediately run your_name.exe by double clicking on it.

If normal mode still doesn't work, run BOTH tools from safe mode.

In case #2, please post BOTH logs, rKill and Combofix.

DO NOT make any other changes to your computer (like installing programs, using other cleaning tools, etc.), until it's officially declared clean!!!
 
Re: MBAM -
Quick Scan (option 1)?
or Full Scan (option 2)?
then post log before proceding to next step?
Thanks
 
Malwarebytes Anti-Malware (Trial) 1.60.0.1800
www.malwarebytes.org

Database version: v2012.01.06.03

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Becki Price :: BALTIMOR-1MBHXM [administrator]

Protection: Disabled

1/6/2012 7:55:22 PM
mbam-log-2012-01-06 (19-55-22).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 214249
Time elapsed: 21 minute(s), 44 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
=====
Proceding to next step...
 
aswMBR version 0.9.9.1297 Copyright(c) 2011 AVAST Software
Run date: 2012-01-06 20:43:42
-----------------------------
20:43:42.203 OS Version: Windows 5.1.2600 Service Pack 3
20:43:42.203 Number of processors: 1 586 0x209
20:43:42.203 ComputerName: BALTIMOR-1MBHXM UserName: Becki Price
20:43:43.859 Initialize success
20:45:52.578 AVAST engine defs: 12010601
20:46:13.953 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
20:46:13.953 Disk 0 Vendor: Maxtor_6Y080L0 YAR41BW0 Size: 76293MB BusType: 3
20:46:13.953 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IAAStorageDevice-0
20:46:13.953 Disk 1 Vendor: Intel___ 0.1. Size: 152587MB BusType: 3
20:46:13.984 Disk 0 MBR read successfully
20:46:13.984 Disk 0 MBR scan
20:46:14.031 Disk 0 Windows XP default MBR code
20:46:14.046 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 76285 MB offset 63
20:46:14.078 Disk 0 scanning sectors +156232125
20:46:14.156 Disk 0 scanning C:\WINDOWS\system32\drivers
20:46:34.609 Service scanning
20:46:35.609 Modules scanning
20:46:48.078 Disk 0 trace - called modules:
20:46:48.578 ntoskrnl.exe CLASSPNP.SYS disk.sys atapi.sys hal.dll pciide.sys PCIIDEX.SYS
20:46:48.578 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8aa3bab8]
20:46:48.578 3 CLASSPNP.SYS[f7657fd7] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x8aa54b00]
20:46:49.015 AVAST engine scan C:\WINDOWS
20:47:15.375 AVAST engine scan C:\WINDOWS\system32
20:50:52.640 AVAST engine scan C:\WINDOWS\system32\drivers
20:51:13.750 AVAST engine scan C:\Documents and Settings\Becki Price
21:02:25.328 AVAST engine scan C:\Documents and Settings\All Users
21:09:37.390 Scan finished successfully
21:13:55.500 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Becki Price\Desktop\MBR.dat"
21:13:55.500 The log file has been saved successfully to "C:\Documents and Settings\Becki Price\Desktop\aswMBR.txt"

====
Proceding to combofix step...
 
Writing from my own machine now...

Combofix is running, - preparing a log now, I believe / I hope.
I hope the multiple startups are not interfering with it.
This system has multiple processes that autostart on boot.
Most are related to printers or scanners, I think. I hope they don't / didn't cause CF to hang.
I just noticed that MBAM has also popped up.
I have not run any programs, but these have popped up automatically.
And CF has been sitting there for quite a while with the notice that it is preparing the log.

I did not sit through the entire scan, but...
1. At one point CF noted finding zeroaccess, with the comment that this is an especially difficult rootkit.
2. It has rebooted at least twice.

And NOW...
My friend has informed me...
"Oh, by the way, I have a Western Digital My Book External Hard Drive 160GB Essential Edition. Should we be scanning it too?"

So Broni... my question is...
Do we continue with working on the main system until it is good,
then clean up the usb drive,
or...
do you have another preference on handling this?

Sorry I did not have this information sooner. :(
If CF completes, I will post the log.
OR... if you think it has hung, then what next?

====EDIT - NEW INFORMATION ===
CF Just reported that it was almost done... "please wait a few seconds" etc...
so I will log off here, and log back on with the other machine and post the log.

====Combofix Log ====

ComboFix 12-01-06.03 - Becki Price 01/06/2012 21:44:21.1.1 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2047.1544 [GMT -5:00]
Running from: c:\documents and settings\Becki Price\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Application Data\TEMP
c:\documents and settings\All Users\Application Data\TEMP\AVG\avi7.avg
c:\documents and settings\All Users\Application Data\TEMP\AVG\crt_x64.msi
c:\documents and settings\All Users\Application Data\TEMP\AVG\files.dat
c:\documents and settings\All Users\Application Data\TEMP\AVG\incavi.avm
c:\documents and settings\All Users\Application Data\TEMP\AVG\license_cz.htm
c:\documents and settings\All Users\Application Data\TEMP\AVG\license_da.htm
c:\documents and settings\All Users\Application Data\TEMP\AVG\license_fr.htm
c:\documents and settings\All Users\Application Data\TEMP\AVG\license_ge.htm
c:\documents and settings\All Users\Application Data\TEMP\AVG\license_hu.htm
c:\documents and settings\All Users\Application Data\TEMP\AVG\license_id.htm
c:\documents and settings\All Users\Application Data\TEMP\AVG\license_in.htm
c:\documents and settings\All Users\Application Data\TEMP\AVG\license_it.htm
c:\documents and settings\All Users\Application Data\TEMP\AVG\license_jp.htm
c:\documents and settings\All Users\Application Data\TEMP\AVG\license_ko.htm
c:\documents and settings\All Users\Application Data\TEMP\AVG\license_ms.htm
c:\documents and settings\All Users\Application Data\TEMP\AVG\license_nl.htm
c:\documents and settings\All Users\Application Data\TEMP\AVG\license_pb.htm
c:\documents and settings\All Users\Application Data\TEMP\AVG\license_pl.htm
c:\documents and settings\All Users\Application Data\TEMP\AVG\license_pt.htm
c:\documents and settings\All Users\Application Data\TEMP\AVG\license_ru.htm
c:\documents and settings\All Users\Application Data\TEMP\AVG\license_sc.htm
c:\documents and settings\All Users\Application Data\TEMP\AVG\license_sk.htm
c:\documents and settings\All Users\Application Data\TEMP\AVG\license_sp.htm
c:\documents and settings\All Users\Application Data\TEMP\AVG\license_tr.htm
c:\documents and settings\All Users\Application Data\TEMP\AVG\license_us.htm
c:\documents and settings\All Users\Application Data\TEMP\AVG\license_zh.htm
c:\documents and settings\All Users\Application Data\TEMP\AVG\license_zt.htm
c:\documents and settings\All Users\Application Data\TEMP\AVG\microavi.avg
c:\documents and settings\All Users\Application Data\TEMP\AVG\miniavi.avg
c:\documents and settings\All Users\Application Data\TEMP\AVG\setup.dat
c:\documents and settings\All Users\Application Data\TEMP\AVG\setup.exe
c:\documents and settings\All Users\Application Data\TEMP\AVG\setup.ini
c:\documents and settings\All Users\Application Data\TEMP\AVG\setupcz.lns
c:\documents and settings\All Users\Application Data\TEMP\AVG\setupda.lns
c:\documents and settings\All Users\Application Data\TEMP\AVG\setupfr.lns
c:\documents and settings\All Users\Application Data\TEMP\AVG\setupge.lns
c:\documents and settings\All Users\Application Data\TEMP\AVG\setuphu.lns
c:\documents and settings\All Users\Application Data\TEMP\AVG\setupid.lns
c:\documents and settings\All Users\Application Data\TEMP\AVG\setupin.lns
c:\documents and settings\All Users\Application Data\TEMP\AVG\setupit.lns
c:\documents and settings\All Users\Application Data\TEMP\AVG\setupjp.lns
c:\documents and settings\All Users\Application Data\TEMP\AVG\setupko.lns
c:\documents and settings\All Users\Application Data\TEMP\AVG\setupms.lns
c:\documents and settings\All Users\Application Data\TEMP\AVG\setupnl.lns
c:\documents and settings\All Users\Application Data\TEMP\AVG\setuppb.lns
c:\documents and settings\All Users\Application Data\TEMP\AVG\setuppl.lns
c:\documents and settings\All Users\Application Data\TEMP\AVG\setuppt.lns
c:\documents and settings\All Users\Application Data\TEMP\AVG\setupru.lns
c:\documents and settings\All Users\Application Data\TEMP\AVG\setupsc.lns
c:\documents and settings\All Users\Application Data\TEMP\AVG\setupsk.lns
c:\documents and settings\All Users\Application Data\TEMP\AVG\setupsp.lns
c:\documents and settings\All Users\Application Data\TEMP\AVG\setuptr.lns
c:\documents and settings\All Users\Application Data\TEMP\AVG\setupus.lns
c:\documents and settings\All Users\Application Data\TEMP\AVG\setupzh.lns
c:\documents and settings\All Users\Application Data\TEMP\AVG\setupzt.lns
c:\documents and settings\All Users\Application Data\TEMP\AVG\vcredis1.cab
c:\documents and settings\All Users\Application Data\TEMP\AVG\vcredist.msi
c:\documents and settings\Becki Price\Application Data\wpHs7E8TqYwIrOA
c:\documents and settings\Becki Price\Application Data\wpHs7E8TqYwIrOA\Cloud AV 2012.ico
c:\documents and settings\Becki Price\Desktop\Search.lnk
c:\documents and settings\Becki Price\WINDOWS
C:\dscf0004.jpg
C:\dscf0014l.jpg
C:\dscf0033.jpg
C:\dscf0079.jpg
C:\dscf0094.jpg
C:\dscf0183.jpg
C:\dscf0223.jpg
C:\dscf0227.jpg
C:\Images
c:\images\DirCfg.ini
c:\program files\LP
c:\program files\LP\0154\126.tmp
c:\program files\LP\0154\3D.tmp
c:\program files\LP\0154\4.tmp
c:\program files\LP\0154\50.tmp
c:\program files\LP\0154\51.tmp
c:\program files\LP\0154\52.tmp
c:\program files\LP\0154\53.tmp
c:\program files\LP\0154\54.tmp
c:\program files\LP\0154\6.tmp
c:\program files\LP\0154\60.tmp
c:\program files\LP\0154\8.tmp
c:\program files\LP\0154\E9.tmp
c:\program files\LP\0154\EA.tmp
c:\program files\Shared
C:\System
c:\windows\$NtUninstallKB14893$
c:\windows\$NtUninstallKB14893$\2376447880\@
c:\windows\$NtUninstallKB14893$\2376447880\bckfg.tmp
c:\windows\$NtUninstallKB14893$\2376447880\cfg.ini
c:\windows\$NtUninstallKB14893$\2376447880\Desktop.ini
c:\windows\$NtUninstallKB14893$\2376447880\keywords
c:\windows\$NtUninstallKB14893$\2376447880\kwrd.dll
c:\windows\$NtUninstallKB14893$\2376447880\L\njelgfdl
c:\windows\$NtUninstallKB14893$\2376447880\lsflt7.ver
c:\windows\$NtUninstallKB14893$\2376447880\U\00000001.@
c:\windows\$NtUninstallKB14893$\2376447880\U\00000002.@
c:\windows\$NtUninstallKB14893$\2376447880\U\00000004.@
c:\windows\$NtUninstallKB14893$\2376447880\U\80000000.@
c:\windows\$NtUninstallKB14893$\2376447880\U\80000004.@
c:\windows\$NtUninstallKB14893$\2376447880\U\80000032.@
c:\windows\$NtUninstallKB14893$\3620739247
c:\windows\dasetup.log
c:\windows\EventSystem.log
c:\windows\help\wmplayer.bak
c:\windows\system32\csh10A4.tmp
c:\windows\system32\qdcB39.tmp
c:\windows\system32\setb0.tmp
.
.
((((((((((((((((((((((((( Files Created from 2011-12-07 to 2012-01-07 )))))))))))))))))))))))))))))))
.
.
2012-01-08 01:00 . 2012-01-08 01:00 -------- d-----w- c:\documents and settings\Becki Price\Application Data\Avira
2012-01-08 00:54 . 2011-12-15 20:00 74640 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2012-01-08 00:54 . 2011-12-15 20:00 36000 ----a-w- c:\windows\system32\drivers\avkmgr.sys
2012-01-08 00:54 . 2011-12-15 20:00 134856 ----a-w- c:\windows\system32\drivers\avipbb.sys
2012-01-08 00:54 . 2012-01-08 00:54 -------- d-----w- c:\program files\Avira
2012-01-08 00:54 . 2012-01-08 00:54 -------- d-----w- c:\documents and settings\All Users\Application Data\Avira
2012-01-07 21:44 . 2011-02-08 13:33 978944 -c----w- c:\windows\system32\dllcache\mfc42.dll
2012-01-07 21:44 . 2010-09-18 06:53 953856 -c----w- c:\windows\system32\dllcache\mfc40u.dll
2012-01-07 21:43 . 2010-08-23 16:12 617472 -c----w- c:\windows\system32\dllcache\comctl32.dll
2012-01-07 21:43 . 2010-11-02 15:17 40960 -c----w- c:\windows\system32\dllcache\ndproxy.sys
2012-01-07 21:41 . 2011-04-21 13:37 105472 -c----w- c:\windows\system32\dllcache\mup.sys
2012-01-07 21:36 . 2011-07-08 14:02 10496 -c----w- c:\windows\system32\dllcache\ndistapi.sys
2012-01-07 18:32 . 2008-04-14 03:53 8192 -c----w- c:\windows\system32\dllcache\asferror.dll
2012-01-07 18:32 . 2008-04-14 10:43 299520 -c----w- c:\windows\system32\dllcache\drmclien.dll
2012-01-07 18:32 . 2008-04-14 10:42 695808 -c----w- c:\windows\system32\dllcache\drmv2clt.dll
2012-01-07 18:32 . 2008-04-14 10:42 294912 -c----w- c:\windows\system32\dllcache\dlimport.exe
2012-01-07 18:31 . 2008-04-14 10:42 4639 -c----w- c:\windows\system32\dllcache\mplayer2.exe
2012-01-07 18:31 . 2008-04-14 10:42 123392 -c----w- c:\windows\system32\dllcache\mplay32.exe
2012-01-07 18:31 . 2008-04-14 10:41 240640 -c----w- c:\windows\system32\dllcache\mpg4dmod.dll
2012-01-07 18:31 . 2008-04-14 10:42 226816 -c----w- c:\windows\system32\dllcache\npdrmv2.dll
2012-01-07 18:31 . 2008-04-14 10:42 364544 -c----w- c:\windows\system32\dllcache\npdsplay.dll
2012-01-07 18:31 . 2008-04-14 10:42 10240 -c----w- c:\windows\system32\dllcache\npwmsdrm.dll
2012-01-07 18:31 . 2008-04-14 10:40 4126 -c----w- c:\windows\system32\dllcache\msdxmlc.dll
2012-01-07 18:29 . 2008-04-14 03:06 144384 ------w- c:\windows\system32\drivers\hdaudbus.sys
2012-01-07 18:29 . 2008-04-14 05:10 10240 ------w- c:\windows\system32\drivers\sffp_mmc.sys
2012-01-07 18:27 . 2006-12-29 05:31 19569 ----a-w- c:\windows\006245_.tmp
2012-01-07 03:17 . 2012-01-07 03:17 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2012-01-06 22:04 . 2012-01-06 22:04 -------- d-----w- c:\documents and settings\Becki Price\Application Data\Malwarebytes
2012-01-06 21:01 . 2012-01-06 21:01 -------- d-----w- c:\documents and settings\Administrator\Application Data\Malwarebytes
2012-01-06 21:01 . 2012-01-06 21:01 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2012-01-06 21:00 . 2012-01-06 22:05 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-01-06 21:00 . 2011-12-10 20:24 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-01-03 05:52 . 2008-04-14 10:41 21504 ----a-w- c:\windows\system32\hidserv.dll
2012-01-03 05:52 . 2001-08-17 18:48 12160 ----a-w- c:\windows\system32\drivers\mouhid.sys
2012-01-03 05:52 . 2008-04-14 05:09 14592 ----a-w- c:\windows\system32\drivers\kbdhid.sys
2012-01-03 05:52 . 2008-04-14 05:15 10368 ----a-w- c:\windows\system32\drivers\hidusb.sys
2011-12-30 22:31 . 2012-01-06 21:49 -------- d-----w- c:\program files\8FA95
2011-12-30 22:30 . 2012-01-07 16:50 -------- d-----w- c:\documents and settings\Becki Price\Application Data\4C68F
2011-12-30 22:30 . 2011-12-30 22:30 -------- d-----w- c:\documents and settings\Becki Price\Application Data\xwwjCCelIBtPyc
2011-12-30 22:30 . 2011-12-30 22:30 -------- d-----w- c:\documents and settings\Becki Price\Application Data\cllIIBtzP
2011-12-30 22:29 . 2011-12-30 22:29 -------- d-----w- c:\documents and settings\Becki Price\Application Data\fvDD2F4m5sJ7E8g
2011-12-30 22:29 . 2011-12-30 22:29 -------- d-----w- c:\windows\system32\LogFiles
2011-12-29 19:33 . 2011-12-29 19:33 -------- d-----w- c:\program files\GFI Software
2011-12-29 15:15 . 2011-12-29 15:15 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\AOL
2011-12-26 17:37 . 2011-09-29 14:49 54776 ----a-w- c:\windows\system32\drivers\mozy.sys
2011-12-26 17:37 . 2011-12-26 17:37 -------- d-----w- c:\program files\MozyHome
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-11-23 13:25 . 2003-07-16 16:45 1859584 ----a-w- c:\windows\system32\win32k.sys
2011-11-10 10:54 . 2010-06-28 13:33 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-11-10 08:27 . 2007-10-01 23:57 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-11-04 19:20 . 2005-06-18 03:49 916992 ----a-w- c:\windows\system32\wininet.dll
2011-11-04 19:20 . 2003-07-16 16:26 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-11-04 19:20 . 2003-07-16 16:24 1469440 ------w- c:\windows\system32\inetcpl.cpl
2011-11-04 11:23 . 2004-08-04 05:59 385024 ----a-w- c:\windows\system32\html.iec
2011-11-03 21:17 . 2011-11-03 21:05 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-11-01 16:07 . 2005-07-26 04:31 1288704 ----a-w- c:\windows\system32\ole32.dll
2011-10-28 05:31 . 2003-07-16 16:20 33280 ----a-w- c:\windows\system32\csrsrv.dll
2011-10-25 13:37 . 2003-07-16 16:33 2148864 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-10-25 12:52 . 2002-08-29 01:04 2027008 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-10-18 11:13 . 2003-07-16 16:22 186880 ----a-w- c:\windows\system32\encdec.dll
2011-10-10 14:22 . 2005-05-07 01:33 692736 ----a-w- c:\windows\system32\inetcomm.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{ABD3B5E1-B268-407B-A150-2641DAB8D898}]
2009-08-28 14:40 128360 ----a-w- c:\program files\Common Files\Homepage Protection\HomepageProtection.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{E34F0E11-AB79-487c-9773-36C594DFF5AA}]
2008-03-18 21:35 1267040 ----a-w- c:\program files\MapQuest Toolbar\mqtb.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{57ABF0DD-577C-4ec6-855C-8DC29768C2B0}"= "c:\program files\MapQuest Toolbar\mqtb.dll" [2008-03-18 1267040]
.
[HKEY_CLASSES_ROOT\clsid\{57abf0dd-577c-4ec6-855c-8dc29768c2b0}]
[HKEY_CLASSES_ROOT\MQTB.AOLToolBand.1]
[HKEY_CLASSES_ROOT\TypeLib\{2374E959-A5FE-424f-9F20-47FB6195D175}]
[HKEY_CLASSES_ROOT\MQTB.AOLToolBand]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{57ABF0DD-577C-4EC6-855C-8DC29768C2B0}"= "c:\program files\MapQuest Toolbar\mqtb.dll" [2008-03-18 1267040]
.
[HKEY_CLASSES_ROOT\clsid\{57abf0dd-577c-4ec6-855c-8dc29768c2b0}]
[HKEY_CLASSES_ROOT\MQTB.AOLToolBand.1]
[HKEY_CLASSES_ROOT\TypeLib\{2374E959-A5FE-424f-9F20-47FB6195D175}]
[HKEY_CLASSES_ROOT\MQTB.AOLToolBand]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\mozy2]
@="{747E722C-CB46-4a9d-BDFE-192AAD5099B1}"
[HKEY_CLASSES_ROOT\CLSID\{747E722C-CB46-4a9d-BDFE-192AAD5099B1}]
2011-09-29 14:50 3546904 ----a-w- c:\program files\MozyHome\mozyshell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\mozy3]
@="{EE6F5A00-7898-40f7-AB77-51FF9D6DEB20}"
[HKEY_CLASSES_ROOT\CLSID\{EE6F5A00-7898-40f7-AB77-51FF9D6DEB20}]
2011-09-29 14:50 3546904 ----a-w- c:\program files\MozyHome\mozyshell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Picasa Media Detector"="c:\program files\Picasa2\PicasaMediaDetector.exe" [2008-08-21 443968]
"ISUSPM"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2006-09-11 218032]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\System32\NvCpl.dll" [2003-11-03 4800512]
"IAAnotif"="c:\program files\Intel\Intel Application Accelerator\iaanotif.exe" [2003-09-15 126976]
"CTSysVol"="c:\program files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe" [2002-10-29 49152]
"CTDVDDet"="c:\program files\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE" [2002-09-30 45056]
"CTHelper"="CTHELPER.EXE" [2003-02-20 28672]
"AsioReg"="CTASIO.DLL" [2003-02-20 110592]
"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-11 90112]
"monitr32"="c:\program files\Canon\MultiPASS4\monitr32.exe" [2001-08-22 311296]
"fxredir"="c:\windows\System32\fxredir.exe" [2001-08-22 65536]
"MPTBox"="c:\program files\Canon\MultiPASS4\MPTBox.exe" [2001-08-22 151552]
"GhostStartTrayApp"="c:\program files\Symantec\Norton Ghost 2003\GhostStartTrayApp.exe" [2003-12-17 94208]
"Microsoft Works Portfolio"="c:\program files\Microsoft Works\WksSb.exe" [2000-07-10 311350]
"Microsoft Works Update Detection"="c:\program files\Microsoft Works\WkDetect.exe" [2000-07-10 28739]
"AOLDialer"="c:\program files\Common Files\AOL\ACS\AOLDial.exe" [2010-07-13 70720]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2010-03-12 49208]
"RoxWatchTray"="c:\program files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" [2007-08-16 236016]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2010-02-11 198160]
"HostManager"="c:\program files\Common Files\AOL\1283354042\ee\AOLSoftware.exe" [2010-03-08 41800]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-04-20 58656]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2011-07-05 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-08-19 421736]
"Malwarebytes' Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2011-12-24 981680]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-12-24 460872]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2011-12-15 258512]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Reader\reader_sl.exe [N/A]
Billminder.lnk - c:\quickenw\BILLMIND.EXE [2009-9-3 36864]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2006-2-19 288472]
HP Photosmart Premier Fast Start.lnk - c:\program files\HP\Digital Imaging\bin\hpqthb08.exe [2005-12-15 73728]
Microsoft Works Calendar Reminders.lnk - c:\program files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe [2000-7-10 24633]
MozyHome Status.lnk - c:\program files\MozyHome\mozystat.exe [2011-9-29 3709208]
QuickBooks Update Agent.lnk - c:\program files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe [2005-5-7 663552]
Quicken Startup.lnk - c:\quickenw\QWDLLS.EXE [2009-9-3 36864]
WinZip Quick Pick.lnk - c:\program files\WinZip\WZQKPICK.EXE [2007-8-3 394856]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SB Audigy 2 Startup Menu]
/L:ENG [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"DisableNotifications"= 1 (0x1)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\HP\\HP Software Update\\HPWUCli.exe"=
"c:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"=
"c:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Common Files\\AOL\\TopSpeed\\3.0\\aoltpsd3.exe"=
"c:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"c:\\Program Files\\Common Files\\AOL\\System Information\\sinf.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
"c:\\Program Files\\Common Files\\AOL\\1283354042\\ee\\aolsoftware.exe"=
"c:\\Program Files\\AOL 9.5\\waol.exe"=
"c:\\Program Files\\AOL Desktop 9.6\\waol.exe"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
.
R1 avkmgr;avkmgr;c:\windows\system32\drivers\avkmgr.sys [1/7/2012 7:54 PM 36000]
R1 GhPciScan;GhostPciScanner;c:\program files\Symantec\Norton Ghost 2003\GhPciScan.sys [12/17/2003 5:41 PM 5632]
R2 AntiVirSchedulerService;Avira Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [1/7/2012 7:54 PM 86224]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [1/6/2012 4:01 PM 652872]
R2 mrtRate;mrtRate;c:\windows\system32\drivers\MrtRate.sys [5/7/2005 12:14 PM 34916]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [1/6/2012 4:00 PM 20464]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [1/6/2012 10:17 PM 40776]
S1 SBRE;SBRE;\??\c:\windows\system32\drivers\SBREdrv.sys --> c:\windows\system32\drivers\SBREdrv.sys [?]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [1/5/2010 9:31 AM 135664]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [1/5/2010 9:31 AM 135664]
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - MBAMSWISSARMY
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
.
Contents of the 'Scheduled Tasks' folder
.
2011-12-28 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 16:34]
.
2012-01-06 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-02-02 19:34]
.
2012-01-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-05 14:30]
.
2012-01-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-05 14:30]
.
2012-01-07 c:\windows\Tasks\OGALogon.job
- c:\windows\system32\OGAEXEC.exe [2009-08-03 19:07]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\MI1933~1\Office12\EXCEL.EXE/3000
Trusted Zone: allstate.com
Trusted Zone: allstate.com\agencygateway
Trusted Zone: allstate.com\agencygateway1
Trusted Zone: allstate.com\agencygateway2
Trusted Zone: allstate.com\allianceweb
Trusted Zone: allstate.com\mymail
Trusted Zone: allstatehelp.com
Trusted Zone: custhelp.com
Trusted Zone: gotoassist.com
Trusted Zone: intuit.com\ttlc
Trusted Zone: sumtotalsystems.com
Trusted Zone: turbotax.com
TCP: DhcpNameServer = 192.168.1.1 71.252.0.12
DPF: {0C4A9D28-66B5-4A70-B915-B6AEA5112472} - hxxp://wowjoy.net/js/ShortCut.cab
DPF: {1A99AD04-C72C-484A-9EEE-1B29B1243263} - hxxp://down.ad-killer.net/adkiller/activex/ADKiller.cab
DPF: {938527D1-CDB7-4147-998A-B20FCA5CC976} - hxxp://cafeimg.hanmail.net/cab9_1/dmcc2.cab
DPF: {A00B2A53-60D9-4477-ADA3-60490770C5E0} - hxxp://wwl514.daum.net/hanmail-ax/hanmail.cab
DPF: {BDF9A7C7-F4DC-455D-B5C2-045D74788295} - hxxps://objects.aol.com/filebackup/AOLRegistrationWizard.cab
.
- - - - ORPHANS REMOVED - - - -
.
HKCU-Run-updateMgr - c:\program files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe
HKCU-Run-Uniblue RegistryBooster 2 - c:\program files\Uniblue\RegistryBooster 2\RegistryBooster.exe
HKCU-Run-Uniblue RegistryBooster 2009 - c:\program files\Uniblue\RegistryBooster\RegistryBooster.exe
HKCU-Run-Uniblue SpeedUpMyPC - c:\program files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-01-06 22:18
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'explorer.exe'(356)
c:\windows\system32\WININET.dll
c:\program files\MozyHome\mozyshell.dll
c:\program files\MozyHome\LIBEAY32.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\System32\CTsvcCDA.exe
c:\program files\Flip Video\FlipShare\FlipShareService.exe
c:\program files\Symantec\Norton Ghost 2003\GhostStartService.exe
c:\program files\Intel\Intel Application Accelerator\iaantmon.exe
c:\program files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\MozyHome\mozybackup.exe
c:\windows\System32\nvsvc32.exe
c:\program files\Avira\AntiVir Desktop\avshadow.exe
c:\program files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
c:\program files\Microsoft SQL Server\90\Shared\sqlwriter.exe
c:\windows\system32\wdfmgr.exe
c:\windows\System32\MsPMSPSv.exe
c:\program files\Common Files\AOL\1283354042\ee\aolupdates.exe
c:\program files\HP\Digital Imaging\bin\hpqimzone.exe
c:\program files\HP\Digital Imaging\bin\hpqSTE08.exe
c:\program files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
c:\windows\System32\wbem\unsecapp.exe
c:\program files\iPod\bin\iPodService.exe
.
**************************************************************************
.
Completion time: 2012-01-06 22:38:51 - machine was rebooted
ComboFix-quarantined-files.txt 2012-01-07 03:38
.
Pre-Run: 39,930,183,680 bytes free
Post-Run: 41,671,241,728 bytes free
.
WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /NoExecute=OptIn
.
- - End Of File - - 2938A3588F5E20CDA8E47450A514CECE
 
Do we continue with working on the main system until it is good,
then clean up the usb drive,
Yes, keep that drive disconnected for now.

1. Please open Notepad (Start>All Programs>Accessories>Notepad).

2. Now copy/paste the entire content of the codebox below into the Notepad window:

Code:
File::
c:\windows\006245_.tmp


Folder::
c:\documents and settings\Becki Price\Application Data\4C68F
c:\documents and settings\Becki Price\Application Data\xwwjCCelIBtPyc
c:\documents and settings\Becki Price\Application Data\cllIIBtzP
c:\documents and settings\Becki Price\Application Data\fvDD2F4m5sJ7E8g


DDS::
Trusted Zone: allstate.com
Trusted Zone: allstate.com\agencygateway
Trusted Zone: allstate.com\agencygateway1
Trusted Zone: allstate.com\agencygateway2
Trusted Zone: allstate.com\allianceweb
Trusted Zone: allstate.com\mymail
Trusted Zone: allstatehelp.com
Trusted Zone: custhelp.com
Trusted Zone: gotoassist.com
Trusted Zone: intuit.com\ttlc
Trusted Zone: sumtotalsystems.com
Trusted Zone: turbotax.com

Registry::
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000000
"FirewallOverride"=dword:00000000

ClearJavaCache::


3. Save the above as CFScript.txt

4. Close/disable all anti virus and anti malware programs again, so they do not interfere with the running of ComboFix.

5. Then drag the CFScript.txt into ComboFix.exe as depicted in the animation below. This will start ComboFix again.

CFScript.gif



6. After reboot, (in case it asks to reboot), please post the following reports/logs into your next reply:
  • Combofix.txt
 
ComboFix 12-01-06.03 - Becki Price 01/07/2012 8:38.2.1 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2047.1264 [GMT -5:00]
Running from: c:\documents and settings\Becki Price\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Becki Price\Desktop\CFScript.txt
AV: Avira Desktop *Disabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}
.
FILE ::
"c:\windows\006245_.tmp"
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Becki Price\Application Data\4C68F
c:\documents and settings\Becki Price\Application Data\4C68F\FA95.C68
c:\documents and settings\Becki Price\Application Data\cllIIBtzP
c:\documents and settings\Becki Price\Application Data\fvDD2F4m5sJ7E8g
c:\documents and settings\Becki Price\Application Data\xwwjCCelIBtPyc
c:\windows\006245_.tmp
.
.
((((((((((((((((((((((((( Files Created from 2011-12-07 to 2012-01-07 )))))))))))))))))))))))))))))))
.
.
2012-01-08 01:00 . 2012-01-08 01:00 -------- d-----w- c:\documents and settings\Becki Price\Application Data\Avira
2012-01-08 00:54 . 2011-12-15 20:00 74640 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2012-01-08 00:54 . 2011-12-15 20:00 36000 ----a-w- c:\windows\system32\drivers\avkmgr.sys
2012-01-08 00:54 . 2011-12-15 20:00 134856 ----a-w- c:\windows\system32\drivers\avipbb.sys
2012-01-08 00:54 . 2012-01-08 00:54 -------- d-----w- c:\program files\Avira
2012-01-08 00:54 . 2012-01-08 00:54 -------- d-----w- c:\documents and settings\All Users\Application Data\Avira
2012-01-07 21:44 . 2011-02-08 13:33 978944 -c----w- c:\windows\system32\dllcache\mfc42.dll
2012-01-07 21:44 . 2010-09-18 06:53 953856 -c----w- c:\windows\system32\dllcache\mfc40u.dll
2012-01-07 21:43 . 2010-08-23 16:12 617472 -c----w- c:\windows\system32\dllcache\comctl32.dll
2012-01-07 21:43 . 2010-11-02 15:17 40960 -c----w- c:\windows\system32\dllcache\ndproxy.sys
2012-01-07 21:41 . 2011-06-24 14:10 139656 -c----w- c:\windows\system32\dllcache\rdpwd.sys
2012-01-07 21:41 . 2011-04-21 13:37 105472 -c----w- c:\windows\system32\dllcache\mup.sys
2012-01-07 21:36 . 2011-07-08 14:02 10496 -c----w- c:\windows\system32\dllcache\ndistapi.sys
2012-01-07 21:32 . 2010-10-11 14:59 45568 -c----w- c:\windows\system32\dllcache\wab.exe
2012-01-07 21:32 . 2010-08-16 08:45 590848 -c----w- c:\windows\system32\dllcache\rpcrt4.dll
2012-01-07 18:32 . 2008-04-14 03:53 8192 -c----w- c:\windows\system32\dllcache\asferror.dll
2012-01-07 18:32 . 2008-04-14 10:43 299520 -c----w- c:\windows\system32\dllcache\drmclien.dll
2012-01-07 18:32 . 2008-04-14 10:42 695808 -c----w- c:\windows\system32\dllcache\drmv2clt.dll
2012-01-07 18:32 . 2008-04-14 10:42 294912 -c----w- c:\windows\system32\dllcache\dlimport.exe
2012-01-07 18:29 . 2008-04-14 03:06 144384 ------w- c:\windows\system32\drivers\hdaudbus.sys
2012-01-07 18:29 . 2008-04-14 05:10 10240 ------w- c:\windows\system32\drivers\sffp_mmc.sys
2012-01-06 22:04 . 2012-01-06 22:04 -------- d-----w- c:\documents and settings\Becki Price\Application Data\Malwarebytes
2012-01-06 21:01 . 2012-01-06 21:01 -------- d-----w- c:\documents and settings\Administrator\Application Data\Malwarebytes
2012-01-06 21:01 . 2012-01-06 21:01 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2012-01-06 21:00 . 2012-01-06 22:05 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-01-06 21:00 . 2011-12-10 20:24 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-01-03 05:52 . 2008-04-14 10:41 21504 ----a-w- c:\windows\system32\hidserv.dll
2012-01-03 05:52 . 2001-08-17 18:48 12160 ----a-w- c:\windows\system32\drivers\mouhid.sys
2012-01-03 05:52 . 2008-04-14 05:09 14592 ----a-w- c:\windows\system32\drivers\kbdhid.sys
2012-01-03 05:52 . 2008-04-14 05:15 10368 ----a-w- c:\windows\system32\drivers\hidusb.sys
2011-12-30 22:31 . 2012-01-06 21:49 -------- d-----w- c:\program files\8FA95
2011-12-30 22:29 . 2011-12-30 22:29 -------- d-----w- c:\windows\system32\LogFiles
2011-12-29 19:33 . 2011-12-29 19:33 -------- d-----w- c:\program files\GFI Software
2011-12-29 15:15 . 2011-12-29 15:15 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\AOL
2011-12-26 17:37 . 2011-09-29 14:49 54776 ----a-w- c:\windows\system32\drivers\mozy.sys
2011-12-26 17:37 . 2011-12-26 17:37 -------- d-----w- c:\program files\MozyHome
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-11-23 13:25 . 2003-07-16 16:45 1859584 ----a-w- c:\windows\system32\win32k.sys
2011-11-10 10:54 . 2010-06-28 13:33 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-11-10 08:27 . 2007-10-01 23:57 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-11-04 19:20 . 2005-06-18 03:49 916992 ----a-w- c:\windows\system32\wininet.dll
2011-11-04 19:20 . 2003-07-16 16:26 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-11-04 19:20 . 2003-07-16 16:24 1469440 ------w- c:\windows\system32\inetcpl.cpl
2011-11-04 11:23 . 2004-08-04 05:59 385024 ----a-w- c:\windows\system32\html.iec
2011-11-03 21:17 . 2011-11-03 21:05 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-11-01 16:07 . 2005-07-26 04:31 1288704 ----a-w- c:\windows\system32\ole32.dll
2011-10-28 05:31 . 2003-07-16 16:20 33280 ----a-w- c:\windows\system32\csrsrv.dll
2011-10-25 13:37 . 2003-07-16 16:33 2148864 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-10-25 12:52 . 2002-08-29 01:04 2027008 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-10-18 11:13 . 2003-07-16 16:22 186880 ----a-w- c:\windows\system32\encdec.dll
2011-10-10 14:22 . 2005-05-07 01:33 692736 ----a-w- c:\windows\system32\inetcomm.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{ABD3B5E1-B268-407B-A150-2641DAB8D898}]
2009-08-28 14:40 128360 ----a-w- c:\program files\Common Files\Homepage Protection\HomepageProtection.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{E34F0E11-AB79-487c-9773-36C594DFF5AA}]
2008-03-18 21:35 1267040 ----a-w- c:\program files\MapQuest Toolbar\mqtb.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{57ABF0DD-577C-4ec6-855C-8DC29768C2B0}"= "c:\program files\MapQuest Toolbar\mqtb.dll" [2008-03-18 1267040]
.
[HKEY_CLASSES_ROOT\clsid\{57abf0dd-577c-4ec6-855c-8dc29768c2b0}]
[HKEY_CLASSES_ROOT\MQTB.AOLToolBand.1]
[HKEY_CLASSES_ROOT\TypeLib\{2374E959-A5FE-424f-9F20-47FB6195D175}]
[HKEY_CLASSES_ROOT\MQTB.AOLToolBand]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{57ABF0DD-577C-4EC6-855C-8DC29768C2B0}"= "c:\program files\MapQuest Toolbar\mqtb.dll" [2008-03-18 1267040]
.
[HKEY_CLASSES_ROOT\clsid\{57abf0dd-577c-4ec6-855c-8dc29768c2b0}]
[HKEY_CLASSES_ROOT\MQTB.AOLToolBand.1]
[HKEY_CLASSES_ROOT\TypeLib\{2374E959-A5FE-424f-9F20-47FB6195D175}]
[HKEY_CLASSES_ROOT\MQTB.AOLToolBand]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\mozy2]
@="{747E722C-CB46-4a9d-BDFE-192AAD5099B1}"
[HKEY_CLASSES_ROOT\CLSID\{747E722C-CB46-4a9d-BDFE-192AAD5099B1}]
2011-09-29 14:50 3546904 ----a-w- c:\program files\MozyHome\mozyshell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\mozy3]
@="{EE6F5A00-7898-40f7-AB77-51FF9D6DEB20}"
[HKEY_CLASSES_ROOT\CLSID\{EE6F5A00-7898-40f7-AB77-51FF9D6DEB20}]
2011-09-29 14:50 3546904 ----a-w- c:\program files\MozyHome\mozyshell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Picasa Media Detector"="c:\program files\Picasa2\PicasaMediaDetector.exe" [2008-08-21 443968]
"ISUSPM"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2006-09-11 218032]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\System32\NvCpl.dll" [2003-11-03 4800512]
"IAAnotif"="c:\program files\Intel\Intel Application Accelerator\iaanotif.exe" [2003-09-15 126976]
"CTSysVol"="c:\program files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe" [2002-10-29 49152]
"CTDVDDet"="c:\program files\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE" [2002-09-30 45056]
"CTHelper"="CTHELPER.EXE" [2003-02-20 28672]
"AsioReg"="CTASIO.DLL" [2003-02-20 110592]
"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-11 90112]
"monitr32"="c:\program files\Canon\MultiPASS4\monitr32.exe" [2001-08-22 311296]
"fxredir"="c:\windows\System32\fxredir.exe" [2001-08-22 65536]
"MPTBox"="c:\program files\Canon\MultiPASS4\MPTBox.exe" [2001-08-22 151552]
"GhostStartTrayApp"="c:\program files\Symantec\Norton Ghost 2003\GhostStartTrayApp.exe" [2003-12-17 94208]
"Microsoft Works Portfolio"="c:\program files\Microsoft Works\WksSb.exe" [2000-07-10 311350]
"Microsoft Works Update Detection"="c:\program files\Microsoft Works\WkDetect.exe" [2000-07-10 28739]
"AOLDialer"="c:\program files\Common Files\AOL\ACS\AOLDial.exe" [2010-07-13 70720]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2010-03-12 49208]
"RoxWatchTray"="c:\program files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" [2007-08-16 236016]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2010-02-11 198160]
"HostManager"="c:\program files\Common Files\AOL\1283354042\ee\AOLSoftware.exe" [2010-03-08 41800]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-04-20 58656]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2011-07-05 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-08-19 421736]
"Malwarebytes' Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2011-12-24 981680]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-12-24 460872]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2011-12-15 258512]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2011-07-27 434080]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Reader\reader_sl.exe [N/A]
Billminder.lnk - c:\quickenw\BILLMIND.EXE [2009-9-3 36864]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2006-2-19 288472]
HP Photosmart Premier Fast Start.lnk - c:\program files\HP\Digital Imaging\bin\hpqthb08.exe [2005-12-15 73728]
Microsoft Works Calendar Reminders.lnk - c:\program files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe [2000-7-10 24633]
MozyHome Status.lnk - c:\program files\MozyHome\mozystat.exe [2011-9-29 3709208]
QuickBooks Update Agent.lnk - c:\program files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe [2005-5-7 663552]
Quicken Startup.lnk - c:\quickenw\QWDLLS.EXE [2009-9-3 36864]
WinZip Quick Pick.lnk - c:\program files\WinZip\WZQKPICK.EXE [2007-8-3 394856]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SB Audigy 2 Startup Menu]
/L:ENG [X]
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"DisableNotifications"= 1 (0x1)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\HP\\HP Software Update\\HPWUCli.exe"=
"c:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"=
"c:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Common Files\\AOL\\TopSpeed\\3.0\\aoltpsd3.exe"=
"c:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"c:\\Program Files\\Common Files\\AOL\\System Information\\sinf.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
"c:\\Program Files\\Common Files\\AOL\\1283354042\\ee\\aolsoftware.exe"=
"c:\\Program Files\\AOL 9.5\\waol.exe"=
"c:\\Program Files\\AOL Desktop 9.6\\waol.exe"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
.
R1 avkmgr;avkmgr;c:\windows\system32\drivers\avkmgr.sys [1/7/2012 7:54 PM 36000]
R1 GhPciScan;GhostPciScanner;c:\program files\Symantec\Norton Ghost 2003\GhPciScan.sys [12/17/2003 5:41 PM 5632]
R2 AntiVirSchedulerService;Avira Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [1/7/2012 7:54 PM 86224]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [1/6/2012 4:01 PM 652872]
R2 mrtRate;mrtRate;c:\windows\system32\drivers\MrtRate.sys [5/7/2005 12:14 PM 34916]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [1/6/2012 4:00 PM 20464]
S1 SBRE;SBRE;\??\c:\windows\system32\drivers\SBREdrv.sys --> c:\windows\system32\drivers\SBREdrv.sys [?]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [1/5/2010 9:31 AM 135664]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [1/5/2010 9:31 AM 135664]
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - MBAMSWISSARMY
*Deregistered* - MBAMSwissArmy
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
.
Contents of the 'Scheduled Tasks' folder
.
2011-12-28 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 16:34]
.
2012-01-06 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-02-02 19:34]
.
2012-01-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-05 14:30]
.
2012-01-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-05 14:30]
.
2012-01-07 c:\windows\Tasks\OGALogon.job
- c:\windows\system32\OGAEXEC.exe [2009-08-03 19:07]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\MI1933~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1 71.252.0.12
DPF: {0C4A9D28-66B5-4A70-B915-B6AEA5112472} - hxxp://wowjoy.net/js/ShortCut.cab
DPF: {1A99AD04-C72C-484A-9EEE-1B29B1243263} - hxxp://down.ad-killer.net/adkiller/activex/ADKiller.cab
DPF: {938527D1-CDB7-4147-998A-B20FCA5CC976} - hxxp://cafeimg.hanmail.net/cab9_1/dmcc2.cab
DPF: {A00B2A53-60D9-4477-ADA3-60490770C5E0} - hxxp://wwl514.daum.net/hanmail-ax/hanmail.cab
DPF: {BDF9A7C7-F4DC-455D-B5C2-045D74788295} - hxxps://objects.aol.com/filebackup/AOLRegistrationWizard.cab
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-01-07 08:56
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
Completion time: 2012-01-07 09:00:02
ComboFix-quarantined-files.txt 2012-01-07 13:59
ComboFix2.txt 2012-01-07 03:38
.
Pre-Run: 41,671,835,648 bytes free
Post-Run: 41,669,382,144 bytes free
.
- - End Of File - - 3A32D8BCFB4C7331530C1EE9D7E35A13
 
Looks good :)

How is computer doing?

Download OTL to your Desktop.

  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Click the Scan All Users checkbox.
  • Under the Custom Scan box paste this in:


netsvcs
drivers32
%SYSTEMDRIVE%\*.*
%systemroot%\Fonts\*.com
%systemroot%\Fonts\*.dll
%systemroot%\Fonts\*.ini
%systemroot%\Fonts\*.ini2
%systemroot%\Fonts\*.exe
%systemroot%\system32\spool\prtprocs\w32x86\*.*
%systemroot%\REPAIR\*.bak1
%systemroot%\REPAIR\*.ini
%systemroot%\system32\*.jpg
%systemroot%\*.jpg
%systemroot%\*.png
%systemroot%\*.scr
%systemroot%\*._sy
%APPDATA%\Adobe\Update\*.*
%ALLUSERSPROFILE%\Favorites\*.*
%APPDATA%\Microsoft\*.*
%PROGRAMFILES%\*.*
%APPDATA%\Update\*.*
%systemroot%\*. /mp /s
CREATERESTOREPOINT
%systemroot%\System32\config\*.sav
%PROGRAMFILES%\bak. /s
%systemroot%\system32\bak. /s
%ALLUSERSPROFILE%\Start Menu\*.lnk /x
%systemroot%\system32\config\systemprofile\*.dat /x
%systemroot%\*.config
%systemroot%\system32\*.db
%APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x
%USERPROFILE%\Desktop\*.exe
%PROGRAMFILES%\Common Files\*.*
%systemroot%\*.src
%systemroot%\install\*.*
%systemroot%\system32\DLL\*.*
%systemroot%\system32\HelpFiles\*.*
%systemroot%\system32\rundll\*.*
%systemroot%\winn32\*.*
%systemroot%\Java\*.*
%systemroot%\system32\test\*.*
%systemroot%\system32\Rundll32\*.*
%systemroot%\AppPatch\Custom\*.*
%APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x
%PROGRAMFILES%\PC-Doctor\Downloads\*.*
%PROGRAMFILES%\Internet Explorer\*.tmp
%PROGRAMFILES%\Internet Explorer\*.dat
%USERPROFILE%\My Documents\*.exe
%USERPROFILE%\*.exe
%systemroot%\ADDINS\*.*
%systemroot%\assembly\*.bak2
%systemroot%\Config\*.*
%systemroot%\REPAIR\*.bak2
%systemroot%\SECURITY\Database\*.sdb /x
%systemroot%\SYSTEM\*.bak2
%systemroot%\Web\*.bak2
%systemroot%\Driver Cache\*.*
%PROGRAMFILES%\Mozilla Firefox\0*.exe
%ProgramFiles%\Microsoft Common\*.*
%ProgramFiles%\TinyProxy.
%USERPROFILE%\Favorites\*.url /x
%systemroot%\system32\*.bk
%systemroot%\*.te
%systemroot%\system32\system32\*.*
%ALLUSERSPROFILE%\*.dat /x
%systemroot%\system32\drivers\*.rmv
dir /b "%systemroot%\system32\*.exe" | find /i " " /c
dir /b "%systemroot%\*.exe" | find /i " " /c
%PROGRAMFILES%\Microsoft\*.*
%systemroot%\System32\Wbem\proquota.exe
%PROGRAMFILES%\Mozilla Firefox\*.dat
%USERPROFILE%\Cookies\*.txt /x
%SystemRoot%\system32\fonts\*.*
%systemroot%\system32\winlog\*.*
%systemroot%\system32\Language\*.*
%systemroot%\system32\Settings\*.*
%systemroot%\system32\*.quo
%SYSTEMROOT%\AppPatch\*.exe
%SYSTEMROOT%\inf\*.exe
%SYSTEMROOT%\Installer\*.exe
%systemroot%\system32\config\*.bak2
%systemroot%\system32\Computers\*.*
%SystemRoot%\system32\Sound\*.*
%SystemRoot%\system32\SpecialImg\*.*
%SystemRoot%\system32\code\*.*
%SystemRoot%\system32\draft\*.*
%SystemRoot%\system32\MSSSys\*.*
%ProgramFiles%\Javascript\*.*
%systemroot%\pchealth\helpctr\System\*.exe /s
%systemroot%\Web\*.exe
%systemroot%\system32\msn\*.*
%systemroot%\system32\*.tro
%AppData%\Microsoft\Installer\msupdates\*.*
%ProgramFiles%\Messenger\*.*
%systemroot%\system32\systhem32\*.*
%systemroot%\system\*.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
/md5start
/md5stop


  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows: OTL.txt and Extras.txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them back here.
 
Hi Broni
I appreciate all the help.
You asked how the computer is running...
hard to say, since all I have done is try to follow your instructions.

BUT...
I see I screwed up the "copy and paste" of your script for the OTL custom scan.
(I copied your whole post... not just the script).
I feel like a bloody ***** now.

Do I need to redo this?

Noticing "bad block" notes in the "Extras" log.
I suspect this means we will be doing more work later with drive diagnostics and repair.

And copying and pasting the logs is 257171 characters.
So... what should I do...
spread it out, or... attach, or... re run, or...?
 
OTL logfile created on: 1/7/2012 12:27:08 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Becki Price\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.25 Gb Available Physical Memory | 62.54% Memory free
3.85 Gb Paging File | 3.14 Gb Available in Paging File | 81.42% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.50 Gb Total Space | 38.84 Gb Free Space | 52.13% Space Free | Partition Type: NTFS
Drive D: | 0.08 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive F: | 149.01 Gb Total Space | 55.22 Gb Free Space | 37.06% Space Free | Partition Type: NTFS

Computer Name: BALTIMOR-1MBHXM | User Name: Becki Price | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/01/07 12:25:23 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Becki Price\Desktop\OTL.exe
PRC - [2011/12/24 17:50:18 | 000,652,872 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011/12/15 15:00:35 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2011/12/15 15:00:23 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2011/12/15 15:00:12 | 000,258,512 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2011/12/15 15:00:12 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2011/09/29 09:50:08 | 003,709,208 | ---- | M] (Mozy, Inc.) -- C:\Program Files\MozyHome\mozystat.exe
PRC - [2010/09/17 21:14:22 | 000,460,144 | ---- | M] () -- C:\Program Files\Flip Video\FlipShare\FlipShareService.exe
PRC - [2010/08/23 19:21:40 | 000,013,672 | ---- | M] (Intuit Inc.) -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
PRC - [2010/03/08 02:27:49 | 000,041,800 | ---- | M] (AOL Inc.) -- C:\Program Files\Common Files\AOL\1283354042\ee\aolupdates.exe
PRC - [2010/03/08 02:27:49 | 000,041,800 | ---- | M] (AOL Inc.) -- C:\Program Files\Common Files\AOL\1283354042\ee\aolsoftware.exe
PRC - [2010/02/11 15:50:05 | 000,198,160 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
PRC - [2008/08/20 20:18:00 | 000,443,968 | ---- | M] (Google Inc.) -- C:\Program Files\Picasa2\PicasaMediaDetector.exe
PRC - [2008/04/14 05:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/01/11 17:50:16 | 000,030,312 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
PRC - [2007/08/16 08:56:14 | 000,236,016 | ---- | M] (Sonic Solutions) -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
PRC - [2005/12/15 10:57:34 | 000,475,136 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
PRC - [2003/12/17 17:51:58 | 000,094,208 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\Norton Ghost 2003\GhostStartTrayApp.exe
PRC - [2003/12/17 17:51:44 | 000,200,704 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\Norton Ghost 2003\GhostStartService.exe
PRC - [2003/09/15 02:00:00 | 000,126,976 | ---- | M] (Intel) -- C:\Program Files\Intel\Intel Application Accelerator\IAAnotif.exe
PRC - [2003/09/15 02:00:00 | 000,073,838 | ---- | M] (Intel) -- C:\Program Files\Intel\Intel Application Accelerator\IAANTmon.exe
PRC - [2002/10/29 11:18:24 | 000,049,152 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
PRC - [2001/08/21 19:52:12 | 000,151,552 | ---- | M] (Canon Inc) -- C:\Program Files\Canon\MultiPASS4\mptbox.exe
PRC - [2001/08/21 19:49:14 | 000,065,536 | ---- | M] (Canon Inc) -- C:\WINDOWS\system32\FxRedir.exe
PRC - [1999/08/12 05:59:08 | 000,036,864 | ---- | M] (Intuit) -- C:\QUICKENW\QWDLLS.EXE


========== Modules (No Company Name) ==========

MOD - [2012/01/07 17:49:34 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\abef85f2fb8ba830eda73e2d12e8d41e\System.ServiceProcess.ni.dll
MOD - [2012/01/07 17:39:20 | 007,950,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\af39f6e644af02873b9bae319f2bfb13\System.ni.dll
MOD - [2012/01/07 17:38:38 | 011,490,816 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\ca87ba84221991839abbe7d4bc9c6721\mscorlib.ni.dll
MOD - [2012/01/04 23:59:51 | 003,182,592 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
MOD - [2012/01/04 23:59:47 | 002,933,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2012/01/04 23:59:46 | 000,425,984 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll
MOD - [2012/01/04 23:59:35 | 000,626,688 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
MOD - [2012/01/04 23:59:33 | 000,303,104 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
MOD - [2012/01/04 23:59:30 | 000,258,048 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
MOD - [2012/01/04 23:59:29 | 000,261,632 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
MOD - [2012/01/04 23:59:27 | 002,048,000 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.Xml.dll
MOD - [2012/01/04 23:59:22 | 000,114,688 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
MOD - [2012/01/04 23:59:11 | 005,025,792 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
MOD - [2011/12/15 15:00:24 | 000,398,288 | ---- | M] () -- C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll
MOD - [2011/06/24 21:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/06/24 21:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/04/04 08:59:38 | 000,854,016 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.Data.SQLite\1.0.61.0__db937bc2d44ff139\System.Data.SQLite.dll
MOD - [2011/04/04 08:59:38 | 000,476,520 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Map.Reporter\5.0.136.0__7ce6deabcb36a8ea\Intuit.Spc.Map.Reporter.dll
MOD - [2011/04/04 08:59:38 | 000,409,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Map.WindowsFirewallUtilities\5.0.136.0__7ce6deabcb36a8ea\Intuit.Spc.Map.WindowsFirewallUtilities.dll
MOD - [2011/04/04 08:59:36 | 000,421,224 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Api.Net\3.1.31.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Api.Net.dll
MOD - [2011/04/04 08:59:36 | 000,046,952 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.UpdateServicePlugin\3.1.31.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Application.UpdateServicePlugin.dll
MOD - [2011/04/04 08:59:36 | 000,023,912 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.UpdateService\1.0.0.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Application.UpdateService.dll
MOD - [2011/04/04 08:59:36 | 000,018,792 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Ipc.Remoting.UpdateServiceWorker\3.1.31.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Ipc.Remoting.UpdateServiceWorker.dll
MOD - [2011/04/04 08:59:36 | 000,012,136 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.UpdateService.PluginContract\1.0.0.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Application.UpdateService.PluginContract.dll
MOD - [2011/04/04 08:59:35 | 000,269,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Core\3.1.26.0__540d4816ead86321\Intuit.Spc.Esd.Core.dll
MOD - [2011/04/04 08:59:35 | 000,121,704 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.BusinessLogic\3.1.31.0__540d4816ead86321\Intuit.Spc.Esd.Client.BusinessLogic.dll
MOD - [2011/04/04 08:59:35 | 000,120,168 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.DataAccess\3.1.31.0__540d4816ead86321\Intuit.Spc.Esd.Client.DataAccess.dll
MOD - [2011/04/04 08:59:35 | 000,070,504 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.Common\3.1.31.0__540d4816ead86321\Intuit.Spc.Esd.Client.Common.dll
MOD - [2010/09/17 21:14:22 | 000,460,144 | ---- | M] () -- C:\Program Files\Flip Video\FlipShare\FlipShareService.exe
MOD - [2010/09/17 21:13:36 | 002,826,240 | ---- | M] () -- C:\Program Files\Flip Video\FlipShare\Core.dll
MOD - [2010/09/17 21:07:18 | 000,733,184 | ---- | M] () -- C:\Program Files\Flip Video\FlipShare\qca2.dll
MOD - [2010/08/03 16:47:12 | 008,351,744 | ---- | M] () -- C:\Program Files\Flip Video\FlipShare\QtGui4.dll
MOD - [2010/08/03 16:47:12 | 002,244,608 | ---- | M] () -- C:\Program Files\Flip Video\FlipShare\QtCore4.dll
MOD - [2010/08/03 16:47:12 | 000,978,944 | ---- | M] () -- C:\Program Files\Flip Video\FlipShare\QtNetwork4.dll
MOD - [2010/08/03 16:47:12 | 000,364,544 | ---- | M] () -- C:\Program Files\Flip Video\FlipShare\QtXml4.dll
MOD - [2010/08/03 16:47:12 | 000,204,800 | ---- | M] () -- C:\Program Files\Flip Video\FlipShare\QtSql4.dll
MOD - [2009/03/30 18:54:41 | 001,058,304 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Map.WindowsFirewallUtilities\4.0.114.0__7ce6deabcb36a8ea\Intuit.Spc.Map.WindowsFirewallUtilities.dll
MOD - [2009/03/30 18:54:39 | 000,471,040 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Map.Reporter\4.0.114.0__7ce6deabcb36a8ea\Intuit.Spc.Map.Reporter.dll
MOD - [2009/03/30 18:54:38 | 000,402,208 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Api.Net\2.1.72.22__540d4816ead86321\Intuit.Spc.Esd.WinClient.Api.Net.dll
MOD - [2009/03/30 18:54:38 | 000,047,392 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.UpdateServicePlugin\2.1.72.22__540d4816ead86321\Intuit.Spc.Esd.WinClient.Application.UpdateServicePlugin.dll
MOD - [2009/03/30 18:54:38 | 000,018,720 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Ipc.Remoting.UpdateServiceWorker\2.1.72.22__540d4816ead86321\Intuit.Spc.Esd.WinClient.Ipc.Remoting.UpdateServiceWorker.dll
MOD - [2009/03/30 18:54:37 | 000,238,368 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Core\2.0.145.4__540d4816ead86321\Intuit.Spc.Esd.Core.dll
MOD - [2009/03/30 18:54:37 | 000,120,608 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.DataAccess\2.1.72.22__540d4816ead86321\Intuit.Spc.Esd.Client.DataAccess.dll
MOD - [2009/03/30 18:54:37 | 000,072,992 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.Common\2.1.72.22__540d4816ead86321\Intuit.Spc.Esd.Client.Common.dll
MOD - [2009/03/30 18:54:36 | 000,130,848 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.BusinessLogic\2.1.72.22__540d4816ead86321\Intuit.Spc.Esd.Client.BusinessLogic.dll
MOD - [2009/03/30 18:34:17 | 000,755,712 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.Data.SQLite\1.0.56.0__28c9bcd4dddc48a1\System.Data.SQLite.dll
MOD - [2009/03/30 18:34:17 | 000,270,336 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\log4net\1.2.10.0__1b44e1d426115821\log4net.dll
MOD - [2009/03/30 18:34:16 | 000,458,752 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Foundations.Portability\3.1.2.2__540d4816ead86321\Intuit.Spc.Foundations.Portability.dll
MOD - [2009/03/30 18:34:15 | 000,065,536 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Foundations.Primary.ExceptionHandling\3.1.2.2__540d4816ead86321\Intuit.Spc.Foundations.Primary.ExceptionHandling.dll
MOD - [2009/03/30 18:34:15 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Foundations.Primary.Logging\3.1.2.2__540d4816ead86321\Intuit.Spc.Foundations.Primary.Logging.dll
MOD - [2009/03/30 18:34:14 | 000,073,728 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Foundations.Primary.Config\3.1.2.2__540d4816ead86321\Intuit.Spc.Foundations.Primary.Config.dll
MOD - [2007/12/02 03:01:47 | 003,391,488 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_ac21854b\mscorlib.dll
MOD - [2007/12/02 03:01:44 | 000,835,584 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.drawing\1.0.5000.0__b03f5f7f11d50a3a_8cfd8047\system.drawing.dll
MOD - [2007/12/02 03:01:39 | 002,088,960 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.xml\1.0.5000.0__b77a5c561934e089_aff391de\system.xml.dll
MOD - [2007/12/02 03:01:35 | 003,018,752 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.windows.forms\1.0.5000.0__b77a5c561934e089_c37b4681\system.windows.forms.dll
MOD - [2007/12/02 03:01:28 | 001,966,080 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system\1.0.5000.0__b77a5c561934e089_1c30fa24\system.dll
MOD - [2007/12/02 03:01:15 | 001,232,896 | ---- | M] () -- c:\windows\assembly\gac\system\1.0.5000.0__b77a5c561934e089\system.dll
MOD - [2007/12/01 03:01:56 | 001,339,392 | ---- | M] () -- c:\windows\assembly\gac\system.xml\1.0.5000.0__b77a5c561934e089\system.xml.dll
MOD - [2007/12/01 03:01:55 | 000,466,944 | ---- | M] () -- c:\windows\assembly\gac\system.drawing\1.0.5000.0__b03f5f7f11d50a3a\system.drawing.dll
MOD - [2007/12/01 03:01:54 | 002,052,096 | ---- | M] () -- c:\windows\assembly\gac\system.windows.forms\1.0.5000.0__b77a5c561934e089\system.windows.forms.dll
MOD - [2006/07/10 15:25:07 | 000,069,632 | ---- | M] () -- c:\windows\assembly\gac\hpqisrtb\4.0.0.0__a53cf5803f4c3827\hpqisrtb.dll
MOD - [2006/07/10 15:25:05 | 000,774,144 | ---- | M] () -- c:\windows\assembly\gac\hpqbakup\3.0.0.0__a53cf5803f4c3827\hpqbakup.dll
MOD - [2006/07/10 15:24:55 | 001,044,480 | ---- | M] () -- c:\windows\assembly\gac\hpqedit\3.0.0.0__a53cf5803f4c3827\hpqedit.dll
MOD - [2006/07/10 15:24:50 | 000,163,840 | ---- | M] () -- c:\windows\assembly\gac\hpqvideo\3.0.0.0__a53cf5803f4c3827\hpqvideo.dll
MOD - [2006/07/10 15:24:48 | 000,053,248 | ---- | M] () -- c:\windows\assembly\gac\hpqovskn\3.0.0.0__a53cf5803f4c3827\hpqovskn.dll
MOD - [2006/07/10 15:24:47 | 000,512,000 | ---- | M] () -- c:\windows\assembly\gac\hpqimvlt\3.0.0.0__a53cf5803f4c3827\hpqimvlt.dll
MOD - [2006/07/10 15:24:47 | 000,192,512 | ---- | M] () -- c:\windows\assembly\gac\hpqimgrc\4.0.0.0__a53cf5803f4c3827\hpqimgrc.dll
MOD - [2006/07/10 15:24:47 | 000,014,848 | ---- | M] () -- c:\windows\assembly\gac\interop.hpqvideo\4.0.0.0__a53cf5803f4c3827\interop.hpqvideo.dll
MOD - [2006/07/10 15:24:47 | 000,010,240 | ---- | M] () -- c:\windows\assembly\gac\interop.hpqimgr\4.0.0.0__a53cf5803f4c3827\interop.hpqimgr.dll
MOD - [2006/07/10 15:24:47 | 000,004,096 | ---- | M] () -- c:\windows\assembly\gac\interop.hprblog\3.0.0.0__a53cf5803f4c3827\interop.hprblog.dll
MOD - [2006/07/10 15:24:46 | 000,368,640 | ---- | M] () -- c:\windows\assembly\gac\hpqtray\4.0.0.0__a53cf5803f4c3827\hpqtray.dll
MOD - [2006/07/10 15:24:46 | 000,073,728 | ---- | M] () -- c:\windows\assembly\gac\hpqthumb\3.0.0.0__a53cf5803f4c3827\hpqthumb.dll
MOD - [2006/07/10 15:24:46 | 000,069,632 | ---- | M] () -- c:\windows\assembly\gac\hpqglutl\4.0.0.0__a53cf5803f4c3827\hpqglutl.dll
MOD - [2006/07/10 15:24:46 | 000,057,344 | ---- | M] () -- c:\windows\assembly\gac\hpqimlib\3.0.0.0__a53cf5803f4c3827\hpqimlib.dll
MOD - [2006/07/10 15:24:46 | 000,036,864 | ---- | M] () -- c:\windows\assembly\gac\hpqfmrsc\4.0.0.0__a53cf5803f4c3827\hpqfmrsc.dll
MOD - [2006/07/10 15:24:46 | 000,024,576 | ---- | M] () -- c:\windows\assembly\gac\hpqasset\4.0.0.0__a53cf5803f4c3827\hpqasset.dll
MOD - [2006/07/10 15:24:46 | 000,020,480 | ---- | M] () -- c:\windows\assembly\gac\hpqiface\4.0.0.0__a53cf5803f4c3827\hpqiface.dll
MOD - [2006/07/10 15:24:45 | 000,589,824 | ---- | M] () -- c:\windows\assembly\gac\hpqcc2\3.0.0.0__a53cf5803f4c3827\hpqcc2.dll
MOD - [2006/07/10 15:24:45 | 000,385,024 | ---- | M] () -- c:\windows\assembly\gac\hpqcprsc\3.0.0.0__a53cf5803f4c3827\hpqcprsc.dll
MOD - [2006/07/10 15:22:56 | 000,430,080 | ---- | M] () -- c:\windows\assembly\gac\lead.wrapper\13.0.0.113__9cf889f53ea9b907\lead.wrapper.dll
MOD - [2006/07/10 15:22:56 | 000,077,824 | ---- | M] () -- c:\windows\assembly\gac\lead\13.0.0.113__9cf889f53ea9b907\lead.dll
MOD - [2006/07/10 15:22:56 | 000,065,536 | ---- | M] () -- c:\windows\assembly\gac\hpqmdmr\4.0.0.0__a53cf5803f4c3827\hpqmdmr.dll
MOD - [2006/07/10 15:22:56 | 000,057,344 | ---- | M] () -- c:\windows\assembly\gac\hpqprrsc\4.0.0.0__a53cf5803f4c3827\hpqprrsc.dll
MOD - [2006/07/10 15:22:55 | 000,225,280 | ---- | M] () -- c:\windows\assembly\gac\hpqutils\4.0.0.0__a53cf5803f4c3827\hpqutils.dll
MOD - [2006/07/10 15:22:55 | 000,090,112 | ---- | M] () -- c:\windows\assembly\gac\lead.drawing.imaging.imageprocessing\13.0.0.113__9cf889f53ea9b907\lead.drawing.imaging.imageprocessing.dll
MOD - [2006/07/10 15:22:55 | 000,086,016 | ---- | M] () -- c:\windows\assembly\gac\lead.drawing\13.0.0.113__9cf889f53ea9b907\lead.drawing.dll
MOD - [2006/07/10 15:22:55 | 000,081,920 | ---- | M] () -- c:\windows\assembly\gac\lead.drawing.imaging.codecs\13.0.0.113__9cf889f53ea9b907\lead.drawing.imaging.codecs.dll
MOD - [2006/07/10 15:22:55 | 000,069,632 | ---- | M] () -- c:\windows\assembly\gac\lead.windows.forms.drawingcontainer\13.0.0.113__9cf889f53ea9b907\lead.windows.forms.drawingcontainer.dll
MOD - [2006/07/10 15:22:55 | 000,069,632 | ---- | M] () -- c:\windows\assembly\gac\hpqntrop\4.0.0.0__a53cf5803f4c3827\hpqntrop.dll
MOD - [2006/07/10 15:22:55 | 000,040,960 | ---- | M] () -- c:\windows\assembly\gac\lead.windows.forms\13.0.0.113__9cf889f53ea9b907\lead.windows.forms.dll
MOD - [2006/07/10 15:22:55 | 000,036,864 | ---- | M] () -- c:\windows\assembly\gac\interop.hpqcxm08\3.0.0.0__a53cf5803f4c3827\interop.hpqcxm08.dll
MOD - [2006/02/09 15:48:34 | 000,192,512 | ---- | M] () -- C:\Program Files\HP\Digital Imaging\bin\HpqUtil.dll
MOD - [2005/08/03 13:38:23 | 000,007,680 | ---- | M] () -- c:\windows\assembly\gac\accessibility\1.0.5000.0__b03f5f7f11d50a3a\accessibility.dll
MOD - [2005/05/12 13:40:44 | 000,077,824 | R--- | M] () -- C:\Program Files\HP\Digital Imaging\bin\crm\xmltok.dll
MOD - [2005/05/12 13:40:42 | 000,065,536 | R--- | M] () -- C:\Program Files\HP\Digital Imaging\bin\crm\xmlparse.dll
MOD - [2001/10/24 11:36:54 | 000,006,915 | ---- | M] () -- C:\WINDOWS\system32\LANGMON.DLL
MOD - [2001/07/05 23:13:08 | 000,012,983 | ---- | M] () -- C:\WINDOWS\system32\MpUpMon.dll


========== Win32 Services (SafeList) ==========

SRV - [2011/12/24 17:50:18 | 000,652,872 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011/12/15 15:00:23 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011/12/15 15:00:12 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010/09/17 21:14:22 | 000,460,144 | ---- | M] () [Auto | Running] -- C:\Program Files\Flip Video\FlipShare\FlipShareService.exe -- (FlipShare Service)
SRV - [2010/08/23 19:21:40 | 000,013,672 | ---- | M] (Intuit Inc.) [Auto | Running] -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe -- (IntuitUpdateService)
SRV - [2008/01/11 17:50:16 | 000,030,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc)
SRV - [2006/10/23 07:50:35 | 000,046,640 | R--- | M] (AOL LLC) [On_Demand | Stopped] -- C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe -- (AOL ACS)
SRV - [2003/12/17 17:51:44 | 000,200,704 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec\Norton Ghost 2003\GhostStartService.exe -- (GhostStartService)
SRV - [2003/09/15 02:00:00 | 000,073,838 | ---- | M] (Intel) [Auto | Running] -- C:\Program Files\Intel\Intel Application Accelerator\IAANTmon.exe -- (IAANTMon)
SRV - [2003/03/03 15:33:40 | 000,143,360 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\NCS\Sync\NetSvc.exe -- (NetSvc)
SRV - [2001/08/21 19:42:48 | 000,049,152 | ---- | M] (Canon Inc) [Auto | Stopped] -- C:\Program Files\Canon\MultiPASS4\mpservic.exe -- (MpService)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Running] -- -- (catchme)
DRV - [2011/12/15 15:00:35 | 000,134,856 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2011/12/15 15:00:35 | 000,074,640 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2011/12/15 15:00:35 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2011/12/10 15:24:06 | 000,020,464 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2010/06/17 14:14:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2004/12/13 08:44:04 | 000,014,848 | ---- | M] (NVIDIA Corporation.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nvndis.sys -- (NvNdis)
DRV - [2004/10/11 10:28:18 | 000,009,856 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)
DRV - [2003/12/17 17:41:38 | 000,005,632 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Symantec\Norton Ghost 2003\GhPciScan.sys -- (GhPciScan)
DRV - [2003/12/17 17:30:46 | 000,017,005 | ---- | M] (Adaptec) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\ASPI32.SYS -- (Aspi32)
DRV - [2003/05/27 11:00:34 | 000,073,496 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\Symantec\SYMEVENT.SYS -- (SymEvent)
DRV - [2003/03/27 11:58:56 | 000,287,920 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ctdvda2k.sys -- (ctdvda2k)
DRV - [2003/03/26 16:33:58 | 000,498,688 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctaud2k.sys -- (ctaud2k) Creative Audio Driver (WDM)
DRV - [2003/03/26 16:32:32 | 000,189,504 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctoss2k.sys -- (ossrv)
DRV - [2003/03/26 16:32:02 | 000,141,536 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hap16v2k.sys -- (hap16v2k)
DRV - [2003/03/26 16:31:40 | 000,823,616 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ha10kx2k.sys -- (ha10kx2k)
DRV - [2003/03/06 10:10:34 | 000,015,840 | ---- | M] (Creative Technology Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\pfmodnt.sys -- (PfModNT)
DRV - [2003/02/20 17:24:46 | 000,116,000 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\emupia2k.sys -- (emupia)
DRV - [2003/02/20 17:24:34 | 000,135,248 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctsfm2k.sys -- (ctsfm2k)
DRV - [2003/02/20 17:24:18 | 000,006,144 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctprxy2k.sys -- (ctprxy2k)
DRV - [2003/02/20 17:22:38 | 000,135,040 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctac32k.sys -- (ctac32k)
DRV - [2003/01/10 16:13:04 | 000,033,588 | R--- | M] (America Online, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wanatw4.sys -- (wanatw) WAN Miniport (ATW)
DRV - [2001/08/22 10:42:58 | 000,013,632 | ---- | M] (Dell Computer Corporation) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\OMCI.SYS -- (OMCI)
DRV - [2001/06/26 23:00:14 | 000,048,408 | ---- | M] (Canon) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\cis1284.sys -- (cis1284)
DRV - [1999/08/12 08:59:08 | 000,034,916 | ---- | M] (Marimba, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\MrtRate.sys -- (mrtRate)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========



IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1177238915-1343024091-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\S-1-5-21-1177238915-1343024091-682003330-1003\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKU\S-1-5-21-1177238915-1343024091-682003330-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa2,version=2.0.0: C:\Program Files\Picasa2\npPicasa2.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Picasa2\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Musicnotes.com/Musicnotes Viewer: C:\Program Files\Musicnotes\npmusicn.dll (Musicnotes, Inc.)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.450: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.448: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@Sibelius.com/Scorch Plugin: C:\Program Files\Musicnotes\npsibelius.dll ()
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()



O1 HOSTS File: ([2012/01/07 08:55:59 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O2 - BHO: (AOL Toolbar Loader) - {3ef64538-8b54-4573-b48f-4d34b0238ab2} - C:\Program Files\AOL Toolbar\aoltb.dll (AOL Inc)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (hpBHO Class) - {ABD3B5E1-B268-407B-A150-2641DAB8D898} - C:\Program Files\Common Files\Homepage Protection\HomepageProtection.dll (AOL Products)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
O2 - BHO: (MapQuest Toolbar Loader) - {E34F0E11-AB79-487c-9773-36C594DFF5AA} - C:\Program Files\MapQuest Toolbar\mqtb.dll (MapQuest)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (MapQuest Toolbar) - {57ABF0DD-577C-4ec6-855C-8DC29768C2B0} - C:\Program Files\MapQuest Toolbar\mqtb.dll (MapQuest)
O3 - HKLM\..\Toolbar: (AOL Toolbar) - {ba00b7b1-0351-477a-b948-23e3ee5a73d4} - C:\Program Files\AOL Toolbar\aoltb.dll (AOL Inc)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKU\S-1-5-21-1177238915-1343024091-682003330-1003\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKU\S-1-5-21-1177238915-1343024091-682003330-1003\..\Toolbar\WebBrowser: (no name) - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - No CLSID value found.
O3 - HKU\S-1-5-21-1177238915-1343024091-682003330-1003\..\Toolbar\WebBrowser: (MapQuest Toolbar) - {57ABF0DD-577C-4EC6-855C-8DC29768C2B0} - C:\Program Files\MapQuest Toolbar\mqtb.dll (MapQuest)
O3 - HKU\S-1-5-21-1177238915-1343024091-682003330-1003\..\Toolbar\WebBrowser: (AOL Toolbar) - {BA00B7B1-0351-477A-B948-23E3EE5A73D4} - C:\Program Files\AOL Toolbar\aoltb.dll (AOL Inc)
O4 - HKLM..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\acs\AOLDial.exe (America Online)
O4 - HKLM..\Run: [AsioReg] C:\WINDOWS\System32\CTASIO.DLL (Creative Technology Ltd)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [CTDVDDet] C:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDET.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [CTHelper] C:\WINDOWS\System32\CTHELPER.EXE (Creative Technology Ltd)
O4 - HKLM..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [fxredir] C:\WINDOWS\system32\FxRedir.exe (Canon Inc)
O4 - HKLM..\Run: [GhostStartTrayApp] C:\Program Files\Symantec\Norton Ghost 2003\GhostStartTrayApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [HostManager] C:\Program Files\Common Files\AOL\1283354042\ee\aolsoftware.exe (AOL Inc.)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Application Accelerator\IAAnotif.exe (Intel)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [Microsoft Works Portfolio] C:\Program Files\Microsoft Works\WksSb.exe (Microsoft® Corporation)
O4 - HKLM..\Run: [Microsoft Works Update Detection] C:\Program Files\Microsoft Works\WkDetect.exe (Microsoft® Corporation)
O4 - HKLM..\Run: [monitr32] C:\Program Files\Canon\MultiPASS4\monitr32.exe (Canon Inc)
O4 - HKLM..\Run: [MPTBox] C:\Program Files\Canon\MultiPASS4\mptbox.exe (Canon Inc)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe (Sonic Solutions)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [UpdReg] C:\WINDOWS\Updreg.EXE (Creative Technology Ltd.)
O4 - HKU\S-1-5-21-1177238915-1343024091-682003330-1003..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (Google Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk = File not found
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Billminder.lnk = C:\QUICKENW\BILLMIND.EXE (Intuit)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Photosmart Premier Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe (Hewlett-Packard Development Company, L.P.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\MozyHome Status.lnk = C:\Program Files\MozyHome\mozystat.exe (Mozy, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk = C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe (Intuit, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Quicken Startup.lnk = C:\QUICKENW\QWDLLS.EXE (Intuit)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE (WinZip Computing, S.L.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1177238915-1343024091-682003330-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1177238915-1343024091-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-1177238915-1343024091-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-1177238915-1343024091-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\npjpi160_30.dll (Sun Microsystems, Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKU\S-1-5-21-1177238915-1343024091-682003330-1003\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} https://activatemyfios.verizon.net/sdcCommon/download/FIOS/tgctlcm.cab (Support.com Configuration Class)
O16 - DPF: {0C4A9D28-66B5-4A70-B915-B6AEA5112472} http://wowjoy.net/js/ShortCut.cab (Icon02 Control)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {1A99AD04-C72C-484A-9EEE-1B29B1243263} http://down.ad-killer.net/adkiller/activex/ADKiller.cab (ADKiller Control)
O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} http://office.microsoft.com/officeupdate/content/opuc2.cab (Office Update Installation Engine)
O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} http://aolcc.aol.com/computercheckup/qdiagcc.cab (Reg Error: Key error.)
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab (GMNRev Class)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {8BBDC81D-81B3-49EE-87E8-47B7A707FAE8} https://www.gotomeeting.com/default/applets/g2mdlax.cab (GoToMeeting/GoToWebinar Web Starter)
O16 - DPF: {938527D1-CDB7-4147-998A-B20FCA5CC976} http://cafeimg.hanmail.net/cab9_1/dmcc2.cab (Cdmcco Class)
O16 - DPF: {A00B2A53-60D9-4477-ADA3-60490770C5E0} http://wwl514.daum.net/hanmail-ax/hanmail.cab (UploadList Control)
O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} http://www.sibelius.com/download/software/win/ActiveXPlugin.cab (ScorchPlugin Class)
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab (MsnMessengerSetupDownloadControl Class)
O16 - DPF: {BDF9A7C7-F4DC-455D-B5C2-045D74788295} https://objects.aol.com/filebackup/AOLRegistrationWizard.cab (AOLRegistrationWizard Control)
O16 - DPF: {BF17C411-9ADA-4C73-B12C-BD814BDE187F} http://allstate.sumtotalsystems.com/sumtotal/core/common/ScheduleServices/ScheduleServices.cab (ScheduleServices.CtlScheduleServices)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} https://allstate.webex.com/client/T26L10NSP49EP12/webex/ieatgpc.cab (GpcContainer Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 71.252.0.12
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1D3FE2CF-20CA-42F5-9382-A2D29222EE60}: DhcpNameServer = 192.168.1.1 71.252.0.12
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Becki Price\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Becki Price\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/05/06 20:35:39 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.iac2 - C:\WINDOWS\System32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.3IV2 - C:\WINDOWS\System32\3ivxVfWCodec.dll (3ivx Technologies Pty. Ltd.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.LEAD - C:\WINDOWS\System32\LCodcCMP.dll (LEAD Technologies, Inc.)
Drivers32: vidc.tscc - C:\WINDOWS\System32\tsccvid.dll (TechSmith Corporation)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2012/01/07 20:00:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Becki Price\Application Data\Avira
[2012/01/07 19:54:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Avira
[2012/01/07 19:54:33 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys
[2012/01/07 19:54:28 | 000,134,856 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2012/01/07 19:54:28 | 000,074,640 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2012/01/07 19:54:28 | 000,036,000 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avkmgr.sys
[2012/01/07 19:54:27 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[2012/01/07 19:54:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Avira
[2012/01/07 16:23:01 | 022,668,080 | ---- | C] (Emsi Software GmbH ) -- C:\Documents and Settings\Becki Price\Desktop\OnlineArmorSetup.exe
[2012/01/07 15:54:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2012/01/07 13:35:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\scripting
[2012/01/07 13:35:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\l2schemas
[2012/01/07 13:35:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en
[2012/01/07 12:25:22 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Becki Price\Desktop\OTL.exe
[2012/01/07 09:50:59 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2012/01/06 21:24:56 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2012/01/06 21:23:26 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2012/01/06 21:23:26 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2012/01/06 21:23:26 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2012/01/06 21:23:26 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2012/01/06 21:23:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2012/01/06 21:23:07 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/01/06 21:20:20 | 004,373,779 | R--- | C] (Swearware) -- C:\Documents and Settings\Becki Price\Desktop\ComboFix.exe
[2012/01/06 17:04:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Becki Price\Application Data\Malwarebytes
[2012/01/06 16:01:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/01/06 16:01:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2012/01/06 16:00:59 | 000,020,464 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012/01/06 16:00:59 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012/01/06 13:54:53 | 004,713,472 | ---- | C] (AVAST Software) -- C:\Documents and Settings\Becki Price\Desktop\aswMBR.exe
[2012/01/06 11:32:13 | 000,607,260 | R--- | C] (Swearware) -- C:\Documents and Settings\Becki Price\Desktop\dds.scr
[2012/01/06 11:28:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Becki Price\Desktop\javara
[2012/01/05 16:49:36 | 000,446,464 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Becki Price\Desktop\TFC.exe
[2012/01/04 21:44:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Adobe
[2011/12/30 17:31:32 | 000,000,000 | ---D | C] -- C:\Program Files\8FA95
[2011/12/30 17:29:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\LogFiles
[2011/12/29 14:33:57 | 000,000,000 | ---D | C] -- C:\Program Files\GFI Software
[2011/12/29 10:15:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\AOL
[2011/12/27 17:23:58 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Becki Price\My Documents\New Folder\GASafeReturnClientbrochure
[2011/12/26 12:38:15 | 000,000,000 | --SD | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\MozyHome
[2011/12/26 12:37:49 | 000,000,000 | ---D | C] -- C:\Program Files\MozyHome
[2011/12/21 11:50:39 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Becki Price\My Documents\New Folder\CommunionCommittee2012
[2011/12/17 15:36:55 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Becki Price\My Documents\New Folder\ROCKlogo CL
[2011/12/15 15:14:57 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Becki Price\My Documents\New Folder\BaltimoreRock
[2011/12/15 10:16:30 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Becki Price\My Documents\New Folder\Husband1-1-12-PAIndquote
[2011/12/13 18:22:41 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Becki Price\My Documents\New Folder\PMSCOLORS298C,278C
[2011/12/13 12:34:29 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Becki Price\My Documents\New Folder\ROCKskinnycross LOGOlisa
[2011/12/13 12:26:52 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Becki Price\My Documents\New Folder\SkinnyCrossInWordDoc
[2005/05/06 18:28:42 | 000,065,536 | ---- | C] ( ) -- C:\WINDOWS\System32\a3d.dll
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========

[2012/01/07 19:54:55 | 000,001,707 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Avira Control Center.lnk
[2012/01/07 17:56:17 | 000,590,976 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/01/07 17:53:54 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012/01/07 16:23:53 | 087,264,656 | ---- | M] () -- C:\Documents and Settings\Becki Price\Desktop\avira_free_antivirus_en.exe
[2012/01/07 16:23:02 | 022,668,080 | ---- | M] (Emsi Software GmbH ) -- C:\Documents and Settings\Becki Price\Desktop\OnlineArmorSetup.exe
[2012/01/07 16:06:10 | 000,066,907 | ---- | M] () -- C:\VETlog.dmp
[2012/01/07 15:59:26 | 000,000,804 | ---- | M] () -- C:\Documents and Settings\Becki Price\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2012/01/07 15:58:47 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2012/01/07 13:29:35 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2012/01/07 12:25:23 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Becki Price\Desktop\OTL.exe
[2012/01/07 12:22:00 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012/01/07 08:55:59 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2012/01/07 06:21:54 | 000,009,670 | ---- | M] () -- C:\WINDOWS\mozy.flt
[2012/01/07 06:21:54 | 000,005,170 | ---- | M] () -- C:\WINDOWS\mozy.blk
[2012/01/07 01:22:00 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012/01/06 22:17:45 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/01/06 22:14:55 | 004,481,358 | ---- | M] () -- C:\WINDOWS\{00000002-00000000-00000002-00001102-00000004-10031102}.CDF
[2012/01/06 22:13:50 | 000,000,236 | ---- | M] () -- C:\WINDOWS\tasks\OGALogon.job
[2012/01/06 22:13:42 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/01/06 22:13:07 | 000,030,036 | ---- | M] () -- C:\WINDOWS\System32\BMXStateBkp-{00000002-00000000-00000002-00001102-00000004-10031102}.rfx
[2012/01/06 22:13:07 | 000,030,036 | ---- | M] () -- C:\WINDOWS\System32\BMXState-{00000002-00000000-00000002-00001102-00000004-10031102}.rfx
[2012/01/06 22:13:07 | 000,029,760 | ---- | M] () -- C:\WINDOWS\System32\BMXCtrlState-{00000002-00000000-00000002-00001102-00000004-10031102}.rfx
[2012/01/06 22:13:07 | 000,029,760 | ---- | M] () -- C:\WINDOWS\System32\BMXBkpCtrlState-{00000002-00000000-00000002-00001102-00000004-10031102}.rfx
[2012/01/06 22:13:07 | 000,001,080 | ---- | M] () -- C:\WINDOWS\System32\settingsbkup.sfm
[2012/01/06 22:13:07 | 000,001,080 | ---- | M] () -- C:\WINDOWS\System32\settings.sfm
[2012/01/06 22:13:07 | 000,000,288 | ---- | M] () -- C:\WINDOWS\System32\DVCStateBkp-{00000002-00000000-00000002-00001102-00000004-10031102}.dat
[2012/01/06 22:13:07 | 000,000,288 | ---- | M] () -- C:\WINDOWS\System32\DVCState-{00000002-00000000-00000002-00001102-00000004-10031102}.dat
[2012/01/06 21:25:07 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2012/01/06 21:20:22 | 004,373,779 | R--- | M] (Swearware) -- C:\Documents and Settings\Becki Price\Desktop\ComboFix.exe
[2012/01/06 21:13:55 | 000,000,512 | ---- | M] () -- C:\Documents and Settings\Becki Price\Desktop\MBR.dat
[2012/01/06 17:05:07 | 000,000,802 | ---- | M] () -- C:\Documents and Settings\Becki Price\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes Anti-Malware.lnk
[2012/01/06 17:05:07 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012/01/06 16:55:36 | 000,000,177 | ---- | M] () -- C:\Documents and Settings\Becki Price\Desktop\rk-proxy.reg
[2012/01/06 13:54:53 | 004,713,472 | ---- | M] (AVAST Software) -- C:\Documents and Settings\Becki Price\Desktop\aswMBR.exe
[2012/01/06 13:34:00 | 000,000,868 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2012/01/06 11:32:13 | 000,607,260 | R--- | M] (Swearware) -- C:\Documents and Settings\Becki Price\Desktop\dds.scr
[2012/01/06 11:07:56 | 000,302,592 | ---- | M] () -- C:\Documents and Settings\Becki Price\Desktop\7tegdzu6.exe
[2012/01/06 10:54:16 | 000,002,187 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Safari.lnk
[2012/01/05 16:49:37 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Becki Price\Desktop\TFC.exe
[2012/01/05 12:36:27 | 000,160,350 | ---- | M] () -- F:\Documents and Settings\Becki Price\My Documents\New Folder\JavaRa.zip
[2012/01/05 00:00:09 | 000,491,794 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/01/05 00:00:09 | 000,090,484 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012/01/03 01:09:59 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/12/28 22:05:34 | 000,103,378 | ---- | M] () -- F:\Documents and Settings\Becki Price\My Documents\New Folder\Inv_36563_from_Know_Him.pdf
[2011/12/28 11:33:26 | 000,668,445 | ---- | M] () -- F:\Documents and Settings\Becki Price\My Documents\New Folder\newsletter-2011.jpg
[2011/12/27 20:55:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/12/27 20:27:12 | 002,251,142 | ---- | M] () -- F:\Documents and Settings\Becki Price\My Documents\New Folder\traceycopeapp.pdf
[2011/12/27 19:16:37 | 000,738,800 | ---- | M] () -- F:\Documents and Settings\Becki Price\My Documents\New Folder\MoneyGuardReserveAgentGuide.pdf
[2011/12/27 17:23:57 | 000,311,158 | ---- | M] () -- F:\Documents and Settings\Becki Price\My Documents\New Folder\GASafeReturnClientbrochure.zip
[2011/12/27 15:43:49 | 000,082,474 | ---- | M] () -- F:\Documents and Settings\Becki Price\My Documents\New Folder\GA_SafeReturn_Illustration.pdf
[2011/12/27 10:04:43 | 000,126,976 | ---- | M] () -- C:\Documents and Settings\Becki Price\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/12/26 12:38:15 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\MozyHome Status.lnk
[2011/12/22 14:02:15 | 000,933,666 | ---- | M] () -- F:\Documents and Settings\Becki Price\My Documents\New Folder\UMMNewsJanuary2012.pdf
[2011/12/22 07:56:06 | 000,205,415 | ---- | M] () -- F:\Documents and Settings\Becki Price\My Documents\New Folder\E&O2012.pdf
[2011/12/21 11:50:38 | 000,050,604 | ---- | M] () -- F:\Documents and Settings\Becki Price\My Documents\New Folder\CommunionCommittee2012.zip
[2011/12/21 11:22:57 | 001,239,329 | ---- | M] () -- F:\Documents and Settings\Becki Price\My Documents\New Folder\ROCKskinnycrosswoyouthretreat.pdf
[2011/12/21 11:20:41 | 007,850,396 | ---- | M] () -- F:\Documents and Settings\Becki Price\My Documents\New Folder\rockSkinnyCrosslc.eps
[2011/12/17 15:36:54 | 000,095,666 | ---- | M] () -- F:\Documents and Settings\Becki Price\My Documents\New Folder\ROCKlogo CL.zip
[2011/12/16 15:53:14 | 000,030,228 | ---- | M] () -- F:\Documents and Settings\Becki Price\My Documents\New Folder\5385ROCK2012Sweatpantswpockets.pdf
[2011/12/15 15:28:54 | 000,053,947 | ---- | M] () -- F:\Documents and Settings\Becki Price\My Documents\New Folder\scholchristmas2011.jpg
[2011/12/15 15:14:57 | 003,371,426 | ---- | M] () -- F:\Documents and Settings\Becki Price\My Documents\New Folder\BaltimoreRock.zip
[2011/12/15 15:00:35 | 000,134,856 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2011/12/15 15:00:35 | 000,074,640 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2011/12/15 15:00:35 | 000,036,000 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avkmgr.sys
[2011/12/15 14:11:49 | 000,144,923 | ---- | M] () -- F:\Documents and Settings\Becki Price\My Documents\New Folder\BECKIPRICE-SUNGLASSESORDERFORM.pdf
[2011/12/15 10:16:30 | 000,025,362 | ---- | M] () -- F:\Documents and Settings\Becki Price\My Documents\New Folder\Husband1-1-12-PAIndquote.zip
[2011/12/15 10:02:15 | 000,030,219 | ---- | M] () -- F:\Documents and Settings\Becki Price\My Documents\New Folder\5385ROCK2012Sweatpants.pdf
[2011/12/14 11:13:48 | 000,141,021 | ---- | M] () -- F:\Documents and Settings\Becki Price\My Documents\New Folder\FinQuest.pdf
[2011/12/13 20:38:17 | 000,047,081 | ---- | M] () -- F:\Documents and Settings\Becki Price\My Documents\New Folder\PMSCOLORS298C,278C.pdf
[2011/12/13 18:22:41 | 000,152,411 | ---- | M] () -- F:\Documents and Settings\Becki Price\My Documents\New Folder\PMSCOLORS298C,278C.zip
[2011/12/13 16:30:31 | 000,487,133 | ---- | M] () -- F:\Documents and Settings\Becki Price\My Documents\New Folder\Agent_Licensing_Packet_January_2011.pdf
[2011/12/13 15:23:44 | 000,037,888 | ---- | M] () -- F:\Documents and Settings\Becki Price\My Documents\New Folder\samplebadge.dot
[2011/12/13 12:34:29 | 000,060,582 | ---- | M] () -- F:\Documents and Settings\Becki Price\My Documents\New Folder\ROCKskinnycross LOGOlisa.zip
[2011/12/13 12:26:51 | 000,060,582 | ---- | M] () -- F:\Documents and Settings\Becki Price\My Documents\New Folder\SkinnyCrossInWordDoc.zip
[2011/12/13 12:04:55 | 000,281,775 | ---- | M] () -- F:\Documents and Settings\Becki Price\My Documents\New Folder\OEUMCWorshipAttendance13Dec.pdf
[2011/12/10 15:24:06 | 000,020,464 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/01/07 19:54:55 | 000,001,707 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Avira Control Center.lnk
[2012/01/07 16:23:50 | 087,264,656 | ---- | C] () -- C:\Documents and Settings\Becki Price\Desktop\avira_free_antivirus_en.exe
[2012/01/07 13:35:53 | 000,010,457 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.hta
[2012/01/07 13:35:53 | 000,001,771 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.css
[2012/01/07 13:35:52 | 000,613,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplayer.chm
[2012/01/07 13:35:52 | 000,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud7.wav
[2012/01/07 13:35:52 | 000,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud6.wav
[2012/01/07 13:35:52 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud9.wav
[2012/01/07 13:35:52 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud8.wav
[2012/01/07 13:35:52 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud3.wav
[2012/01/07 13:35:52 | 000,086,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud5.wav
[2012/01/07 13:35:52 | 000,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud4.wav
[2012/01/07 13:35:52 | 000,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud2.wav
[2012/01/07 13:35:52 | 000,067,374 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplayer.adm
[2012/01/07 13:35:52 | 000,023,195 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplay.chm
[2012/01/07 13:35:52 | 000,000,855 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpocm.inf
[2012/01/07 13:35:52 | 000,000,420 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmploc.js
[2012/01/07 13:35:51 | 000,572,557 | ---- | C] () -- C:\WINDOWS\System32\dllcache\rtuner.wmv
[2012/01/07 13:35:51 | 000,375,519 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nuskin.wmv
[2012/01/07 13:35:51 | 000,354,468 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud1.wav
[2012/01/07 13:35:51 | 000,300,969 | ---- | C] () -- C:\WINDOWS\System32\dllcache\viz.wmv
[2012/01/07 13:35:51 | 000,077,307 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plyr_err.chm
[2012/01/07 13:35:51 | 000,066,725 | ---- | C] () -- C:\WINDOWS\System32\dllcache\revert.wmz
[2012/01/07 13:35:51 | 000,029,070 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmp.inf
[2012/01/07 13:35:51 | 000,023,829 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tourbg.gif
[2012/01/07 13:35:51 | 000,022,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npds.zip
[2012/01/07 13:35:51 | 000,017,489 | ---- | C] () -- C:\WINDOWS\System32\dllcache\videobg.gif
[2012/01/07 13:35:51 | 000,017,272 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmdm.inf
[2012/01/07 13:35:51 | 000,008,677 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm7.gif
[2012/01/07 13:35:51 | 000,007,892 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm9.gif
[2012/01/07 13:35:51 | 000,007,636 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm2.gif
[2012/01/07 13:35:51 | 000,007,369 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm4.gif
[2012/01/07 13:35:51 | 000,006,769 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmfsdk.inf
[2012/01/07 13:35:51 | 000,006,241 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm3.gif
[2012/01/07 13:35:51 | 000,006,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm6.gif
[2012/01/07 13:35:51 | 000,005,789 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm1.gif
[2012/01/07 13:35:51 | 000,005,290 | ---- | C] () -- C:\WINDOWS\System32\dllcache\vidsamp.gif
[2012/01/07 13:35:51 | 000,004,193 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm8.gif
[2012/01/07 13:35:51 | 000,003,187 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tour.js
[2012/01/07 13:35:51 | 000,002,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm5.gif
[2012/01/07 13:35:51 | 000,002,469 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplay.gif
[2012/01/07 13:35:51 | 000,002,450 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpause.gif
[2012/01/07 13:35:51 | 000,002,375 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplayh.gif
[2012/01/07 13:35:51 | 000,002,371 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpauseh.gif
[2012/01/07 13:35:51 | 000,001,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst6.wpl
[2012/01/07 13:35:51 | 000,001,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst5.wpl
[2012/01/07 13:35:51 | 000,001,474 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst3.wpl
[2012/01/07 13:35:51 | 000,001,451 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst12.wpl
[2012/01/07 13:35:51 | 000,001,448 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst4.wpl
[2012/01/07 13:35:51 | 000,001,398 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taon.gif
[2012/01/07 13:35:51 | 000,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taonh.gif
[2012/01/07 13:35:51 | 000,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoff.gif
[2012/01/07 13:35:51 | 000,001,367 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoffh.gif
[2012/01/07 13:35:51 | 000,001,250 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst1.wpl
[2012/01/07 13:35:51 | 000,001,148 | ---- | C] () -- C:\WINDOWS\System32\dllcache\snd.htm
[2012/01/07 13:35:51 | 000,001,049 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst2.wpl
[2012/01/07 13:35:51 | 000,001,046 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst7.wpl
[2012/01/07 13:35:51 | 000,001,036 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst8.wpl
[2012/01/07 13:35:51 | 000,000,908 | ---- | C] () -- C:\WINDOWS\System32\dllcache\skins.inf
[2012/01/07 13:35:51 | 000,000,789 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst11.wpl
[2012/01/07 13:35:51 | 000,000,787 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst10.wpl
[2012/01/07 13:35:51 | 000,000,784 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst9.wpl
[2012/01/07 13:35:51 | 000,000,783 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst13.wpl
[2012/01/07 13:35:51 | 000,000,775 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst14.wpl
[2012/01/07 13:35:51 | 000,000,733 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst15.wpl
[2012/01/07 13:35:50 | 000,457,607 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mdlib.wmv
[2012/01/07 13:35:50 | 000,381,425 | ---- | C] () -- C:\WINDOWS\System32\dllcache\copycd.wmv
[2012/01/07 13:35:50 | 000,184,959 | ---- | C] () -- C:\WINDOWS\System32\dllcache\compact.wmz
[2012/01/07 13:35:50 | 000,018,286 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.inf
[2012/01/07 13:35:50 | 000,009,585 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.css
[2012/01/07 13:35:50 | 000,008,298 | ---- | C] () -- C:\WINDOWS\System32\dllcache\contents.htm
[2012/01/07 13:35:50 | 000,006,878 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.js
[2012/01/07 13:35:50 | 000,005,971 | ---- | C] () -- C:\WINDOWS\System32\dllcache\events.js
[2012/01/07 13:35:50 | 000,002,778 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogoh.gif
[2012/01/07 13:35:50 | 000,002,545 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogo.gif
[2012/01/07 13:35:50 | 000,000,999 | ---- | C] () -- C:\WINDOWS\System32\dllcache\bktrh.gif
[2012/01/07 13:35:50 | 000,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnth.gif
[2012/01/07 13:35:50 | 000,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnt.gif
[2012/01/07 13:35:50 | 000,000,772 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cntd.gif
[2012/01/07 13:35:50 | 000,000,760 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapph.gif
[2012/01/07 13:35:50 | 000,000,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapp.gif
[2012/01/07 13:35:50 | 000,000,403 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npdrmv2.zip
[2012/01/07 13:31:58 | 000,844,314 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdxm.ocx
[2012/01/07 13:31:58 | 000,004,126 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdxmlc.dll
[2012/01/06 21:25:07 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2012/01/06 21:25:02 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2012/01/06 21:23:26 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2012/01/06 21:23:26 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2012/01/06 21:23:26 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2012/01/06 21:23:26 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2012/01/06 21:23:26 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2012/01/06 21:13:55 | 000,000,512 | ---- | C] () -- C:\Documents and Settings\Becki Price\Desktop\MBR.dat
[2012/01/06 17:05:07 | 000,000,802 | ---- | C] () -- C:\Documents and Settings\Becki Price\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes Anti-Malware.lnk
[2012/01/06 17:05:07 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012/01/06 16:55:36 | 000,000,177 | ---- | C] () -- C:\Documents and Settings\Becki Price\Desktop\rk-proxy.reg
[2012/01/06 11:07:54 | 000,302,592 | ---- | C] () -- C:\Documents and Settings\Becki Price\Desktop\7tegdzu6.exe
[2012/01/05 12:36:31 | 000,160,350 | ---- | C] () -- F:\Documents and Settings\Becki Price\My Documents\New Folder\JavaRa.zip
[2011/12/30 17:45:57 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/12/30 17:28:47 | 000,013,048 | -HS- | C] () -- C:\Documents and Settings\Becki Price\Local Settings\Application Data\43m33wg567uyjpn54h0pl6p0ukt3t4fgbrmc4g5f8d234
[2011/12/30 17:28:47 | 000,013,036 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\43m33wg567uyjpn54h0pl6p0ukt3t4fgbrmc4g5f8d234
[2011/12/28 22:05:33 | 000,103,378 | ---- | C] () -- F:\Documents and Settings\Becki Price\My Documents\New Folder\Inv_36563_from_Know_Him.pdf
[2011/12/28 11:33:25 | 000,668,445 | ---- | C] () -- F:\Documents and Settings\Becki Price\My Documents\New Folder\newsletter-2011.jpg
[2011/12/27 20:27:10 | 002,251,142 | ---- | C] () -- F:\Documents and Settings\Becki Price\My Documents\New Folder\traceycopeapp.pdf
[2011/12/27 19:16:36 | 000,738,800 | ---- | C] () -- F:\Documents and Settings\Becki Price\My Documents\New Folder\MoneyGuardReserveAgentGuide.pdf
[2011/12/27 17:23:57 | 000,311,158 | ---- | C] () -- F:\Documents and Settings\Becki Price\My Documents\New Folder\GASafeReturnClientbrochure.zip
[2011/12/27 15:43:49 | 000,082,474 | ---- | C] () -- F:\Documents and Settings\Becki Price\My Documents\New Folder\GA_SafeReturn_Illustration.pdf
[2011/12/26 12:38:15 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\MozyHome Status.lnk
[2011/12/22 14:02:14 | 000,933,666 | ---- | C] () -- F:\Documents and Settings\Becki Price\My Documents\New Folder\UMMNewsJanuary2012.pdf
[2011/12/22 07:56:05 | 000,205,415 | ---- | C] () -- F:\Documents and Settings\Becki Price\My Documents\New Folder\E&O2012.pdf
[2011/12/21 11:50:38 | 000,050,604 | ---- | C] () -- F:\Documents and Settings\Becki Price\My Documents\New Folder\CommunionCommittee2012.zip
[2011/12/21 11:22:56 | 001,239,329 | ---- | C] () -- F:\Documents and Settings\Becki Price\My Documents\New Folder\ROCKskinnycrosswoyouthretreat.pdf
[2011/12/21 11:20:36 | 007,850,396 | ---- | C] () -- F:\Documents and Settings\Becki Price\My Documents\New Folder\rockSkinnyCrosslc.eps
[2011/12/17 15:36:54 | 000,095,666 | ---- | C] () -- F:\Documents and Settings\Becki Price\My Documents\New Folder\ROCKlogo CL.zip
[2011/12/16 15:53:14 | 000,030,228 | ---- | C] () -- F:\Documents and Settings\Becki Price\My Documents\New Folder\5385ROCK2012Sweatpantswpockets.pdf
[2011/12/15 15:28:54 | 000,053,947 | ---- | C] () -- F:\Documents and Settings\Becki Price\My Documents\New Folder\scholchristmas2011.jpg
[2011/12/15 15:14:55 | 003,371,426 | ---- | C] () -- F:\Documents and Settings\Becki Price\My Documents\New Folder\BaltimoreRock.zip
[2011/12/15 14:11:48 | 000,144,923 | ---- | C] () -- F:\Documents and Settings\Becki Price\My Documents\New Folder\BECKIPRICE-SUNGLASSESORDERFORM.pdf
[2011/12/15 10:16:30 | 000,025,362 | ---- | C] () -- F:\Documents and Settings\Becki Price\My Documents\New Folder\Husband1-1-12-PAIndquote.zip
[2011/12/15 10:02:15 | 000,030,219 | ---- | C] () -- F:\Documents and Settings\Becki Price\My Documents\New Folder\5385ROCK2012Sweatpants.pdf
[2011/12/14 11:13:47 | 000,141,021 | ---- | C] () -- F:\Documents and Settings\Becki Price\My Documents\New Folder\FinQuest.pdf
[2011/12/13 20:38:17 | 000,047,081 | ---- | C] () -- F:\Documents and Settings\Becki Price\My Documents\New Folder\PMSCOLORS298C,278C.pdf
[2011/12/13 18:22:41 | 000,152,411 | ---- | C] () -- F:\Documents and Settings\Becki Price\My Documents\New Folder\PMSCOLORS298C,278C.zip
[2011/12/13 16:30:31 | 000,487,133 | ---- | C] () -- F:\Documents and Settings\Becki Price\My Documents\New Folder\Agent_Licensing_Packet_January_2011.pdf
[2011/12/13 15:23:43 | 000,037,888 | ---- | C] () -- F:\Documents and Settings\Becki Price\My Documents\New Folder\samplebadge.dot
[2011/12/13 12:34:28 | 000,060,582 | ---- | C] () -- F:\Documents and Settings\Becki Price\My Documents\New Folder\ROCKskinnycross LOGOlisa.zip
[2011/12/13 12:26:51 | 000,060,582 | ---- | C] () -- F:\Documents and Settings\Becki Price\My Documents\New Folder\SkinnyCrossInWordDoc.zip
[2011/12/13 12:04:54 | 000,281,775 | ---- | C] () -- F:\Documents and Settings\Becki Price\My Documents\New Folder\OEUMCWorshipAttendance13Dec.pdf
[2011/09/19 14:30:37 | 001,156,976 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2011/03/24 21:35:25 | 000,000,061 | ---- | C] () -- C:\WINDOWS\TaxACT10.ini
[2010/10/16 14:28:12 | 000,139,524 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2010/09/01 09:43:12 | 000,000,012 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2009/12/16 17:45:47 | 000,000,256 | ---- | C] () -- C:\WINDOWS\System32\pool.bin
[2009/09/03 10:45:11 | 000,000,052 | ---- | C] () -- C:\WINDOWS\intuprof.ini
[2009/08/27 13:47:14 | 000,142,067 | ---- | C] () -- C:\WINDOWS\hpwins05.dat
[2009/08/04 15:42:48 | 000,000,000 | ---- | C] () -- C:\WINDOWS\UNIVMGR.INI
[2009/08/03 14:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2009/08/03 14:07:42 | 000,230,768 | ---- | C] () -- C:\WINDOWS\System32\OGAEXEC.exe
[2008/06/25 10:57:39 | 000,090,643 | ---- | C] () -- C:\WINDOWS\hpiins01.dat
[2008/06/25 10:57:39 | 000,000,000 | ---- | C] () -- C:\WINDOWS\hpimdl01.dat
[2008/02/19 01:33:34 | 000,446,352 | ---- | C] () -- C:\WINDOWS\System32\OpenQuicktimeLib.dll
[2007/09/21 22:22:58 | 000,000,000 | ---- | C] () -- C:\WINDOWS\setup32.INI
[2006/09/20 03:25:44 | 000,012,416 | ---- | C] () -- C:\WINDOWS\hpwscr05.dat
[2006/09/18 14:50:24 | 000,000,044 | ---- | C] () -- C:\WINDOWS\liveup.ini
[2006/09/10 14:48:58 | 000,004,428 | ---- | C] () -- C:\WINDOWS\POWERUP.INI
[2006/09/07 14:41:04 | 000,003,953 | ---- | C] () -- C:\WINDOWS\hpwmdl05.dat
[2006/08/28 17:11:23 | 000,005,459 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2006/07/13 12:34:49 | 000,000,221 | ---- | C] () -- C:\WINDOWS\NCLogConfig.ini
[2006/07/13 10:29:37 | 000,000,206 | ---- | C] () -- C:\WINDOWS\HPGdiPlus.ini
[2006/07/12 06:57:29 | 000,000,134 | ---- | C] () -- C:\Documents and Settings\Becki Price\Local Settings\Application Data\fusioncache.dat
[2006/07/10 15:19:04 | 000,077,824 | R--- | C] () -- C:\WINDOWS\System32\hpzids01.dll
[2006/07/10 15:09:16 | 000,109,142 | ---- | C] () -- C:\WINDOWS\hpoins08.dat
[2006/07/10 15:09:16 | 000,007,577 | ---- | C] () -- C:\WINDOWS\hpomdl08.dat
[2006/01/04 14:53:45 | 000,003,146 | ---- | C] () -- C:\WINDOWS\7thLevel.ini
[2005/12/25 18:42:53 | 000,000,709 | ---- | C] () -- C:\WINDOWS\IHEALTH.INI
[2005/12/25 18:42:53 | 000,000,347 | ---- | C] () -- C:\WINDOWS\valuterm.ini
[2005/12/07 17:45:23 | 000,001,341 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2005/11/09 10:29:42 | 000,050,272 | ---- | C] () -- C:\WINDOWS\System32\drivers\atnt40k.sys
[2005/05/30 15:46:08 | 000,126,976 | ---- | C] () -- C:\Documents and Settings\Becki Price\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2005/05/25 03:45:04 | 000,172,032 | ---- | C] () -- C:\WINDOWS\System32\dmvm.dll
[2005/05/17 16:08:12 | 000,006,915 | ---- | C] () -- C:\WINDOWS\System32\LANGMON.DLL
[2005/05/14 16:37:04 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2005/05/09 18:25:20 | 000,000,101 | ---- | C] () -- C:\WINDOWS\upst.ini
[2005/05/09 18:25:20 | 000,000,024 | ---- | C] () -- C:\WINDOWS\atid.ini
[2005/05/08 21:56:50 | 000,061,678 | ---- | C] () -- C:\Documents and Settings\Becki Price\Application Data\PFP110JPR.{PB
[2005/05/08 21:56:50 | 000,012,358 | ---- | C] () -- C:\Documents and Settings\Becki Price\Application Data\PFP110JCM.{PB
[2005/05/07 17:17:31 | 000,000,890 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005/05/07 12:37:42 | 000,000,024 | ---- | C] () -- C:\WINDOWS\qfnonl.ini
[2005/05/07 12:33:01 | 000,000,258 | ---- | C] () -- C:\WINDOWS\System32\BDEMERGE.INI
[2005/05/07 12:14:08 | 000,000,751 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI
[2005/05/07 12:14:07 | 000,006,838 | ---- | C] () -- C:\WINDOWS\ICOADB32.DAT
[2005/05/07 11:42:27 | 000,012,983 | ---- | C] () -- C:\WINDOWS\System32\MpUpMon.dll
[2005/05/06 21:20:02 | 000,000,012 | ---- | C] () -- C:\WINDOWS\iomqs2.dat
[2005/05/06 21:18:30 | 000,126,976 | ---- | C] () -- C:\WINDOWS\System32\e1000msg.dll
[2005/05/06 20:40:56 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2005/05/06 20:32:48 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2005/05/06 20:25:01 | 000,000,715 | ---- | C] () -- C:\WINDOWS\aolback.exe.lnk
[2005/05/06 20:22:46 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2005/05/06 18:42:46 | 000,000,288 | ---- | C] () -- C:\WINDOWS\System32\DVCStateBkp-{00000002-00000000-00000002-00001102-00000004-10031102}.dat
[2005/05/06 18:42:46 | 000,000,288 | ---- | C] () -- C:\WINDOWS\System32\DVCState-{00000002-00000000-00000002-00001102-00000004-10031102}.dat
[2005/05/06 18:30:48 | 000,000,231 | ---- | C] () -- C:\WINDOWS\AC3API.INI
[2005/05/06 18:30:46 | 001,048,576 | ---- | C] () -- C:\WINDOWS\System32\SFMAN.DAT
[2005/05/06 18:29:01 | 000,066,807 | ---- | C] () -- C:\WINDOWS\System32\Aud2_Del.ini
[2005/05/06 18:29:01 | 000,000,030 | ---- | C] () -- C:\WINDOWS\System32\ctzapxx.ini
[2005/05/06 18:28:55 | 000,232,723 | ---- | C] () -- C:\WINDOWS\System32\ctstatic.dat
[2005/05/06 18:28:54 | 000,190,842 | ---- | C] () -- C:\WINDOWS\System32\ctdlang.dat
[2005/05/06 18:28:54 | 000,110,720 | ---- | C] () -- C:\WINDOWS\System32\CTBASICW.DAT
[2005/05/06 18:28:54 | 000,053,674 | ---- | C] () -- C:\WINDOWS\System32\ctdaught.dat
[2005/05/06 18:28:53 | 000,138,716 | ---- | C] () -- C:\WINDOWS\System32\ctbas2w.dat
[2005/05/06 18:28:50 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\REGPLIB.EXE
[2005/05/06 18:28:49 | 000,184,320 | ---- | C] () -- C:\WINDOWS\PSCONV.EXE
[2005/05/06 18:28:49 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\KILLAPPS.EXE
[2005/05/06 18:28:49 | 000,005,515 | ---- | C] () -- C:\WINDOWS\System32\ENSDEF.INI
[2005/05/06 18:28:49 | 000,000,180 | ---- | C] () -- C:\WINDOWS\System32\KILL.INI
[2005/05/06 18:28:41 | 000,000,184 | ---- | C] () -- C:\WINDOWS\System32\e000001.dat
[2005/05/06 18:28:30 | 000,831,600 | ---- | C] () -- C:\WINDOWS\System32\Ctaa1.dat
[2005/05/06 18:27:16 | 000,000,136 | ---- | C] () -- C:\WINDOWS\SBWIN.INI
[2005/05/06 13:26:48 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2005/05/06 13:25:36 | 000,590,976 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2005/03/17 11:26:24 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\BackupFileSet.dll
[2003/11/20 16:39:58 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2003/07/16 11:48:28 | 000,004,594 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2003/07/16 11:48:27 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2003/07/16 11:35:07 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2003/07/16 11:35:06 | 000,491,794 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2003/07/16 11:35:05 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2003/07/16 11:35:03 | 000,090,484 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2003/07/16 11:33:18 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2003/07/16 11:28:25 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2003/07/16 11:28:14 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2003/07/16 11:21:49 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2003/07/16 11:20:48 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2003/01/07 17:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2001/07/06 15:30:00 | 000,003,399 | ---- | C] () -- C:\WINDOWS\System32\hptcpmon.ini
[1997/07/11 02:00:00 | 000,022,016 | ---- | C] () -- C:\WINDOWS\System32\DOCOBJ.DLL
[1997/07/11 02:00:00 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\HLINKPRX.DLL

========== LOP Check ==========

[2009/09/05 19:24:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Allstate
[2009/11/17 19:24:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg9
[2009/01/22 22:21:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Canon
[2010/12/08 13:43:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Flip Video
[2008/07/12 17:53:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MapQuest Toolbar
[2011/10/26 10:00:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Musicnotes
[2011/03/09 17:03:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Napster
[2010/03/19 13:04:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TaxCut
[2005/05/06 20:24:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2007/11/01 10:16:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZip
[2010/09/08 11:35:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009/10/24 13:25:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Becki Price\Application Data\AVG9
[2010/12/10 11:17:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Becki Price\Application Data\Blackberry Desktop
[2008/10/23 08:11:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Becki Price\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2008/07/31 18:28:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Becki Price\Application Data\Costco Photo Viewer US
[2009/10/19 12:32:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Becki Price\Application Data\CVS
[2008/12/31 08:15:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Becki Price\Application Data\ICACLIENT
[2011/06/03 15:24:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Becki Price\Application Data\Image Zone Express
[2005/06/07 14:56:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Becki Price\Application Data\Leadertech
[2005/08/03 13:35:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Becki Price\Application Data\OurPictures
[2009/12/16 17:45:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Becki Price\Application Data\Research In Motion
[2008/02/14 11:09:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Becki Price\Application Data\System Tweaker
[2010/03/19 13:09:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Becki Price\Application Data\TaxCut
[2005/06/07 11:52:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Becki Price\Application Data\Template
[2004/02/19 00:14:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Becki Price\Application Data\Uniblue
[2007/02/08 08:53:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Becki Price\Application Data\Viewpoint
[2009/04/22 08:57:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Becki Price\Application Data\webex
[2012/01/06 22:13:50 | 000,000,236 | ---- | M] () -- C:\WINDOWS\Tasks\OGALogon.job

========== Purity Check ==========



========== Custom Scans ==========


< #13 14 Minutes Ago >

< Broni >

< Malware Annihilator Location: Daly City, CA >

< Member since: Feb 2010, 20,171 posts >

< System specs >

< >

< Looks good >

< >

< How is computer doing? >

< >

< Download OTL to your Desktop. >

< >

< •Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted. >

< •Click the Scan All Users checkbox. >

< •Under the Custom Scan box paste this in: >

< >

< >
 
< %SYSTEMDRIVE%\*.* >
[2000/09/07 16:41:34 | 000,028,160 | ---- | M] () -- C:\'99-'00 parents' e-mail.wdb
[2000/02/13 14:44:46 | 000,032,256 | ---- | M] () -- C:\'99-'00 with street addresses.wdb
[2004/11/04 23:09:24 | 000,081,996 | ---- | M] () -- C:\001_JN04coverart.jpg
[2005/01/28 19:23:16 | 000,118,012 | ---- | M] () -- C:\0043795-R1-028-12A_12.jpg
[2001/05/30 11:08:12 | 000,095,108 | ---- | M] () -- C:\00Tour Itinerary.zip
[2000/12/05 14:35:38 | 000,021,504 | ---- | M] () -- C:\01-02SchoolCalendar[1].doc
[2000/02/10 21:23:20 | 000,020,992 | ---- | M] () -- C:\02.doc
[2005/01/15 19:56:46 | 000,253,440 | ---- | M] () -- C:\04-resume-rev3.doc
[2006/08/13 14:26:19 | 000,402,456 | ---- | M] () -- C:\05ttaxlast.tax
[2005/02/28 19:29:04 | 000,329,654 | ---- | M] () -- C:\100_3823a.jpg
[1996/11/11 19:55:58 | 000,001,300 | ---- | M] () -- C:\111796.WPS
[1996/04/19 13:15:14 | 000,002,708 | ---- | M] () -- C:\1STTOUR.WPS
[1996/04/19 13:15:58 | 000,002,970 | ---- | M] () -- C:\1STTOUR1.WPS
[2000/10/27 11:10:04 | 000,010,240 | ---- | M] () -- C:\2001adults.wdb
[2000/09/05 12:24:00 | 000,022,016 | ---- | M] () -- C:\2001schedule.doc
[2004/05/18 10:43:24 | 000,298,202 | ---- | M] () -- C:\2002 TAXA.TAX
[2003/09/17 23:50:44 | 000,322,684 | ---- | M] () -- C:\2002 TAXFINAL.tax
[2004/11/16 09:31:22 | 000,360,187 | ---- | M] () -- C:\2003 WALTER-PRICE R TAX RETURN.TAX
[2005/02/04 22:59:00 | 000,284,100 | ---- | M] () -- C:\2005AnnualComplianceQuestionnaire.zip
[2005/03/01 22:09:28 | 000,034,356 | ---- | M] () -- C:\2005MENU.tif
[2005/01/19 11:10:14 | 000,007,727 | ---- | M] () -- C:\2PFIT_1[1].pdf
[2005/01/14 13:35:29 | 000,007,688 | ---- | M] () -- C:\2PFIT_2[1].pdf
[1996/02/22 21:13:40 | 000,002,580 | ---- | M] () -- C:\396.WPS
[1995/12/03 04:34:16 | 000,001,440 | ---- | M] () -- C:\40.WPS
[2005/02/03 23:56:32 | 000,194,417 | ---- | M] () -- C:\4girls.mhp
[2003/06/03 17:38:38 | 000,006,144 | ---- | M] () -- C:\603housing.wdb
[1996/02/23 19:23:48 | 000,002,458 | ---- | M] () -- C:\6GRADE.WPS
[2000/08/11 13:08:10 | 000,019,968 | ---- | M] () -- C:\6thgradeoops.doc
[2005/05/09 21:20:23 | 000,167,848 | ---- | M] () -- C:\735.pdf
[1996/02/08 20:33:06 | 000,002,074 | ---- | M] () -- C:\96DATES.WPS
[1996/01/02 16:16:48 | 000,001,946 | ---- | M] () -- C:\96SCHED.WPS
[1998/02/26 19:06:12 | 000,001,946 | ---- | M] () -- C:\98SONGS.WPS
[2002/05/07 13:10:42 | 000,019,456 | ---- | M] () -- C:\990.doc
[2001/08/17 21:12:16 | 000,032,256 | ---- | M] () -- C:\9900addresses.wdb
[2001/08/17 21:11:50 | 000,028,160 | ---- | M] () -- C:\9900parents.wdb
[2001/08/09 11:49:30 | 000,028,160 | ---- | M] () -- C:\9900parentsemail.wdb
[2002/05/07 13:37:22 | 000,020,992 | ---- | M] () -- C:\990a.doc
[2000/04/26 21:07:50 | 000,040,448 | ---- | M] () -- C:\99Addresses.xls
[2000/04/26 21:12:50 | 000,025,643 | ---- | M] () -- C:\99parents.dbf
[2000/04/26 21:14:20 | 000,028,160 | ---- | M] () -- C:\99parents.wdb
[2000/04/26 21:13:52 | 000,028,160 | ---- | M] () -- C:\99parents3.wdb
[2002/02/26 13:20:44 | 000,026,112 | ---- | M] () -- C:\ABC.doc
[2005/01/08 12:20:54 | 000,020,992 | ---- | M] () -- C:\ABCnames.doc
[1998/05/01 04:12:22 | 000,001,556 | ---- | M] () -- C:\ABSENT.WPS
[2003/03/06 14:13:02 | 000,006,144 | ---- | M] () -- C:\absomove.wdb
[2003/03/07 11:11:54 | 000,006,144 | ---- | M] () -- C:\absomoveW.wdb
[2000/06/15 09:54:26 | 000,022,016 | ---- | M] () -- C:\AC FOLKS.doc
[2005/05/14 12:47:42 | 004,445,253 | ---- | M] () -- C:\AC2005003.zip
[2000/04/27 23:19:28 | 000,013,889 | ---- | M] () -- C:\addresses4.txt
[2001/04/17 10:11:26 | 000,022,016 | ---- | M] () -- C:\ADELE LINDAHL.doc
[2001/12/03 15:10:30 | 000,021,504 | ---- | M] () -- C:\adele.doc
[2001/04/17 10:16:36 | 000,019,968 | ---- | M] () -- C:\adele2.doc
[2003/03/06 12:55:38 | 000,022,016 | ---- | M] () -- C:\adele303.doc
[2005/03/15 10:14:57 | 000,021,504 | ---- | M] () -- C:\Adele305.doc
[2005/03/21 17:32:20 | 000,020,992 | ---- | M] () -- C:\adele305co.doc
[2004/08/19 15:56:26 | 000,023,552 | ---- | M] () -- C:\adele804.doc
[2003/09/05 13:08:58 | 000,023,552 | ---- | M] () -- C:\adele903.doc
[2002/02/08 10:37:26 | 000,020,992 | ---- | M] () -- C:\adeleacct.doc
[2005/05/03 07:09:06 | 000,019,456 | ---- | M] () -- C:\adeleLBL.doc
[2004/01/27 10:29:58 | 000,020,992 | ---- | M] () -- C:\ADI103.doc
[2005/01/25 15:09:57 | 000,053,035 | ---- | M] () -- C:\ADICompliance-dental&vision.pdf
[2004/02/18 12:39:26 | 000,020,992 | ---- | M] () -- C:\ADIdi.doc
[2004/02/18 12:55:58 | 000,020,480 | ---- | M] () -- C:\ADIlife.doc
[2004/01/29 11:15:26 | 000,019,968 | ---- | M] () -- C:\adiua.doc
[2003/09/16 12:57:18 | 000,021,504 | ---- | M] () -- C:\adult info1.doc
[2000/02/17 16:09:58 | 000,020,480 | ---- | M] () -- C:\adultchoir.doc
[2004/04/23 20:21:04 | 000,022,016 | ---- | M] () -- C:\Adulthealthinfo.doc
[2001/05/29 11:57:42 | 000,019,456 | ---- | M] () -- C:\ADULTROOMS01.doc
[2004/11/12 20:00:28 | 000,019,968 | ---- | M] () -- C:\adults04tour.doc
[2003/11/12 13:20:54 | 000,020,992 | ---- | M] () -- C:\advent03.doc
[2004/10/26 12:01:58 | 000,022,528 | ---- | M] () -- C:\advent04.doc
[2004/06/09 20:21:58 | 000,455,851 | ---- | M] () -- C:\African University Choir Live CD
[2001/03/02 10:37:14 | 072,828,928 | ---- | M] () -- C:\AFRICASHOW.ppt
[1995/09/06 17:08:42 | 000,001,300 | ---- | M] () -- C:\AGAPE#S.WPS
[1995/08/04 14:46:00 | 000,002,452 | ---- | M] () -- C:\AGAPE1.WPS
[1995/08/20 17:54:20 | 000,002,452 | ---- | M] () -- C:\AGAPE2.WPS
[1996/09/29 23:05:32 | 000,002,324 | ---- | M] () -- C:\AGAPE3.WPS
[1995/09/07 17:39:50 | 000,002,580 | ---- | M] () -- C:\AGAPE5.WPS
[1996/08/18 01:17:10 | 000,002,714 | ---- | M] () -- C:\AGAPE96.WPS
[1996/09/30 14:55:54 | 000,001,300 | ---- | M] () -- C:\AGAPE97.WPS
[1997/09/17 18:06:56 | 000,002,208 | ---- | M] () -- C:\AGAPSCH.WPS
[2004/05/14 15:16:48 | 000,022,528 | ---- | M] () -- C:\AIMkoreaadults.doc
[1995/09/12 09:44:04 | 000,002,330 | ---- | M] () -- C:\AIRFORCE.WPS
[2000/05/20 20:17:58 | 000,022,528 | ---- | M] () -- C:\airplanes.xls
[2004/03/22 16:22:50 | 000,164,177 | ---- | M] () -- C:\ALBINOCHILDQUESTION.pdf
[2004/08/26 21:32:38 | 000,024,064 | ---- | M] () -- C:\alex.doc
[2002/02/11 16:50:52 | 000,019,456 | ---- | M] () -- C:\alfred202.doc
[2005/03/01 15:24:41 | 000,211,484 | ---- | M] () -- C:\AlfredHouse-IMC.pdf
[1999/10/03 23:29:00 | 000,002,584 | ---- | M] () -- C:\ALISHA.CHR
[2001/11/12 10:21:56 | 000,019,456 | ---- | M] () -- C:\All I Really.doc
[2000/09/19 16:15:10 | 000,019,456 | ---- | M] () -- C:\all in all.doc
[1996/06/16 14:47:10 | 000,001,044 | ---- | M] () -- C:\ALLINALL.WPS
[2001/04/24 10:57:38 | 000,010,240 | ---- | M] () -- C:\Alt gifts.wdb
[2001/04/21 12:16:38 | 000,006,656 | ---- | M] () -- C:\alternative gifts.wdb
[2002/09/18 11:04:48 | 000,023,040 | ---- | M] () -- C:\amex.doc
[2003/12/09 19:16:36 | 000,022,528 | ---- | M] () -- C:\Amex1.doc
[1999/08/21 15:32:24 | 000,001,844 | ---- | M] () -- C:\AMNOT.CHR
[2004/11/12 14:02:02 | 000,021,504 | ---- | M] () -- C:\amyK1104.doc
[2005/02/10 19:12:40 | 001,411,072 | ---- | M] () -- C:\Animaladas.pps
[2003/06/20 10:27:34 | 000,020,480 | ---- | M] () -- C:\annconfsmell.doc
[2004/06/28 10:46:00 | 000,019,456 | ---- | M] () -- C:\anneIRA.doc
[2003/12/30 23:30:56 | 000,023,040 | ---- | M] () -- C:\ANNUAL CONFERENCE LOOP.doc
[2000/04/04 13:42:26 | 000,020,480 | ---- | M] () -- C:\ANNUITY PERFORMANCE COMPARISON.doc
[1998/10/29 12:51:10 | 000,020,480 | ---- | M] () -- C:\Another Soldier.doc
[2004/02/12 22:35:52 | 000,020,480 | ---- | M] () -- C:\Another Soldier1.doc
[2000/12/11 22:30:16 | 000,019,968 | ---- | M] () -- C:\Anthem.doc
[1994/03/17 20:20:08 | 000,003,878 | ---- | M] () -- C:\AOAS.WPS
[2008/04/08 09:38:33 | 000,010,920 | ---- | M] () -- C:\aolconnfix.exe
[2008/04/08 09:38:33 | 000,001,039 | ---- | M] () -- C:\aolconnfix.txt
[2005/01/13 18:07:28 | 002,204,672 | ---- | M] () -- C:\APlaceCalledEarth.pps
[1999/09/23 13:00:52 | 000,001,996 | ---- | M] () -- C:\ARCHER.CHR
[2005/02/28 13:38:04 | 000,025,600 | ---- | M] () -- C:\argo.doc
[1999/08/21 15:08:00 | 000,001,640 | ---- | M] () -- C:\ARNIA.CHR
[2001/02/06 16:34:14 | 000,019,968 | ---- | M] () -- C:\at&t.doc
[2001/02/08 15:49:12 | 000,019,456 | ---- | M] () -- C:\at&t2.doc
[2002/06/28 15:45:22 | 000,004,545 | ---- | M] () -- C:\attach3
[2002/04/27 18:52:42 | 000,013,824 | ---- | M] () -- C:\attend0102.wdb
[2001/11/15 21:45:50 | 000,017,408 | ---- | M] () -- C:\attend3.wdb
[2001/09/24 09:21:52 | 000,023,773 | ---- | M] () -- C:\Attendan95.zip
[2002/06/27 14:14:14 | 000,014,848 | ---- | M] () -- C:\Attendance02.wdb
[2001/12/02 19:38:52 | 000,014,848 | ---- | M] () -- C:\Attendancex2.wdb
[2005/05/06 20:35:39 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2002/03/01 08:48:12 | 000,020,992 | ---- | M] () -- C:\Awesome God.doc
[2004/03/22 16:29:46 | 000,268,550 | ---- | M] () -- C:\BabyfoldPictures.zip
[2000/01/26 14:02:50 | 000,024,064 | ---- | M] () -- C:\band addresses.wdb
[2001/09/25 09:15:36 | 000,019,968 | ---- | M] () -- C:\BAND REH 9-25.doc
[1995/08/31 00:11:22 | 000,002,708 | ---- | M] () -- C:\BAND.WPS
[2000/09/23 14:50:20 | 000,019,456 | ---- | M] () -- C:\band923.doc
[2001/06/07 15:18:22 | 000,019,456 | ---- | M] () -- C:\BARRETTE WEAVER.doc
[2002/07/30 12:09:22 | 000,019,968 | ---- | M] () -- C:\BBandBHInterimNeeds.doc
[2000/02/03 08:42:26 | 000,020,480 | ---- | M] () -- C:\bc.doc
[2005/02/22 12:19:27 | 000,715,694 | ---- | M] () -- C:\BCBS.zip
[2002/06/05 17:20:32 | 000,014,336 | ---- | M] () -- C:\bd labels.wps
[2002/06/05 16:03:20 | 000,012,288 | ---- | M] () -- C:\BD list.wdb
[2004/09/13 13:58:14 | 000,012,288 | ---- | M] () -- C:\BD list03.wdb
[2000/09/20 22:43:32 | 000,012,326 | ---- | M] () -- C:\Becki2.zip
[2000/09/23 14:09:14 | 000,029,696 | ---- | M] () -- C:\Becki3.wdb
[2000/11/09 22:27:34 | 000,035,840 | ---- | M] () -- C:\becki3plus.wdb
[2000/09/27 14:30:36 | 000,031,232 | ---- | M] () -- C:\becki3plus1.wdb
[2001/05/31 09:50:32 | 000,034,304 | ---- | M] () -- C:\becki3plus3.wdb
[2001/01/07 15:44:04 | 000,012,288 | ---- | M] () -- C:\becki3roster.wdb
[2000/09/22 22:05:58 | 000,029,696 | ---- | M] () -- C:\becki4.wdb
[2005/03/30 09:24:10 | 000,091,427 | ---- | M] () -- C:\Becky.jpg
[2003/02/17 13:28:22 | 000,020,480 | ---- | M] () -- C:\ben.doc
[2003/02/17 13:33:28 | 000,023,552 | ---- | M] () -- C:\ben1.doc
[2005/03/14 16:12:46 | 000,046,587 | ---- | M] () -- C:\Bene_Change_Form.pdf
[2001/04/01 18:15:58 | 000,020,992 | ---- | M] () -- C:\bequest.doc
[2005/04/04 15:58:53 | 001,596,252 | ---- | M] () -- C:\BestCommercialEver.mpg
[2004/09/20 14:08:28 | 000,025,600 | ---- | M] () -- C:\beyourfriend.doc
[2000/09/22 13:11:20 | 000,019,456 | ---- | M] () -- C:\BICENTENNIAL.doc
[2002/10/21 16:10:00 | 000,020,480 | ---- | M] () -- C:\bien1002.doc
[2001/02/28 16:22:06 | 000,019,456 | ---- | M] () -- C:\biensotckltd.doc
[2000/12/13 14:48:18 | 000,020,480 | ---- | M] () -- C:\bienstock.doc
[2001/03/05 20:14:26 | 000,020,480 | ---- | M] () -- C:\bienstock2.doc
[2001/02/26 10:54:22 | 000,019,456 | ---- | M] () -- C:\bienstockltc.doc
[2001/02/28 16:22:10 | 000,019,456 | ---- | M] () -- C:\bienstockoe.doc
[2004/04/21 15:04:10 | 000,027,648 | ---- | M] () -- C:\Bishop Christopher Jokomo.doc
[1998/07/21 23:48:00 | 000,021,504 | ---- | M] () -- C:\Bishop Felton E.doc
[2000/11/24 13:27:06 | 000,020,992 | ---- | M] () -- C:\Bishop jokomo.doc
[2000/11/24 13:26:06 | 000,022,016 | ---- | M] () -- C:\Bishop May.doc
[2003/10/13 13:28:26 | 000,021,504 | ---- | M] () -- C:\bishop1003.doc
[2004/04/21 16:39:54 | 000,019,968 | ---- | M] () -- C:\bishopdarkes.doc
[2003/10/14 11:44:14 | 000,027,648 | ---- | M] () -- C:\bishopscouncil.doc
[2003/10/20 12:26:12 | 000,019,968 | ---- | M] () -- C:\bishopsongs.doc
[2005/04/21 22:05:18 | 000,022,016 | ---- | M] () -- C:\bishopUFC.doc
[2002/06/03 15:04:14 | 000,020,480 | ---- | M] () -- C:\bishopweaver.doc
[2000/02/14 19:26:58 | 000,022,528 | ---- | M] () -- C:\Bishop_sPanel[1].doc
[1998/02/05 20:24:54 | 000,002,202 | ---- | M] () -- C:\BISHSEC.WPS
[1998/01/29 18:59:42 | 000,007,680 | ---- | M] () -- C:\BISREPLY.DOC
[1997/04/08 15:08:40 | 000,004,250 | ---- | M] () -- C:\BLDG.WPS
[1997/10/17 20:00:54 | 000,002,836 | ---- | M] () -- C:\BLDGROG.WPS
[1994/12/05 13:45:14 | 000,001,556 | ---- | M] () -- C:\BLEAK.WPS
[2005/05/08 22:25:20 | 000,019,968 | ---- | M] () -- C:\Bless Your Name.doc
[1993/10/17 19:14:02 | 000,002,464 | ---- | M] () -- C:\BLESS.WPS
[2002/01/15 19:04:52 | 000,174,462 | ---- | M] () -- C:\blessing.BMP
[2002/02/08 13:07:14 | 001,620,054 | ---- | M] () -- C:\blessing1.BMP
[2001/02/19 14:25:26 | 000,020,992 | ---- | M] () -- C:\bobbo.doc
[2004/08/19 15:23:58 | 000,019,456 | ---- | M] () -- C:\bonneville.doc
[2005/10/31 22:01:20 | 000,000,211 | ---- | M] () -- C:\Boot.bak
[2012/01/06 21:25:07 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2001/11/14 15:20:40 | 000,019,456 | ---- | M] () -- C:\BORLAND.doc
[1998/03/11 19:52:44 | 000,001,818 | ---- | M] () -- C:\BRASS.WPS
[2001/05/03 16:15:30 | 000,024,064 | ---- | M] () -- C:\brett.doc
[1994/07/02 22:20:24 | 000,004,384 | ---- | M] () -- C:\BRING.WPS
[1994/07/14 14:07:46 | 000,002,202 | ---- | M] () -- C:\BRING1.WPS
[2000/11/03 11:56:46 | 000,019,968 | ---- | M] () -- C:\bropleh.doc
[2002/09/10 17:03:26 | 000,019,456 | ---- | M] () -- C:\Bryan life.doc
[1995/09/08 00:47:30 | 000,001,178 | ---- | M] () -- C:\BUDGET.WPS
[1996/02/17 14:38:50 | 000,001,178 | ---- | M] () -- C:\BUDGET1.WPS
[1995/09/08 00:46:38 | 000,001,044 | ---- | M] () -- C:\BUDGET2.WPS
[1994/09/01 13:42:22 | 000,002,470 | ---- | M] () -- C:\BUDGET95.WPS
[1996/04/21 12:59:10 | 000,001,178 | ---- | M] () -- C:\BUDGET97.WPS
[2001/03/23 09:24:22 | 000,004,715 | ---- | M] () -- C:\bulawayo.txt
[2001/11/12 13:25:00 | 000,019,456 | ---- | M] () -- C:\burkeprfi.doc
[2001/11/12 13:25:58 | 000,019,456 | ---- | M] () -- C:\burkepri.doc
[2001/11/12 13:16:08 | 000,019,456 | ---- | M] () -- C:\burketa.doc
[1994/07/13 19:02:46 | 000,002,202 | ---- | M] () -- C:\BUS.WPS
[2002/12/12 09:51:22 | 000,021,504 | ---- | M] () -- C:\bush.doc
[2004/02/25 11:53:30 | 000,027,648 | ---- | M] () -- C:\BWC YMP Proposal.doc
[2001/10/29 13:17:18 | 000,023,552 | ---- | M] () -- C:\bwcirsadd.doc
[2003/06/13 16:43:10 | 000,012,800 | ---- | M] () -- C:\BYCRmList.xls
[2003/06/06 12:58:04 | 000,019,968 | ---- | M] () -- C:\byronire.doc
[2004/11/21 22:39:56 | 000,025,088 | ---- | M] () -- C:\C&W Minutes 11.18.04.doc
[2002/09/26 10:44:38 | 000,019,456 | ---- | M] () -- C:\cabinets.doc
[1995/12/05 01:33:50 | 000,001,172 | ---- | M] () -- C:\CAITHNES.WPS
[2000/02/08 11:06:58 | 000,020,480 | ---- | M] () -- C:\calendar.doc
[1995/11/14 14:24:58 | 000,001,824 | ---- | M] () -- C:\CALENDAR.WPS
[2000/02/16 18:44:54 | 000,019,968 | ---- | M] () -- C:\calendar1.doc
[1994/04/04 14:58:08 | 000,002,714 | ---- | M] () -- C:\CALL.WPS
[2001/05/04 19:06:26 | 000,019,456 | ---- | M] () -- C:\calthru626.doc
[2002/10/16 18:26:40 | 000,020,992 | ---- | M] () -- C:\cantliveaday.doc
[2003/06/12 15:51:12 | 000,019,968 | ---- | M] () -- C:\canyons.doc
[1995/06/29 07:06:00 | 000,002,458 | ---- | M] () -- C:\CATHY.WPS
[2004/09/29 14:46:54 | 000,020,480 | ---- | M] () -- C:\CB.doc
[1995/03/26 15:34:04 | 000,001,812 | ---- | M] () -- C:\CBN.WPS
[2005/04/12 06:53:55 | 000,021,504 | ---- | M] () -- C:\CCOM Video.doc
[2000/03/17 01:53:56 | 000,028,672 | ---- | M] () -- C:\ccomreport.doc
[2000/03/17 02:04:04 | 000,027,648 | ---- | M] () -- C:\ccomreport1.doc
[2003/12/30 22:43:02 | 000,020,480 | ---- | M] () -- C:\ccym news.doc
[2004/05/26 09:16:48 | 000,044,649 | ---- | M] () -- C:\CCYMAnnConf2k4Finalbill.zip
[2002/08/20 12:54:26 | 000,019,456 | ---- | M] () -- C:\cd802.doc
[2002/08/22 12:28:08 | 000,016,539 | ---- | M] () -- C:\cdback02.std
[2002/08/23 10:33:08 | 000,523,604 | ---- | M] () -- C:\cdback02fox.jpg
[2003/10/13 12:31:04 | 000,019,456 | ---- | M] () -- C:\cdbcover03.doc
[2002/08/22 09:53:58 | 000,208,896 | ---- | M] () -- C:\cdcover02.jwl
[2002/08/22 17:10:18 | 000,018,268 | ---- | M] () -- C:\cdcover02.std
[2002/08/23 10:29:40 | 000,465,656 | ---- | M] () -- C:\cdcoverfox.jpg
[2002/08/23 10:32:44 | 000,577,532 | ---- | M] () -- C:\cdinside02fox.jpg
[2004/09/01 09:57:40 | 000,025,088 | ---- | M] () -- C:\cdlist904.doc
[2002/08/20 10:26:50 | 000,021,504 | ---- | M] () -- C:\cdlisttour02.doc
[2001/08/24 15:08:30 | 006,256,854 | ---- | M] () -- C:\cdtrail.bmp
[2003/01/17 12:10:42 | 001,577,454 | ---- | M] () -- C:\cecil.BMP
[2000/03/27 23:43:36 | 000,022,528 | ---- | M] () -- C:\Certificate credits.doc
[1995/09/18 20:40:26 | 000,001,684 | ---- | M] () -- C:\CERTS.WPS
[2002/11/21 17:23:20 | 000,021,504 | ---- | M] () -- C:\certs1102.doc
[2000/02/12 12:44:28 | 000,019,456 | ---- | M] () -- C:\cfc.doc
[2002/02/11 20:42:46 | 000,085,504 | ---- | M] () -- C:\CFCNatlApp.doc
[2003/06/18 14:43:06 | 000,020,992 | ---- | M] () -- C:\Chancel Proposal.doc
[2001/02/28 16:21:08 | 000,019,968 | ---- | M] () -- C:\chandler.doc
[2002/10/08 15:54:24 | 000,020,480 | ---- | M] () -- C:\chandler902.doc
[2002/12/24 09:55:48 | 000,020,480 | ---- | M] () -- C:\chandlerAPS.doc
[1996/02/22 16:06:28 | 000,005,658 | ---- | M] () -- C:\CHAPER.WPS
[2002/03/25 18:19:42 | 000,025,088 | ---- | M] () -- C:\chaperonequest.doc
[2002/11/01 09:58:50 | 000,022,016 | ---- | M] () -- C:\charrier1102.doc
[2002/11/01 10:08:48 | 000,019,968 | ---- | M] () -- C:\charrier11022.doc
[2002/06/01 11:26:20 | 000,019,968 | ---- | M] () -- C:\charrierltc.doc
[2002/07/07 14:52:42 | 000,021,504 | ---- | M] () -- C:\charrierltclbl.doc
[2002/07/07 15:01:34 | 000,020,480 | ---- | M] () -- C:\charrierltclblltr.doc
[2001/01/07 16:56:18 | 000,022,528 | ---- | M] () -- C:\Checklist Project.doc
[2000/11/01 09:42:56 | 000,023,040 | ---- | M] () -- C:\CHILD SPONSORSHIP PROGRA1.doc
[2000/09/19 00:10:42 | 000,019,968 | ---- | M] () -- C:\CHILD SPONSORSHIP PROGRAM.doc
[2001/01/04 15:10:40 | 000,019,456 | ---- | M] () -- C:\Childpacket.doc
[2001/01/05 18:56:16 | 000,005,632 | ---- | M] () -- C:\childpacket2.wdb
[2004/06/14 12:37:00 | 000,030,208 | ---- | M] () -- C:\Children'sHousingAssignments.doc
[1993/08/05 14:14:12 | 000,001,562 | ---- | M] () -- C:\CHOIR.WPS
[1993/08/12 14:18:24 | 000,002,074 | ---- | M] () -- C:\CHOIR1.WPS
[1993/08/12 07:38:50 | 000,001,428 | ---- | M] () -- C:\CHOIR2.WPS
[1993/08/12 07:43:24 | 000,000,788 | ---- | M] () -- C:\CHOIR3.WPS
[1993/08/26 10:04:48 | 000,000,788 | ---- | M] () -- C:\CHOIR4.WPS
[1993/09/09 15:01:50 | 000,001,818 | ---- | M] () -- C:\CHOIR54.WPS
[2000/05/15 10:37:42 | 000,023,040 | ---- | M] () -- C:\CHOIRSCHEDULE2000-2001[1].doc
[1995/10/04 00:09:28 | 000,002,586 | ---- | M] () -- C:\CHOREO.WPS
[2000/07/24 12:17:02 | 000,027,648 | ---- | M] () -- C:\Christmas Story.doc
[2000/12/21 16:39:54 | 000,026,112 | ---- | M] () -- C:\christmasletter00.doc
[2000/04/07 11:54:08 | 000,020,480 | ---- | M] () -- C:\Churches in Florida.doc
[2003/02/04 16:56:02 | 000,020,480 | ---- | M] () -- C:\churchestour03.doc
[1995/07/31 15:13:34 | 000,001,178 | ---- | M] () -- C:\CI.WPS
[2003/08/27 09:54:28 | 000,019,456 | ---- | M] () -- C:\cigna.doc
[2005/03/07 09:30:51 | 000,178,702 | ---- | M] () -- C:\circle.pdf
[2002/06/03 15:02:12 | 000,019,968 | ---- | M] () -- C:\ciufc.doc
[2004/05/17 09:26:06 | 000,020,480 | ---- | M] () -- C:\Clap Your Hands.doc
[1997/03/12 16:54:22 | 000,005,664 | ---- | M] () -- C:\CLARA.WPS
[2004/08/03 23:00:00 | 000,260,272 | RHS- | M] () -- C:\cmldr
[2001/09/28 09:46:20 | 000,019,968 | ---- | M] () -- C:\cohen.doc
[2002/03/27 19:23:00 | 000,020,480 | ---- | M] () -- C:\cohen302.doc
[2003/08/06 18:53:16 | 000,020,480 | ---- | M] () -- C:\colby.doc
[2001/01/09 09:11:26 | 000,024,064 | ---- | M] () -- C:\com101.doc
[2012/01/07 09:00:03 | 000,016,866 | ---- | M] () -- C:\ComboFix.txt
[2002/06/03 17:55:10 | 000,020,992 | ---- | M] () -- C:\comp intl.doc
[1998/03/22 22:15:34 | 000,002,074 | ---- | M] () -- C:\COMP98.WPS
[2000/08/21 16:54:58 | 000,041,472 | ---- | M] () -- C:\COMPASS.doc
[1997/01/04 03:05:46 | 000,002,781 | ---- | M] () -- C:\COMPASS.WPD
[2002/05/17 15:19:24 | 000,019,456 | ---- | M] () -- C:\COMPASSION INTERNATIONA1.doc
[2000/03/28 12:53:26 | 000,025,600 | ---- | M] () -- C:\COMPASSION INTERNATIONAL.doc
[2000/02/10 11:29:34 | 000,026,624 | ---- | M] () -- C:\compassion.doc
[2003/03/13 17:07:10 | 000,022,528 | ---- | M] () -- C:\COMPASSIONblurb.doc
[2005/02/12 14:27:53 | 000,009,165 | ---- | M] () -- C:\compassionconcertplanninglist.wpd
[1998/02/07 07:30:10 | 000,007,066 | ---- | M] () -- C:\COMPUM.WPS
[2001/06/18 22:49:24 | 000,019,456 | ---- | M] () -- C:\conc01order.doc
[2002/04/21 11:07:30 | 000,019,456 | ---- | M] () -- C:\CONC102.doc
[2002/04/21 11:09:32 | 000,019,456 | ---- | M] () -- C:\CONC202.doc
[1995/05/10 20:18:28 | 000,001,690 | ---- | M] () -- C:\CONC695.WPS
[2004/06/10 08:52:58 | 000,022,528 | ---- | M] () -- C:\CONCERT 04.doc
[2001/06/03 15:11:26 | 000,020,480 | ---- | M] () -- C:\Concert 2001tentative order.doc
[2002/03/14 11:12:36 | 000,019,968 | ---- | M] () -- C:\Concert Possibilities2002.doc
[2000/03/15 09:12:34 | 000,022,528 | ---- | M] () -- C:\concert songs.doc
[2001/02/22 16:02:06 | 000,019,456 | ---- | M] () -- C:\concert01.doc
[2002/03/03 16:35:58 | 000,019,968 | ---- | M] () -- C:\concert02.doc
[2002/03/04 22:06:48 | 000,019,456 | ---- | M] () -- C:\concertflyer.doc
[2005/03/18 14:10:20 | 000,019,456 | ---- | M] () -- C:\concertflyer4.doc
[2001/03/07 17:26:20 | 000,024,064 | ---- | M] () -- C:\concertkids.doc
[2001/12/13 15:21:22 | 000,020,992 | ---- | M] () -- C:\Condo Scenarios.doc
[2000/12/08 10:46:50 | 000,019,968 | ---- | M] () -- C:\condos.doc
[2000/03/03 10:57:40 | 000,020,992 | ---- | M] () -- C:\CONFERENCE YOUTH COUNCIL.doc
[2005/05/06 20:35:39 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2002/08/07 10:53:06 | 000,020,992 | ---- | M] () -- C:\confirmation01.doc
[2001/03/17 15:19:30 | 000,229,376 | ---- | M] () -- C:\confirmation2001graphics[1].doc
[2001/03/16 22:45:58 | 000,044,032 | ---- | M] () -- C:\confirmation2001[1].doc
[2004/06/29 10:38:54 | 000,020,992 | ---- | M] () -- C:\cookies04.doc
[1996/02/04 13:58:04 | 000,002,068 | ---- | M] () -- C:\Copy (2) of JN296.WPS
[2000/11/06 10:35:56 | 000,020,480 | ---- | M] () -- C:\Copy (2) of LONG TERM CARE BENEFITS COMPARISON.doc
[2004/11/09 23:00:18 | 000,019,968 | ---- | M] () -- C:\Copy (2) of Lord I Believe in You.doc
[2000/09/27 22:23:04 | 000,019,968 | ---- | M] () -- C:\Copy (2) of Lord I Lift,stepbystep.doc
[2003/04/22 00:36:58 | 000,019,968 | ---- | M] () -- C:\Copy (2) of Lordhigh.doc
[1996/06/18 13:24:16 | 000,001,434 | ---- | M] () -- C:\Copy (2) of LORDTHO.WPS
[2001/08/29 13:29:16 | 000,020,480 | ---- | M] () -- C:\Copy (2) of loukides.doc
[2000/03/25 23:25:26 | 000,025,088 | ---- | M] () -- C:\Copy (2) of Love Honor and Obey.doc
[2001/01/07 18:25:04 | 000,021,504 | ---- | M] () -- C:\Copy (2) of Love One Another.doc
[2001/08/09 11:48:28 | 000,022,528 | ---- | M] () -- C:\Copy (2) of ltc.doc
[2001/08/09 04:06:12 | 000,022,528 | ---- | M] () -- C:\Copy (2) of ltcltr.doc
[2001/10/08 14:52:52 | 000,022,528 | ---- | M] () -- C:\Copy (2) of ltcltr1.doc
[1995/04/12 21:11:26 | 000,001,690 | ---- | M] () -- C:\Copy (2) of LUCIAPAR.WPS
[2002/11/22 23:23:10 | 000,024,064 | ---- | M] () -- C:\Copy (2) of lucyinvite.doc
[1999/08/27 00:50:56 | 000,001,924 | ---- | M] () -- C:\Copy (2) of MAGESTUF.CHR
[2000/04/02 14:45:58 | 000,020,992 | ---- | M] () -- C:\Copy (2) of mailing list.doc
[2004/02/18 13:21:10 | 000,251,826 | ---- | M] () -- C:\Copy (2) of makwena.jpg
[2004/08/26 09:55:40 | 000,034,304 | ---- | M] () -- C:\Copy (2) of MakwenyaExpenses.xls
[2000/12/12 22:32:26 | 000,115,200 | ---- | M] () -- C:\Copy (2) of man3.9.doc
[2003/10/21 17:57:14 | 000,022,016 | ---- | M] () -- C:\Copy (3) of lay1003.doc
[2002/01/16 18:20:10 | 000,024,576 | ---- | M] () -- C:\Copy (3) of lighting.doc
[2001/09/21 10:32:06 | 000,019,456 | ---- | M] () -- C:\Copy (3) of lilli.doc
[2001/11/01 16:16:26 | 000,020,480 | ---- | M] () -- C:\Copy (3) of lindagiese.doc
[1995/12/05 01:14:36 | 000,001,818 | ---- | M] () -- C:\Copy (3) of LION.WPS
[2004/09/10 09:21:46 | 000,020,992 | ---- | M] () -- C:\Copy (3) of Litany of Confession.doc
[2000/03/20 18:29:04 | 000,020,480 | ---- | M] () -- C:\Copy (3) of Liturgy for the Children.doc
[2000/10/20 15:42:28 | 000,019,456 | ---- | M] () -- C:\Copy (3) of LONG TERM CARE.doc
[2002/09/04 16:21:42 | 000,020,480 | ---- | M] () -- C:\Copy (3) of tour03bus.doc
[2003/06/08 18:43:24 | 000,021,504 | ---- | M] () -- C:\Copy (3) of tour03itinshort.doc
[2003/04/10 10:23:08 | 000,025,088 | ---- | M] () -- C:\Copy (3) of tour03money.doc
[2003/04/12 16:40:56 | 000,022,016 | ---- | M] () -- C:\Copy (3) of tour03packing.doc
[1994/06/09 13:58:04 | 000,004,250 | ---- | M] () -- C:\Copy (3) of TOUR3.WPS
[2001/05/03 16:15:30 | 000,024,064 | ---- | M] () -- C:\Copy of brett.doc
[2000/11/03 11:56:46 | 000,019,968 | ---- | M] () -- C:\Copy of bropleh.doc
[2002/09/10 17:03:26 | 000,019,456 | ---- | M] () -- C:\Copy of Bryan life.doc
[2001/11/12 13:25:00 | 000,019,456 | ---- | M] () -- C:\Copy of burkeprfi.doc
[2001/11/12 13:25:58 | 000,019,456 | ---- | M] () -- C:\Copy of burkepri.doc
[2001/11/12 13:16:08 | 000,019,456 | ---- | M] () -- C:\Copy of burketa.doc
[2002/12/12 09:51:22 | 000,021,504 | ---- | M] () -- C:\Copy of bush.doc
[2004/02/25 11:53:30 | 000,027,648 | ---- | M] () -- C:\Copy of BWC YMP Proposal.doc
[2003/10/13 12:17:12 | 000,023,552 | ---- | M] () -- C:\Copy of Copy of tour03songs.doc
[2001/08/01 02:24:12 | 000,019,968 | ---- | M] () -- C:\Copy of manna.doc
[2001/06/05 12:41:10 | 000,020,992 | ---- | M] () -- C:\Copy of manna01.doc
[2002/05/28 14:31:50 | 000,019,456 | ---- | M] () -- C:\Copy of manna02.doc
[2000/11/20 21:48:18 | 000,103,936 | ---- | M] () -- C:\Copy of manual.doc
[2000/12/13 11:40:00 | 000,029,184 | ---- | M] () -- C:\Copy of ride.php
[2003/10/27 14:39:48 | 000,084,480 | ---- | M] () -- C:\Copy of RIDER-DEYO10-9-03.doc
[2000/02/07 07:58:38 | 000,021,504 | ---- | M] () -- C:\Copy of Right Now.doc
[2001/11/05 11:17:36 | 000,020,992 | ---- | M] () -- C:\Copy of riserinstruct.doc
[2001/03/28 15:35:32 | 000,022,016 | ---- | M] () -- C:\Copy of ritz.doc
[2002/01/10 15:52:16 | 000,020,992 | ---- | M] () -- C:\Copy of rivertopray.doc
[2002/03/28 15:04:14 | 000,022,016 | ---- | M] () -- C:\Copy of ROCK2003.doc
[2003/05/18 22:27:14 | 000,010,240 | ---- | M] () -- C:\Copy of tour03SW.wdb
[2003/05/18 22:27:40 | 000,010,240 | ---- | M] () -- C:\Copy of tour03UAL.wdb
[2004/05/20 19:28:06 | 000,025,088 | ---- | M] () -- C:\Copy of tour04churchesonly.doc
[2000/12/06 23:21:48 | 000,022,528 | ---- | M] () -- C:\corozza letter.doc
[2005/04/23 13:02:34 | 000,022,016 | ---- | M] () -- C:\council420.doc
[2001/11/13 14:46:56 | 000,019,968 | ---- | M] () -- C:\coventry.doc
[2002/06/03 12:01:18 | 000,020,480 | ---- | M] () -- C:\crescencia.doc
[1995/09/15 14:11:36 | 000,001,824 | ---- | M] () -- C:\CREW.WPS
[1997/08/12 20:43:40 | 000,002,580 | ---- | M] () -- C:\CROFT.WPS
[1995/11/20 03:58:22 | 000,001,684 | ---- | M] () -- C:\CROSS.WPS
[2000/10/11 17:09:44 | 000,019,968 | ---- | M] () -- C:\crump.doc
[2000/10/11 17:17:22 | 000,019,968 | ---- | M] () -- C:\crump2.doc
[2003/06/20 21:47:54 | 000,020,992 | ---- | M] () -- C:\crystal songs.doc
[2002/08/22 17:32:36 | 000,021,504 | ---- | M] () -- C:\crystal.doc
[2001/02/04 17:11:48 | 000,004,704 | ---- | M] () -- C:\currentroster.csv
[2001/02/04 15:11:16 | 000,004,048 | ---- | M] () -- C:\currentroster.txt
[2001/03/07 13:32:20 | 000,012,288 | ---- | M] () -- C:\currentroster.wdb
[2002/11/18 13:40:06 | 000,020,480 | ---- | M] () -- C:\dabbs.doc
[2002/11/14 17:09:22 | 000,026,112 | ---- | M] () -- C:\dabbs1.doc
[2002/11/12 13:08:32 | 000,019,456 | ---- | M] () -- C:\Dabbsbulletin.doc
[2002/11/13 22:56:58 | 000,043,008 | ---- | M] () -- C:\dabbstix.php
[2003/04/07 18:09:16 | 000,019,456 | ---- | M] () -- C:\dalia.doc
[1994/03/21 12:58:42 | 000,000,916 | ---- | M] () -- C:\DANCE.WPS
[2003/11/23 14:24:40 | 000,020,992 | ---- | M] () -- C:\dania.doc
[2003/11/23 16:15:16 | 000,020,480 | ---- | M] () -- C:\DANIA2.DOC
[1995/09/28 18:09:50 | 000,001,952 | ---- | M] () -- C:\DATES.WPS
[1996/06/30 03:33:12 | 000,003,092 | ---- | M] () -- C:\DAVID.WPS
[1996/05/20 19:29:14 | 000,001,300 | ---- | M] () -- C:\DAY.WPS
[1997/08/19 17:59:54 | 000,002,330 | ---- | M] () -- C:\DCLA97.WPS
[2001/04/01 18:28:06 | 000,019,456 | ---- | M] () -- C:\dean.doc
[2004/08/12 12:53:30 | 000,022,016 | ---- | M] () -- C:\Dear Bob.doc
[2000/10/26 14:06:16 | 000,020,992 | ---- | M] () -- C:\Dear Brothers.doc
[2000/06/26 10:14:02 | 000,020,992 | ---- | M] () -- C:\Dear Deb.doc
[2000/02/22 19:53:52 | 000,019,968 | ---- | M] () -- C:\Dear Denny.doc
[2000/06/07 18:35:22 | 000,020,992 | ---- | M] () -- C:\Dear Friend.doc
[2000/10/12 17:07:42 | 000,024,064 | ---- | M] () -- C:\Dear Parent.doc
[2001/02/23 10:46:40 | 000,020,992 | ---- | M] () -- C:\Dear Ray.doc
[2002/02/25 10:57:34 | 000,020,992 | ---- | M] () -- C:\debby.doc
[2004/05/26 10:57:04 | 000,019,456 | ---- | M] () -- C:\dempsey.doc
[1999/10/03 23:29:12 | 000,001,724 | ---- | M] () -- C:\DENNIS.CHR
[1996/04/16 23:13:56 | 000,001,946 | ---- | M] () -- C:\DENVER.WPS
[1997/10/22 16:34:50 | 000,002,714 | ---- | M] () -- C:\DEPOSIT.WPS
[1995/10/18 22:53:40 | 000,001,434 | ---- | M] () -- C:\DEPOSIT1.WPS
[1998/01/13 18:16:02 | 000,001,562 | ---- | M] () -- C:\DERBY.WPS
[2001/11/12 09:47:38 | 000,022,016 | ---- | M] () -- C:\devotion.doc
[2003/02/20 17:35:26 | 000,021,504 | ---- | M] () -- C:\difay.doc
[2002/04/30 18:50:28 | 000,023,552 | ---- | M] () -- C:\dillon.doc
[1999/06/15 16:39:18 | 000,022,016 | ---- | M] () -- C:\DIRECTIONS FOR TOUR 99.doc
[2000/09/28 11:39:32 | 000,020,992 | ---- | M] () -- C:\DIRECTIONS TO TRINITY UMC301.doc
[2002/07/01 16:25:40 | 000,019,968 | ---- | M] () -- C:\directorsschedltr.doc
[2001/02/12 10:28:18 | 000,025,600 | ---- | M] () -- C:\Disciple Celebration at Annual Conference 2001.doc
[2004/07/14 13:10:32 | 000,019,968 | ---- | M] () -- C:\dishreturn.doc
[2000/10/21 23:39:18 | 000,019,968 | ---- | M] () -- C:\Do you like to have fun.doc
[2005/04/07 18:44:30 | 000,070,904 | ---- | M] () -- C:\Doc050407.tif
[2001/02/19 12:55:02 | 000,019,968 | ---- | M] () -- C:\dot lawyer.doc
[2005/01/16 23:03:45 | 000,062,976 | ---- | M] () -- C:\DOUG'sDebriefing.doc
[2000/05/10 21:27:56 | 000,019,456 | ---- | M] () -- C:\dougo.doc
[2001/08/27 16:59:36 | 000,019,968 | ---- | M] () -- C:\drakeufc.doc
[2002/06/05 23:00:52 | 000,010,240 | ---- | M] () -- C:\drivers.wdb
[2000/09/21 09:19:54 | 000,019,968 | ---- | M] () -- C:\dsyouth.doc
[2005/05/12 18:40:17 | 000,526,341 | ---- | M] () -- C:\DUMBESTANTELOPEINAFRICA.mpeg
[2005/03/09 12:20:10 | 000,019,456 | ---- | M] () -- C:\dunlop.doc
[2005/02/11 10:31:06 | 011,059,254 | ---- | M] () -- C:\DVD label Rock 2005.BMP
[2004/11/15 22:42:10 | 000,019,968 | ---- | M] () -- C:\Dying to Reach You.doc
[2005/05/09 21:21:04 | 000,167,848 | ---- | M] () -- C:\E&O.pdf
[2001/11/08 14:59:08 | 000,020,480 | ---- | M] () -- C:\eastport.doc
[1998/10/29 12:58:56 | 000,019,456 | ---- | M] () -- C:\Elijah Rock.doc
[1995/11/30 18:56:08 | 000,002,202 | ---- | M] () -- C:\EMMAN.WPS
[2002/03/27 10:06:00 | 000,025,600 | ---- | M] () -- C:\empirest.doc
[2001/03/07 23:00:48 | 000,020,480 | ---- | M] () -- C:\EQUIPMENT LIST.doc
[2001/09/27 22:09:42 | 000,020,992 | ---- | M] () -- C:\ercards.doc
[2000/11/15 11:18:38 | 000,019,456 | ---- | M] () -- C:\evangconvo.doc
[2001/06/18 17:16:06 | 000,019,456 | ---- | M] () -- C:\ewan.doc
[2004/07/14 13:01:30 | 000,019,456 | ---- | M] () -- C:\ewan704.doc
[2001/10/31 14:19:28 | 000,019,456 | ---- | M] () -- C:\EWANLIST.doc
[2001/10/31 17:21:26 | 000,019,456 | ---- | M] () -- C:\ewanusg.doc
[2000/11/12 23:35:24 | 000,019,968 | ---- | M] () -- C:\EXCITED.doc
[1996/02/20 15:53:32 | 000,001,428 | ---- | M] () -- C:\EXCITED.WPS
[2005/03/01 11:44:58 | 000,863,157 | ---- | M] () -- C:\FAINDIVIDUALNEWACCOUNTAPPLICATION.pdf
[2002/07/14 17:17:08 | 000,025,600 | ---- | M] () -- C:\fairfield702.doc
[2002/07/14 16:48:58 | 000,019,456 | ---- | M] () -- C:\fairfield702A.doc
[2004/01/10 21:24:30 | 000,019,968 | ---- | M] () -- C:\FAITHFEST.doc
[2004/02/16 22:02:44 | 000,088,064 | ---- | M] () -- C:\FaithFestPRO04.doc
[1996/09/23 18:19:48 | 000,001,428 | ---- | M] () -- C:\FALL96.WPS
[2001/09/13 11:10:54 | 000,023,040 | ---- | M] () -- C:\family info sheet.doc
[2002/11/25 19:38:00 | 000,018,944 | ---- | M] () -- C:\familyaddlabels.wps
[2002/11/14 14:16:12 | 000,010,240 | ---- | M] () -- C:\familyaddress.wdb
[2001/08/06 22:28:06 | 000,010,240 | ---- | M] () -- C:\FamilyDirectory.doc
[2001/08/06 22:26:52 | 000,010,752 | ---- | M] () -- C:\FamilyDirectorymiddle.doc
[2001/10/09 16:58:00 | 000,012,288 | ---- | M] () -- C:\FamilyDirectoryTwo2.doc
[2001/08/03 02:04:06 | 000,011,776 | ---- | M] () -- C:\FamilyDirectoryTwo[1].doc
[2001/08/03 02:02:24 | 000,012,288 | ---- | M] () -- C:\FamilyDirectory[1].doc
[1996/02/01 17:49:56 | 000,001,300 | ---- | M] () -- C:\FEB24.WPS
[1996/02/20 18:44:40 | 000,001,562 | ---- | M] () -- C:\FEB25.WPS
[2000/02/17 17:04:00 | 000,019,968 | ---- | M] () -- C:\FEE COMPARISON FOR VARIABLE ANNUITIES.doc
[2005/02/21 23:26:02 | 000,020,480 | ---- | M] () -- C:\feels to be free.doc
[2001/07/22 18:45:52 | 000,020,480 | ---- | M] () -- C:\film flyer.doc
[1995/10/01 00:53:46 | 000,001,300 | ---- | M] () -- C:\FILM.WPS
[2004/10/04 20:14:28 | 000,226,056 | ---- | M] () -- C:\FINAL_DRAFT_DEPREC.pdf
[1993/12/13 17:17:48 | 000,001,556 | ---- | M] () -- C:\FINANCE.WPS
[2004/08/07 14:27:00 | 000,021,504 | ---- | M] () -- C:\FinancialReportforHilltopShalomZone.doc
[1997/11/12 21:49:26 | 000,012,288 | ---- | M] () -- C:\FINDVRS.DOC
[2004/04/12 18:51:16 | 000,010,240 | ---- | M] () -- C:\fininventory1.wdb
[2003/11/15 09:31:38 | 000,036,491 | ---- | M] () -- C:\fish_oil.pdf
[2000/02/07 12:16:02 | 000,019,968 | ---- | M] () -- C:\FLA churches.doc
[2005/02/14 10:50:01 | 000,067,072 | ---- | M] () -- C:\Flyer or Sign1.php
[2001/03/11 17:23:28 | 000,019,456 | ---- | M] () -- C:\flyer.doc
[2001/07/22 18:46:32 | 000,019,456 | ---- | M] () -- C:\flyhomeform.doc
[2004/04/23 22:14:18 | 000,021,504 | ---- | M] () -- C:\flyhomeform1.doc
[2004/05/14 11:27:08 | 000,019,968 | ---- | M] () -- C:\flyhomekorea.doc
[1995/09/19 11:53:48 | 000,002,202 | ---- | M] () -- C:\FOCUS.WPS
[1994/02/13 12:41:46 | 000,001,300 | ---- | M] () -- C:\FOLLOW.WPS
[1997/03/23 20:00:26 | 000,001,428 | ---- | M] () -- C:\FORCE.WPS
[2005/01/07 11:57:44 | 000,015,872 | ---- | M] () -- C:\FortisSalaries2005.xls
[2005/01/27 11:13:06 | 000,033,025 | ---- | M] () -- C:\foru_adeD.jpg
[2004/03/17 11:43:40 | 000,021,504 | ---- | M] () -- C:\fred04.doc
[2001/11/20 15:57:26 | 000,019,456 | ---- | M] () -- C:\friends envelopes.doc
[2005/02/08 09:15:51 | 000,033,280 | ---- | M] () -- C:\friends1.wdb
[2003/05/26 16:22:26 | 000,019,456 | ---- | M] () -- C:\fumc.doc
[2000/09/23 13:51:08 | 000,022,016 | ---- | M] () -- C:\fundraisers.doc
[2002/02/09 21:02:08 | 000,029,184 | ---- | M] () -- C:\FundsTransfer[1].doc
[2002/03/23 10:16:56 | 000,029,184 | ---- | M] () -- C:\FundsTransfer[2].doc
[2005/02/09 09:27:30 | 000,002,217 | ---- | M] () -- C:\Funnysite.eml
[2005/01/13 10:12:03 | 000,058,973 | ---- | M] () -- C:\fw4.zip
[2005/05/02 20:33:42 | 000,100,268 | ---- | M] () -- C:\FwdFwJus.txt
[2005/04/05 13:06:11 | 000,009,518 | ---- | M] () -- C:\FwdFWMen.txt
[2005/04/05 12:55:35 | 000,006,152 | ---- | M] () -- C:\Fwdnosub.txt
[2005/03/20 13:07:39 | 000,010,156 | ---- | M] () -- C:\Fwd_Fw_FW_WABBIT.eml
[2005/02/14 14:18:06 | 000,117,294 | ---- | M] () -- C:\Fwd_Fw_Picturewortha1000words.eml
[2005/03/20 13:08:24 | 000,000,000 | ---- | M] () -- C:\Fwd_Grandpa'sHands.email
[2005/02/11 17:31:45 | 000,014,371 | ---- | M] () -- C:\Fwd_HowoldisGrandma_.eml
[2005/01/31 16:45:17 | 000,720,853 | ---- | M] () -- C:\Fwd_[Fwd_Fw_Coolartthatwillmesswithyourhead....].eml
[2000/03/27 14:41:12 | 000,440,803 | ---- | M] () -- C:\FwEMailT.txt
[2005/02/04 00:17:13 | 000,095,322 | ---- | M] () -- C:\Fw_Emailing_cherishedfriends.email
[2005/04/14 15:56:07 | 000,035,192 | ---- | M] () -- C:\Fw_MSNHotmail-Message.jpg.eml
[2005/04/15 13:11:08 | 000,015,795 | ---- | M] () -- C:\FW_NeverChokeinaSouthernRestaurant..afternoonfunny.eml
[2005/04/04 20:47:55 | 000,004,701 | ---- | M] () -- C:\Fw_ThankYouLord!.eml
[2005/02/04 22:54:32 | 000,023,355 | ---- | M] () -- C:\Fw_TWINKLETWINKLELITTLESTAR.eml
[2005/03/24 20:20:02 | 000,402,300 | ---- | M] () -- C:\FW__Mission_Impossible.zip
[2001/11/08 17:00:38 | 000,019,968 | ---- | M] () -- C:\galema.doc
[2002/07/04 11:14:08 | 000,020,480 | ---- | M] () -- C:\galloway.doc
[2003/02/04 17:06:38 | 000,020,992 | ---- | M] () -- C:\garth.doc
[2003/05/17 12:33:20 | 000,024,064 | ---- | M] () -- C:\garth503.doc
[2000/02/20 23:26:12 | 000,020,480 | ---- | M] () -- C:\Gather at the River.doc
[2003/02/28 16:44:20 | 000,019,456 | ---- | M] () -- C:\gaye303.doc
[2001/10/25 09:20:24 | 000,020,480 | ---- | M] () -- C:\gaylen.doc
[2004/01/11 11:10:34 | 000,025,088 | ---- | M] () -- C:\gbgm104.doc
[2003/12/01 08:33:34 | 000,020,480 | ---- | M] () -- C:\gbgm1203.doc
[2004/03/17 12:09:04 | 000,019,968 | ---- | M] () -- C:\gbgm31704.doc
[2005/03/29 12:17:32 | 000,020,992 | ---- | M] () -- C:\gbgm32905.doc
[2004/05/11 17:57:40 | 000,019,456 | ---- | M] () -- C:\gbgm51204.doc
[2003/10/03 13:44:28 | 000,025,088 | ---- | M] () -- C:\gbgm903.doc
[2004/09/29 15:14:34 | 000,020,480 | ---- | M] () -- C:\gbgm92904.doc
[1995/07/06 11:24:52 | 000,001,178 | ---- | M] () -- C:\GBM1.WPS
[2005/01/18 17:44:20 | 000,461,261 | ---- | M] () -- C:\GeneralInformation-FallPondPicture.zip
[2000/12/19 16:08:32 | 000,012,495 | ---- | M] () -- C:\gil
[2002/07/14 17:06:34 | 000,022,528 | ---- | M] () -- C:\gil702.doc
[2004/04/16 13:27:04 | 000,861,120 | ---- | M] () -- C:\gilpic.jpg
[2001/12/11 10:26:10 | 000,022,528 | ---- | M] () -- C:\Gimbert,Susan.doc
[2005/04/07 20:31:08 | 000,623,545 | ---- | M] () -- C:\GirlScho.mim
[2000/11/12 23:38:10 | 000,019,456 | ---- | M] () -- C:\givethanks.doc
[2004/02/19 09:28:58 | 000,020,992 | ---- | M] () -- C:\Giving My Best.doc
[2004/10/20 11:18:18 | 000,030,720 | ---- | M] () -- C:\givingthanks.doc
[2004/07/15 21:25:36 | 000,019,456 | ---- | M] () -- C:\gladclothes.doc
[2001/04/01 16:09:44 | 000,023,040 | ---- | M] () -- C:\gladman.doc
[2001/11/20 23:03:02 | 000,021,504 | ---- | M] () -- C:\gladmanu4c1101.doc
[2003/10/20 12:00:18 | 000,019,968 | ---- | M] () -- C:\Glorify.doc
[1995/07/06 10:53:00 | 000,001,952 | ---- | M] () -- C:\GMB.WPS
[1994/04/11 07:46:36 | 000,001,952 | ---- | M] () -- C:\GNFS.WPS
[1994/04/12 07:29:26 | 000,001,818 | ---- | M] () -- C:\GNFS1.WPS
[1994/04/12 07:31:50 | 000,001,562 | ---- | M] () -- C:\GNFS2.WPS
[2005/02/21 23:24:40 | 000,020,992 | ---- | M] () -- C:\Go Light Your World.doc
[2002/11/27 11:51:06 | 000,019,968 | ---- | M] () -- C:\Go Tell.doc
[2005/03/15 09:34:01 | 000,019,968 | ---- | M] () -- C:\Go to God in prayer.doc
[2000/08/08 17:29:16 | 000,020,480 | ---- | M] () -- C:\God Loves You.doc
[2004/05/14 13:06:48 | 000,019,456 | ---- | M] () -- C:\GODSPELL.doc
[2005/04/15 13:12:43 | 000,049,491 | ---- | M] () -- C:\goodintentions.jpg
[1999/08/21 15:31:22 | 000,001,896 | ---- | M] () -- C:\GORR II.CHR
[1999/09/21 23:37:28 | 000,002,016 | ---- | M] () -- C:\GORR.CHR
[1992/11/20 11:43:00 | 000,001,306 | ---- | M] () -- C:\GRACE.WPS
[1994/03/14 21:09:12 | 000,001,172 | ---- | M] () -- C:\GRAND.WPS
[2002/06/06 13:28:16 | 000,019,968 | ---- | M] () -- C:\grant$ltr.doc
[2001/10/11 13:57:20 | 000,019,456 | ---- | M] () -- C:\grant.doc
[2002/04/25 16:03:28 | 000,020,480 | ---- | M] () -- C:\granthealth.doc
[2002/04/23 11:55:18 | 000,019,968 | ---- | M] () -- C:\grantlife.doc
[2002/04/25 16:15:48 | 000,019,456 | ---- | M] () -- C:\grantltr.doc
[2002/06/17 17:38:06 | 000,020,992 | ---- | M] () -- C:\grantsltrrev2doc
[1996/11/11 22:57:22 | 000,002,452 | ---- | M] () -- C:\GROUPS.WPS
[2002/03/06 18:50:32 | 001,816,074 | ---- | M] () -- C:\GV5.BMP
[2000/02/25 12:12:02 | 000,111,616 | ---- | M] () -- C:\haiku.doc
[2000/11/09 11:03:42 | 000,019,456 | ---- | M] () -- C:\hams.doc
[2004/11/09 22:04:58 | 000,019,456 | ---- | M] () -- C:\hams1.doc
[1997/09/17 18:44:38 | 000,010,752 | ---- | M] () -- C:\HANDBELL.DOC
[2002/05/15 10:39:26 | 000,021,504 | ---- | M] () -- C:\handout509.doc
[2003/05/29 18:03:22 | 000,020,480 | ---- | M] () -- C:\handout603.doc
[2004/03/22 16:34:34 | 000,041,472 | ---- | M] () -- C:\HARAREEASTSHALOMZONESPROGRAMMES.doc
[2005/03/29 11:17:30 | 000,023,040 | ---- | M] () -- C:\harrell.doc
[2002/04/16 11:38:12 | 000,020,480 | ---- | M] () -- C:\hatch.doc
[2002/05/03 10:07:14 | 000,021,504 | ---- | M] () -- C:\hatch2.doc
[2002/05/13 20:03:22 | 000,019,968 | ---- | M] () -- C:\hatch3.doc
[1999/10/03 23:29:34 | 000,001,916 | ---- | M] () -- C:\HAWKEYE.CHR
[2004/02/26 18:38:48 | 000,019,968 | ---- | M] () -- C:\hawkins204.doc
[2000/10/26 14:38:30 | 000,020,480 | ---- | M] () -- C:\hayride.doc
[2010/01/26 22:23:42 | 000,027,648 | ---- | M] () -- C:\hbeckmail.xls
[2010/01/19 19:01:24 | 000,009,811 | ---- | M] () -- C:\hbeckmail.xlsx
[2004/01/31 17:43:18 | 000,020,480 | ---- | M] () -- C:\Hbeckoutside.doc
[2005/04/18 19:52:43 | 000,020,480 | ---- | M] () -- C:\He Reigns.doc
[2001/11/12 10:22:18 | 000,019,968 | ---- | M] () -- C:\Heal Our Land.doc
[2005/04/23 14:01:46 | 000,023,552 | ---- | M] () -- C:\healthformkids.doc
[2004/05/14 11:23:34 | 000,023,040 | ---- | M] () -- C:\healthkorea.doc
[2001/02/15 16:03:58 | 000,020,992 | ---- | M] () -- C:\hebdon.doc
[2002/08/20 10:03:58 | 000,021,504 | ---- | M] () -- C:\hebdon802.doc
[2001/02/26 16:13:52 | 000,020,992 | ---- | M] () -- C:\hebdonlife.doc
[2005/02/21 23:17:08 | 000,011,075 | ---- | M] () -- C:\HeismineBeyourfriend.doc
[2004/03/22 16:33:04 | 000,622,014 | ---- | M] () -- C:\Helpfuli.mim
[2002/01/25 22:11:16 | 000,021,504 | ---- | M] () -- C:\henley.doc
[2000/04/04 12:21:32 | 000,019,456 | ---- | M] () -- C:\hennessey.doc
[2000/05/26 00:15:58 | 000,019,968 | ---- | M] () -- C:\herald.doc
[2003/09/08 18:00:20 | 000,020,992 | ---- | M] () -- C:\Hi Erick.doc
[2000/08/17 18:21:48 | 000,025,600 | ---- | M] () -- C:\Hi1.doc
[2000/08/17 18:18:52 | 000,025,600 | ---- | M] () -- C:\Hi2.doc
[2000/08/17 18:21:58 | 000,025,600 | ---- | M] () -- C:\Hi3.doc
[1995/10/13 00:14:32 | 000,010,784 | ---- | M] () -- C:\HIGHLITE.WPS
[1994/09/19 10:40:36 | 000,001,684 | ---- | M] () -- C:\HISLOVE.WPS
[2005/01/15 19:57:13 | 000,238,592 | ---- | M] () -- C:\hodsdon.doc
[2002/10/08 16:33:52 | 000,020,480 | ---- | M] () -- C:\holden1002.doc
[2003/07/08 10:16:54 | 000,019,456 | ---- | M] () -- C:\hollidge.doc
[2005/03/07 19:57:49 | 000,030,720 | ---- | M] () -- C:\HolyWeekLogistics2005.doc
[2005/05/03 09:02:59 | 000,019,456 | ---- | M] () -- C:\homecomingconcert.doc
[2004/06/10 08:54:36 | 000,019,456 | ---- | M] () -- C:\homeconcert.doc
[2001/10/11 13:52:14 | 000,020,992 | ---- | M] () -- C:\homelesswalk.doc
[2000/11/30 17:03:40 | 000,025,600 | ---- | M] () -- C:\Honey.doc
[1996/12/18 20:51:56 | 000,001,562 | ---- | M] () -- C:\HORNS.WPS
[1996/12/18 20:52:44 | 000,001,306 | ---- | M] () -- C:\HORNS2.WPS
[2002/03/15 11:33:32 | 000,020,480 | ---- | M] () -- C:\hostchurches.doc
[2005/01/25 15:48:04 | 000,025,600 | ---- | M] () -- C:\hostinfo.doc
[2003/05/07 10:25:48 | 000,031,232 | ---- | M] () -- C:\hostinfo1.doc
[2001/09/27 22:06:06 | 000,021,504 | ---- | M] () -- C:\hostinstructions.doc
[2004/10/01 12:10:20 | 000,022,016 | ---- | M] () -- C:\hostinstructions1.doc
[2002/05/13 19:23:42 | 000,020,480 | ---- | M] () -- C:\HOTEL02.doc
[2002/10/01 13:44:16 | 000,020,480 | ---- | M] () -- C:\hotel902.doc
[2000/06/02 14:24:10 | 000,019,968 | ---- | M] () -- C:\hotels.doc
[2003/08/04 21:38:00 | 000,020,480 | ---- | M] () -- C:\hotels03.doc
[2001/11/21 14:21:24 | 000,023,552 | ---- | M] () -- C:\Hotmail Folder Inbox.doc
[2001/02/23 14:57:34 | 000,002,899 | ---- | M] () -- C:\Hotmail Folder Inbox.txt
[2005/01/24 19:28:59 | 000,020,480 | ---- | M] () -- C:\Houstonchurches.doc
[1999/07/20 13:04:26 | 000,022,016 | ---- | M] () -- C:\How could we keep from singing.doc
[2005/02/14 14:21:32 | 000,205,592 | ---- | M] () -- C:\HT076.jpg
[2001/04/28 20:40:28 | 000,041,472 | ---- | M] () -- C:\humbane.doc
[2002/07/14 17:21:18 | 000,021,504 | ---- | M] () -- C:\humbane702.doc
[2000/02/21 11:48:34 | 000,019,968 | ---- | M] () -- C:\I Believe.doc
[2002/10/28 20:54:04 | 000,019,968 | ---- | M] () -- C:\IA$1002.doc
[2002/10/28 20:55:04 | 000,020,480 | ---- | M] () -- C:\IA$1002maria.DOC
[2002/03/01 11:01:24 | 001,577,454 | ---- | M] () -- C:\ia15.BMP
[2002/03/01 11:00:00 | 001,577,454 | ---- | M] () -- C:\ia2.BMP
[2003/04/01 10:39:28 | 000,020,992 | ---- | M] () -- C:\ibby.doc
[2002/07/30 21:18:08 | 000,013,172 | ---- | M] () -- C:\icyc.txt
[2002/09/09 09:52:12 | 000,022,016 | ---- | M] () -- C:\icyc802.doc
[2002/07/31 22:24:48 | 000,041,472 | ---- | M] () -- C:\ICYCParticipants.xls
[2005/01/19 15:23:14 | 000,033,280 | ---- | M] () -- C:\IlluminationGuidelines.doc
[2005/04/14 15:57:04 | 000,142,595 | ---- | M] () -- C:\IMAGE000.tif
[2005/05/03 23:01:42 | 000,041,905 | ---- | M] () -- C:\image001.jpg
[2005/03/19 20:05:49 | 000,975,505 | ---- | M] () -- C:\image0011123112.zip
[2000/02/22 09:38:10 | 000,022,016 | ---- | M] () -- C:\Important Youth Dates.doc
[2002/09/10 15:34:46 | 000,020,992 | ---- | M] () -- C:\In My Life.doc
[2000/10/11 15:51:02 | 000,026,272 | ---- | M] () -- C:\Inbox.htm
[2000/11/07 09:45:12 | 000,018,880 | ---- | M] () -- C:\Inbox.txt
[1997/10/05 21:23:52 | 000,001,562 | ---- | M] () -- C:\INFANT.WPS
[1998/08/21 16:14:54 | 000,001,568 | ---- | M] () -- C:\INFO.WPS
[2011/02/24 15:07:19 | 000,030,301 | ---- | M] () -- C:\install.log
[2005/04/18 17:41:15 | 000,063,984 | ---- | M] () -- C:\InterestRates--Effective04-18-05.pdf
[1997/12/29 21:06:38 | 000,002,586 | ---- | M] () -- C:\INTERIM.WPS
[1999/08/26 16:18:36 | 000,262,144 | ---- | M] () -- C:\International Program Manual38.doc
[1999/09/01 10:16:46 | 001,123,840 | ---- | M] () -- C:\International Program Manual38B.doc
[2000/10/17 12:46:30 | 000,081,408 | ---- | M] () -- C:\inventory.doc
[2000/11/07 09:44:20 | 000,079,360 | ---- | M] () -- C:\INVENTO[1].doc
[2004/10/11 23:26:36 | 000,028,160 | ---- | M] () -- C:\invite.doc
[2004/04/12 22:03:54 | 000,019,456 | ---- | M] () -- C:\INVOICE.doc
[2005/05/06 20:35:39 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[1996/12/04 21:06:44 | 000,001,172 | ---- | M] () -- C:\IRS.WPS
[2002/02/12 23:50:40 | 000,024,576 | ---- | M] () -- C:\isaacs.doc
[2003/07/29 10:06:04 | 000,472,766 | ---- | M] () -- C:\isheanesu803.pdf
[2003/12/27 19:18:50 | 000,551,668 | ---- | M] () -- C:\IsheAnesuNewsletterDecember2003.zip
[2001/04/01 16:59:56 | 000,020,992 | ---- | M] () -- C:\ITINERARY April 2001.doc
[2001/04/01 19:06:30 | 000,020,480 | ---- | M] () -- C:\ITINERARY FOR APRIL 7.doc
[2001/01/10 16:53:34 | 000,025,088 | ---- | M] () -- C:\ITINERARY.doc
[2000/02/23 16:24:52 | 000,020,480 | ---- | M] () -- C:\itinerary2000.doc
[2002/05/17 11:37:08 | 000,020,480 | ---- | M] () -- C:\its his love.doc
 
[2004/11/15 10:15:22 | 000,025,088 | ---- | M] () -- C:\jack1004.doc
[2004/11/19 19:43:40 | 000,020,992 | ---- | M] () -- C:\jack1104.doc
[2001/07/19 10:25:52 | 000,019,968 | ---- | M] () -- C:\james tabinski.doc
[1994/01/16 14:17:12 | 000,001,556 | ---- | M] () -- C:\JANJN.WPS
[2012/01/05 12:50:56 | 000,026,976 | ---- | M] () -- C:\JavaRa.log
[1997/07/24 05:56:26 | 000,002,068 | ---- | M] () -- C:\JDAY.WPS
[2005/01/28 11:40:51 | 001,728,103 | ---- | M] () -- C:\JEC-BCBS.zip
[2005/02/14 11:00:36 | 001,272,780 | ---- | M] () -- C:\JEC-Fortis.zip
[2005/04/18 19:57:08 | 000,019,968 | ---- | M] () -- C:\Jesus MakeWay.doc
[1995/10/16 12:51:44 | 000,001,428 | ---- | M] () -- C:\JESUS.WPS
[2004/09/20 14:07:00 | 000,020,992 | ---- | M] () -- C:\JesusAnswer.doc
[2003/05/23 22:05:34 | 000,019,968 | ---- | M] () -- C:\JesusBThere.doc
[2003/07/02 15:14:48 | 000,020,992 | ---- | M] () -- C:\jimmys03.doc
[2004/08/30 17:26:02 | 000,019,968 | ---- | M] () -- C:\JN 04-04 SONGS.doc
[2000/02/16 18:43:58 | 000,019,456 | ---- | M] () -- C:\JN 9-26 Go Light Your Worldby Chris Rice.doc
[2003/09/11 17:07:50 | 000,020,992 | ---- | M] () -- C:\JN SONGS 2003-2004.doc
[2000/09/11 16:56:38 | 000,011,071 | ---- | M] () -- C:\JN! 00-01 89.zip
[2000/09/22 22:06:28 | 000,021,504 | ---- | M] () -- C:\JN! 00-01 school distrib..doc
[2001/12/02 19:20:36 | 000,033,792 | ---- | M] () -- C:\jn! allinfo00-01.wdb
[2002/11/13 15:16:46 | 000,034,304 | ---- | M] () -- C:\JN! Alumni02.wdb
[2003/01/14 18:08:58 | 000,024,576 | ---- | M] () -- C:\JN! inventory0103.xls
[2003/06/18 13:15:18 | 000,034,078 | ---- | M] () -- C:\JN! Tour 2003 Contacts.doc
[2003/06/16 23:35:42 | 000,027,136 | ---- | M] () -- C:\JN! Tour 2003 Eqt case list.doc
[2002/06/27 14:15:58 | 000,040,960 | ---- | M] () -- C:\JN!01-02.wdb
[2002/04/20 12:57:44 | 000,049,664 | ---- | M] () -- C:\JN!01-02a.wdb
[2002/06/29 15:27:18 | 000,039,936 | ---- | M] () -- C:\JN!01-02s.wdb
[2001/11/15 21:48:48 | 000,040,960 | ---- | M] () -- C:\JN!01-02x2.wdb
[2001/11/15 21:49:06 | 000,019,968 | ---- | M] () -- C:\JN!01VOLS.wdb
[2004/10/09 22:58:36 | 000,020,480 | ---- | M] () -- C:\JN!1004.doc
[2000/09/11 20:40:08 | 000,025,600 | ---- | M] () -- C:\jn!2000-01.wdb
[2002/05/09 22:46:04 | 000,023,040 | ---- | M] () -- C:\jn!502.doc
[2002/06/03 18:11:14 | 000,022,016 | ---- | M] () -- C:\jn!602.doc
[2001/08/17 21:18:56 | 000,323,584 | ---- | M] () -- C:\jn!98-99.doc
[2001/08/07 01:55:32 | 000,024,576 | ---- | M] () -- C:\JN!Addresses9900.wdb
[2001/12/02 19:19:48 | 000,033,792 | ---- | M] () -- C:\jn!all.wdb
[2002/02/16 17:31:16 | 000,033,792 | ---- | M] () -- C:\jn!all00.wdb
[2001/08/17 21:10:00 | 000,033,792 | ---- | M] () -- C:\jn!allinfo.wdb
[2001/01/08 15:56:32 | 000,019,456 | ---- | M] () -- C:\JN!BUDGET01-02.doc
[2003/01/18 22:41:42 | 000,019,968 | ---- | M] () -- C:\JN!budget03.doc
[2002/02/15 11:55:00 | 000,030,208 | ---- | M] () -- C:\jn!cal0102.doc
[2004/10/15 10:11:56 | 000,020,992 | ---- | M] () -- C:\JN!CD04.doc
[2004/10/15 10:19:56 | 000,019,456 | ---- | M] () -- C:\JN!CD04B.doc
[2004/06/08 15:43:56 | 000,019,456 | ---- | M] () -- C:\JN!conference.doc
[2002/05/07 22:36:12 | 000,062,976 | ---- | M] () -- C:\jn!emergency.php
[2001/03/11 17:24:16 | 000,019,456 | ---- | M] () -- C:\jn!flyer.doc
[2004/02/09 14:45:26 | 000,019,456 | ---- | M] () -- C:\jn!flyer03.doc
[2002/08/21 15:49:38 | 000,025,600 | ---- | M] () -- C:\jn!Info Sheet.doc
[2003/09/25 10:23:00 | 000,028,672 | ---- | M] () -- C:\jn!parents02.doc
[2004/09/13 17:05:48 | 000,029,184 | ---- | M] () -- C:\jn!parents04.doc
[2002/08/16 13:00:54 | 000,021,504 | ---- | M] () -- C:\jn!resume.doc
[2004/10/01 18:03:16 | 000,020,480 | ---- | M] () -- C:\JN!retreatrehearsals.doc
[2000/09/06 14:43:38 | 000,034,816 | ---- | M] () -- C:\JN!Reunion.wdb
[2001/03/11 21:13:50 | 000,035,328 | ---- | M] () -- C:\JN!Reunion[1].wdb
[2000/09/25 13:22:48 | 000,013,312 | ---- | M] () -- C:\jn!roster2000.wdb
[2003/08/27 10:18:58 | 000,020,480 | ---- | M] () -- C:\JN!short.doc
[2002/06/19 09:20:14 | 000,023,552 | ---- | M] () -- C:\JN!songstour2002.doc
[2002/01/30 14:30:22 | 000,019,456 | ---- | M] () -- C:\jn!stationery.doc
[2002/08/22 17:36:46 | 000,019,456 | ---- | M] () -- C:\jn!stationery1.doc
[2003/10/01 23:14:00 | 000,035,328 | ---- | M] () -- C:\JN!Thankyou.php
[2003/09/10 14:22:40 | 000,030,720 | ---- | M] () -- C:\jn!welcome903.doc
[1993/09/07 16:22:14 | 000,001,690 | ---- | M] () -- C:\JN$.WPS
[1993/12/02 15:48:10 | 000,001,946 | ---- | M] () -- C:\JN.WPS
[2001/11/15 21:46:12 | 000,040,448 | ---- | M] () -- C:\JN01-02draft.wdb
[2002/01/14 14:49:36 | 000,024,064 | ---- | M] () -- C:\jn0202.doc
[2002/10/16 21:18:08 | 000,010,240 | ---- | M] () -- C:\jn0203adults.wdb
[2004/08/30 23:13:26 | 000,010,240 | ---- | M] () -- C:\jn04051.wdb
[2003/05/10 22:18:30 | 000,022,016 | ---- | M] () -- C:\JN0503.doc
[2005/04/28 21:59:51 | 000,021,504 | ---- | M] () -- C:\JN05ITIN.doc
[2005/04/26 17:40:16 | 000,010,752 | ---- | M] () -- C:\jn05tourroster.wdb
[2002/08/07 10:56:24 | 000,020,480 | ---- | M] () -- C:\jn0802.doc
[2000/09/10 23:59:06 | 000,021,504 | ---- | M] () -- C:\jn1000.doc
[2001/10/15 11:08:30 | 000,023,040 | ---- | M] () -- C:\jn1001.doc
[2002/09/09 09:43:50 | 000,020,480 | ---- | M] () -- C:\jn1002.doc
[2003/09/13 22:10:36 | 000,024,576 | ---- | M] () -- C:\JN1003.DOC
[2004/09/15 10:33:58 | 000,025,088 | ---- | M] () -- C:\jn1004.doc
[2000/12/10 13:28:44 | 000,024,576 | ---- | M] () -- C:\jn101.doc
[2001/10/17 21:46:44 | 000,026,624 | ---- | M] () -- C:\jn1018handout.doc
[2001/12/09 17:13:10 | 000,023,552 | ---- | M] () -- C:\jn102.doc
[2000/02/16 18:44:28 | 000,019,456 | ---- | M] () -- C:\jn1024.doc
[2003/12/06 12:57:06 | 000,023,552 | ---- | M] () -- C:\jn104.doc
[1995/09/08 00:24:44 | 000,001,940 | ---- | M] () -- C:\JN1095.WPS
[1996/09/01 13:05:54 | 000,002,836 | ---- | M] () -- C:\JN1096.WPS
[2000/10/12 16:53:20 | 000,019,968 | ---- | M] () -- C:\jn1100.doc
[2001/11/11 00:33:28 | 000,026,112 | ---- | M] () -- C:\jn1101.doc
[2002/10/10 10:04:04 | 000,019,968 | ---- | M] () -- C:\jn1102.doc
[2003/10/11 12:41:38 | 000,020,992 | ---- | M] () -- C:\jn1103.doc
[2004/11/12 11:40:34 | 000,025,088 | ---- | M] () -- C:\jn1104.doc
[1995/11/02 03:37:52 | 000,002,836 | ---- | M] () -- C:\JN1195.WPS
[1998/10/16 19:38:46 | 000,001,605 | ---- | M] () -- C:\JN1198.doc
[2001/12/17 21:41:26 | 000,021,504 | ---- | M] () -- C:\jn12.23handout.doc
[1993/12/12 22:28:10 | 000,002,708 | ---- | M] () -- C:\JN12.WPS
[2000/11/10 09:39:26 | 000,020,992 | ---- | M] () -- C:\jn1200.doc
[2000/11/11 12:43:46 | 000,022,528 | ---- | M] () -- C:\jn1200a.doc
[2002/11/10 22:17:54 | 000,020,480 | ---- | M] () -- C:\jn1202.doc
[2003/11/08 22:51:52 | 000,020,992 | ---- | M] () -- C:\jn1203.doc
[2004/12/12 13:36:12 | 000,024,576 | ---- | M] () -- C:\jn1204.doc
[2003/12/17 15:30:16 | 000,022,016 | ---- | M] () -- C:\jn122103.doc
[1995/11/27 19:36:38 | 000,002,452 | ---- | M] () -- C:\JN1295.WPS
[1994/01/19 07:53:04 | 000,001,556 | ---- | M] () -- C:\JN194.WPS
[1996/01/04 20:56:46 | 000,002,964 | ---- | M] () -- C:\JN196.WPS
[2000/02/12 12:56:10 | 000,022,016 | ---- | M] () -- C:\jn200.doc
[2001/01/12 21:25:50 | 000,023,040 | ---- | M] () -- C:\jn201.doc
[2004/01/10 21:12:00 | 000,024,064 | ---- | M] () -- C:\jn204.doc
[1996/02/04 13:58:04 | 000,002,068 | ---- | M] () -- C:\JN296.WPS
[1997/01/05 19:42:44 | 000,005,690 | ---- | M] () -- C:\JN297.WPD
[2000/03/07 19:30:50 | 000,025,600 | ---- | M] () -- C:\jn300.doc
[2001/03/11 18:47:38 | 000,025,088 | ---- | M] () -- C:\jn3001.doc
[2002/03/06 23:41:20 | 000,021,504 | ---- | M] () -- C:\jn302.doc
[2004/02/09 14:52:02 | 000,022,016 | ---- | M] () -- C:\jn304.doc
[1997/02/02 18:51:00 | 000,005,787 | ---- | M] () -- C:\JN397.WPD
[2000/04/10 14:57:26 | 000,021,504 | ---- | M] () -- C:\jn400.doc
[2001/04/05 21:27:56 | 000,024,064 | ---- | M] () -- C:\jn401.doc
[2002/04/15 13:28:20 | 000,020,992 | ---- | M] () -- C:\jn402.doc
[2003/04/12 15:46:18 | 000,020,480 | ---- | M] () -- C:\jn403.doc
[2004/04/06 15:23:14 | 000,020,992 | ---- | M] () -- C:\jn404.doc
[2005/03/16 09:51:36 | 000,020,992 | ---- | M] () -- C:\jn405.doc
[1995/03/31 22:17:18 | 000,002,330 | ---- | M] () -- C:\JN495.WPS
[2000/05/14 00:33:06 | 000,022,016 | ---- | M] () -- C:\jn500.doc
[2000/05/13 13:20:38 | 000,019,456 | ---- | M] () -- C:\JN5001.doc
[2000/05/12 00:06:44 | 000,019,456 | ---- | M] () -- C:\JN5002.doc
[2001/05/10 16:44:44 | 000,019,456 | ---- | M] () -- C:\jn501.doc
[2004/05/08 20:41:28 | 000,020,992 | ---- | M] () -- C:\jn504.doc
[2005/05/03 10:20:53 | 000,025,600 | ---- | M] () -- C:\jn505.doc
[1996/02/02 18:39:38 | 000,002,196 | ---- | M] () -- C:\JN595.WPS
[2000/06/11 21:56:16 | 000,021,504 | ---- | M] () -- C:\jn600.doc
[2001/06/08 12:24:56 | 000,025,600 | ---- | M] () -- C:\jn601.doc
[2003/06/07 21:19:06 | 000,020,480 | ---- | M] () -- C:\jn603.doc
[2004/06/12 20:12:12 | 000,020,992 | ---- | M] () -- C:\JN604.doc
[1995/06/03 15:39:08 | 000,002,068 | ---- | M] () -- C:\JN695.WPS
[2003/08/04 13:28:34 | 000,024,064 | ---- | M] () -- C:\jn803.doc
[2003/08/04 13:27:42 | 000,021,504 | ---- | M] () -- C:\jn803N.doc
[2003/08/04 13:29:36 | 000,022,016 | ---- | M] () -- C:\jn803T.doc
[1995/07/27 13:04:00 | 000,001,940 | ---- | M] () -- C:\JN895.WPS
[2000/08/09 21:14:40 | 000,023,040 | ---- | M] () -- C:\jn900.doc
[2001/09/09 12:10:02 | 000,022,016 | ---- | M] () -- C:\jn901.doc
[2004/08/09 13:45:02 | 000,021,504 | ---- | M] () -- C:\jn904.doc
[2003/09/24 10:48:42 | 000,023,552 | ---- | M] () -- C:\jn924.doc
[1995/09/06 16:10:48 | 000,001,940 | ---- | M] () -- C:\JN995.WPS
[1999/07/20 13:52:44 | 000,020,992 | ---- | M] () -- C:\jn999.doc
[2001/08/17 21:05:06 | 000,024,576 | ---- | M] () -- C:\JNAddresses9900.wdb
[2004/09/15 10:21:56 | 000,022,016 | ---- | M] () -- C:\JNADULTINFO.doc
[2002/04/07 19:46:42 | 000,020,480 | ---- | M] () -- C:\jnadults.doc
[2004/03/18 14:10:44 | 000,019,456 | ---- | M] () -- C:\jnadults404.doc
[2001/08/07 01:53:28 | 000,033,792 | ---- | M] () -- C:\jnallinfo.wdb
[2002/09/06 21:15:14 | 000,034,816 | ---- | M] () -- C:\JNAlum.wdb
[2002/06/04 11:38:02 | 000,034,816 | ---- | M] () -- C:\JNAlumni.wdb
[2003/09/29 10:02:06 | 000,034,816 | ---- | M] () -- C:\JNAlumni1.wdb
[2002/09/15 18:57:38 | 000,022,016 | ---- | M] () -- C:\jnalumni902.doc
[1995/03/31 19:50:44 | 000,001,428 | ---- | M] () -- C:\JNAPR.WPS
[1994/04/08 08:07:56 | 000,001,428 | ---- | M] () -- C:\JNAPR94.WPS
[1994/04/19 19:09:02 | 000,001,940 | ---- | M] () -- C:\JNAPRIL.WPS
[2003/05/27 18:17:24 | 000,011,264 | ---- | M] () -- C:\jnattend0203.wdb
[2004/06/12 12:04:22 | 000,013,312 | ---- | M] () -- C:\jnattend0304.wdb
[2005/04/27 17:15:42 | 000,012,288 | ---- | M] () -- C:\jnattend0405.wdb
[2002/11/22 00:01:30 | 000,024,064 | ---- | M] () -- C:\jnband0203word.doc
[2004/05/21 22:01:14 | 000,023,552 | ---- | M] () -- C:\JNband0304.doc
[2005/01/28 19:04:30 | 000,023,040 | ---- | M] () -- C:\jnband0405.doc
[2004/10/20 11:54:32 | 000,025,600 | ---- | M] () -- C:\jnbiogr.doc
[2004/09/07 14:23:06 | 000,020,480 | ---- | M] () -- C:\jnbioshort.doc
[2002/01/03 16:16:44 | 000,019,456 | ---- | M] () -- C:\jnbudget0203.doc
[2004/01/20 15:41:36 | 000,019,456 | ---- | M] () -- C:\jnbudget0405.doc
[2001/06/19 22:52:14 | 000,021,504 | ---- | M] () -- C:\jncal0102.doc
[2003/09/03 10:14:34 | 000,020,992 | ---- | M] () -- C:\jncal0304.doc
[2005/03/02 11:15:53 | 000,024,064 | ---- | M] () -- C:\jncal0405.doc
[2005/03/20 23:16:49 | 000,020,992 | ---- | M] () -- C:\JNCAL05-06.doc
[2004/04/29 12:19:46 | 000,024,576 | ---- | M] () -- C:\jncal5204.doc
[2000/09/11 21:32:52 | 000,015,360 | ---- | M] () -- C:\jncardLabel Sheet1.php
[2000/09/11 22:08:46 | 000,031,232 | ---- | M] () -- C:\jncardLabel Sheet2.php
[1994/05/05 15:18:20 | 000,006,170 | ---- | M] () -- C:\JNCENC.WPS
[2002/04/11 12:32:18 | 000,024,576 | ---- | M] () -- C:\jncon402.doc
[2003/06/06 13:34:50 | 000,020,992 | ---- | M] () -- C:\jnconc303mic2.doc
[2003/06/06 13:34:58 | 000,019,968 | ---- | M] () -- C:\JNCONC303MICS.doc
[2003/03/28 15:50:34 | 000,019,456 | ---- | M] () -- C:\jnconc303order.doc
[2001/04/19 10:06:40 | 000,020,480 | ---- | M] () -- C:\jnconsched01.doc
[2003/02/19 15:56:30 | 000,024,064 | ---- | M] () -- C:\jncoverfax.doc
[2003/04/25 23:10:34 | 000,021,504 | ---- | M] () -- C:\JNdates403.doc
[1994/12/05 08:08:46 | 000,001,684 | ---- | M] () -- C:\JNDECET.WPS
[2002/09/15 18:56:34 | 000,029,696 | ---- | M] () -- C:\jnemail902.doc
[1994/05/06 15:00:36 | 000,002,074 | ---- | M] () -- C:\JNENC2.WPS
[1998/02/04 01:37:54 | 000,001,946 | ---- | M] () -- C:\JNEQUIP.WPS
[2002/10/20 16:31:36 | 000,074,752 | ---- | M] () -- C:\jner02.php
[2002/10/08 22:53:24 | 000,030,208 | ---- | M] () -- C:\jnerphone.doc
[2001/10/04 21:16:22 | 000,183,808 | ---- | M] () -- C:\jnFamily Directory.doc
[2001/09/10 10:14:40 | 000,021,504 | ---- | M] () -- C:\jnfamily info sheet.doc
[2004/09/13 17:17:32 | 000,022,528 | ---- | M] () -- C:\JNFAMILYINFO.doc
[1994/02/21 12:04:36 | 000,001,556 | ---- | M] () -- C:\JNFEB.WPS
[2001/07/22 18:47:36 | 000,019,968 | ---- | M] () -- C:\JNfilmMAILER.doc
[2001/10/25 14:15:08 | 000,022,528 | ---- | M] () -- C:\jnflyerwww.doc
[1998/02/15 13:53:18 | 000,007,680 | ---- | M] () -- C:\JNGREAT.DOC
[2000/03/23 18:21:26 | 000,024,576 | ---- | M] () -- C:\jnhandout.doc
[2002/10/24 17:47:42 | 000,026,112 | ---- | M] () -- C:\jnhandout102402.doc
[2003/11/19 11:50:34 | 000,027,648 | ---- | M] () -- C:\jnhandout1103.doc
[2003/03/20 10:36:16 | 000,019,968 | ---- | M] () -- C:\JNhandout303.doc
[2004/03/17 12:01:28 | 000,026,624 | ---- | M] () -- C:\jnhandout317.doc
[2004/04/14 13:16:50 | 000,020,992 | ---- | M] () -- C:\Jnhandout41404.doc
[2004/04/21 14:58:04 | 000,020,992 | ---- | M] () -- C:\jnhandout421.doc
[2004/08/31 10:29:34 | 000,025,088 | ---- | M] () -- C:\jnhandout904.doc
[2004/10/20 18:07:38 | 000,027,136 | ---- | M] () -- C:\jnho1020.doc
[2004/11/03 15:42:54 | 000,026,112 | ---- | M] () -- C:\jnho11304.doc
[2004/12/08 10:05:22 | 000,027,136 | ---- | M] () -- C:\jnho1204.doc
[2005/03/09 17:52:54 | 000,022,016 | ---- | M] () -- C:\jnho3905.doc
[2004/06/02 16:51:42 | 000,020,992 | ---- | M] () -- C:\jnHO604.doc
[2002/05/29 10:59:06 | 000,019,456 | ---- | M] () -- C:\jnhomecom02mailer.doc
[2002/05/29 10:58:32 | 000,019,456 | ---- | M] () -- C:\jnhomecoming02bulletin.doc
[2005/01/25 15:40:50 | 000,026,112 | ---- | M] () -- C:\jnhostchurchinstruct.doc
[2001/04/19 15:02:04 | 000,020,480 | ---- | M] () -- C:\JNhours.doc
[2002/01/24 17:15:52 | 000,019,968 | ---- | M] () -- C:\jnhoutjf02.doc
[2001/10/16 18:53:32 | 000,020,992 | ---- | M] () -- C:\jnhymns.doc
[2002/12/12 08:58:46 | 000,027,136 | ---- | M] () -- C:\jnillu102.doc
[2001/09/10 10:15:18 | 000,023,552 | ---- | M] () -- C:\jnInfo Sheet.doc
[2001/09/13 11:03:28 | 000,019,968 | ---- | M] () -- C:\jninfosheet.doc
[1994/12/06 08:10:28 | 000,002,068 | ---- | M] () -- C:\JNJAN.WPS
[1994/06/20 07:21:56 | 000,002,068 | ---- | M] () -- C:\JNJUNE.WPS
[2000/02/08 11:08:26 | 000,025,600 | ---- | M] () -- C:\jnletter.doc
[1994/09/05 10:45:18 | 000,002,220 | ---- | M] () -- C:\JNLIST.WPS
[1994/10/18 05:27:44 | 000,002,708 | ---- | M] () -- C:\JNLTR.WPS
[1993/09/21 10:33:28 | 000,003,750 | ---- | M] () -- C:\JNLYR.WPS
[2000/02/16 18:45:44 | 000,019,456 | ---- | M] () -- C:\jnlyrics1199.doc
[2000/02/16 18:46:06 | 000,019,968 | ---- | M] () -- C:\jnlyrics1299.doc
[2005/03/01 09:38:10 | 000,006,960 | ---- | M] () -- C:\jnmail1.csv
[2005/03/20 19:16:13 | 000,016,384 | ---- | M] () -- C:\jnmail1.wdb
[1994/03/14 21:08:26 | 000,001,556 | ---- | M] () -- C:\JNMAR.WPS
[1994/05/17 07:42:44 | 000,001,684 | ---- | M] () -- C:\JNMAY.WPS
[1995/06/21 01:26:50 | 000,001,690 | ---- | M] () -- C:\JNMED.WPS
[2003/03/15 12:32:12 | 000,010,240 | ---- | M] () -- C:\Jnmics03.wdb
[2002/08/29 13:15:40 | 000,024,576 | ---- | M] () -- C:\jnmtgretreato2.doc
[1993/09/22 10:39:22 | 000,001,684 | ---- | M] () -- C:\JNNEWS.WPS
[2003/07/31 14:06:18 | 000,039,424 | ---- | M] () -- C:\JNNONOE.wdb
[2003/07/31 14:08:46 | 000,039,936 | ---- | M] () -- C:\jnnonoe1.wdb
[2003/07/31 15:04:40 | 000,018,944 | ---- | M] () -- C:\jnnonoe12.wdb
[1994/11/07 21:00:42 | 000,001,812 | ---- | M] () -- C:\JNNOV.WPS
[1994/10/17 13:17:58 | 000,001,556 | ---- | M] () -- C:\JNOCT.WPS
[2002/06/14 22:34:24 | 000,026,112 | ---- | M] () -- C:\jnorch01-02.doc
[2002/04/08 18:17:46 | 000,025,088 | ---- | M] () -- C:\jnorch01.doc
[2002/09/24 14:22:08 | 000,010,240 | ---- | M] () -- C:\jnorch0203.wdb
[2002/09/26 13:08:34 | 000,000,914 | ---- | M] () -- C:\jnorch0203T.txt
[2003/09/30 14:29:40 | 000,024,064 | ---- | M] () -- C:\jnparentmtg02.doc
[2004/11/04 13:45:28 | 000,023,552 | ---- | M] () -- C:\jnparentmtgmissed.doc
[2000/09/23 13:48:42 | 000,022,016 | ---- | M] () -- C:\jnparents.doc
[2002/08/27 07:42:58 | 000,026,112 | ---- | M] () -- C:\jnparents22.doc
[1995/08/03 15:17:02 | 000,001,172 | ---- | M] () -- C:\JNPOOL.WPS
[2004/07/13 22:02:10 | 000,024,576 | ---- | M] () -- C:\jnpoolltr1.doc
[2003/07/18 23:48:04 | 000,028,672 | ---- | M] () -- C:\jnposstape0304.doc
[2001/06/11 23:05:24 | 000,019,456 | ---- | M] () -- C:\jnpotluck.doc
[1997/10/01 03:47:00 | 000,002,836 | ---- | M] () -- C:\JNPP.WPS
[1995/08/11 10:33:32 | 000,001,684 | ---- | M] () -- C:\JNPRESS1.WPS
[2002/01/14 14:04:40 | 000,021,504 | ---- | M] () -- C:\jnresume.doc
[2001/12/26 17:02:24 | 000,034,816 | ---- | M] () -- C:\JNReunion.wdb
[1999/03/11 13:16:56 | 000,116,224 | ---- | M] () -- C:\jnroster.doc
[2003/08/15 11:43:16 | 000,038,912 | ---- | M] () -- C:\jnroster0203.wdb
[2004/03/01 14:05:48 | 000,032,962 | ---- | M] () -- C:\jnroster0304.dbf
[2004/08/09 13:42:16 | 000,036,352 | ---- | M] () -- C:\jnroster0304.wdb
[2004/11/12 20:09:50 | 000,019,968 | ---- | M] () -- C:\jnroster0304tour.wdb
[2005/03/22 19:24:35 | 000,030,208 | ---- | M] () -- C:\jnroster0405A.wdb
[2004/11/03 09:59:00 | 000,016,559 | ---- | M] () -- C:\jnroster0405AC.csv
[2005/03/22 19:25:01 | 000,013,754 | ---- | M] () -- C:\jnroster0405G.csv
[2004/10/26 19:43:32 | 000,016,444 | ---- | M] () -- C:\jnroster0405web.csv
[2001/08/17 21:05:34 | 000,013,312 | ---- | M] () -- C:\jnroster2000.wdb
[1994/10/06 12:11:08 | 000,001,690 | ---- | M] () -- C:\JNSCHED.WPS
[1994/09/20 20:06:56 | 000,001,812 | ---- | M] () -- C:\JNSEPT.WPS
[2003/03/10 12:27:04 | 000,020,992 | ---- | M] () -- C:\jnsolos0203.doc
[2005/04/14 22:45:38 | 000,020,992 | ---- | M] () -- C:\jnsongs0405.doc
[2005/04/15 12:11:18 | 000,022,016 | ---- | M] () -- C:\jnsongs0405mics.doc
[2004/06/12 10:20:22 | 000,010,752 | ---- | M] () -- C:\jnsrs04.xlr
[1995/05/04 17:13:26 | 000,002,458 | ---- | M] () -- C:\JNT495.WPS
[2002/01/25 23:24:32 | 000,019,456 | ---- | M] () -- C:\jntaxreceipt.doc
[1998/04/20 12:20:06 | 000,007,168 | ---- | M] () -- C:\JNTICKET.DOC
[2001/09/14 10:12:02 | 000,019,968 | ---- | M] () -- C:\jntour deposits.doc
[1998/01/12 13:43:58 | 000,007,680 | ---- | M] () -- C:\JNTOUR.DOC
[2003/04/23 10:22:42 | 000,020,480 | ---- | M] () -- C:\jntour03day1.doc
[2003/11/12 22:34:22 | 000,075,264 | ---- | M] () -- C:\JNtour03program.doc
[2004/03/01 15:01:10 | 000,021,504 | ---- | M] () -- C:\jntour03tenitin.doc
[2004/09/13 16:59:42 | 000,021,504 | ---- | M] () -- C:\jntour05.doc
[2005/02/21 22:50:36 | 000,025,088 | ---- | M] () -- C:\jntour05bus.doc
[2001/10/19 14:25:30 | 000,022,528 | ---- | M] () -- C:\JNtour2001members.doc
[2001/10/19 14:25:08 | 000,024,064 | ---- | M] () -- C:\JNtour2001members[1].doc
[2003/04/10 22:23:08 | 000,025,600 | ---- | M] () -- C:\jntour303itin.doc
[2001/03/25 18:15:42 | 000,020,992 | ---- | M] () -- C:\jntourconfirm.doc
[2001/03/16 10:33:22 | 000,025,088 | ---- | M] () -- C:\jntourltr.doc
[2003/07/22 22:21:10 | 000,026,112 | ---- | M] () -- C:\jntourltr02.doc
[2004/03/17 15:23:08 | 000,025,600 | ---- | M] () -- C:\jntourltr03.doc
[2005/01/18 15:27:12 | 000,025,088 | ---- | M] () -- C:\jntourltr05.doc
[2001/04/24 11:44:38 | 000,025,088 | ---- | M] () -- C:\jntourltr1.doc
[2003/02/04 15:35:00 | 000,023,552 | ---- | M] () -- C:\jntourltrcover.doc
[2001/12/20 11:22:04 | 000,025,088 | ---- | M] () -- C:\jntourrainier.doc
[2002/03/25 17:42:34 | 000,005,632 | ---- | M] () -- C:\jntshirts.wdb
[2001/07/31 11:39:52 | 000,264,062 | ---- | M] () -- C:\jnvol.BMP
[2001/09/15 17:06:26 | 000,020,992 | ---- | M] () -- C:\jnvol.doc
[2001/07/31 11:41:48 | 000,020,504 | ---- | M] () -- C:\jnvol.TIF
[1994/10/06 12:29:24 | 000,001,306 | ---- | M] () -- C:\JNVOL.WPS
[2003/09/24 10:01:32 | 000,020,992 | ---- | M] () -- C:\JNVOL03.doc
[2005/02/22 22:46:52 | 000,021,504 | ---- | M] () -- C:\jnvol04.xls
[2003/11/11 12:51:38 | 000,013,312 | ---- | M] () -- C:\JNvols03.wdb
[2004/09/13 16:40:16 | 000,021,504 | ---- | M] () -- C:\jnwebsite.doc
[1998/02/15 13:45:32 | 000,007,680 | ---- | M] () -- C:\JNWHAT.DOC
[2000/09/03 22:37:36 | 000,020,992 | ---- | M] () -- C:\JNWHATifigiveall.doc
[1995/09/27 13:01:04 | 000,001,812 | ---- | M] () -- C:\JNYC1095.WPS
[1996/09/02 20:46:02 | 000,002,452 | ---- | M] () -- C:\JNYC1096.WPS
[1998/10/05 16:47:06 | 000,019,456 | ---- | M] () -- C:\jnyc11-09.doc
[1995/11/02 04:39:02 | 000,002,068 | ---- | M] () -- C:\JNYC1195.WPS
[1998/10/05 16:47:40 | 000,019,456 | ---- | M] () -- C:\jnyc1198.doc
[1995/11/27 20:44:18 | 000,001,940 | ---- | M] () -- C:\JNYC1295.WPS
[1996/01/14 18:34:36 | 000,001,684 | ---- | M] () -- C:\JNYC196.WPS
[2000/02/12 13:01:36 | 000,021,504 | ---- | M] () -- C:\jnyc200.doc
[1996/02/04 18:43:52 | 000,001,940 | ---- | M] () -- C:\JNYC296.WPS
[1996/02/22 21:21:54 | 000,001,812 | ---- | M] () -- C:\JNYC396.WPS
[1995/05/09 11:05:34 | 000,001,684 | ---- | M] () -- C:\JNYC595.WPS
[1995/06/05 12:08:16 | 000,001,812 | ---- | M] () -- C:\JNYC695.WPS
[1996/07/30 16:14:34 | 000,002,068 | ---- | M] () -- C:\JNYC896.WPS
[1995/09/12 13:15:46 | 000,001,556 | ---- | M] () -- C:\JNYC995.WPS
[2000/03/29 11:16:46 | 000,023,552 | ---- | M] () -- C:\JNZTOUR(1).xls
[2001/04/03 15:04:08 | 000,031,232 | ---- | M] () -- C:\JOBJN.doc
[1995/09/20 20:11:38 | 000,012,448 | ---- | M] () -- C:\JOBJN.WPS
[2003/11/07 22:11:10 | 000,022,528 | ---- | M] () -- C:\jobUFCcoor.doc
[2003/02/25 23:16:46 | 000,023,552 | ---- | M] () -- C:\johnson.doc
[2002/07/14 18:31:58 | 000,024,064 | ---- | M] () -- C:\jokomo702.doc
[2001/07/22 18:49:22 | 000,142,848 | ---- | M] () -- C:\Joyful Noise Potluck - 99.doc
[2005/02/12 14:29:30 | 000,007,380 | ---- | M] () -- C:\joyfulnoiseconcertvolunteerlist.wpd
[2003/04/25 11:41:36 | 000,028,160 | ---- | M] () -- C:\joyfulnoisemedicalpermissionform2003.wpd
[2000/05/03 21:24:02 | 000,022,528 | ---- | M] () -- C:\JoyfulNoisepretour[1].doc
[1998/07/22 00:26:20 | 000,020,992 | ---- | M] () -- C:\jtpideas.doc
[1998/09/02 13:25:04 | 000,023,040 | ---- | M] () -- C:\jtpresume.doc
[2001/06/04 22:42:20 | 000,024,064 | ---- | M] () -- C:\june9.doc
[1998/06/01 21:46:16 | 000,001,818 | ---- | M] () -- C:\JUNE98.WPS
[1994/11/17 12:22:06 | 000,003,092 | ---- | M] () -- C:\KAREN.WPS
[2000/08/09 21:44:02 | 000,022,528 | ---- | M] () -- C:\karyn.doc
[2003/12/22 10:08:50 | 000,020,992 | ---- | M] () -- C:\KAUFMANLTC.doc
[2004/05/17 10:52:38 | 000,020,992 | ---- | M] () -- C:\kaufmanltc504.doc
[2001/03/07 09:33:32 | 000,022,016 | ---- | M] () -- C:\KENNY PHILLIPS.doc
[1995/12/05 01:38:32 | 000,001,946 | ---- | M] () -- C:\KIRLIN.WPS
[1999/10/03 23:29:24 | 000,001,720 | ---- | M] () -- C:\KLATZER.CHR
[2004/09/20 14:07:24 | 000,022,528 | ---- | M] () -- C:\KnowLove.doc
[1996/03/16 03:02:54 | 000,001,178 | ---- | M] () -- C:\KOFK.WPS
[2002/02/05 15:19:58 | 000,020,992 | ---- | M] () -- C:\kofkinsert.doc
[2004/09/03 09:23:18 | 000,020,992 | ---- | M] () -- C:\Korea904.doc
[2004/06/15 16:45:00 | 000,020,992 | ---- | M] () -- C:\KOREAAGE.doc
[2004/05/14 20:36:12 | 000,020,992 | ---- | M] () -- C:\koreacovenant.doc
[2004/06/14 12:22:12 | 000,019,968 | ---- | M] () -- C:\koreaflight.doc
[2004/05/14 12:31:38 | 000,023,040 | ---- | M] () -- C:\koreahealth.doc
[2004/07/10 09:06:22 | 000,019,968 | ---- | M] () -- C:\Koreaitinerary.doc
[2004/05/14 15:12:46 | 000,019,456 | ---- | M] () -- C:\koreaneeds.doc
[2004/05/14 20:50:32 | 000,026,624 | ---- | M] () -- C:\koreaparents.doc
[2004/06/10 11:06:00 | 000,020,480 | ---- | M] () -- C:\koreaparts.doc
[2004/05/14 15:05:44 | 000,020,480 | ---- | M] () -- C:\koreapastor.doc
[2004/05/14 20:52:00 | 000,023,040 | ---- | M] () -- C:\koreaquesitons.doc
[2004/05/14 21:09:48 | 000,022,016 | ---- | M] () -- C:\koreawaiver.doc
[2004/12/14 18:57:22 | 000,020,992 | ---- | M] () -- C:\kukliewicz.doc
[1999/06/17 08:10:20 | 000,001,856 | ---- | M] () -- C:\kyreth.chr
[1999/06/23 23:23:30 | 000,023,040 | ---- | M] () -- C:\Label3.doc
[2003/02/17 17:53:04 | 000,019,456 | ---- | M] () -- C:\lamb.doc
[2002/04/23 15:34:06 | 000,019,968 | ---- | M] () -- C:\LATCHAW.doc
[2002/05/16 13:14:42 | 000,019,456 | ---- | M] () -- C:\LATCHAWLTC.doc
[2000/03/02 13:43:06 | 000,019,456 | ---- | M] () -- C:\laurauslife.doc
[2000/08/19 17:43:24 | 000,022,016 | ---- | M] () -- C:\LAWYER.doc
[2003/10/21 17:57:14 | 000,022,016 | ---- | M] () -- C:\lay1003.doc
[2002/04/22 11:32:24 | 000,020,480 | ---- | M] () -- C:\Lean On Me.doc
[1997/08/19 11:58:24 | 000,007,168 | ---- | M] () -- C:\LEANARDA.DOC
[2001/11/12 13:17:30 | 000,020,480 | ---- | M] () -- C:\leckrone.doc
[2005/04/06 17:01:24 | 008,068,641 | ---- | M] () -- C:\LegallyBlondePoster.pdf
[2002/03/06 10:40:04 | 000,050,086 | ---- | M] () -- C:\leontinashe.BMP
[1998/04/13 18:54:04 | 000,001,306 | ---- | M] () -- C:\LESSONS.WPS
[2000/11/27 17:09:18 | 000,019,456 | ---- | M] () -- C:\letterhead.doc
[2005/04/12 06:55:23 | 000,716,800 | ---- | M] () -- C:\Life_sonetreasure.pps
[2005/02/08 12:51:46 | 000,016,896 | ---- | M] () -- C:\Lighting Zones.xls
[2002/01/16 18:20:10 | 000,024,576 | ---- | M] () -- C:\lighting.doc
[2001/09/21 10:32:06 | 000,019,456 | ---- | M] () -- C:\lilli.doc
[2001/11/01 16:16:26 | 000,020,480 | ---- | M] () -- C:\lindagiese.doc
[1995/12/05 01:14:36 | 000,001,818 | ---- | M] () -- C:\LION.WPS
[2004/09/10 09:21:46 | 000,020,992 | ---- | M] () -- C:\Litany of Confession.doc
[2000/03/20 18:29:04 | 000,020,480 | ---- | M] () -- C:\Liturgy for the Children.doc
[2000/11/06 10:35:56 | 000,020,480 | ---- | M] () -- C:\LONG TERM CARE BENEFITS COMPARISON.doc
[2000/10/20 15:42:28 | 000,019,456 | ---- | M] () -- C:\LONG TERM CARE.doc
[2004/11/09 23:00:18 | 000,019,968 | ---- | M] () -- C:\Lord I Believe in You.doc
[2000/09/27 22:23:04 | 000,019,968 | ---- | M] () -- C:\Lord I Lift,stepbystep.doc
[2003/04/22 00:36:58 | 000,019,968 | ---- | M] () -- C:\Lordhigh.doc
[1996/06/18 13:24:16 | 000,001,434 | ---- | M] () -- C:\LORDTHO.WPS
[2001/08/29 13:29:16 | 000,020,480 | ---- | M] () -- C:\loukides.doc
[2000/03/25 23:25:26 | 000,025,088 | ---- | M] () -- C:\Love Honor and Obey.doc
[2001/01/07 18:25:04 | 000,021,504 | ---- | M] () -- C:\Love One Another.doc
[2001/08/09 11:48:28 | 000,022,528 | ---- | M] () -- C:\ltc.doc
[2001/08/09 04:06:12 | 000,022,528 | ---- | M] () -- C:\ltcltr.doc
[2001/10/08 14:52:52 | 000,022,528 | ---- | M] () -- C:\ltcltr1.doc
[1995/04/12 21:11:26 | 000,001,690 | ---- | M] () -- C:\LUCIAPAR.WPS
[2002/11/22 23:23:10 | 000,024,064 | ---- | M] () -- C:\lucyinvite.doc
[2000/02/25 10:18:44 | 000,009,728 | ---- | M] () -- C:\lyrics100.wps
[2002/03/15 13:03:48 | 000,024,576 | ---- | M] () -- C:\lyrics32402.doc
[2000/04/24 16:29:22 | 000,021,504 | ---- | M] () -- C:\lyrics430.doc
[1999/08/27 00:50:56 | 000,001,924 | ---- | M] () -- C:\MAGESTUF.CHR
[2000/04/02 14:45:58 | 000,020,992 | ---- | M] () -- C:\mailing list.doc
[2004/02/18 13:21:10 | 000,251,826 | ---- | M] () -- C:\makwena.jpg
[2004/08/26 09:55:40 | 000,034,304 | ---- | M] () -- C:\MakwenyaExpenses.xls
[2000/12/12 22:32:26 | 000,115,200 | ---- | M] () -- C:\man3.9.doc
[2001/08/01 02:24:12 | 000,019,968 | ---- | M] () -- C:\manna.doc
[2001/06/05 12:41:10 | 000,020,992 | ---- | M] () -- C:\manna01.doc
[2002/05/28 14:31:50 | 000,019,456 | ---- | M] () -- C:\manna02.doc
[2000/11/20 21:48:18 | 000,103,936 | ---- | M] () -- C:\manual.doc
[2000/11/24 18:37:06 | 000,104,448 | ---- | M] () -- C:\manual2.doc
[2000/11/24 19:13:22 | 000,020,992 | ---- | M] () -- C:\manuallastpage.doc
[2000/03/10 12:40:58 | 000,022,016 | ---- | M] () -- C:\March 10.doc
[2001/04/03 22:09:08 | 000,020,992 | ---- | M] () -- C:\maria.doc
[2002/12/21 22:35:34 | 000,047,104 | ---- | M] () -- C:\Martin Family Info.doc
[2003/07/03 12:22:46 | 000,059,904 | ---- | M] () -- C:\Martin Family Info603.doc
[1996/12/04 19:43:56 | 000,001,684 | ---- | M] () -- C:\MARY.WPS
[2003/09/30 14:37:26 | 000,020,480 | ---- | M] () -- C:\Maryknow.doc
[2002/07/07 22:44:42 | 000,019,456 | ---- | M] () -- C:\Matt.doc
[2002/07/31 14:32:12 | 000,020,480 | ---- | M] () -- C:\mattingly02.doc
[2003/11/01 15:03:48 | 000,021,504 | ---- | M] () -- C:\may110103.doc
[2004/03/01 15:20:56 | 000,019,456 | ---- | M] () -- C:\maynardbill.doc
[2004/03/01 15:17:20 | 000,019,456 | ---- | M] () -- C:\maynardjon.doc
[2004/05/27 15:53:42 | 000,019,456 | ---- | M] () -- C:\maypic.doc
[2005/04/26 16:34:48 | 001,371,553 | ---- | M] () -- C:\mcdonalds_fishing.wmv
[2004/01/11 10:46:06 | 000,052,587 | ---- | M] () -- C:\MCScriptROCK2004.wpd
[2004/01/11 10:50:28 | 000,062,976 | ---- | M] () -- C:\MCScriptROCK20041.wps
[1998/02/02 13:05:00 | 000,011,264 | ---- | M] () -- C:\MDHOUSE.DOC
[2005/04/06 09:45:15 | 000,000,000 | ---- | M] () -- C:\Mechanicalrequestform12-21-2001.doc
[2005/01/28 18:21:49 | 000,339,756 | ---- | M] () -- C:\Media1.zip
[2000/10/11 17:57:54 | 000,024,576 | ---- | M] () -- C:\meehan.doc
[1994/09/17 14:10:02 | 000,001,940 | ---- | M] () -- C:\MEETING.WPS
[2005/02/15 20:42:03 | 000,036,864 | ---- | M] () -- C:\MeetingNotice02-17-05.doc
[2001/05/18 11:16:44 | 000,000,551 | ---- | M] () -- C:\meetings.txt
[2005/01/03 21:19:05 | 000,025,088 | ---- | M] () -- C:\Memo2bishop.doc
[2000/09/23 22:46:34 | 000,022,016 | ---- | M] () -- C:\MEN IN BLACK.doc
[2003/02/17 17:51:10 | 000,019,968 | ---- | M] () -- C:\mercybuilt.doc
[2004/01/15 16:00:14 | 000,023,552 | ---- | M] () -- C:\meso.doc
[2000/02/10 08:17:02 | 000,069,010 | ---- | M] () -- C:\MHRsched.mim
[2000/10/15 18:37:36 | 000,022,016 | ---- | M] () -- C:\MICHAEL GARGAN.doc
[2003/03/17 12:19:48 | 000,022,016 | ---- | M] () -- C:\michelle.doc
[2000/02/04 08:56:10 | 000,004,359 | ---- | M] () -- C:\MIDHIR Dell Scheudle.csv
[2000/02/04 08:57:16 | 000,031,232 | ---- | M] () -- C:\MIDHIR Dell Scheudle.xls
[2000/10/17 17:31:38 | 000,002,660 | ---- | M] () -- C:\millerchurch.txt
[2002/12/31 08:53:58 | 000,019,968 | ---- | M] () -- C:\MinistryReview.doc
[2005/01/30 13:44:14 | 000,033,280 | ---- | M] () -- C:\Minutes January 27. 2005.doc
[2002/01/25 22:49:44 | 000,004,096 | ---- | M] () -- C:\miraclechange.cl4
[2004/11/02 20:28:58 | 000,015,872 | ---- | M] () -- C:\mitchell1004.xls
[2004/01/05 12:56:48 | 000,022,528 | ---- | M] () -- C:\mitchell104.doc
[2003/02/28 15:03:54 | 000,024,064 | ---- | M] () -- C:\Mitchell303.doc
[2000/05/04 10:45:54 | 000,005,785 | ---- | M] () -- C:\mom's prayer.txt
[2010/10/22 09:17:04 | 000,084,130 | ---- | M] () -- C:\mombi.log
[2004/01/12 14:32:40 | 000,020,992 | ---- | M] () -- C:\mominstruct.doc
[2004/01/09 14:39:36 | 000,019,968 | ---- | M] () -- C:\mominvent.doc
[2002/09/09 19:29:18 | 000,172,108 | ---- | M] () -- C:\momruff.jpg
[2001/04/27 22:48:50 | 000,022,016 | ---- | M] () -- C:\mondin.doc
[2001/10/09 16:59:18 | 000,034,816 | ---- | M] () -- C:\Moore-Bissett Family Info.doc
[2004/10/19 18:45:32 | 000,019,968 | ---- | M] () -- C:\More Than Anything.doc
[2001/12/14 17:10:20 | 000,020,480 | ---- | M] () -- C:\morris.doc
[2005/05/06 20:35:39 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[1999/08/15 00:09:22 | 000,002,076 | ---- | M] () -- C:\MULE.CHR
[2002/02/15 16:34:52 | 000,019,456 | ---- | M] () -- C:\murewa.doc
[2001/09/28 09:41:10 | 000,021,504 | ---- | M] () -- C:\murfdirections.doc
[2005/05/25 20:44:26 | 000,010,562 | ---- | M] () -- C:\mvstcdxx.lst
[2000/09/01 12:29:10 | 001,921,872 | ---- | M] () -- C:\My Money Backup.mbf
[2000/09/01 12:29:14 | 001,921,024 | ---- | M] () -- C:\My Money.mny
[2003/01/20 20:49:06 | 000,019,968 | ---- | M] () -- C:\My Turn Now.doc
[1997/03/23 20:29:36 | 000,002,714 | ---- | M] () -- C:\MYERS.WPS
[2001/04/27 23:19:44 | 000,023,040 | ---- | M] () -- C:\N&P april.doc
[2000/01/27 13:41:50 | 000,027,136 | ---- | M] () -- C:\N&P.doc
[2005/03/16 16:17:45 | 000,122,409 | ---- | M] () -- C:\NASDLetter.pdf
[2004/01/15 16:00:24 | 000,024,576 | ---- | M] () -- C:\nci.doc
[2001/09/12 20:50:24 | 000,040,960 | ---- | M] () -- C:\need info.wdb
[2005/02/02 10:54:50 | 000,019,968 | ---- | M] () -- C:\nefinstruct.doc
[2005/04/02 18:08:55 | 000,019,456 | ---- | M] () -- C:\Network Access Info.doc
[2003/06/18 23:41:40 | 000,019,456 | ---- | M] () -- C:\neva.doc
[2000/05/02 12:31:08 | 000,013,889 | ---- | M] () -- C:\new addresses.txt
[2003/05/13 09:39:06 | 000,020,992 | ---- | M] () -- C:\NEW INITIATIVES503.doc
[1993/10/17 17:32:50 | 000,001,556 | ---- | M] () -- C:\NEWS.WPS
[1993/11/21 22:53:02 | 000,001,684 | ---- | M] () -- C:\NEWS1.WPS
[2002/12/25 17:36:34 | 000,034,816 | ---- | M] () -- C:\NewsletterDedicationoftheIsheAnesuCenter.doc
[2002/03/22 18:48:28 | 000,020,480 | ---- | M] () -- C:\newsponsor.doc
[2003/12/20 08:32:40 | 000,021,504 | ---- | M] () -- C:\nick.doc
[2003/12/29 15:55:14 | 000,020,480 | ---- | M] () -- C:\nick1.doc
[2001/09/15 17:38:00 | 000,019,968 | ---- | M] () -- C:\No Holdin.doc
[1995/09/08 12:03:30 | 000,001,172 | ---- | M] () -- C:\NOHOLDIN.WPS
[2002/03/21 10:06:24 | 000,019,456 | ---- | M] () -- C:\Nonmeth.doc
[2001/12/16 15:40:10 | 000,147,968 | ---- | M] () -- C:\Normal.dot
[2002/12/13 23:14:04 | 000,019,968 | ---- | M] () -- C:\Not That Far.doc
[2005/01/27 22:21:52 | 000,040,227 | ---- | M] () -- C:\NotesonB.mim
[2002/10/16 18:17:44 | 000,020,480 | ---- | M] () -- C:\Nothinsgonnastand.doc
[2003/10/30 15:39:02 | 000,019,456 | ---- | M] () -- C:\nov5bus.doc
[2000/03/01 16:50:00 | 000,023,040 | ---- | M] () -- C:\np228.doc
[2005/10/31 21:55:56 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2012/01/07 13:29:35 | 000,250,048 | RHS- | M] () -- C:\ntldr
[1994/12/04 09:08:48 | 000,002,324 | ---- | M] () -- C:\OAKBOYS.WPS
[1995/11/30 20:30:26 | 000,001,300 | ---- | M] () -- C:\OB40.WPS
[1996/11/12 00:52:26 | 000,000,916 | ---- | M] () -- C:\OB96-97.WPS
[2003/01/17 23:19:30 | 000,010,240 | ---- | M] () -- C:\OC03.wdb
[2003/01/20 22:28:14 | 000,039,424 | ---- | M] () -- C:\occell03.doc
[2001/12/17 09:55:38 | 000,019,456 | ---- | M] () -- C:\odonnell.doc
[2003/01/20 21:49:16 | 000,012,024 | ---- | M] () -- C:\OEUMC Sound Eqt Inventory.rtf
[2001/06/15 18:23:18 | 000,010,240 | ---- | M] () -- C:\ohioroomiesb.wdb
[2001/06/03 15:31:38 | 000,011,264 | ---- | M] () -- C:\ohioroomiesg.wdb
[2004/02/26 17:05:34 | 000,019,968 | ---- | M] () -- C:\OnlyBelieve.doc
[2003/01/19 14:44:30 | 000,019,456 | ---- | M] () -- C:\ooc.doc
[2004/01/05 17:51:08 | 000,021,504 | ---- | M] () -- C:\Oprah.doc
[2004/07/13 21:39:58 | 000,020,992 | ---- | M] () -- C:\orbitz.doc
[2001/08/29 22:36:16 | 000,022,016 | ---- | M] () -- C:\orch01.doc
[2001/08/05 11:24:04 | 000,019,456 | ---- | M] () -- C:\order0102.doc
[2001/12/10 22:35:42 | 000,011,681 | ---- | M] () -- C:\organproposal.wpd
[2001/12/10 22:38:20 | 000,023,040 | ---- | M] () -- C:\organproposal.wps
[1999/01/13 11:36:22 | 000,021,504 | ---- | M] () -- C:\Orientation to Restructuring.doc
[2001/02/26 00:52:24 | 000,019,456 | ---- | M] () -- C:\Outside Activities.doc
[2012/01/06 22:13:39 | 2145,386,496 | -HS- | M] () -- C:\pagefile.sys
[2001/05/10 17:16:22 | 000,023,040 | ---- | M] () -- C:\palms.doc
[2002/06/16 21:23:18 | 000,020,480 | ---- | M] () -- C:\pamgray.doc
[1996/10/15 21:14:56 | 000,002,714 | ---- | M] () -- C:\PAR1.WPS
[1995/09/06 14:14:10 | 000,002,202 | ---- | M] () -- C:\PARENT1.WPS
[1993/10/14 07:20:08 | 000,002,452 | ---- | M] () -- C:\PARENTS.WPS
[1995/10/24 13:13:56 | 000,001,556 | ---- | M] () -- C:\PARTY.WPS
[1994/06/20 06:49:28 | 000,001,556 | ---- | M] () -- C:\PARY.WPS
[2004/07/19 22:25:28 | 000,054,272 | ---- | M] () -- C:\PassportInfo.doc
[2005/02/23 22:56:26 | 000,010,240 | ---- | M] () -- C:\passwords.wdb
[2002/02/09 21:17:16 | 000,020,480 | ---- | M] () -- C:\paula.doc
[2003/04/04 16:09:04 | 000,022,016 | ---- | M] () -- C:\paula403.doc
[2001/11/09 20:53:36 | 000,020,992 | ---- | M] () -- C:\pazel.doc
[2001/11/26 19:26:34 | 000,019,456 | ---- | M] () -- C:\pazel1.doc
[2001/12/17 09:54:26 | 000,022,016 | ---- | M] () -- C:\peace&round.doc
[2005/05/16 17:36:58 | 000,046,080 | ---- | M] () -- C:\PermForm.doc
[2001/03/16 15:37:18 | 000,030,720 | ---- | M] () -- C:\personal.wdb
[2003/10/03 12:08:54 | 000,020,480 | ---- | M] () -- C:\PIC SCAVENGER HUNT.doc
[1997/05/26 23:31:56 | 000,001,690 | ---- | M] () -- C:\PK97.WPS
[2002/10/10 00:16:04 | 000,020,480 | ---- | M] () -- C:\planconcert.doc
[2002/08/23 20:00:42 | 000,025,088 | ---- | M] () -- C:\pontell.doc
[2000/09/21 18:25:06 | 000,020,480 | ---- | M] () -- C:\Possibilities tape.doc
[2002/06/30 10:02:34 | 000,020,480 | ---- | M] () -- C:\Possibilities02-03.doc
[1995/07/18 10:53:48 | 000,002,074 | ---- | M] () -- C:\POSTOUR.WPS
[2002/04/10 16:07:46 | 000,020,480 | ---- | M] () -- C:\potluckflyer.doc
[2005/03/09 18:04:37 | 000,019,456 | ---- | M] () -- C:\Praise You.doc
[1998/10/19 12:04:54 | 000,019,456 | ---- | M] () -- C:\Praise Yousongs of love.doc
[1994/03/21 12:42:12 | 000,001,690 | ---- | M] () -- C:\PRAISE.WPS
[1994/11/21 08:00:26 | 000,001,172 | ---- | M] () -- C:\PRAISEU.WPS
[2005/05/08 22:12:41 | 000,020,480 | ---- | M] () -- C:\Pray for Me.doc
[2003/05/20 09:41:26 | 000,019,456 | ---- | M] () -- C:\Pray for Me1.doc
[1997/05/18 01:54:32 | 000,002,068 | ---- | M] () -- C:\PRAY.WPS
[2000/03/25 21:51:06 | 000,019,968 | ---- | M] () -- C:\PRAYER OF THANKSGIVING.doc
[2001/09/25 09:02:34 | 000,019,968 | ---- | M] () -- C:\PRAYER PARENTS.doc
[1998/05/30 22:30:24 | 000,002,080 | ---- | M] () -- C:\PRAYER.WPS
[2003/10/23 23:49:14 | 000,010,240 | ---- | M] () -- C:\prayer03.wdb
[1998/06/01 05:03:04 | 000,001,306 | ---- | M] () -- C:\PRAYER2.WPS
[2003/10/22 11:49:48 | 000,020,992 | ---- | M] () -- C:\prayerpartners.doc
[2000/05/22 00:10:46 | 000,019,456 | ---- | M] () -- C:\prayforme.doc
[2004/05/17 09:31:10 | 000,020,992 | ---- | M] () -- C:\prayforme4.doc
[2000/10/10 16:10:04 | 000,019,456 | ---- | M] () -- C:\PREMIUM COMPARISON.doc
[2001/09/12 16:33:32 | 000,026,112 | ---- | M] () -- C:\priceinfo.doc
[2001/12/20 11:19:30 | 000,012,800 | ---- | M] () -- C:\pricereturnlbl.wps
[2004/12/14 19:14:22 | 000,020,992 | ---- | M] () -- C:\priscilla1204.doc
[2000/03/15 09:12:32 | 000,020,992 | ---- | M] () -- C:\Probable order for concert.doc
[2003/06/20 09:58:02 | 000,020,992 | ---- | M] () -- C:\Probableorde03.doc
[2005/04/25 08:24:39 | 000,491,501 | ---- | M] () -- C:\ProductGuide-SureHorizon-LBL6604.zip
[2000/06/06 23:24:58 | 000,019,968 | ---- | M] () -- C:\Program1.doc
[2005/04/10 16:08:47 | 000,068,340 | ---- | M] () -- C:\Program1.pdf
[1996/06/13 18:21:18 | 000,001,824 | ---- | M] () -- C:\PROGRAM1.WPS
[2000/06/06 23:24:58 | 000,019,968 | ---- | M] () -- C:\Program2.doc
[1994/07/09 07:48:30 | 000,004,926 | ---- | M] () -- C:\PROGRAM2.WPS
[2000/06/06 23:26:06 | 000,019,456 | ---- | M] () -- C:\Program2000.doc
[1994/07/09 07:48:30 | 000,004,926 | ---- | M] () -- C:\PROGRAM3.WPS
[2001/01/07 17:21:34 | 000,024,064 | ---- | M] () -- C:\PROJECT AGREEMENT FORM.doc
[2002/02/25 21:17:14 | 000,021,504 | ---- | M] () -- C:\Psalm 3.doc
[1995/10/16 12:51:06 | 000,001,300 | ---- | M] () -- C:\PSLM100.WPS
[2000/10/22 18:51:16 | 000,028,672 | ---- | M] () -- C:\questions.doc
[2000/10/22 18:27:06 | 000,006,052 | ---- | M] () -- C:\questions.txt
[2000/02/05 18:45:48 | 000,024,064 | ---- | M] () -- C:\Rabbi.doc
[2002/07/31 09:35:00 | 000,020,480 | ---- | M] () -- C:\Ray Brubacher.doc
[2002/07/31 17:16:16 | 000,020,480 | ---- | M] () -- C:\Ray Brubacher1.doc
[2002/10/16 11:34:54 | 000,020,480 | ---- | M] () -- C:\Ray Brubacher802.doc
[2002/09/03 08:55:52 | 000,021,504 | ---- | M] () -- C:\ray902.doc
[1994/05/31 08:42:10 | 000,002,836 | ---- | M] () -- C:\RAYLTR.WPS
[1997/01/13 19:22:48 | 000,006,554 | ---- | M] () -- C:\RAYLTTR.WPS
[2002/08/01 06:55:36 | 000,020,992 | ---- | M] () -- C:\raythoughts.doc
[1998/09/17 11:25:20 | 000,020,480 | ---- | M] () -- C:\REALLY IMPORTANT STUFF.doc
[1996/02/02 18:35:36 | 000,001,428 | ---- | M] () -- C:\REASON.WPS
[2000/03/31 11:55:32 | 000,015,360 | ---- | M] () -- C:\redlights1(1).xls
[2002/05/09 10:47:52 | 000,020,992 | ---- | M] () -- C:\REGGIE DABBS IN BALTIMORE.doc
[2005/03/24 22:15:25 | 000,192,314 | ---- | M] () -- C:\RegRepContractApp.pdf
[2001/09/25 08:59:32 | 000,019,968 | ---- | M] () -- C:\REH DINNER VOLUNTEERS.doc
[1998/03/21 05:04:32 | 000,001,818 | ---- | M] () -- C:\REH.WPS
[2002/06/28 15:41:46 | 000,003,744 | ---- | M] () -- C:\Relatives#1.zip
[1999/10/06 16:40:00 | 000,001,220 | ---- | M] () -- C:\REMA.CHR
[2004/07/13 15:24:28 | 000,019,968 | ---- | M] () -- C:\Renfinvent.doc
[2004/02/09 16:07:04 | 000,019,456 | ---- | M] () -- C:\renfro204.doc
[2000/01/21 19:54:46 | 000,020,480 | ---- | M] () -- C:\renfrow.doc
[2001/03/13 23:25:08 | 000,019,456 | ---- | M] () -- C:\renfrow01.doc
[2002/02/11 16:05:54 | 000,019,456 | ---- | M] () -- C:\renfrow1.doc
[2003/02/09 17:43:44 | 000,019,456 | ---- | M] () -- C:\renfrow203.doc
[2005/02/06 19:43:15 | 000,019,456 | ---- | M] () -- C:\renfrow205.doc
[2002/06/09 00:07:16 | 000,019,456 | ---- | M] () -- C:\renfrow602.doc
[2000/06/12 10:57:52 | 000,020,480 | ---- | M] () -- C:\renfrow612.doc
[2004/07/12 13:02:42 | 000,020,480 | ---- | M] () -- C:\renfrow71204.doc
[2002/08/15 16:11:40 | 000,019,456 | ---- | M] () -- C:\renfrow802.doc
[2003/11/11 11:23:26 | 000,020,992 | ---- | M] () -- C:\renfrowA.doc
[2002/07/10 14:52:14 | 000,019,456 | ---- | M] () -- C:\renfrowdelay.doc
[2004/01/09 12:21:42 | 000,019,456 | ---- | M] () -- C:\renfrowusg.doc
[2005/03/15 12:18:01 | 000,143,360 | ---- | M] () -- C:\RepAppointmentApprovalFaxCoverSheet.doc
[2001/10/02 12:38:52 | 000,006,656 | ---- | M] () -- C:\report.wdb
[2005/03/09 11:30:07 | 000,307,229 | ---- | M] () -- C:\RequestedForms.pdf
[2000/08/21 12:59:14 | 000,019,456 | ---- | M] () -- C:\REQUIREMENTS.doc
[1998/04/28 10:34:30 | 000,013,312 | ---- | M] () -- C:\RESTURC.DOC
[2002/07/07 22:43:18 | 000,022,528 | ---- | M] () -- C:\resumebp.doc
[2002/07/07 22:43:22 | 000,020,480 | ---- | M] () -- C:\resumeltr.doc
[2004/10/01 17:47:40 | 000,006,144 | ---- | M] () -- C:\ret04roomB.wdb
[2004/10/01 18:04:02 | 000,010,240 | ---- | M] () -- C:\ret04roomG.wdb
[1998/04/28 15:44:30 | 000,002,586 | ---- | M] () -- C:\RET98.WPS
[1997/10/09 18:00:46 | 000,002,196 | ---- | M] () -- C:\RETCHAP.WPS
[1997/10/09 19:39:00 | 000,002,452 | ---- | M] () -- C:\RETGMS.WPS
[1997/10/09 19:07:20 | 000,001,690 | ---- | M] () -- C:\RETHOUS.WPS
[2000/09/27 20:58:10 | 000,020,480 | ---- | M] () -- C:\RETREAT DETAILS.doc
[2003/09/26 12:22:44 | 000,021,504 | ---- | M] () -- C:\retreat details03.doc
[2000/09/30 08:35:58 | 000,020,480 | ---- | M] () -- C:\REtreat reh.doc
[2000/09/30 00:53:52 | 000,020,992 | ---- | M] () -- C:\Retreat Schedule.doc
[2002/09/03 10:31:04 | 000,020,992 | ---- | M] () -- C:\Retreat Schedulefred.doc
[2002/10/02 20:35:04 | 000,020,480 | ---- | M] () -- C:\RETREAT STUFF02.doc
[2001/09/06 12:37:54 | 000,022,016 | ---- | M] () -- C:\RETREAT TO KENT ISLAND.doc
[2002/09/18 23:00:28 | 000,020,992 | ---- | M] () -- C:\RETREAT.doc
[1997/09/09 18:43:40 | 000,004,250 | ---- | M] () -- C:\RETREAT.WPS
[2002/09/29 14:27:56 | 000,020,480 | ---- | M] () -- C:\retreat02details.doc
[2002/09/26 11:22:16 | 000,020,992 | ---- | M] () -- C:\retreat02notes.doc
[2003/09/30 17:49:40 | 000,019,968 | ---- | M] () -- C:\retreat03.doc
[2000/09/14 17:56:36 | 000,027,136 | ---- | M] () -- C:\retreat2000.doc
[2002/10/03 11:04:46 | 000,010,240 | ---- | M] () -- C:\retreatadults02.wdb
[2003/09/30 15:25:14 | 000,019,968 | ---- | M] () -- C:\retreatbus03.doc
[2004/09/13 16:57:20 | 000,020,992 | ---- | M] () -- C:\retreatdetails04.doc
[1998/09/10 17:16:02 | 000,019,456 | ---- | M] () -- C:\retreatjn.doc
[2002/08/29 13:26:30 | 000,022,528 | ---- | M] () -- C:\retreatltr.doc
[2002/10/07 19:14:18 | 000,019,968 | ---- | M] () -- C:\retreatplan.doc
[2002/10/03 22:13:58 | 000,006,656 | ---- | M] () -- C:\retreatroomiesB02.wdb
[2002/10/03 22:13:56 | 000,010,240 | ---- | M] () -- C:\retreatroomiesG02.wdb
[2002/09/22 16:15:34 | 000,033,792 | ---- | M] () -- C:\retreatroster02.wdb
[2001/09/28 16:31:58 | 000,022,016 | ---- | M] () -- C:\retreatsched.doc
[2004/09/13 17:43:58 | 000,020,992 | ---- | M] () -- C:\RETREATSCHED04.doc
[2000/09/06 00:13:06 | 000,020,992 | ---- | M] () -- C:\retreatschedule.doc
[2002/10/02 10:20:22 | 000,020,480 | ---- | M] () -- C:\retreatteams02.doc
[2003/10/01 22:27:26 | 000,006,144 | ---- | M] () -- C:\retroom03B.wdb
[2003/10/02 00:45:28 | 000,006,656 | ---- | M] () -- C:\retroom03G.wdb
[2001/09/27 21:48:08 | 000,010,240 | ---- | M] () -- C:\retroomies.wdb
[2002/10/03 09:50:08 | 000,035,328 | ---- | M] () -- C:\retroster02.wdb
[1997/10/09 17:36:24 | 000,002,080 | ---- | M] () -- C:\RETSCH.WPS
[2003/10/03 15:09:14 | 000,019,968 | ---- | M] () -- C:\RETTEAMS 03.doc
[2002/01/21 11:33:10 | 000,019,968 | ---- | M] () -- C:\revival.doc
[2004/05/28 10:56:10 | 000,019,456 | ---- | M] () -- C:\revivalbegun.doc
[2000/12/13 11:40:00 | 000,029,184 | ---- | M] () -- C:\ride.php
[2003/10/27 14:39:48 | 000,084,480 | ---- | M] () -- C:\RIDER-DEYO10-9-03.doc
[2000/02/07 07:58:38 | 000,021,504 | ---- | M] () -- C:\Right Now.doc
[2001/11/05 11:17:36 | 000,020,992 | ---- | M] () -- C:\riserinstruct.doc
[2005/02/28 17:13:17 | 000,024,576 | ---- | M] () -- C:\riserowners.doc
[2005/03/01 22:41:09 | 002,393,245 | ---- | M] () -- C:\riserpics.zip
[2005/04/12 14:27:00 | 000,022,528 | ---- | M] () -- C:\risers32905.doc
[2001/03/28 15:35:32 | 000,022,016 | ---- | M] () -- C:\ritz.doc
[2002/01/10 15:52:16 | 000,020,992 | ---- | M] () -- C:\rivertopray.doc
[2012/01/06 16:56:22 | 000,000,715 | ---- | M] () -- C:\rkill.log
[2004/04/25 15:51:39 | 005,270,609 | ---- | M] () -- C:\Rock 2004 Highlights DVD
[2002/12/21 22:33:58 | 000,083,456 | ---- | M] () -- C:\ROCK Registration Tom.xls
[2003/05/13 09:11:58 | 000,020,480 | ---- | M] () -- C:\rock04503.doc
[2002/03/28 15:04:14 | 000,022,016 | ---- | M] () -- C:\ROCK2003.doc
[2002/12/29 21:12:16 | 000,024,064 | ---- | M] () -- C:\Rock2003Attendees.xls
[2003/12/09 16:09:06 | 000,012,288 | ---- | M] () -- C:\ROCK2004.xls
[2003/12/29 13:05:06 | 000,043,008 | ---- | M] () -- C:\rock2004rules.doc
[2000/11/16 16:49:32 | 000,019,968 | ---- | M] () -- C:\roger.doc
[2000/02/16 10:09:52 | 000,020,992 | ---- | M] () -- C:\Ron Berger.doc
[2004/06/17 18:35:38 | 000,006,656 | ---- | M] () -- C:\roomieB04.wdb
[2005/06/03 17:47:25 | 000,006,656 | ---- | M] () -- C:\roomieB05.wdb
[2004/06/17 18:56:30 | 000,010,752 | ---- | M] () -- C:\roomieG04.wdb
[2005/06/03 17:47:11 | 000,010,240 | ---- | M] () -- C:\RoomieG05.wdb
[2000/09/28 23:10:56 | 000,006,144 | ---- | M] () -- C:\roomies.wdb
[1996/07/07 18:12:24 | 000,003,500 | ---- | M] () -- C:\ROOMIES.WPS
[2002/06/20 09:05:42 | 000,007,168 | ---- | M] () -- C:\roomies02Ba.wdb
[2002/06/20 09:04:14 | 000,010,752 | ---- | M] () -- C:\roomies02Ga.wdb
[2003/05/23 16:37:30 | 000,006,144 | ---- | M] () -- C:\roomiesA03.wdb
[2000/09/29 20:31:32 | 000,005,632 | ---- | M] () -- C:\roomiesb.wdb
[2003/06/19 17:56:16 | 000,007,168 | ---- | M] () -- C:\roomiesB03.wdb
[2000/09/29 20:30:40 | 000,010,240 | ---- | M] () -- C:\roomiesg.wdb
[2003/06/19 17:56:14 | 000,010,752 | ---- | M] () -- C:\roomiesG03.wdb
[2000/08/09 21:34:14 | 000,019,968 | ---- | M] () -- C:\roser.doc
[2003/12/30 22:17:16 | 000,020,480 | ---- | M] () -- C:\rules.doc
 
[2005/05/03 16:14:25 | 000,431,437 | ---- | M] () -- C:\Safety.rtf
[2002/06/06 23:03:54 | 001,273,591 | ---- | M] () -- C:\SALV01-24-03.zip
[2001/09/14 08:23:56 | 000,019,456 | ---- | M] () -- C:\Sanctuary events.doc
[2002/07/15 12:29:56 | 000,021,504 | ---- | M] () -- C:\SANCTUARYCHOIr0203A.doc
[2002/07/12 15:46:02 | 000,020,992 | ---- | M] () -- C:\SANCTUARYCHOIRSCHEDULE0203.doc
[1996/01/28 19:13:28 | 000,002,964 | ---- | M] () -- C:\SARA.WPS
[1999/10/03 23:28:38 | 000,002,780 | ---- | M] () -- C:\SARGON.CHR
[2005/02/14 14:21:32 | 000,205,592 | ---- | M] () -- C:\scan.jpg
[2002/08/29 17:16:14 | 000,023,040 | ---- | M] () -- C:\sched0203.doc
[2002/04/11 12:26:04 | 000,021,504 | ---- | M] () -- C:\schedfall02.doc
[2000/02/04 08:55:44 | 000,020,992 | ---- | M] () -- C:\Schedule 2000.doc
[2004/10/28 19:57:02 | 000,022,528 | ---- | M] () -- C:\scholufc.doc
[2002/08/05 14:25:48 | 000,019,968 | ---- | M] () -- C:\scott802.doc
[2004/02/13 16:10:18 | 000,019,968 | ---- | M] () -- C:\scottdup.doc
[2004/02/09 09:22:42 | 000,019,968 | ---- | M] () -- C:\scottterm.doc
[1994/02/13 12:49:12 | 000,001,300 | ---- | M] () -- C:\SEEKERS.WPS
[2001/12/18 19:38:32 | 000,020,480 | ---- | M] () -- C:\sgar.doc
[2001/11/26 15:13:12 | 000,019,456 | ---- | M] () -- C:\sgarlata.doc
[2005/01/27 22:24:06 | 000,042,496 | ---- | M] () -- C:\ShalomZoneBudget2005.doc
[1998/10/29 12:55:28 | 000,019,456 | ---- | M] () -- C:\Shine on Us.doc
[1994/05/10 20:15:30 | 000,001,300 | ---- | M] () -- C:\SHINE.WPS
[2002/11/08 09:48:22 | 000,019,968 | ---- | M] () -- C:\shout.doc
[2001/04/17 11:12:32 | 000,019,456 | ---- | M] () -- C:\sifuni translate.doc
[2001/04/15 17:02:16 | 000,020,992 | ---- | M] () -- C:\sifuni,deliverer.doc
[2005/05/25 20:56:12 | 000,608,768 | ---- | M] () -- C:\SigProDriverXP2000v120.exe
[1998/10/15 14:32:32 | 000,019,456 | ---- | M] () -- C:\silent film flyer.doc
[1998/10/05 16:53:24 | 000,019,456 | ---- | M] () -- C:\silent film.doc
[2005/02/28 15:32:27 | 000,230,357 | ---- | M] () -- C:\sir_7d2.zip
[2003/03/31 13:13:00 | 000,019,968 | ---- | M] () -- C:\sitwithYou.doc
[2001/08/27 14:28:54 | 000,020,480 | ---- | M] () -- C:\sjbltc801.doc
[2001/08/27 14:34:12 | 000,019,456 | ---- | M] () -- C:\sjboe801.doc
[2003/07/01 20:07:02 | 000,023,040 | ---- | M] () -- C:\Skeete.doc
[2003/07/06 22:41:32 | 000,026,112 | ---- | M] () -- C:\skeeteA.doc
[2001/09/20 15:01:40 | 000,020,480 | ---- | M] () -- C:\snfa.doc
[2003/02/20 12:01:02 | 000,020,992 | ---- | M] () -- C:\socialhour.doc
[1996/06/19 12:09:38 | 000,002,068 | ---- | M] () -- C:\SOCKS.WPS
[2002/06/17 18:19:08 | 000,021,504 | ---- | M] () -- C:\songstour2002.doc
[2003/01/20 21:49:54 | 000,354,229 | ---- | M] () -- C:\Sound Eqt Inventory .rtf
[2002/01/29 19:50:38 | 000,000,372 | ---- | M] () -- C:\spider.sav
[1994/05/10 20:23:38 | 000,001,300 | ---- | M] () -- C:\SPIRIT.WPS
[2005/03/01 22:46:43 | 000,810,244 | ---- | M] () -- C:\SplashTownTornadophotos.zip
[2001/04/17 07:42:12 | 000,027,136 | ---- | M] () -- C:\SPR letter.doc
[2001/04/03 22:14:56 | 000,019,456 | ---- | M] () -- C:\spr.doc
[2002/12/30 21:33:18 | 000,020,480 | ---- | M] () -- C:\ssmcanc.doc
[1994/07/01 12:47:44 | 000,001,306 | ---- | M] () -- C:\STAFF.WPS
[2005/03/01 22:11:40 | 000,010,679 | ---- | M] () -- C:\StaffRetreatAgenda.htm
[2001/08/02 21:49:30 | 000,019,456 | ---- | M] () -- C:\starks.doc
[2001/03/23 19:31:10 | 000,021,504 | ---- | M] () -- C:\STATIONS FOR CONFIRMATION 2001.doc
[1998/10/19 16:21:10 | 000,020,480 | ---- | M] () -- C:\stonemountain.doc
[2000/11/12 14:19:58 | 000,020,480 | ---- | M] () -- C:\stup.doc
[2005/04/01 15:17:59 | 000,001,933 | ---- | M] () -- C:\Subject_RedHead.eml
[2000/03/10 22:43:58 | 000,020,992 | ---- | M] () -- C:\SUGGESTED COMMUNION TEAMS FOR MARCH 11TH.doc
[1998/09/24 10:14:16 | 000,020,992 | ---- | M] () -- C:\summit lake.doc
[2001/04/02 09:51:04 | 000,019,456 | ---- | M] () -- C:\sunblock.doc
[2001/11/11 14:18:00 | 000,023,552 | ---- | M] () -- C:\Sunday School.doc
[2000/09/25 17:11:44 | 000,004,608 | ---- | M] () -- C:\swing.cl3
[2000/10/28 12:44:32 | 000,004,608 | ---- | M] () -- C:\swing1.cl3
[2004/04/19 22:57:55 | 000,000,087 | ---- | M] () -- C:\SystemInfo.ini
[2004/08/07 14:36:34 | 000,016,384 | ---- | M] () -- C:\T-shirtandshortinventory.xls
[2001/07/28 02:00:18 | 000,020,480 | ---- | M] () -- C:\tabinski.doc
[2000/02/16 18:47:18 | 000,019,968 | ---- | M] () -- C:\Take Up Your Cross.doc
[2003/08/12 21:05:14 | 000,029,184 | ---- | M] () -- C:\TalentWorksheet.doc
[2000/12/11 10:03:54 | 000,019,968 | ---- | M] () -- C:\tax receipt.doc
[2001/06/15 11:07:20 | 000,223,611 | ---- | M] () -- C:\TAX00.TAX
[2001/09/25 15:41:44 | 000,234,178 | ---- | M] () -- C:\TAX00final.tax
[2001/09/26 17:39:32 | 000,237,774 | ---- | M] () -- C:\TAX00FINAL2.TAX
[2001/02/05 13:36:52 | 000,020,992 | ---- | M] () -- C:\taxreceipt.doc
[2012/01/03 01:10:00 | 000,053,004 | ---- | M] () -- C:\TDSSKiller.2.6.25.0_03.01.2012_01.03.40_log.txt
[2012/01/06 17:00:46 | 000,050,650 | ---- | M] () -- C:\TDSSKiller.2.6.25.0_06.01.2012_17.00.07_log.txt
[1996/06/18 00:58:02 | 000,002,196 | ---- | M] () -- C:\TEAMS.WPS
[2001/06/16 20:51:50 | 000,065,536 | ---- | M] () -- C:\techbooklettour[1].doc
[2001/03/07 17:53:52 | 000,020,992 | ---- | M] () -- C:\tenitinerary2001.doc
[2003/08/06 08:26:56 | 000,021,504 | ---- | M] () -- C:\tenitintour04.doc
[2000/05/22 00:08:54 | 000,020,480 | ---- | M] () -- C:\Testify.doc
[2000/09/29 22:32:30 | 000,023,552 | ---- | M] () -- C:\Thank you for taking our children into your home.doc
[2004/10/01 12:19:56 | 000,019,456 | ---- | M] () -- C:\thank youhosts.doc
[1996/02/02 18:36:54 | 000,003,750 | ---- | M] () -- C:\THANKYOU.WPS
[2004/12/09 15:26:14 | 000,019,968 | ---- | M] () -- C:\That Little Baby.doc
[2000/01/21 19:11:44 | 000,022,016 | ---- | M] () -- C:\THE BIG QUESTIONS.doc
[2000/02/09 12:42:36 | 000,022,528 | ---- | M] () -- C:\The Lord will fight for you.doc
[2003/03/13 17:28:48 | 000,021,504 | ---- | M] () -- C:\ThereHope.doc
[1995/11/20 14:26:16 | 000,001,428 | ---- | M] () -- C:\THIRST.WPS
[2002/11/08 09:47:08 | 000,019,968 | ---- | M] () -- C:\This Day.doc
[2000/09/21 16:25:50 | 000,025,088 | ---- | M] () -- C:\THIS SUNDAY924.doc
[2000/04/28 14:04:06 | 000,024,576 | ---- | M] () -- C:\THRU JUNE.doc
[2002/04/03 13:14:54 | 000,019,968 | ---- | M] () -- C:\timessqcafe.doc
[2002/08/23 10:42:34 | 000,000,754 | ---- | M] () -- C:\tmb.ind
[2002/08/23 10:42:34 | 000,020,840 | ---- | M] () -- C:\tmb.lst
[2003/06/27 23:37:40 | 000,029,696 | ---- | M] () -- C:\ToAllSupportersofIsheAnesuJun'03.doc
[2002/09/12 23:05:30 | 000,019,968 | ---- | M] () -- C:\Today is the Day.doc
[2000/11/16 00:06:12 | 000,020,992 | ---- | M] () -- C:\Tom and Becki Price.doc
[2000/02/05 19:28:54 | 000,023,040 | ---- | M] () -- C:\tom's sermon.doc
[2000/10/21 19:10:18 | 000,024,064 | ---- | M] () -- C:\tom10-24.doc
[2001/12/09 18:00:16 | 000,082,944 | ---- | M] () -- C:\tomcards.php
[1999/10/12 14:12:40 | 000,002,388 | ---- | M] () -- C:\TOMEBOY3.CHR
[2004/06/30 10:20:46 | 000,019,456 | ---- | M] () -- C:\TomMEP.doc
[1996/07/21 02:10:12 | 000,002,196 | ---- | M] () -- C:\TOMTOUR.WPS
[1997/04/13 19:15:02 | 000,001,940 | ---- | M] () -- C:\TORRES.WPS
[1994/08/23 15:24:10 | 000,005,908 | ---- | M] () -- C:\TORUNEWS.WPS
[2003/05/19 07:36:46 | 000,020,480 | ---- | M] () -- C:\TOUR ADULTS 2003.doc
[2001/04/28 00:09:38 | 000,019,456 | ---- | M] () -- C:\tour balance.doc
[2000/05/20 19:24:44 | 000,025,088 | ---- | M] () -- C:\tour bus quote.doc
[2001/06/04 14:25:50 | 000,019,456 | ---- | M] () -- C:\Tour chaperones.doc
[1998/10/15 11:37:28 | 000,020,480 | ---- | M] () -- C:\tour deposits.doc
[2000/06/06 23:28:16 | 000,023,552 | ---- | M] () -- C:\Tour Details.doc
[2000/06/06 14:27:38 | 000,019,456 | ---- | M] () -- C:\tour program.doc
[2002/04/22 11:47:22 | 000,004,358 | ---- | M] () -- C:\tour roster2002.txt
[2002/04/24 15:00:04 | 000,013,312 | ---- | M] () -- C:\tour roster2002.wdb
[1999/07/20 13:50:10 | 000,022,528 | ---- | M] () -- C:\Tour was incredible.doc
[2003/06/18 10:38:56 | 000,026,624 | ---- | M] () -- C:\tour#s03.doc
[2001/05/07 13:37:22 | 000,011,264 | ---- | M] () -- C:\tour$.wdb
[1994/03/29 14:49:26 | 000,002,708 | ---- | M] () -- C:\TOUR.WPS
[2000/04/01 19:06:52 | 000,013,824 | ---- | M] () -- C:\tour.xls
[2001/06/29 09:43:02 | 000,020,992 | ---- | M] () -- C:\tour01itinerary.doc
[2001/07/07 01:56:30 | 000,021,504 | ---- | M] () -- C:\tour01packing.doc
[2002/06/04 07:55:52 | 000,021,504 | ---- | M] () -- C:\tour01packing1.doc
[2002/07/01 09:49:22 | 000,020,480 | ---- | M] () -- C:\tour02addresses.doc
[2002/04/02 20:41:50 | 000,022,528 | ---- | M] () -- C:\tour02bus.doc
[2002/04/07 19:29:22 | 000,020,480 | ---- | M] () -- C:\tour02friends.doc
[2002/04/07 19:20:38 | 000,021,504 | ---- | M] () -- C:\tour02itin.doc
[2002/06/27 14:21:24 | 000,020,992 | ---- | M] () -- C:\tour02packing.doc
[2004/08/16 18:21:10 | 000,022,016 | ---- | M] () -- C:\tour03.doc
[2002/09/04 16:21:42 | 000,020,480 | ---- | M] () -- C:\tour03bus.doc
[2003/06/08 18:43:24 | 000,021,504 | ---- | M] () -- C:\tour03itinshort.doc
[2003/04/10 10:23:08 | 000,025,088 | ---- | M] () -- C:\tour03money.doc
[2003/04/12 16:40:56 | 000,022,016 | ---- | M] () -- C:\tour03packing.doc
[2003/10/13 12:17:12 | 000,023,552 | ---- | M] () -- C:\tour03songs.doc
[2003/05/18 22:27:14 | 000,010,240 | ---- | M] () -- C:\tour03SW.wdb
[2003/05/18 22:27:40 | 000,010,240 | ---- | M] () -- C:\tour03UAL.wdb
[2004/05/20 19:28:06 | 000,025,088 | ---- | M] () -- C:\tour04churchesonly.doc
[2004/06/09 15:32:56 | 000,021,504 | ---- | M] () -- C:\tour04clothes.doc
[2004/04/23 20:17:48 | 000,020,992 | ---- | M] () -- C:\tour04itinshort.doc
[2004/06/09 15:24:24 | 000,021,504 | ---- | M] () -- C:\tour04packing.doc
[2005/04/23 13:11:27 | 000,022,016 | ---- | M] () -- C:\tour05packing.doc
[2005/05/10 00:07:03 | 000,019,968 | ---- | M] () -- C:\tour05plane.xls
[2000/06/02 13:11:56 | 000,022,528 | ---- | M] () -- C:\tour1.xls
[2001/05/10 22:42:16 | 000,030,208 | ---- | M] () -- C:\tour2001$.xls
[2000/05/09 23:08:16 | 000,020,992 | ---- | M] () -- C:\tour21.xls
[2000/05/20 19:31:54 | 000,019,968 | ---- | M] () -- C:\tour22.xls
[1994/05/03 09:24:28 | 000,004,506 | ---- | M] () -- C:\TOUR294.WPS
[1994/06/09 13:58:04 | 000,004,250 | ---- | M] () -- C:\TOUR3.WPS
[1994/04/11 16:18:20 | 000,004,122 | ---- | M] () -- C:\TOUR94.WPS
[1995/01/02 19:07:10 | 000,002,458 | ---- | M] () -- C:\TOUR95.WPS
[1997/01/15 23:10:24 | 000,002,708 | ---- | M] () -- C:\TOUR96.WPS
[1998/06/01 21:53:26 | 000,001,178 | ---- | M] () -- C:\TOUR98.WPS
[2001/03/16 09:40:38 | 000,020,480 | ---- | M] () -- C:\tour99.doc
[2003/03/06 15:57:52 | 000,021,504 | ---- | M] () -- C:\tour99Jsleeve.doc
[2003/06/02 23:25:20 | 000,010,240 | ---- | M] () -- C:\touradults03.wdb
[2001/04/30 01:17:38 | 000,022,016 | ---- | M] () -- C:\tourbalance.doc
[2002/04/23 17:43:42 | 000,024,576 | ---- | M] () -- C:\tourchurch instruc.doc
[2002/04/11 14:38:34 | 000,030,720 | ---- | M] () -- C:\tourfriends.wdb
[2002/04/11 14:44:08 | 000,010,240 | ---- | M] () -- C:\tourfriends1.wdb
[2000/06/07 10:03:44 | 000,026,624 | ---- | M] () -- C:\tourgirls.doc
[2000/06/01 23:13:24 | 000,021,504 | ---- | M] () -- C:\tourguys.doc
[2004/06/07 10:31:46 | 000,020,992 | ---- | M] () -- C:\tourhotel04.doc
[2001/07/17 15:47:14 | 000,021,504 | ---- | M] () -- C:\tourhotelbills.doc
[2005/05/03 07:52:16 | 000,299,393 | ---- | M] () -- C:\tourists6.zip
[1994/05/18 07:38:04 | 000,002,970 | ---- | M] () -- C:\TOURLTR.WPS
[2002/06/19 09:21:54 | 000,022,016 | ---- | M] () -- C:\tourmics02.doc
[2004/04/28 13:17:02 | 000,020,480 | ---- | M] () -- C:\tourmtg04.doc
[2004/05/04 17:00:14 | 000,024,576 | ---- | M] () -- C:\tourmtgmissd.doc
[1994/08/23 15:24:22 | 000,005,908 | ---- | M] () -- C:\TOURNEWS.WPS
[2002/10/08 11:19:26 | 000,025,600 | ---- | M] () -- C:\tourplan.doc
[2001/05/31 10:05:16 | 000,010,752 | ---- | M] () -- C:\tourroster.wdb
[2005/04/26 14:35:11 | 000,087,798 | ---- | M] () -- C:\TransferForm.pdf
[2001/03/29 16:53:50 | 000,028,672 | ---- | M] () -- C:\travel advice.doc
[2004/07/05 16:56:56 | 000,029,184 | ---- | M] () -- C:\travel advice1.doc
[2004/09/20 10:14:54 | 000,026,112 | ---- | M] () -- C:\travel advice2.doc
[2003/06/20 20:09:22 | 000,027,648 | ---- | M] () -- C:\TravelTipsforMusicianswithInstruments.doc
[2005/04/25 17:08:56 | 000,054,641 | ---- | M] () -- C:\Truthind1.jpg
[2005/04/07 20:30:15 | 000,623,683 | ---- | M] () -- C:\Tryitaga.mim
[2003/08/28 10:22:10 | 000,020,992 | ---- | M] () -- C:\tshirts903.doc
[2005/02/04 22:53:54 | 000,045,459 | ---- | M] () -- C:\TsunamiSurvivor.jpg
[2002/06/05 17:13:10 | 000,249,551 | ---- | M] () -- C:\TTAX2001.TAX
[2002/06/17 18:15:06 | 000,263,732 | ---- | M] () -- C:\TTAX2001F.tax
[2000/12/22 17:23:48 | 000,020,480 | ---- | M] () -- C:\twelve days.doc
[2004/05/23 22:14:30 | 000,010,240 | ---- | M] () -- C:\TXhousing.wdb
[2001/08/17 20:02:12 | 000,012,288 | ---- | M] () -- C:\u4c Alt gifts.wdb
[2001/08/17 21:02:30 | 000,012,800 | ---- | M] () -- C:\U4C DONATIONS.wdb
[2005/05/03 14:58:50 | 000,015,360 | ---- | M] () -- C:\u4c fmA.wdb
[2004/01/29 17:50:00 | 000,011,776 | ---- | M] () -- C:\u4c gvA.wdb
[2004/06/28 21:49:30 | 000,017,408 | ---- | M] () -- C:\u4c ht.wdb
[2004/07/15 21:34:22 | 000,019,968 | ---- | M] () -- C:\u4c ia1.wdb
[2004/12/21 10:12:06 | 000,010,202 | ---- | M] () -- C:\u4c mwA.csv
[2004/12/21 10:12:36 | 000,008,580 | ---- | M] () -- C:\u4c mwA.txt
[2004/07/15 21:32:14 | 000,024,576 | ---- | M] () -- C:\u4c mwA.wdb
[2005/05/10 15:18:21 | 000,010,240 | ---- | M] () -- C:\u4c SD.wdb
[2001/08/17 21:13:20 | 000,005,632 | ---- | M] () -- C:\u4cbio.wdb
[2001/08/17 21:03:56 | 000,007,168 | ---- | M] () -- C:\u4cbudget form 2.wdb
[2001/01/07 17:34:00 | 000,020,992 | ---- | M] () -- C:\u4cbudgeting form.doc
[2001/11/20 22:03:50 | 000,019,968 | ---- | M] () -- C:\U4Cgifts.doc
[2004/11/04 13:46:44 | 000,006,656 | ---- | M] () -- C:\u4cgiftsalter.wdb
[2001/11/05 14:58:58 | 000,000,961 | ---- | M] () -- C:\u4cgiftsalterntx.txt
[2001/11/20 16:35:30 | 000,021,504 | ---- | M] () -- C:\u4cmwenv.wps
[2001/02/12 10:42:18 | 000,019,968 | ---- | M] () -- C:\ufc albino.doc
[2001/07/06 18:03:28 | 000,013,824 | ---- | M] () -- C:\ufc Alt gifts.wdb
[2001/02/12 16:48:52 | 000,022,016 | ---- | M] () -- C:\ufc article.doc
[2001/03/12 20:09:58 | 000,026,624 | ---- | M] () -- C:\ufc bios fm.doc
[2001/03/12 18:10:54 | 000,023,552 | ---- | M] () -- C:\ufc bios IA.doc
[2001/03/12 19:41:04 | 000,023,552 | ---- | M] () -- C:\ufc bios mw.doc
[2001/03/12 18:10:40 | 000,025,088 | ---- | M] () -- C:\ufc bios.doc
[2001/02/17 18:22:30 | 000,019,968 | ---- | M] () -- C:\ufc board.doc
[2001/11/15 11:41:02 | 000,019,968 | ---- | M] () -- C:\ufc board1.doc
[2005/05/03 15:15:07 | 000,020,480 | ---- | M] () -- C:\ufc bodirs.doc
[2001/02/17 18:12:22 | 000,022,016 | ---- | M] () -- C:\ufc bulletin.doc
[2003/04/02 11:26:30 | 000,021,504 | ---- | M] () -- C:\ufc bulletin2.doc
[2001/07/17 09:36:08 | 000,014,336 | ---- | M] () -- C:\UFC DONATIONS.wdb
[2001/02/20 16:31:40 | 000,020,992 | ---- | M] () -- C:\ufc enrollment.doc
[2001/02/17 18:48:44 | 000,023,040 | ---- | M] () -- C:\ufc exemption.doc
[2001/02/12 10:45:06 | 000,020,480 | ---- | M] () -- C:\ufc fairfield.doc
[2004/10/28 16:38:24 | 000,020,992 | ---- | M] () -- C:\ufc faithfest.doc
[2001/02/20 10:45:16 | 000,020,480 | ---- | M] () -- C:\ufc flyer.doc
[2002/12/10 19:33:10 | 000,024,576 | ---- | M] () -- C:\ufc flyer1.doc
[2004/10/28 16:52:38 | 000,022,528 | ---- | M] () -- C:\ufc flyer2.doc
[2003/02/18 15:37:02 | 000,010,240 | ---- | M] () -- C:\ufc ht.wdb
[2001/02/12 22:42:38 | 000,024,576 | ---- | M] () -- C:\ufc illum201.doc
[2001/02/12 10:55:44 | 000,020,992 | ---- | M] () -- C:\ufc isheanesu.doc
[2001/02/12 10:47:12 | 000,020,992 | ---- | M] () -- C:\ufc murewa.doc
[2001/02/05 13:45:38 | 000,019,968 | ---- | M] () -- C:\ufc packet.doc
[2001/02/05 14:25:30 | 000,022,528 | ---- | M] () -- C:\ufc profile.doc
[2002/10/09 14:45:50 | 000,021,504 | ---- | M] () -- C:\ufc question.doc
[2005/03/24 11:11:23 | 000,021,504 | ---- | M] () -- C:\ufc questions1.doc
[2004/11/04 17:17:12 | 000,021,504 | ---- | M] () -- C:\ufc questionsA.doc
[2001/02/06 10:47:18 | 000,035,840 | ---- | M] () -- C:\ufc REPORT TO BISHOP MAY.doc
[2001/03/13 11:20:18 | 000,020,992 | ---- | M] () -- C:\ufc reserve ltr.doc
[2002/08/29 11:57:12 | 000,020,992 | ---- | M] () -- C:\ufc reserveltr.doc
[2001/03/08 14:42:30 | 000,020,480 | ---- | M] () -- C:\ufc waitlist.doc
[2001/02/12 11:02:28 | 000,020,992 | ---- | M] () -- C:\ufc zimbabwe.doc
[2000/11/16 17:25:46 | 000,019,456 | ---- | M] () -- C:\ufc1.doc
[2003/02/03 21:26:30 | 000,020,480 | ---- | M] () -- C:\ufc103.doc
[2001/05/23 16:52:12 | 000,435,712 | ---- | M] () -- C:\ufc2nd Batche large merge.doc
[2004/03/31 15:26:40 | 000,467,968 | ---- | M] () -- C:\ufc2nd Batche large merge1.doc
[2001/06/05 13:36:56 | 000,060,928 | ---- | M] () -- C:\ufc2nd small merge inside.doc
[2004/03/16 16:35:38 | 000,084,992 | ---- | M] () -- C:\ufc2nd small merge insideA.doc
[2004/03/31 12:19:54 | 000,084,992 | ---- | M] () -- C:\ufc2nd small merge insideH.doc
[2001/03/22 23:02:24 | 000,162,304 | ---- | M] () -- C:\UFC2ndcovermerge.doc
[2003/11/29 15:53:38 | 000,006,656 | ---- | M] () -- C:\ufcaltform.wdb
[2004/11/29 20:22:38 | 000,019,456 | ---- | M] () -- C:\ufcaltxmas.doc
[2002/02/01 11:05:16 | 000,023,040 | ---- | M] () -- C:\ufcbdmtg1201.doc
[2005/05/30 20:08:06 | 000,029,696 | ---- | M] () -- C:\ufcbish505.doc
[2004/12/10 16:22:54 | 000,026,624 | ---- | M] () -- C:\ufcbishop1204.doc
[2004/02/08 15:02:56 | 000,019,968 | ---- | M] () -- C:\ufcbod1202.doc
[2004/12/07 21:20:18 | 000,020,992 | ---- | M] () -- C:\ufcbod1204.doc
[2004/05/31 16:10:42 | 000,020,480 | ---- | M] () -- C:\ufcbodmtg1203.doc
[2003/03/03 19:35:48 | 000,021,504 | ---- | M] () -- C:\ufcbrochure03.doc
[2003/02/10 16:44:38 | 000,024,064 | ---- | M] () -- C:\ufcbrochure03A.doc
[2001/01/07 18:00:48 | 000,007,168 | ---- | M] () -- C:\ufcbudget form 2.wdb
[2001/08/09 11:50:06 | 000,019,968 | ---- | M] () -- C:\ufcbudget.doc
[2001/01/07 18:13:50 | 000,020,480 | ---- | M] () -- C:\ufcbudget1.doc
[2001/01/07 18:04:04 | 000,019,456 | ---- | M] () -- C:\ufcbudget3.doc
[2001/01/07 18:07:28 | 000,019,456 | ---- | M] () -- C:\ufcbudget4.doc
[2001/10/17 10:21:02 | 000,024,064 | ---- | M] () -- C:\ufcbylaws.doc
[2001/10/26 11:43:48 | 000,028,160 | ---- | M] () -- C:\ufcbylaws2.doc
[2003/10/11 12:47:04 | 000,019,968 | ---- | M] () -- C:\ufccal.doc
[2001/11/01 23:26:52 | 000,062,464 | ---- | M] () -- C:\ufccard.php
[2001/01/12 13:34:08 | 000,033,280 | ---- | M] () -- C:\ufccards.php
[2001/07/22 19:21:02 | 000,021,504 | ---- | M] () -- C:\ufcCHILD SPONSORSHIP PROGRA1.doc
[2004/11/29 20:02:08 | 000,059,392 | ---- | M] () -- C:\ufccontacts1104.xls
[2004/08/10 20:25:16 | 000,019,968 | ---- | M] () -- C:\ufccrosses.doc
[2004/05/23 22:56:28 | 000,024,064 | ---- | M] () -- C:\ufcdied.doc
[2005/05/04 09:15:18 | 000,010,240 | ---- | M] () -- C:\UFCDISQ04.wdb
[2001/05/04 11:12:36 | 000,019,456 | ---- | M] () -- C:\ufcdonation.doc
[2004/02/18 13:02:20 | 000,021,504 | ---- | M] () -- C:\ufcenrollment.doc
[2004/05/31 13:57:58 | 000,025,088 | ---- | M] () -- C:\ufcfairfieldhousing.doc
[2001/04/25 23:24:14 | 000,023,040 | ---- | M] () -- C:\ufcfin.doc
[2003/05/12 23:11:28 | 000,019,456 | ---- | M] () -- C:\ufcfin503.doc
[2004/12/05 10:04:58 | 000,019,456 | ---- | M] () -- C:\ufcfinstmt.doc
[2002/11/13 09:55:50 | 000,019,968 | ---- | M] () -- C:\ufcfm1102.doc
[2001/11/20 22:11:24 | 000,023,552 | ---- | M] () -- C:\ufcfmltr1101.doc
[2002/02/08 13:37:32 | 000,006,144 | ---- | M] () -- C:\ufcfmnames.wdb
[2001/11/13 09:24:26 | 000,010,240 | ---- | M] () -- C:\ufcfmreport.wdb
[2001/04/25 23:24:58 | 000,019,968 | ---- | M] () -- C:\ufcfunds[1].doc
[2004/08/25 10:48:32 | 000,020,480 | ---- | M] () -- C:\ufcgbgm804.doc
[2004/05/24 17:24:06 | 000,024,576 | ---- | M] () -- C:\ufcgone.doc
[2001/11/20 22:13:38 | 000,023,040 | ---- | M] () -- C:\ufcgvltr1101.doc
[2002/02/08 13:37:10 | 000,005,632 | ---- | M] () -- C:\ufcgvnames.wdb
[2001/10/02 13:28:32 | 000,006,656 | ---- | M] () -- C:\ufcgvreport.wdb
[2004/08/25 12:22:36 | 000,024,576 | ---- | M] () -- C:\ufcgvterm804.doc
[2001/05/04 10:45:54 | 000,019,456 | ---- | M] () -- C:\ufchonorarium.doc
[2001/03/22 23:00:10 | 000,081,920 | ---- | M] () -- C:\ufcIACoverMerge.doc
[2001/11/20 22:23:00 | 000,022,528 | ---- | M] () -- C:\ufcialtr1101.doc
[2002/02/08 13:37:42 | 000,006,656 | ---- | M] () -- C:\ufcianames.wdb
[2001/04/20 14:28:14 | 000,037,888 | ---- | M] () -- C:\ufcIASmall inside merge.doc
[2003/03/17 21:33:34 | 000,049,152 | ---- | M] () -- C:\ufcIASmall inside mergeA.doc
[2001/10/29 11:42:54 | 000,023,552 | ---- | M] () -- C:\ufcirs.doc
[2001/10/29 17:42:20 | 000,022,016 | ---- | M] () -- C:\ufcirsadd.doc
[2001/10/29 19:07:00 | 000,020,992 | ---- | M] () -- C:\ufcirsltr.doc
[2001/11/20 22:16:00 | 000,024,064 | ---- | M] () -- C:\ufcisltr1101.doc
[2005/04/13 16:07:37 | 000,024,064 | ---- | M] () -- C:\ufclabel405.doc
[2002/03/25 18:36:34 | 000,038,400 | ---- | M] () -- C:\ufclabels.wps
[2002/10/01 14:35:52 | 000,019,456 | ---- | M] () -- C:\ufcletterhead1.doc
[2004/12/12 14:21:26 | 000,027,136 | ---- | M] () -- C:\ufcltr1204.doc
[2002/10/01 15:14:06 | 000,023,552 | ---- | M] () -- C:\ufcltr902.doc
[2002/07/08 13:49:08 | 000,019,968 | ---- | M] () -- C:\ufcltrsltr.doc
[2003/01/20 22:01:44 | 000,024,064 | ---- | M] () -- C:\ufcmailsponsor.doc
[2002/01/08 11:40:52 | 000,109,568 | ---- | M] () -- C:\ufcmanual.doc
[2001/04/05 10:07:16 | 000,022,016 | ---- | M] () -- C:\ufcMINISTRY MEMO.doc
[2005/04/21 22:02:16 | 000,022,528 | ---- | M] () -- C:\ufcminsuper.doc
[2001/11/20 22:18:08 | 000,023,552 | ---- | M] () -- C:\ufcmwltr1101.doc
[2002/02/08 13:37:50 | 000,010,240 | ---- | M] () -- C:\ufcmwnames.wdb
[2002/03/23 10:39:00 | 000,023,552 | ---- | M] () -- C:\ufcmwpam.doc
[2001/11/13 10:00:02 | 000,010,240 | ---- | M] () -- C:\ufcmwreport.wdb
[2004/08/24 11:48:04 | 000,020,992 | ---- | M] () -- C:\ufcnewsponenrol.doc
[2002/06/27 23:06:38 | 000,020,480 | ---- | M] () -- C:\ufcnewsponsor.doc
[2001/12/16 19:34:20 | 000,019,968 | ---- | M] () -- C:\ufcpartial payments.doc
[2005/01/18 17:36:40 | 000,026,624 | ---- | M] () -- C:\ufcreceipt.doc
[2002/06/03 16:16:14 | 000,021,504 | ---- | M] () -- C:\ufcreceipt1.doc
[2004/02/24 09:55:06 | 000,025,088 | ---- | M] () -- C:\ufcresinstruct.doc
[2002/10/21 19:30:18 | 000,038,400 | ---- | M] () -- C:\ufcreturn.wps
[2003/08/13 14:23:10 | 000,038,400 | ---- | M] () -- C:\ufcreturnlbls.wps
[2004/10/28 19:48:44 | 000,024,576 | ---- | M] () -- C:\ufcshalom.doc
[2002/11/19 13:08:24 | 000,025,600 | ---- | M] () -- C:\ufcsponreggie.doc
[2004/06/11 16:29:58 | 000,024,064 | ---- | M] () -- C:\ufcsponsmoved.doc
[2002/12/30 21:13:36 | 000,020,480 | ---- | M] () -- C:\ufcsponsreminder.doc
[2002/08/29 13:31:10 | 000,019,456 | ---- | M] () -- C:\ufcstationery.doc
[2001/11/13 14:54:14 | 000,021,504 | ---- | M] () -- C:\ufcstrikexmas.doc
[2004/05/24 17:20:22 | 000,019,968 | ---- | M] () -- C:\ufcsunningdale.doc
[2005/01/31 11:15:28 | 000,019,968 | ---- | M] () -- C:\ufctaxreceipt.doc
[2004/05/11 21:52:52 | 000,024,576 | ---- | M] () -- C:\ufctermltr.doc
[2001/04/19 23:19:50 | 000,425,472 | ---- | M] () -- C:\ufcTwo Batch large merge.doc
[2002/06/03 16:48:46 | 000,457,728 | ---- | M] () -- C:\ufcTwo Batch large merge1.doc
[2002/06/03 16:37:24 | 000,458,752 | ---- | M] () -- C:\ufcTwo Batch large merge2.doc
[2001/04/27 12:10:14 | 000,019,456 | ---- | M] () -- C:\ufcunsigned.doc
[2003/08/13 10:58:32 | 000,026,624 | ---- | M] () -- C:\ufcupdate803.doc
[2001/10/05 09:45:32 | 000,022,016 | ---- | M] () -- C:\ufcxmas.doc
[2004/11/27 21:46:08 | 000,023,552 | ---- | M] () -- C:\ufcxmas2.doc
[2001/11/06 21:58:08 | 000,215,040 | ---- | M] () -- C:\ufcxmas3.php
[2001/10/06 14:18:52 | 000,146,432 | ---- | M] () -- C:\ufcxmascard.php
[2004/11/09 22:07:34 | 000,020,992 | ---- | M] () -- C:\ufcxmasillum.doc
[2001/04/25 23:23:10 | 000,019,968 | ---- | M] () -- C:\ufcysf[1].doc
[2001/04/19 10:18:52 | 000,019,456 | ---- | M] () -- C:\ufcZnames.doc
[1995/09/27 13:00:04 | 000,002,708 | ---- | M] () -- C:\UMM.WPS
[1995/04/28 15:17:02 | 000,003,866 | ---- | M] () -- C:\UMW.WPS
[2001/02/07 16:02:00 | 000,020,992 | ---- | M] () -- C:\undersea.doc
[2001/02/12 14:25:06 | 000,019,968 | ---- | M] () -- C:\underseahmo.doc
[2001/02/12 14:22:12 | 000,025,088 | ---- | M] () -- C:\undersealtr.doc
[2001/02/12 14:19:46 | 000,020,992 | ---- | M] () -- C:\underseapos.doc
[2000/12/06 23:28:20 | 000,024,064 | ---- | M] () -- C:\UNITED FOR CHILDREN2.doc
[2009/12/27 13:17:00 | 000,000,839 | ---- | M] () -- C:\updatedatfix.log
[2005/04/23 20:13:17 | 001,577,454 | ---- | M] () -- C:\use form.BMP
[2000/03/28 10:39:44 | 000,025,088 | ---- | M] () -- C:\Use Me prayer.doc
[2000/03/18 12:17:00 | 000,022,016 | ---- | M] () -- C:\Use MeJones.doc
[2002/02/13 18:47:54 | 000,019,456 | ---- | M] () -- C:\valentine.doc
[2004/06/29 17:49:32 | 000,025,088 | ---- | M] () -- C:\valentineufc.doc
[1998/10/22 11:53:00 | 000,021,504 | ---- | M] () -- C:\valpak.doc
[2000/10/11 15:34:02 | 000,019,968 | ---- | M] () -- C:\VEENA ALFRED.doc
[2002/02/05 11:30:32 | 000,020,480 | ---- | M] () -- C:\VEENA 2.doc
[2005/02/17 14:58:15 | 000,074,497 | ---- | M] () -- C:\veena.pdf
[2002/02/11 16:58:16 | 000,019,456 | ---- | M] () -- C:\veena202.doc
[2002/02/21 14:43:20 | 000,020,480 | ---- | M] () -- C:\veena3.doc
[2003/04/18 16:17:18 | 000,020,480 | ---- | M] () -- C:\veena403.doc
[2003/07/18 10:37:04 | 000,020,480 | ---- | M] () -- C:\veena703.doc
[2005/04/04 12:46:19 | 000,019,456 | ---- | M] () -- C:\veenabor.doc
[2005/04/04 13:24:45 | 000,020,992 | ---- | M] () -- C:\veenahealth305.doc
[2005/04/04 13:21:57 | 000,020,992 | ---- | M] () -- C:\veenahealthHSA.doc
[2005/03/20 18:46:17 | 000,019,968 | ---- | M] () -- C:\VeenaUL305.doc
[2005/03/14 15:59:47 | 000,020,480 | ---- | M] () -- C:\veenaVUL305.doc
[2005/03/02 13:16:42 | 001,346,307 | ---- | M] () -- C:\VersaliteBrochure-Edu.pdf
[2005/02/28 17:00:22 | 000,024,576 | ---- | M] () -- C:\Versaliteownerslistneusw.doc
[2012/01/07 16:06:10 | 000,066,907 | ---- | M] () -- C:\VETlog.dmp
[2012/01/07 16:06:10 | 019,139,171 | ---- | M] () -- C:\VETlog.txt
[2001/03/12 10:21:56 | 000,304,640 | ---- | M] () -- C:\Video Checklist etc.doc
[2001/11/01 16:11:14 | 000,035,840 | ---- | M] () -- C:\video2001.doc
[1996/09/03 13:29:36 | 000,002,976 | ---- | M] () -- C:\VIDEO96.WPS
[2001/07/22 18:49:58 | 000,028,672 | ---- | M] () -- C:\videocover2000.doc
[2000/11/07 09:59:16 | 000,026,112 | ---- | M] () -- C:\videocover2000[1].doc
[2003/11/17 23:21:54 | 000,026,624 | ---- | M] () -- C:\videocover2002.doc
[2003/11/29 14:58:28 | 000,035,840 | ---- | M] () -- C:\videocover2003.doc
[2002/09/23 20:21:58 | 000,023,040 | ---- | M] () -- C:\videocredits.doc
[2003/11/17 23:33:18 | 000,025,088 | ---- | M] () -- C:\videotry.doc
[2006/09/08 10:16:48 | 027,262,976 | ---- | M] () -- C:\VIRTPART.DAT
[2000/02/14 11:42:04 | 000,005,609 | ---- | M] () -- C:\VOICE LESSONS.rtf
[2004/10/04 20:47:02 | 000,010,240 | ---- | M] () -- C:\voice$04.wdb
[2001/02/19 15:06:26 | 000,020,480 | ---- | M] () -- C:\voice.doc
[2002/09/08 21:37:46 | 000,019,456 | ---- | M] () -- C:\VOICE0203.doc
[2004/10/26 21:58:12 | 000,019,456 | ---- | M] () -- C:\voice904.doc
[2001/09/26 15:09:00 | 000,019,968 | ---- | M] () -- C:\voicesched.doc
[1996/10/15 21:16:04 | 000,001,946 | ---- | M] () -- C:\VOL1.WPS
[2003/01/13 10:40:20 | 000,015,360 | ---- | M] () -- C:\vols02.wdb
[2005/05/14 12:46:22 | 002,602,777 | ---- | M] () -- C:\VoyagerFrontQuarter.zip
[2001/09/27 12:54:54 | 000,019,456 | ---- | M] () -- C:\washwalk.doc
[2000/10/15 22:06:46 | 000,020,992 | ---- | M] () -- C:\We Beseech Thee.doc
[2001/09/14 08:35:22 | 000,019,968 | ---- | M] () -- C:\weaver.doc
[2003/01/18 15:07:08 | 000,019,968 | ---- | M] () -- C:\weaver0103.doc
[2002/10/21 13:06:30 | 000,020,992 | ---- | M] () -- C:\weaver1002.doc
[2001/10/26 11:50:44 | 000,019,968 | ---- | M] () -- C:\weaver1025.doc
[2002/09/06 12:09:34 | 000,020,480 | ---- | M] () -- C:\weaver902.doc
[2004/03/22 16:47:26 | 000,107,492 | ---- | M] () -- C:\WEBSITES.mim
[2000/10/12 16:40:08 | 000,020,992 | ---- | M] () -- C:\WELCOME TO JOYFUL NOISE.doc
[2000/02/25 21:44:36 | 000,019,456 | ---- | M] () -- C:\Welcome.doc
[1998/02/06 22:12:28 | 000,005,018 | ---- | M] () -- C:\WESS.WPS
[1998/04/07 17:08:38 | 000,002,458 | ---- | M] () -- C:\WESSMAY.WPS
[2000/10/02 13:01:40 | 000,019,456 | ---- | M] () -- C:\Westfield Works Wonders.doc
[2002/10/10 10:05:36 | 000,019,456 | ---- | M] () -- C:\Westfield Works Wonders02.doc
[2004/10/09 22:57:42 | 000,019,456 | ---- | M] () -- C:\Westfield Works Wonders03.doc
[2004/10/08 10:02:50 | 000,019,456 | ---- | M] () -- C:\Westfield Works.doc
[2000/10/12 15:05:50 | 000,021,504 | ---- | M] () -- C:\westfield-tour.doc
[2002/08/27 07:38:00 | 000,022,016 | ---- | M] () -- C:\westfield-tour02.doc
[2004/10/06 16:08:26 | 000,022,016 | ---- | M] () -- C:\westfield.doc
[2005/02/16 15:53:01 | 000,080,271 | ---- | M] () -- C:\wfw_imagefetch.pdf
[2005/02/02 23:38:15 | 000,019,456 | ---- | M] () -- C:\whalen.doc
[2003/09/24 17:00:56 | 000,024,064 | ---- | M] () -- C:\What If I Give Al1.doc
[2004/04/19 11:57:20 | 000,011,264 | ---- | M] () -- C:\what if i give all.DOC
[2005/03/23 11:44:18 | 000,112,640 | ---- | M] () -- C:\WhattodoinaTerroristAttack.doc
[2004/09/20 14:14:06 | 000,019,456 | ---- | M] () -- C:\WhenNightFalling.doc
[2005/03/25 15:37:31 | 002,756,612 | ---- | M] () -- C:\WHYKIDSMOVEOUT.mpg
[2005/03/19 19:57:58 | 000,000,051 | ---- | M] () -- C:\why_me.ram
[2001/03/19 10:44:10 | 000,020,992 | ---- | M] () -- C:\witness.doc
[2005/05/03 08:03:39 | 000,020,992 | ---- | M] () -- C:\WK1610XX
[2005/05/03 15:01:27 | 000,024,576 | ---- | M] () -- C:\WK173287
[2005/05/03 07:57:45 | 000,010,240 | ---- | M] () -- C:\WK182175
[2002/06/04 11:38:02 | 000,034,816 | ---- | M] () -- C:\WK38XXXX
[2003/04/07 22:50:02 | 000,022,528 | ---- | M] () -- C:\WK50XXXX
[2003/04/07 22:52:44 | 000,022,016 | ---- | M] () -- C:\WK524368
[2001/03/11 17:13:34 | 000,019,456 | ---- | M] () -- C:\worship budget 2001.xls
[2001/01/28 16:27:36 | 000,019,456 | ---- | M] () -- C:\worshipbudget00-01.xls
[2000/05/28 23:55:00 | 000,019,968 | ---- | M] () -- C:\writeup.doc
[2002/04/24 14:47:16 | 000,167,017 | ---- | M] () -- C:\WTC Cross.jpg
[2003/10/10 14:41:50 | 000,022,016 | ---- | M] () -- C:\WWWflyer.doc
[2004/10/29 19:26:40 | 000,019,968 | ---- | M] () -- C:\wwwsermon.doc
[2001/12/20 16:43:12 | 000,032,768 | ---- | M] () -- C:\xmas.wdb
[2003/12/13 15:30:00 | 000,028,672 | ---- | M] () -- C:\xmas03.doc
[2004/12/19 16:04:20 | 000,027,136 | ---- | M] () -- C:\xmas04.doc
[2002/11/27 11:55:32 | 000,020,992 | ---- | M] () -- C:\xmas1202.doc
[1997/11/16 23:08:30 | 000,001,940 | ---- | M] () -- C:\XMASEV.WPS
[2001/12/16 21:58:46 | 000,022,528 | ---- | M] () -- C:\xmasltr.doc
[2001/12/26 14:25:42 | 001,790,976 | ---- | M] () -- C:\xmaspics.php
[1991/10/14 19:30:44 | 000,002,068 | ---- | M] () -- C:\XOR2.WPS
[1992/05/04 00:22:48 | 000,006,840 | ---- | M] () -- C:\XOR91.WPS
[1992/10/18 21:26:06 | 000,004,518 | ---- | M] () -- C:\XOR92.WPS
[1991/10/27 11:17:56 | 000,003,354 | ---- | M] () -- C:\XORDRAFT.WPS
[2003/10/20 11:50:28 | 000,019,456 | ---- | M] () -- C:\Yesu Azali Awa.doc
[2001/07/20 10:28:56 | 000,021,504 | ---- | M] () -- C:\ylf2000sched.doc
[2003/10/01 12:33:06 | 000,019,456 | ---- | M] () -- C:\yoga1.doc
[2003/05/13 10:20:08 | 000,022,016 | ---- | M] () -- C:\YOUNG ADULT ROCK503.doc
[2003/04/25 13:57:08 | 000,023,040 | ---- | M] () -- C:\youth report april03.doc
[2000/09/19 00:12:40 | 000,022,528 | ---- | M] () -- C:\YOUTH REPRESENTATION.doc
[2004/02/25 11:52:40 | 000,020,992 | ---- | M] () -- C:\Youth Retreat - MAryland MArch - 2.doc
[2001/07/20 10:31:42 | 000,036,864 | ---- | M] () -- C:\YouthForumBrochure2001[1].doc
[2003/05/28 18:29:32 | 000,025,088 | ---- | M] () -- C:\YouthMinistryMentoringProposal.doc
[2003/01/21 18:47:54 | 000,021,504 | ---- | M] () -- C:\YSF SCRIPT.doc
[2003/09/13 22:10:02 | 000,021,504 | ---- | M] () -- C:\zechar.doc
[2003/02/10 14:17:56 | 000,019,968 | ---- | M] () -- C:\zechar203.doc
[1999/10/03 23:28:48 | 000,002,684 | ---- | M] () -- C:\ZENTHAR.CHR
[2002/03/07 11:26:42 | 000,020,992 | ---- | M] () -- C:\zinc.doc
[2005/03/07 09:31:37 | 000,000,691 | ---- | M] () -- C:\_AVGcertification_.zip

< %systemroot%\Fonts\*.com >
[2006/04/18 15:39:28 | 000,026,040 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont
[2006/06/29 14:53:56 | 000,026,489 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont
[2006/04/18 15:39:28 | 000,029,779 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSerif.CompositeFont
[2006/06/29 14:58:52 | 000,030,808 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont

< %systemroot%\Fonts\*.dll >
[2005/12/15 11:03:40 | 000,012,288 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\WINDOWS\Fonts\RandFont.dll

< %systemroot%\Fonts\*.ini >
[2005/05/06 20:35:20 | 000,000,067 | -HS- | M] () -- C:\WINDOWS\Fonts\desktop.ini

< %systemroot%\Fonts\*.ini2 >

< %systemroot%\Fonts\*.exe >

< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
[2001/03/27 08:00:00 | 000,008,176 | ---- | M] (CANON INC.) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\CNMPDy2.DLL
[2001/03/27 08:00:00 | 000,028,928 | ---- | M] (CANON INC.) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\CNMPPy2.DLL
[2008/07/06 07:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
[2005/10/14 21:41:46 | 000,072,192 | ---- | M] (Hewlett-Packard Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\hpzpp43a.dll
[2006/07/03 10:54:12 | 000,091,648 | ---- | M] (Hewlett-Packard Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\hpzpp4sa.dll
[2004/03/22 17:17:06 | 000,025,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll
[2008/07/06 05:50:03 | 000,597,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe

< %systemroot%\REPAIR\*.bak1 >

< %systemroot%\REPAIR\*.ini >

< %systemroot%\system32\*.jpg >

< %systemroot%\*.jpg >

< %systemroot%\*.png >
 
< %systemroot%\*.scr >
[2006/01/04 14:53:44 | 000,004,784 | ---- | M] (7th Level) -- C:\WINDOWS\bestsavr.scr

< %systemroot%\*._sy >

< %APPDATA%\Adobe\Update\*.* >

< %ALLUSERSPROFILE%\Favorites\*.* >

< %APPDATA%\Microsoft\*.* >

< %PROGRAMFILES%\*.* >

< %APPDATA%\Update\*.* >

< %systemroot%\*. /mp /s >

< %systemroot%\System32\config\*.sav >
[2005/05/06 13:24:42 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2005/05/06 13:24:42 | 000,626,688 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2005/05/06 13:24:42 | 000,417,792 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav

< %PROGRAMFILES%\bak. /s >

< %systemroot%\system32\bak. /s >

< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >
[2012/01/07 13:36:40 | 000,000,272 | -HS- | M] () -- C:\Documents and Settings\All Users\Start Menu\desktop.ini

< %systemroot%\system32\config\systemprofile\*.dat /x >

< %systemroot%\*.config >

< %systemroot%\system32\*.db >

< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2005/11/01 09:17:53 | 000,000,177 | -HS- | M] () -- C:\Documents and Settings\Becki Price\Application Data\Microsoft\Internet Explorer\Quick Launch\desktop.ini
[2005/05/06 20:45:21 | 000,000,079 | ---- | M] () -- C:\Documents and Settings\Becki Price\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf

< %USERPROFILE%\Desktop\*.exe >
[2012/01/06 11:07:56 | 000,302,592 | ---- | M] () -- C:\Documents and Settings\Becki Price\Desktop\7tegdzu6.exe
[2005/11/11 10:33:04 | 000,931,416 | ---- | M] () -- C:\Documents and Settings\Becki Price\Desktop\AOLDeskbar.exe
[2012/01/06 13:54:53 | 004,713,472 | ---- | M] (AVAST Software) -- C:\Documents and Settings\Becki Price\Desktop\aswMBR.exe
[2012/01/07 16:23:53 | 087,264,656 | ---- | M] () -- C:\Documents and Settings\Becki Price\Desktop\avira_free_antivirus_en.exe
[2012/01/06 21:20:22 | 004,373,779 | R--- | M] (Swearware) -- C:\Documents and Settings\Becki Price\Desktop\ComboFix.exe
[2010/09/02 17:45:13 | 006,860,800 | ---- | M] () -- C:\Documents and Settings\Becki Price\Desktop\G2S40S30WI390EN.exe
[2010/10/25 13:29:14 | 001,613,416 | ---- | M] () -- C:\Documents and Settings\Becki Price\Desktop\HPPDU.exe
[2012/01/05 21:23:45 | 000,765,544 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\Becki Price\Desktop\install_reader10_en_air_gtba_aih.exe
[2012/01/07 16:23:02 | 022,668,080 | ---- | M] (Emsi Software GmbH ) -- C:\Documents and Settings\Becki Price\Desktop\OnlineArmorSetup.exe
[2012/01/07 12:25:23 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Becki Price\Desktop\OTL.exe
[2012/01/05 16:49:37 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Becki Price\Desktop\TFC.exe
[2012/01/07 13:11:25 | 001,048,576 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\Becki Price\Desktop\WindowsXP-KB936929-SP3-x86-ENU.exe
[2005/07/26 23:03:53 | 004,077,184 | ---- | M] () -- C:\Documents and Settings\Becki Price\Desktop\winzip90.exe
[2005/07/26 23:01:59 | 000,385,712 | ---- | M] () -- C:\Documents and Settings\Becki Price\Desktop\wzipse22.exe

< %PROGRAMFILES%\Common Files\*.* >

< %systemroot%\*.src >

< %systemroot%\install\*.* >

< %systemroot%\system32\DLL\*.* >

< %systemroot%\system32\HelpFiles\*.* >

< %systemroot%\system32\rundll\*.* >

< %systemroot%\winn32\*.* >

< %systemroot%\Java\*.* >

< %systemroot%\system32\test\*.* >

< %systemroot%\system32\Rundll32\*.* >

< %systemroot%\AppPatch\Custom\*.* >

< %APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x >

< %PROGRAMFILES%\PC-Doctor\Downloads\*.* >

< %PROGRAMFILES%\Internet Explorer\*.tmp >

< %PROGRAMFILES%\Internet Explorer\*.dat >

< %USERPROFILE%\My Documents\*.exe >

< %USERPROFILE%\*.exe >

< %systemroot%\ADDINS\*.* >

< %systemroot%\assembly\*.bak2 >

< %systemroot%\Config\*.* >

< %systemroot%\REPAIR\*.bak2 >

< %systemroot%\SECURITY\Database\*.sdb /x >

< %systemroot%\SYSTEM\*.bak2 >

< %systemroot%\Web\*.bak2 >

< %systemroot%\Driver Cache\*.* >

< %PROGRAMFILES%\Mozilla Firefox\0*.exe >

< %ProgramFiles%\Microsoft Common\*.* >

< %ProgramFiles%\TinyProxy. >

< %USERPROFILE%\Favorites\*.url /x >
[2005/11/01 09:17:54 | 000,000,122 | -HS- | M] () -- C:\Documents and Settings\Becki Price\Favorites\Desktop.ini

< %systemroot%\system32\*.bk >

< %systemroot%\*.te >

< %systemroot%\system32\system32\*.* >

< %ALLUSERSPROFILE%\*.dat /x >

< %systemroot%\system32\drivers\*.rmv >

< dir /b "%systemroot%\system32\*.exe" | find /i " " /c >

< dir /b "%systemroot%\*.exe" | find /i " " /c >

< %PROGRAMFILES%\Microsoft\*.* >

< %systemroot%\System32\Wbem\proquota.exe >

< %PROGRAMFILES%\Mozilla Firefox\*.dat >

< %USERPROFILE%\Cookies\*.txt /x >
[2012/01/07 12:46:55 | 000,475,136 | ---- | M] () -- C:\Documents and Settings\Becki Price\Cookies\index.dat

< %SystemRoot%\system32\fonts\*.* >

< %systemroot%\system32\winlog\*.* >

< %systemroot%\system32\Language\*.* >

< %systemroot%\system32\Settings\*.* >

< %systemroot%\system32\*.quo >

< %SYSTEMROOT%\AppPatch\*.exe >

< %SYSTEMROOT%\inf\*.exe >
[2008/04/14 05:42:40 | 000,208,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\inf\unregmp2.exe

< %SYSTEMROOT%\Installer\*.exe >

< %systemroot%\system32\config\*.bak2 >

< %systemroot%\system32\Computers\*.* >

< %SystemRoot%\system32\Sound\*.* >

< %SystemRoot%\system32\SpecialImg\*.* >

< %SystemRoot%\system32\code\*.* >

< %SystemRoot%\system32\draft\*.* >

< %SystemRoot%\system32\MSSSys\*.* >

< %ProgramFiles%\Javascript\*.* >

< %systemroot%\pchealth\helpctr\System\*.exe /s >

< %systemroot%\Web\*.exe >

< %systemroot%\system32\msn\*.* >

< %systemroot%\system32\*.tro >

< %AppData%\Microsoft\Installer\msupdates\*.* >

< %ProgramFiles%\Messenger\*.* >
[2008/04/14 05:41:52 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\custsat.dll
[2002/12/17 12:23:28 | 000,015,692 | ---- | M] () -- C:\Program Files\Messenger\license.txt
[2002/12/17 12:23:22 | 000,004,821 | ---- | M] () -- C:\Program Files\Messenger\logowin.gif
[2002/12/17 12:23:22 | 000,007,047 | ---- | M] () -- C:\Program Files\Messenger\lvback.gif
[2002/12/17 12:23:28 | 000,000,807 | ---- | M] () -- C:\Program Files\Messenger\mailtmpl.txt
[2008/05/02 09:01:49 | 000,083,968 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msgsc.dll
[2008/04/13 23:00:30 | 000,180,224 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msgslang.dll
[2008/04/14 05:42:30 | 001,695,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgs.exe
[2002/08/20 17:08:38 | 000,069,663 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgsin.exe
[2002/12/17 12:23:18 | 000,002,882 | ---- | M] () -- C:\Program Files\Messenger\newalert.wav
[2002/12/17 12:23:18 | 000,006,156 | ---- | M] () -- C:\Program Files\Messenger\newemail.wav
[2002/12/17 12:23:18 | 000,006,160 | ---- | M] () -- C:\Program Files\Messenger\online.wav
[2002/12/17 12:23:24 | 000,004,454 | ---- | M] () -- C:\Program Files\Messenger\type.wav
[2004/07/17 13:41:04 | 000,115,981 | ---- | M] () -- C:\Program Files\Messenger\xpmsgr.chm

< %systemroot%\system32\systhem32\*.* >

< %systemroot%\system\*.exe >
[2003/12/17 17:30:46 | 000,004,672 | ---- | M] (Adaptec) -- C:\WINDOWS\system\WOWPOST.EXE

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\ Auto Update\Results\Install|LastSuccessTime /rs >


< >

< >

========== Alternate Data Streams ==========

@Alternate Data Stream - 304 bytes -> F:\Documents and Settings\Becki Price\My Documents\New Folder\ROCK_skinnycross_finalpants.png:SummaryInformation
@Alternate Data Stream - 304 bytes -> F:\Documents and Settings\Becki Price\My Documents\New Folder\ROCK_skinnycross_final.jpg:SummaryInformation

< End of report >
 
OTL Extras logfile created on: 1/7/2012 12:27:08 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Becki Price\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.25 Gb Available Physical Memory | 62.54% Memory free
3.85 Gb Paging File | 3.14 Gb Available in Paging File | 81.42% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.50 Gb Total Space | 38.84 Gb Free Space | 52.13% Space Free | Partition Type: NTFS
Drive D: | 0.08 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive F: | 149.01 Gb Total Space | 55.22 Gb Free Space | 37.06% Space Free | Partition Type: NTFS

Computer Name: BALTIMOR-1MBHXM | User Name: Becki Price | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:mad:xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:mad:xpsp2res.dll,-22008

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:mad:xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:mad:xpsp2res.dll,-22008

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Program Files\HP\HP Software Update\HPWUCli.exe" = C:\Program Files\HP\HP Software Update\HPWUCli.exe:*:Enabled:HP Software Update Client -- (Hewlett-Packard)
"C:\Program Files\Common Files\AOL\ACS\AOLDial.exe" = C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL Connectivity Service Dialer -- (America Online)
"C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe" = C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL Connectivity Service -- (AOL LLC)
"C:\Program Files\TurboTax\Basic 2006\32bit\ttax.exe" = C:\Program Files\TurboTax\Basic 2006\32bit\ttax.exe:LocalSubNet:Enabled:TurboTax -- (Intuit, Inc.)
"C:\Program Files\TurboTax\Basic 2006\32bit\updatemgr.exe" = C:\Program Files\TurboTax\Basic 2006\32bit\updatemgr.exe:LocalSubNet:Enabled:TurboTax Update Manager -- (Intuit, Inc.)
"C:\Program Files\Common Files\AOL\TopSpeed\3.0\aoltpsd3.exe" = C:\Program Files\Common Files\AOL\TopSpeed\3.0\aoltpsd3.exe:*:Enabled:AOL TopSpeed -- (AOL Inc.)
"C:\Program Files\Common Files\AOL\Loader\aolload.exe" = C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Loader -- (AOL Inc.)
"C:\Program Files\Common Files\AOL\System Information\sinf.exe" = C:\Program Files\Common Files\AOL\System Information\sinf.exe:*:Enabled:AOL System Information -- (AOL Inc.)
"C:\Program Files\TurboTax\Home & Business 2007\32bit\ttax.exe" = C:\Program Files\TurboTax\Home & Business 2007\32bit\ttax.exe:LocalSubNet:Enabled:TurboTax -- (Intuit, Inc.)
"C:\Program Files\TurboTax\Home & Business 2007\32bit\updatemgr.exe" = C:\Program Files\TurboTax\Home & Business 2007\32bit\updatemgr.exe:LocalSubNet:Enabled:TurboTax Update Manager -- (Intuit, Inc.)
"C:\Program Files\Real\RealPlayer\realplay.exe" = C:\Program Files\Real\RealPlayer\realplay.exe:*:Enabled:RealPlayer -- (RealNetworks, Inc.)
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe" = C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe -- (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe" = C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe -- (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe" = C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe -- ( )
"C:\Program Files\Common Files\AOL\1283354042\ee\aolsoftware.exe" = C:\Program Files\Common Files\AOL\1283354042\ee\aolsoftware.exe:*:Enabled:AOL Shared Components -- (AOL Inc.)
"C:\Program Files\AOL 9.5\waol.exe" = C:\Program Files\AOL 9.5\waol.exe:*:Enabled:AOL -- (AOL Inc.)
"C:\Program Files\AOL Desktop 9.6\waol.exe" = C:\Program Files\AOL Desktop 9.6\waol.exe:*:Enabled:AOL Desktop 9.6 -- (AOL Inc.)
"C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe" = C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe:LocalSubNet:Disabled:Intuit Update Shared Downloads Server -- (Intuit Inc.)
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{055FEF8E-4B86-400F-A5C6-8FAC0042DCD9}" = NVIDIA DVD Decoder
"{05BDC796-3451-4F81-B91D-E98F7ADA76C2}" = TurboTax 2010 WinPerTaxSupport
"{069730C2-755A-485B-A205-27A1AAFA836A}" = InstantShareAlert
"{0A55CDBB-0566-4AA2-A15B-24C7F27C6FF4}" = BPD_Scan
"{0B4F38C4-433D-43EA-92E9-7311D85B9923}" = PrimoDVD (English)
"{0C2AF762-0565-4C91-9F55-B8B53BB82A38}" = Microsoft Office Accounting 2008 Equifax Addin
"{113AC946-0CEB-49C7-828A-230FF9EB1DBB}" = TurboTax 2010 wmdiper
"{138BD312-3557-40F8-BC5E-6DFF00A6880D}" = BPDSoftware_Ini
"{17E81C48-407E-499f-A105-1B49ACDB9BA4}" = ProductContext
"{1CB34CE9-0E6B-493F-BB66-3425E5DF76E5}" = CP_CalendarTemplates1
"{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}" = Google Earth
"{2376813B-2E5A-4641-B7B3-A0D5ADB55229}" = HPPhotoSmartExpress
"{237a4b22-78c2-11d6-a394-00104bd190b1}" = QuickBooks Pro Edition 2003
"{23B35809-5E4A-4F14-8332-1CDEDDFAC089}" = CP_Package_Variety2
"{2614F54E-A828-49FA-93BA-45A3F756BFAA}" = 32 Bit HP CIO Components Installer
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 30
"{26BB11D7-36D1-49ee-986F-8F8AD4D051C8}" = L7600
"{270940EA-C235-40D9-B2AE-2D450356DF8E}" = Microsoft Office Accounting 2008
"{2750B389-A2D2-4953-99CA-27C1F2A8E6FD}" = Microsoft SQL Server 2005 Tools Express Edition
"{2818095F-FB6C-42C8-827E-0A406CC9AFF5}" = Quicken 2006
"{29521505-F489-4822-ADFA-32C6DEE4F114}" = TurboTax 2008 WinPerUserEducation
"{2A548002-9042-4083-A270-B67473DE1073}" = SkinsHP1
"{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}" = Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
"{2E7595EC-4FB1-4E29-93D4-9083C8A9B107}" = TurboTax ItsDeductible 2005
"{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}" = HP Update
"{31263605-FC84-4787-B847-BA445B147E24}" = ScannerCopy
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{363790D2-DA98-41DD-9C9F-69FA36B169DE}" = PanoStandAlone
"{36FDBE6E-6684-462B-AE98-9A39A1B200CC}" = HP Product Assistant
"{3782EC09-4000-475E-8A59-9CABD6F03B4C}" = TurboTax 2010 WinPerFedFormset
"{3CB4A7B0-007D-4722-AF1D-891B53E04606}" = Napster Download Manager
"{3CF99DC3-38FD-46E6-A6B4-9C70074E020C}" = DocumentViewer
"{3F262ADC-5AD2-48E5-A586-44315E04A9E9}" = Microsoft Digital Image Library 10
"{3FE0CFAB-584A-4AA5-B8CD-C32284CFA308}" = RandMap
"{42756145-9997-4D28-809B-8756BFD00109}" = Microsoft Digital Image Pro 10
"{4462265B-3DC7-44AD-B56D-D09BA67BA422}" = 6300
"{45B8A76B-57EC-4242-B019-066400CD8428}" = BufferChm
"{494D17B5-3369-4905-8C4B-80C972C5E0FF}" = CP_Panorama1Config
"{4AE80E7B-6633-4046-9C15-D3B281C4F73D}" = BPDSoftware
"{4F2FCCCF-29F3-44B9-886F-6D16F8417522}" = TurboTax 2010 wrapper
"{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies
"{522D1D79-9C0A-4361-91F8-2AFF8EC6C2E1}" = CP_Package_Variety1
"{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English)
"{5421155F-B033-49DB-9B33-8F80F233D4D5}" = GdiplusUpgrade
"{54F0998F-73C8-4b51-8286-FE903C231BED}" = cp_PosterPrintConfig
"{54F90B55-BEB3-4F0D-8802-228822FA5921}" = WordPerfect Office 11
"{56F3E1FF-54FE-4384-A153-6CCABA097814}" = Creative MediaSource
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5EED93A8-33AD-46A7-A6AC-4DEAFBEFEEE1}" = Roxio Media Manager
"{5F26311C-B135-4F7F-B11E-8E650F83651E}" = DeviceFunctionQFolder
"{5FA793A6-0071-42C1-9355-8F69A428C44F}" = Microsoft Office Accounting ADP Payroll Addin
"{61CF89F5-5175-4b3b-ABB8-C89821252D50}" = HP Photosmart Cameras 6.0
"{66910000-8B30-4973-A159-6371345AFFA5}" = WebReg
"{67D15B01-9A6B-0397-002A-D2A015212748}" = FlipShare
"{68763C27-235D-4165-A961-FDEA228CE504}" = AiOSoftwareNPI
"{6909F917-5499-482e-9AA1-FAD06A99F231}" = Toolbox
"{6994491D-D491-48F1-AE1F-E179C1FFFC2F}" = HP Photosmart Essential
"{69995C7A-062A-4A90-A4DF-8C22895DF522}" = iTunes
"{6A3F9D74-BB80-4451-8CA1-4B3A857F1359}" = Apple Application Support
"{6DE9751D-3FFE-400E-8761-26A92DB734DE}" = BPD_HPSU
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{729DF902-05F9-4C00-9E6D-411119824E5F}" = hpiCamDrvQFolder
"{735619D4-B42A-437A-958C-199BFCAEDB38}" = Safari
"{736C803C-DD3B-4015-BC51-AFB9E67B9076}" = Readme
"{7570F1CA-016D-46AC-B586-CD74645EFB52}" = TurboTax 2008 WinPerFedFormset
"{766633B3-1AFA-44B6-A3FC-1DE991CD9C52}" = CP_Package_Basic1
"{7670D32F-DAE6-4E49-8C8B-B3F08B5B1686}" = Microsoft SQL Server Native Client
"{7729A02E-D1AD-4830-8FC5-11853500D90D}" = HP Officejet Pro All-In-One Series
"{779DECD7-E072-4B56-9B6B-BEB5973EEEB5}" = MobileMe Control Panel
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{797EE0CA-8165-405C-B5CE-F11EC20F1BB0}" = Microsoft VC9 runtime libraries
"{79F8E1D4-36C1-439C-95FA-F695050B5B07}" = Sonic_PrimoSDK
"{7C03270C-4FAB-4F5C-B10D-52FEDA190790}" = DocumentViewerQFolder
"{7DD9A065-2C86-4A9F-A5FF-796EC1B99DCA}" = AnswerWorks 4.0 Runtime - English
"{7E7B7865-6C80-4373-8BC1-C2EB9431F9DE}" = ProductContextNPI
"{8331C3EA-0C91-43AA-A4D4-27221C631139}" = Status
"{869C3062-4745-4949-B6C9-98AF24D89030}" = PhotoGallery
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{88214092-836F-4E22-A5AC-569AC9EE6A0F}" = TurboTax 2008 WinPerReleaseEngine
"{8A4CE7FD-9657-4B06-9943-E1819F3D5D67}" = DocProc
"{8A508AAA-3B69-4326-B89E-A6166FA05D3C}" = Canon MultiPASS Suite 4.00
"{8C045626-4496-4238-B3B8-394CC6D46427}" = 7500_7600_7700_Help
"{8CE4E6E9-9D55-43FB-9DDB-688C976BFC05}" = Unload
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_SMALLBUSINESSR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_SMALLBUSINESSR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_SMALLBUSINESSR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_SMALLBUSINESSR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_SMALLBUSINESSR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_SMALLBUSINESSR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_SMALLBUSINESSR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_SMALLBUSINESSR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_SMALLBUSINESSR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_SMALLBUSINESSR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Standard Edition 2003
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel Application Accelerator RAID Edition
"{90A40409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components
"{90AACECD-1E42-4D22-ABAD-7FB9B67B262D}" = H&R Block Premium + Efile + State 2009
"{90AF0409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office PowerPoint Viewer 2003
"{91120000-00CA-0000-0000-0000000FF1CE}" = Microsoft Office Small Business 2007
"{91120000-00CA-0000-0000-0000000FF1CE}_SMALLBUSINESSR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{93229C8B-7930-4D54-B461-43F04DB6DDE3}" = H&R Block Maryland 2009
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9541FED0-327F-4DF0-8B96-EF57EF622F19}" = Sonic RecordNow!
"{97F4D62E-5AEB-4649-BABF-4712C6EF6845}" = DeductionPro 2009
"{98BCB68E-274F-11D4-B2FA-00105AA9021A}" = DR Systems Web Ambassador
"{9D4ABB0C-F60B-44A6-956C-A4A63D5495C9}" = CueTour
"{9E5A03E3-6246-4920-9630-0527D5DA9B07}" = AnswerWorks 5.0 English Runtime
"{9F7FC79B-3059-4264-9450-39EB368E3225}" = Microsoft Digital Image Library 9 - Blocker
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A525E00B-6609-442E-9DCD-64453C233E8D}" = TurboTax 2010 WinPerReleaseEngine
"{A790BEB1-BCCF-4EC6-807B-5708B36E8A79}" = Intel(R) PROSet
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A939D341-5A04-4E0A-BB55-3E65B386432D}" = Microsoft Office Small Business Connectivity Components
"{AA027AE9-DD20-4677-AA72-D760A358320B}" = Microsoft VC9 runtime libraries
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{ABEB838C-A1A7-4C5D-B7E1-8B4314600816}" = MSN Messenger 7.0
"{AFF1EA96-9C23-4249-B7D4-CD4B54D4582F}" = TurboTax ItsDeductible 2006
"{B11E71BA-498C-42D4-9F1A-9D7A89D9DA61}" = CP_AtenaShokunin1Config
"{B1DB1AD8-C07E-4052-81A1-D2930232BA70}" = TurboTax 2008 wrapper
"{B23726CF-68BF-41A6-A4EB-72F12F87FE05}" = TurboTax 2008 WinPerTaxSupport
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B32C4059-6E7A-41EF-AD20-56DF1872B923}" = Business Contact Manager for Outlook 2007 SP2
"{B391EECE-DFEA-4FC5-9D40-47FA43E2DBE6}" = Microsoft Office Accounting 2008 PayPal Addin
"{B57F2FF0-5A25-4332-B503-4592B370C02F}" = CP_Package_Variety3
"{BB7DEA41-298E-450B-9C3A-E7B48D9D021B}" = 6300_Help
"{BBAAACFA-B012-4367-ADDA-4DDCDFD48F96}" = Norton Ghost
"{BBD3BF67-5B89-4CBB-BA58-5818ED5F3290}" = cp_OnlineProjectsConfig
"{BD3DCAB0-3FE5-44FB-90DA-EFB0A2CD1387}" = Works Synchronization
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C178B38F-613A-4EFE-B718-A675BD27A1E1}" = BlackBerry Desktop Software 4.3
"{C23CD6DA-1958-43A5-ADD0-59396572E02E}" = Apple Mobile Device Support
"{C5A5C573-FB6D-48d8-9F7F-08FC4AD4B488}" = CameraUserGuides
"{C7F54CF8-D6FB-4E0A-93A3-E68AE0D6C476}" = SolutionCenter
"{C8753E28-2680-49BF-BD48-DD38FD086EFE}" = AiO_Scan_CDA
"{C9E14402-3631-4182-B377-6B0DFB1C0339}" = QuickTime
"{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}" = HP Product Detection
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240B5}" = WinZip 11.1
"{CE24344F-DFD8-40C8-8FD8-C9740B5F25AC}" = BPDfax
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D03482C5-9AD8-496D-B388-692AE04C93AF}" = Bonjour
"{D48AD533-BAD5-469B-A9AA-272C6D80E70B}" = MPM
"{D5F02102-C0FD-D252-FA0F-45936D3B66B4}" = MozyHome
"{D78653C3-A8FF-415F-92E6-D774E634FF2D}" = Dell ResourceCD
"{DA1CD94B-826A-4bba-AC46-EF352F47BC81}" = InstantShareDevices
"{DBC20735-34E6-4E97-A9E5-2066B66B243D}" = TrayApp
"{DEBB2986-15B0-4D28-95FA-5C966A396589}" = HPProductAssistant
"{E1B80DEE-A795-4258-8445-074C06AE3AB8}" = MarketResearch
"{E3DF6916-2472-43D9-8B3C-9F2F0AAB01B5}" = Microsoft Office Accounting 2008 Fixed Asset Manager
"{E5A8DDAB-AE80-48C6-A75B-D0FAB83B299D}" = HP PSC & OfficeJet 6.1.A
"{E6D9BC25-0DBC-4368-8E4A-7DEE80661CD9}" = TurboTax 2008 WinPerProgramHelp
"{E7084B89-69E0-46B3-A118-8F99D06988CD}" = Microsoft SQL Server VSS Writer
"{E7C97E98-4C2D-BEAF-5D2F-CC45A2F95D90}" = Acrobat.com
"{E82BF103-904F-49C0-B77F-6EC110B71E87}" = Sound Blaster Audigy 2
"{E9459BCF-0982-498B-ABA7-26C34323493F}" = Citrix Presentation Server Client - Web Only
"{EA2BEBD6-87B9-41E5-95AC-7E4C165A9475}" = WexTech AnswerWorks
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F157460F-720E-482f-8625-AD7843891E5F}" = InstantShareDevicesMFC
"{F2AB49F2-D632-446C-9A6E-5B4A98DFF13B}" = 6300Trb
"{F3760724-B29D-465B-BC53-E5D72095BCC4}" = Scan
"{F6076EF9-08E1-442F-B6A2-BFB61B295A14}" = Fax_CDA
"{F876A4EC-DD7A-4bf8-A169-E4FD6C60BA3F}" = CameraDrivers
"{F8D0829C-9C6F-11D3-8080-00C04FA329AA}" = Microsoft Works 6.0
"{FAF7F1D7-C0E7-47EA-8AAA-84E4F9EA3C94}" = Works Suite OS Pack
"{FB15E224-67C3-491F-9F5C-F257BC418412}" = Destinations
"{FBB980B0-63F8-4B48-8D65-90F1D9F81D9F}" = NewCopy_CDA
"{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR
"3ivx MPEG-4 5.0.3" = 3ivx MPEG-4 5.0.3 (remove only)
"ActiveTouchMeetingClient" = WebEx
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11
"AOL Deskbar" = AOL Deskbar
"AOL Toolbar" = AOL Toolbar
"AOL Uninstaller" = AOL Uninstaller (Choose which Products to Remove)
"Avira AntiVir Desktop" = Avira Free Antivirus
"BlackBerry_{C178B38F-613A-4EFE-B718-A675BD27A1E1}" = BlackBerry Desktop Software 4.3
"Business Contact Manager" = Business Contact Manager for Outlook 2007 SP2
"Canon Digital Camera USB WIA Driver" = Canon Digital Camera USB WIA Driver
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"DAO 3.5" = DAO 3.5
"FoneSync" = FoneSync
"Google Updater" = Google Updater
"Homepage Protection" = Homepage Protection
"HP Document Viewer" = HP Document Viewer 6.1
"HP Imaging Device Functions" = HP Imaging Device Functions 7.0
"HP Photo & Imaging" = HP Photosmart Premier Software 6.1
"HP Solution Center & Imaging Support Tools" = HP Solution Center 7.0
"HPExtendedCapabilities" = HP Customer Participation Program 7.0
"HPOCR" = OCR Software by I.R.I.S 7.0
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.60.0.1800
"MapQuest Toolbar" = MapQuest Toolbar for Internet Explorer
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft Office Accounting 2008" = Microsoft Office Accounting 2008
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Musicnotes Combined Installer_is1" = Musicnotes Software Suite 1.5.5
"MVApplication1" = SureThing CD Labeler 3.1 Primera Edition
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA" = NVIDIA Windows 2000/XP Display Drivers
"Picasa 3" = Picasa 3
"PictureItSuite_v10" = Microsoft Digital Image Suite 10
"PROSet" = Intel(R) PRO Network Adapters and Drivers
"Quicken Basic 2000" = Quicken Basic 2000
"RealPlayer 12.0" = RealPlayer
"Rhapsody" = Rhapsody
"SMALLBUSINESSR" = Microsoft Office Small Business 2007
"SoftwareUpdUtility" = Download Updater (AOL LLC)
"StreetPlugin" = Learn2 Player (Uninstall Only)
"TaxACT 2010" = TaxACT 2010
"TaxACT 2010 Maryland" = TaxACT 2010 Maryland
"TurboTax 2008" = TurboTax 2008
"TurboTax 2010" = TurboTax 2010
"TurboTax Basic 2004" = TurboTax Basic 2004
"TurboTax Basic 2005" = TurboTax Basic 2005
"TurboTax Basic 2006" = TurboTax Basic 2006
"TurboTax Home & Business 2007" = TurboTax Home & Business 2007
"ViewpointMediaPlayer" = Viewpoint Media Player
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format Runtime
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinZip Self-Extractor" = WinZip Self-Extractor
"Yahoo! Companion" = Yahoo! Toolbar

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1177238915-1343024091-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"GoToMeeting" = GoToMeeting/GoToWebinar 3.0.0.198

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 1/6/2012 1:25:29 PM | Computer Name = BALTIMOR-1MBHXM | Source = NativeWrapper | ID = 5000
Description =

Error - 1/6/2012 10:34:14 PM | Computer Name = BALTIMOR-1MBHXM | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
with error: A connection with the server could not be established

Error - 1/6/2012 10:34:14 PM | Computer Name = BALTIMOR-1MBHXM | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
with error: This network connection does not exist.

Error - 1/6/2012 10:34:16 PM | Computer Name = BALTIMOR-1MBHXM | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
with error: This network connection does not exist.

Error - 1/6/2012 10:34:18 PM | Computer Name = BALTIMOR-1MBHXM | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
with error: This network connection does not exist.

Error - 1/6/2012 10:38:07 PM | Computer Name = BALTIMOR-1MBHXM | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
with error: A connection with the server could not be established

Error - 1/6/2012 10:38:07 PM | Computer Name = BALTIMOR-1MBHXM | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
with error: This network connection does not exist.

Error - 1/6/2012 10:38:09 PM | Computer Name = BALTIMOR-1MBHXM | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
with error: This network connection does not exist.

Error - 1/6/2012 10:38:11 PM | Computer Name = BALTIMOR-1MBHXM | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
with error: This network connection does not exist.

Error - 1/7/2012 4:01:21 AM | Computer Name = BALTIMOR-1MBHXM | Source = NativeWrapper | ID = 5000
Description =

[ System Events ]
Error - 1/6/2012 10:40:34 PM | Computer Name = BALTIMOR-1MBHXM | Source = Service Control Manager | ID = 7000
Description = The MCSTRM service failed to start due to the following error: %%2

Error - 1/6/2012 10:41:09 PM | Computer Name = BALTIMOR-1MBHXM | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
SBRE

Error - 1/6/2012 10:44:51 PM | Computer Name = BALTIMOR-1MBHXM | Source = Service Control Manager | ID = 7016
Description = The MpService service has reported an invalid current state 0.

Error - 1/6/2012 11:16:35 PM | Computer Name = BALTIMOR-1MBHXM | Source = Service Control Manager | ID = 7000
Description = The MCSTRM service failed to start due to the following error: %%2

Error - 1/6/2012 11:17:27 PM | Computer Name = BALTIMOR-1MBHXM | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
SBRE

Error - 1/6/2012 11:35:50 PM | Computer Name = BALTIMOR-1MBHXM | Source = Service Control Manager | ID = 7016
Description = The MpService service has reported an invalid current state 0.

Error - 1/7/2012 4:09:46 AM | Computer Name = BALTIMOR-1MBHXM | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.

Error - 1/7/2012 4:09:47 AM | Computer Name = BALTIMOR-1MBHXM | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.

Error - 1/7/2012 4:09:49 AM | Computer Name = BALTIMOR-1MBHXM | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.

Error - 1/7/2012 4:09:50 AM | Computer Name = BALTIMOR-1MBHXM | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.


< End of report >
 
Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    Code:
    :OTL
    IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
    IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
    O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
    FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()
    O3 - HKU\S-1-5-21-1177238915-1343024091-682003330-1003\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
    O3 - HKU\S-1-5-21-1177238915-1343024091-682003330-1003\..\Toolbar\WebBrowser: (no name) - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - No CLSID value found.
    O4 - HKLM..\Run: [UpdReg] C:\WINDOWS\Updreg.EXE (Creative Technology Ltd.)
    O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk = File not found
    O15 - HKU\S-1-5-21-1177238915-1343024091-682003330-1003\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
    O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} http://aolcc.aol.com/computercheckup/qdiagcc.cab (Reg Error: Key error.)
    [2011/12/30 17:28:47 | 000,013,048 | -HS- | C] () -- C:\Documents and Settings\Becki Price\Local Settings\Application Data\43m33wg567uyjpn54h0pl6p0ukt3t4fgbrmc4g5f8d234
    [2011/12/30 17:28:47 | 000,013,036 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\43m33wg567uyjpn54h0pl6p0ukt3t4fgbrmc4g5f8d234
    [2005/05/06 20:24:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
    [2007/02/08 08:53:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Becki Price\Application Data\Viewpoint
    [2009/11/17 19:24:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg9
    [2009/10/24 13:25:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Becki Price\Application Data\AVG9
    [2004/02/19 00:14:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Becki Price\Application Data\Uniblue
    @Alternate Data Stream - 304 bytes -> F:\Documents and Settings\Becki Price\My Documents\New Folder\ROCK_skinnycross_finalpants.png:SummaryInformation
    @Alternate Data Stream - 304 bytes -> F:\Documents and Settings\Becki Price\My Documents\New Folder\ROCK_skinnycross_final.jpg:SummaryInformation
    
    
    :Commands
    [purity]
    [emptytemp]
    [emptyflash]
    [Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • You will get a log that shows the results of the fix. Please post it.

================================================================

1. Click Start, click Run, type chkdsk /f /r, and then click OK.
2. At the command prompt, type Y to let the disk scanner run when you restart the computer.
3. Restart the computer.
4. Chkdsk will run.

===============================================================

Last scans...

1. Download Security Check from HERE, and save it to your Desktop.
  • Double-click SecurityCheck.exe
  • Follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

    NOTE SecurityCheck may produce some false warning(s), so leave the results reading to me.

2. Please download Farbar Service Scanner and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center
    • Windows Update
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.


3. Download Temp File Cleaner (TFC)
  • Double click on TFC.exe to run the program.
  • Click on Start button to begin cleaning process.
  • TFC will close all running programs, and it may ask you to restart computer.


4. Please run a free online scan with the ESET Online Scanner

  • Disable your antivirus program
  • Tick the box next to YES, I accept the Terms of Use
  • Click Start
  • Accept any security warnings from your browser.
  • Check Scan archives
  • Click Start
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click on List of found threats
  • Click on Export to text file , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • NOTE. If Eset won't find any threats, it won't produce any log.
 
Hi Broni
Tried to run the OTL fix last evening. (I think it was around 6 when I started it).
It is now 2pm the next day, and OTL still says "Killing Processes. Do not interrupt".
Should I let it go, or do I need to do something now?
Not sure what I should be expecting here.
What I am fearing is that my previous "script screw-up" has hurt the process.
Thanks again.
 
Back