[code]
OTScanIt2 logfile created on: 11/9/2008 8:01:20 AM - Run 1
OTScanIt2 by OldTimer - Version 1.0.0.32b     Folder = C:\Documents and Settings\dhayden\Desktop\OTScanIt2
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
1013.98 Mb Total Physical Memory | 607.91 Mb Available Physical Memory | 59.95% Memory free
2.38 Gb Paging File | 2.10 Gb Available in Paging File | 88.37% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048;
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 70.25 Gb Total Space | 22.07 Gb Free Space | 31.41% Space Free | Partition Type: NTFS
Drive D: | 4.26 Gb Total Space | 2.13 Gb Free Space | 49.95% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: 17-DHAYDEN
Current User Name: dhayden
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Whitelist: On
File Age = 30 Days
 
[Processes - Safe List]
evteng.exe -> %ProgramFiles%\Intel\Wireless\Bin\EvtEng.exe -> [2006/08/02 01:39:20 | 00,434,176 | ---- | M] (Intel Corporation)
s24evmon.exe -> %ProgramFiles%\Intel\Wireless\Bin\S24EvMon.exe -> [2006/08/02 01:31:22 | 00,937,984 | ---- | M] (Intel Corporation )
sagent2.exe -> %CommonProgramFiles%\EPSON\EBAPI\SAgent2.exe -> [2001/10/25 01:02:00 | 00,090,112 | ---- | M] (SEIKO EPSON CORPORATION)
iaantmon.exe -> %ProgramFiles%\Intel\Intel Matrix Storage Manager\IAANTMon.exe -> [2005/10/12 13:30:24 | 00,086,140 | ---- | M] (Intel Corporation)
mdm.exe -> %CommonProgramFiles%\Microsoft Shared\VS7DEBUG\MDM.EXE -> [2003/06/19 22:25:00 | 00,322,120 | ---- | M] (Microsoft Corporation)
hpzipm12.exe -> %SystemRoot%\system32\spool\drivers\w32x86\3\HPZIPM12.EXE -> [2006/03/03 21:03:10 | 00,069,632 | ---- | M] (HP)
prismxl.sys -> %CommonProgramFiles%\New Boundary\PrismXL\PRISMXL.SYS -> [2006/10/19 14:10:50 | 00,196,608 | ---- | M] (New Boundary Technologies, Inc.)
regsrvc.exe -> %ProgramFiles%\Intel\Wireless\Bin\RegSrvc.exe -> [2006/08/02 01:24:22 | 00,327,680 | ---- | M] (Intel Corporation)
calmain.exe -> %ProgramFiles%\Canon\CAL\CALMAIN.exe -> [2005/09/30 19:22:50 | 00,096,341 | ---- | M] (Canon Inc.)
pdvdserv.exe -> %ProgramFiles%\CyberLink\PowerDVD\PDVDServ.exe -> [2005/01/12 04:01:32 | 00,032,768 | ---- | M] (Cyberlink Corp.)
syntplpr.exe -> %ProgramFiles%\Synaptics\SynTP\SynTPLpr.exe -> [2004/11/05 03:47:00 | 00,098,394 | ---- | M] (Synaptics, Inc.)
syntpenh.exe -> %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe -> [2004/11/05 03:47:00 | 00,688,218 | ---- | M] (Synaptics, Inc.)
iaanotif.exe -> %ProgramFiles%\Intel\Intel Matrix Storage Manager\IAAnotif.exe -> [2005/10/12 13:30:42 | 00,139,264 | ---- | M] (Intel Corporation)
stsystra.exe -> %SystemRoot%\stsystra.exe -> [2006/02/13 11:23:38 | 00,282,624 | ---- | M] (SigmaTel, Inc.)
sm56hlpr.exe -> %SystemRoot%\sm56hlpr.exe -> [2006/01/20 07:34:26 | 00,544,768 | ---- | M] (Motorola Inc.)
igfxtray.exe -> %SystemRoot%\system32\igfxtray.exe -> [2005/11/28 08:55:14 | 00,098,304 | ---- | M] (Intel Corporation)
hkcmd.exe -> %SystemRoot%\system32\hkcmd.exe -> [2005/11/28 08:52:00 | 00,077,824 | ---- | M] (Intel Corporation)
igfxpers.exe -> %SystemRoot%\system32\igfxpers.exe -> [2005/11/28 08:55:58 | 00,118,784 | ---- | M] (Intel Corporation)
zcfgsvc.exe -> %ProgramFiles%\Intel\Wireless\Bin\ZCfgSvc.exe -> [2006/08/02 01:38:30 | 00,802,816 | ---- | M] (Intel Corporation)
ifrmewrk.exe -> %ProgramFiles%\Intel\Wireless\Bin\iFrmewrk.exe -> [2006/08/02 01:32:44 | 00,696,320 | ---- | M] (Intel Corporation)
acrotray.exe -> %ProgramFiles%\Adobe\Acrobat 7.0\Distillr\acrotray.exe -> [2008/04/23 01:08:13 | 00,483,328 | ---- | M] (Adobe Systems Inc.)
jusched.exe -> %ProgramFiles%\Java\jre1.6.0_07\bin\jusched.exe -> [2008/06/10 03:27:04 | 00,144,784 | ---- | M] (Sun Microsystems, Inc.)
e_s10ic2.exe -> %SystemRoot%\system32\spool\drivers\w32x86\3\E_S10IC2.EXE -> [2002/04/09 21:04:00 | 00,074,240 | ---- | M] (SEIKO EPSON CORPORATION)
tmas_oemon.exe -> %ProgramFiles%\Trend Micro\Internet Security 2007\TMAS_OE\TMAS_OEMon.exe -> [2006/08/18 12:06:30 | 00,315,392 | ---- | M] (Trend Micro Inc.)
setpoint.exe -> %ProgramFiles%\Logitech\SetPoint\SetPoint.exe -> [2007/04/23 04:00:00 | 00,692,224 | ---- | M] (Logitech Inc.)
spyder3utility.exe -> %ProgramFiles%\Datacolor\Spyder3Pro\Utility\Spyder3Utility.exe -> [2007/11/07 16:17:08 | 06,306,019 | ---- | M] ()
spuvolumewatcher.exe -> %ProgramFiles%\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe -> [2007/01/19 18:13:32 | 00,344,064 | ---- | M] (Sony Corporation)
vzaccess manager.exe -> %ProgramFiles%\Verizon Wireless\VZAccess Manager\VZAccess Manager.exe -> [2006/07/18 15:10:18 | 01,273,856 | ---- | M] (Smith Micro Software, Inc.)
otscanit2.exe -> %UserProfile%\Desktop\OTScanIt2\OTScanIt2.exe -> [2008/11/09 00:45:36 | 00,464,896 | ---- | M] (OldTimer Tools)
 
[Win32 Services - Safe List]
(Adobe LM Service) Adobe LM Service [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Adobe Systems Shared\Service\Adobelmsvc.exe -> [2007/03/06 11:23:21 | 00,072,704 | ---- | M] (Adobe Systems)
(aspnet_state) ASP.NET State Service [Win32_Own | On_Demand | Stopped] -> %SystemRoot%\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -> [2007/10/24 00:47:22 | 00,033,800 | ---- | M] (Microsoft Corporation)
(CCALib8) Canon Camera Access Library 8 [Win32_Own | Auto | Running] -> %ProgramFiles%\Canon\CAL\CALMAIN.exe -> [2005/09/30 19:22:50 | 00,096,341 | ---- | M] (Canon Inc.)
(clr_optimization_v2.0.50727_32) .NET Runtime Optimization Service v2.0.50727_X86 [Win32_Own | On_Demand | Stopped] -> %SystemRoot%\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -> [2007/10/24 00:47:40 | 00,070,144 | ---- | M] (Microsoft Corporation)
(EPSONStatusAgent2) EPSON Printer Status Agent2 [Win32_Own | Auto | Running] -> %CommonProgramFiles%\EPSON\EBAPI\SAgent2.exe -> [2001/10/25 01:02:00 | 00,090,112 | ---- | M] (SEIKO EPSON CORPORATION)
(EvtEng) Intel(R) PROSet/Wireless Event Log [Win32_Own | Auto | Running] -> %ProgramFiles%\Intel\Wireless\Bin\EvtEng.exe -> [2006/08/02 01:39:20 | 00,434,176 | ---- | M] (Intel Corporation)
(IAANTMon) Intel(R) Matrix Storage Event Monitor [Win32_Own | Auto | Running] -> %ProgramFiles%\Intel\Intel Matrix Storage Manager\IAANTMon.exe -> [2005/10/12 13:30:24 | 00,086,140 | ---- | M] (Intel Corporation)
(MDM) Machine Debug Manager [Win32_Own | Auto | Running] -> %CommonProgramFiles%\Microsoft Shared\VS7DEBUG\MDM.EXE -> [2003/06/19 22:25:00 | 00,322,120 | ---- | M] (Microsoft Corporation)
(odserv) Microsoft Office Diagnostics Service [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Microsoft Shared\OFFICE12\ODSERV.EXE -> [2007/08/24 02:19:12 | 00,443,776 | ---- | M] (Microsoft Corporation)
(ose) Office Source Engine [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Microsoft Shared\Source Engine\OSE.EXE -> [2006/10/26 14:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation)
(PcCtlCom) Trend Micro Central Control Component [Win32_Own | Auto | Stopped] -> %ProgramFiles%\Trend Micro\Internet Security 2007\PcCtlCom.exe -> [2007/10/04 20:46:54 | 01,544,192 | ---- | M] (Trend Micro Inc.)
(PcScnSrv) Trend Micro Protection Against Spyware  [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Trend Micro\Internet Security 2007\PcScnSrv.exe -> [2006/08/25 10:00:12 | 00,196,608 | ---- | M] (Trend Micro Inc.)
(Pml Driver HPZ12) Pml Driver HPZ12 [Win32_Own | Auto | Running] -> %SystemRoot%\system32\spool\drivers\w32x86\3\HPZIPM12.EXE -> [2006/03/03 21:03:10 | 00,069,632 | ---- | M] (HP)
(PrismXL) PrismXL [Win32_Own | Auto | Running] -> %CommonProgramFiles%\New Boundary\PrismXL\PRISMXL.SYS -> [2006/10/19 14:10:50 | 00,196,608 | ---- | M] (New Boundary Technologies, Inc.)
(RegSrvc) Intel(R) PROSet/Wireless Registry Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Intel\Wireless\Bin\RegSrvc.exe -> [2006/08/02 01:24:22 | 00,327,680 | ---- | M] (Intel Corporation)
(S24EventMonitor) Intel(R) PROSet/Wireless Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Intel\Wireless\Bin\S24EvMon.exe -> [2006/08/02 01:31:22 | 00,937,984 | ---- | M] (Intel Corporation )
(Tmntsrv) Trend Micro Real-time Service [Win32_Own | Auto | Stopped] -> %ProgramFiles%\Trend Micro\Internet Security 2007\Tmntsrv.exe -> [2006/08/25 10:04:18 | 00,503,808 | ---- | M] (Trend Micro Inc.)
(TmPfw) Trend Micro Personal Firewall [Win32_Own | Auto | Stopped] -> %ProgramFiles%\Trend Micro\Internet Security 2007\TmPfw.exe -> [2006/08/24 21:05:16 | 00,933,949 | ---- | M] (Trend Micro Inc.)
(tmproxy) Trend Micro Proxy Service [Win32_Own | Auto | Stopped] -> %ProgramFiles%\Trend Micro\Internet Security 2007\tmproxy.exe -> [2006/08/24 21:07:46 | 00,561,220 | ---- | M] (Trend Micro Inc.)
(WMPNetworkSvc) Windows Media Player Network Sharing Service [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Windows Media Player\wmpnetwk.exe -> [2006/10/18 19:05:24 | 00,913,408 | ---- | M] (Microsoft Corporation)
 
[Driver Services - Safe List]
(61883) 61883 Unit Device [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\61883.sys -> [2008/04/13 12:46:20 | 00,048,128 | ---- | M] (Microsoft Corporation)
(AegisP) AEGIS Protocol (IEEE 802.1x) v3.5.3.0 [Kernel | Auto | Running] -> %SystemRoot%\system32\drivers\AegisP.sys -> [2006/10/19 14:12:50 | 00,021,419 | ---- | M] (Meetinghouse Data Communications)
(AliIde) AliIde [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\aliide.sys -> [2001/08/17 21:51:56 | 00,005,248 | ---- | M] (Acer Laboratories Inc.)
(amdagp) AMD AGP Bus Filter Driver [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\amdagp.sys -> [2008/04/13 12:36:39 | 00,043,008 | ---- | M] (Advanced Micro Devices, Inc.)
(asc) asc [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\asc.sys -> [2001/08/17 21:52:00 | 00,026,496 | ---- | M] (Advanced System Products, Inc.)
(asc3550) asc3550 [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\asc3550.sys -> [2001/08/17 21:51:58 | 00,014,848 | ---- | M] (Advanced System Products, Inc.)
(Avc) AVC Device [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\avc.sys -> [2008/04/13 12:46:20 | 00,038,912 | ---- | M] (Microsoft Corporation)
(AVCSTRM) AVC Streaming Filter Driver [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\avcstrm.sys -> [2008/04/13 12:46:07 | 00,013,696 | ---- | M] (Microsoft Corporation)
(CmdIde) CmdIde [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\cmdide.sys -> [2001/08/17 21:51:54 | 00,006,656 | ---- | M] (CMD Technology, Inc.)
(dac2w2k) dac2w2k [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\dac2w2k.sys -> [2001/08/17 21:52:16 | 00,179,584 | ---- | M] (Mylex Corporation)
(DataMan) DataMan USB Infrared Adapter [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\DataMan.sys -> [2003/01/01 23:23:22 | 00,010,880 | R--- | M] (DataMan Heightech Technology Inc.)
(e1express) Intel(R) PRO/1000 PCI Express Network Connection Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\e1e5132.sys -> [2005/09/14 13:24:08 | 00,179,200 | ---- | M] (Intel Corporation)
(GTIPCI21) GTIPCI21 [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\gtipci21.sys -> [2005/05/31 19:46:26 | 00,087,936 | R--- | M] (Texas Instruments)
(HDAudBus) Microsoft UAA Bus Driver for High Definition Audio [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\hdaudbus.sys -> [2008/04/13 10:36:05 | 00,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider)
(ialm) ialm [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\ialmnt5.sys -> [2005/11/28 09:20:20 | 01,353,820 | ---- | M] (Intel Corporation)
(iaStor) Intel AHCI Controller [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\iaStor.sys -> [2005/10/12 13:07:12 | 00,874,240 | ---- | M] (Intel Corporation)
(kbdhid) Keyboard HID Driver [Kernel | System | Stopped] -> %SystemRoot%\system32\drivers\kbdhid.sys -> [2008/04/13 12:39:48 | 00,014,592 | ---- | M] (Microsoft Corporation)
(LHidFilt) Logitech SetPoint KMDF HID Filter Driver [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\LHidFilt.Sys -> [2007/04/11 15:32:52 | 00,034,832 | ---- | M] (Logitech, Inc.)
(LMouFilt) Logitech SetPoint KMDF Mouse Filter Driver [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\LMouFilt.Sys -> [2007/04/11 15:32:58 | 00,036,112 | ---- | M] (Logitech, Inc.)
(LUsbFilt) Logitech SetPoint KMDF USB Filter [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\LUsbFilt.sys -> [2007/04/11 15:33:14 | 00,028,688 | ---- | M] (Logitech, Inc.)
(MASPINT) MASPINT [Kernel | Auto | Running] -> %SystemRoot%\System32\drivers\MASPINT.SYS -> [2000/03/29 17:11:20 | 00,008,096 | ---- | M] (MicroStaff Co.,Ltd.)
(mraid35x) mraid35x [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\mraid35x.sys -> [2001/08/17 21:52:12 | 00,017,280 | ---- | M] (American Megatrends Inc.)
(MSDV) Microsoft DV Camera and VCR [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\msdv.sys -> [2008/04/13 12:46:09 | 00,051,200 | ---- | M] (Microsoft Corporation)
(MSTAPE) Microsoft AV/C Tape Subunit Device [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\mstape.sys -> [2008/04/13 12:46:08 | 00,049,024 | ---- | M] (Microsoft Corporation)
(NETw3x32) Intel(R) PRO/Wireless 3945ABG Adapter Driver for Windows XP 32 Bit [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\NETw3x32.sys -> [2006/09/27 03:36:24 | 01,709,696 | ---- | M] (Intel® Corporation)
(NWADI) NWADI Bus Enumerator [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\NWADIenum.sys -> [2006/01/06 11:16:22 | 00,067,840 | ---- | M] (Novatel Wireless Inc)
(NWUSBModem) Novatel Wireless USB Modem Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\nwusbmdm.sys -> [2006/03/08 19:53:22 | 00,077,952 | ---- | M] (Novatel Wireless Inc.)
(NWUSBPort) Novatel Wireless USB Status Port Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\nwusbser.sys -> [2006/03/08 19:53:22 | 00,077,952 | ---- | M] (Novatel Wireless Inc.)
(Ptilink) Direct Parallel Link Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\ptilink.sys -> [2004/08/04 20:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.)
(PxHelp20) PxHelp20 [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\pxhelp20.sys -> [2008/01/04 15:58:46 | 00,043,528 | ---- | M] (Sonic Solutions)
(ql1080) ql1080 [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\ql1080.sys -> [2001/08/17 21:52:20 | 00,040,320 | ---- | M] (QLogic Corporation)
(ql12160) ql12160 [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\ql12160.sys -> [2001/08/17 21:52:20 | 00,045,312 | ---- | M] (QLogic Corporation)
(ql1280) ql1280 [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\ql1280.sys -> [2001/08/17 21:52:18 | 00,049,024 | ---- | M] (QLogic Corporation)
(RimVSerPort) RIM Virtual Serial Port v2 [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\RimSerial.sys -> [2006/10/20 09:28:04 | 00,026,368 | R--- | M] (Research in Motion Ltd)
(ROOTMODEM) Microsoft Legacy Modem Driver [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\rootmdm.sys -> [2004/08/04 20:00:00 | 00,005,888 | ---- | M] (Microsoft Corporation)
(s24trans) WLAN Transport [Kernel | Auto | Running] -> %SystemRoot%\system32\drivers\s24trans.sys -> [2006/08/02 02:27:48 | 00,012,544 | ---- | M] (Intel Corporation)
(sdbus) sdbus [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\sdbus.sys -> [2008/04/13 12:36:44 | 00,079,232 | ---- | M] (Microsoft Corporation)
(Secdrv) Secdrv [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\secdrv.sys -> [2007/11/13 04:25:53 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
(sisagp) SIS AGP Bus Filter [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\sisagp.sys -> [2008/04/13 12:36:39 | 00,040,960 | ---- | M] (Silicon Integrated Systems Corporation)
(SMNDIS5) SMNDIS5 NDIS Protocol Driver [Kernel | On_Demand | Running] -> %ProgramFiles%\Verizon Wireless\VZAccess Manager\SMNDIS5.sys -> [2002/11/26 14:54:58 | 00,016,936 | ---- | M] (Smith Micro Software, Inc.)
(smserial) smserial [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\smserial.sys -> [2006/01/20 07:44:42 | 00,862,340 | ---- | M] (Motorola Inc.)
(Sparrow) Sparrow [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\sparrow.sys -> [2001/08/17 22:07:44 | 00,019,072 | ---- | M] (Adaptec, Inc.)
(Spyder3) Datacolor Spyder3 [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\Spyder3.sys -> [2007/11/06 11:08:31 | 00,012,288 | ---- | M] ()
(STHDA) SigmaTel High Definition Audio CODEC [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\sthda.sys -> [2006/02/13 11:26:02 | 01,106,888 | ---- | M] (SigmaTel, Inc.)
(symc810) symc810 [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\symc810.sys -> [2001/08/17 22:07:34 | 00,016,256 | ---- | M] (Symbios Logic Inc.)
(symc8xx) symc8xx [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\symc8xx.sys -> [2001/08/17 22:07:36 | 00,032,640 | ---- | M] (LSI Logic)
(sym_hi) sym_hi [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\sym_hi.sys -> [2001/08/17 22:07:40 | 00,028,384 | ---- | M] (LSI Logic)
(sym_u3) sym_u3 [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\sym_u3.sys -> [2001/08/17 22:07:42 | 00,030,688 | ---- | M] (LSI Logic)
(SynTP) Synaptics TouchPad Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\SynTP.sys -> [2004/11/05 03:47:00 | 00,185,824 | ---- | M] (Synaptics, Inc.)
(tifm21) tifm21 [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\tifm21.sys -> [2005/09/20 18:30:56 | 00,162,432 | ---- | M] (Texas Instruments)
(tmcfw) Trend Micro Common Firewall Service [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\TM_CFW.sys -> [2006/08/02 21:23:54 | 00,281,600 | ---- | M] (Trend Micro Inc.)
(tmcomm) tmcomm [Kernel | Auto | Running] -> %SystemRoot%\system32\drivers\tmcomm.sys -> [2007/12/24 16:37:00 | 00,138,384 | ---- | M] (Trend Micro Inc.)
(tmmbd) Trend Micro MBD Driver [Kernel | Auto | Running] -> %SystemRoot%\system32\drivers\tm_mbd_c.sys -> [2006/08/24 21:01:58 | 00,101,376 | ---- | M] (Trend Micro Inc.)
(Tmpreflt) Tmpreflt [Kernel | Auto | Running] -> %SystemRoot%\system32\drivers\tmpreflt.sys -> [2008/08/16 02:00:46 | 00,036,368 | ---- | M] (Trend Micro Inc.)
(tmtdi) Trend Micro TDI Driver [Kernel | System | Running] -> %SystemRoot%\system32\drivers\tmtdi.sys -> [2006/08/24 21:01:32 | 00,068,224 | ---- | M] (Trend Micro Inc.)
(tmxpflt) tmxpflt [Kernel | Auto | Running] -> %SystemRoot%\system32\drivers\tmxpflt.sys -> [2008/08/16 02:00:52 | 00,205,328 | ---- | M] (Trend Micro Inc.)
(ultra) ultra [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\ultra.sys -> [2001/08/17 21:52:22 | 00,036,736 | ---- | M] (Promise Technology, Inc.)
(usbaudio) USB Audio Driver (WDM) [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\usbaudio.sys -> [2008/04/13 12:45:12 | 00,060,032 | ---- | M] (Microsoft Corporation)
(Vsapint) Vsapint [Kernel | Auto | Running] -> %SystemRoot%\system32\drivers\VsapiNT.sys -> [2008/08/16 01:53:50 | 01,195,448 | ---- | M] (Trend Micro Inc.)
(w39n51) Intel(R) PRO/Wireless 3945ABG Adapter Driver [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\w39n51.sys -> [2005/12/05 01:55:30 | 01,428,096 | ---- | M] (Intel® Corporation)
(Wdf01000) Wdf01000 [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\wdf01000.sys -> [2006/11/02 07:22:54 | 00,492,000 | ---- | M] (Microsoft Corporation)
 
[Registry - Safe List]
< Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> -> 
HKEY_LOCAL_MACHINE\: Main\\"Default_Page_URL" -> http://go.microsoft.com/fwlink/?LinkId=69157 -> 
HKEY_LOCAL_MACHINE\: Main\\"Default_Search_URL" -> http://go.microsoft.com/fwlink/?LinkId=54896 -> 
HKEY_LOCAL_MACHINE\: Main\\"Default_Secondary_Page_URL" ->  -> 
HKEY_LOCAL_MACHINE\: Main\\"Extensions Off Page" -> about:NoAdd-ons -> 
HKEY_LOCAL_MACHINE\: Main\\"Local Page" -> %SystemRoot%\system32\blank.htm -> 
HKEY_LOCAL_MACHINE\: Main\\"Search Page" -> http://go.microsoft.com/fwlink/?LinkId=54896 -> 
HKEY_LOCAL_MACHINE\: Main\\"Security Risk Page" -> about:SecurityRisk -> 
HKEY_LOCAL_MACHINE\: Main\\"Start Page" -> http://go.microsoft.com/fwlink/?LinkId=69157 -> 
HKEY_LOCAL_MACHINE\: Search\\"CustomizeSearch" -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm -> 
HKEY_LOCAL_MACHINE\: Search\\"SearchAssistant" -> http://www.gateway.com/g/sidepanel.html?Ch=SMB&Br=GTW&Loc=ENG_US&Sys=PTB&M=M255-E -> 
< Internet Explorer Settings [HKEY_CURRENT_USER\] > -> -> 
HKEY_CURRENT_USER\: Main\\"Local Page" -> C:\WINDOWS\system32\blank.htm -> 
HKEY_CURRENT_USER\: Main\\"Page_Transitions" ->  -> 
HKEY_CURRENT_USER\: Main\\"Search Page" -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> 
HKEY_CURRENT_USER\: Main\\"Start Page" -> http://www.weatherunderground.com/ -> 
HKEY_CURRENT_USER\: "ProxyEnable" -> 0 -> 
< HOSTS File > (734 bytes and 19 lines) -> C:\WINDOWS\System32\drivers\etc\Hosts -> 
127.0.0.1       localhost
< BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ -> 
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKLM] -> %ProgramFiles%\Java\jre1.6.0_07\bin\ssv.dll [SSVHelper Class] -> [2008/06/10 03:27:02 | 00,509,328 | ---- | M] (Sun Microsystems, Inc.)
{AE7CD045-E861-484f-8273-0445EE161910} [HKLM] -> %ProgramFiles%\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [Adobe PDF Conversion Toolbar Helper] -> [2006/12/18 04:18:14 | 00,231,160 | ---- | M] (Adobe Systems Incorporated)
< Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar -> 
"{47833539-D0C5-4125-9FA8-0819E2EAAC93}" [HKLM] -> %ProgramFiles%\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [Adobe PDF] -> [2006/12/18 04:18:14 | 00,231,160 | ---- | M] (Adobe Systems Incorporated)
< Internet Explorer ToolBars [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ -> 
ShellBrowser\\"{2318C2B1-4965-11D4-9B18-009027A5CD4F}" [HKLM] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found
ShellBrowser\\"{47833539-D0C5-4125-9FA8-0819E2EAAC93}" [HKLM] -> %ProgramFiles%\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [Adobe PDF] -> [2006/12/18 04:18:14 | 00,231,160 | ---- | M] (Adobe Systems Incorporated)
WebBrowser\\"{47833539-D0C5-4125-9FA8-0819E2EAAC93}" [HKLM] -> %ProgramFiles%\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [Adobe PDF] -> [2006/12/18 04:18:14 | 00,231,160 | ---- | M] (Adobe Systems Incorporated)
< Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> 
"" ->  [] -> File not found
"Acrobat Assistant 7.0" -> %ProgramFiles%\Adobe\Acrobat 7.0\Distillr\acrotray.exe ["C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"] -> [2008/04/23 01:08:13 | 00,483,328 | ---- | M] (Adobe Systems Inc.)
"EPSON Stylus Photo 825" -> %SystemRoot%\system32\spool\drivers\w32x86\3\E_S10IC2.EXE [C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P22 "EPSON Stylus Photo 825" /O6 "USB001" /M "Stylus Photo 825"] -> [2002/04/09 21:04:00 | 00,074,240 | ---- | M] (SEIKO EPSON CORPORATION)
"IAAnotif" -> %ProgramFiles%\Intel\Intel Matrix Storage Manager\IAAnotif.exe [C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe] -> [2005/10/12 13:30:42 | 00,139,264 | ---- | M] (Intel Corporation)
"igfxhkcmd" -> %SystemRoot%\system32\hkcmd.exe [C:\WINDOWS\system32\hkcmd.exe] -> [2005/11/28 08:52:00 | 00,077,824 | ---- | M] (Intel Corporation)
"igfxpers" -> %SystemRoot%\system32\igfxpers.exe [C:\WINDOWS\system32\igfxpers.exe] -> [2005/11/28 08:55:58 | 00,118,784 | ---- | M] (Intel Corporation)
"igfxtray" -> %SystemRoot%\system32\igfxtray.exe [C:\WINDOWS\system32\igfxtray.exe] -> [2005/11/28 08:55:14 | 00,098,304 | ---- | M] (Intel Corporation)
"IntelWireless" -> %ProgramFiles%\Intel\Wireless\Bin\iFrmewrk.exe ["C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless] -> [2006/08/02 01:32:44 | 00,696,320 | ---- | M] (Intel Corporation)
"IntelZeroConfig" -> %ProgramFiles%\Intel\Wireless\Bin\ZCfgSvc.exe ["C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"] -> [2006/08/02 01:38:30 | 00,802,816 | ---- | M] (Intel Corporation)
"Kernel and Hardware Abstraction Layer" -> %SystemRoot%\KHALMNPR.Exe [KHALMNPR.EXE] -> [2007/04/11 15:32:22 | 00,056,080 | ---- | M] (Logitech Inc.)
"pccguide.exe" -> %ProgramFiles%\Trend Micro\Internet Security 2007\pccguide.exe ["C:\Program Files\Trend Micro\Internet Security 2007\pccguide.exe"] -> [2006/08/25 10:25:06 | 03,112,960 | ---- | M] (Trend Micro Inc.)
"QuickTime Task" -> %ProgramFiles%\QuickTime\QTTask.exe ["C:\Program Files\QuickTime\qttask.exe" -atboottime] -> [2007/06/29 05:24:52 | 00,286,720 | ---- | M] (Apple Inc.)
"Recguard" -> %SystemRoot%\SMINST\Recguard.exe [%WINDIR%\SMINST\RECGUARD.EXE] -> [2002/09/13 23:42:26 | 00,212,992 | ---- | M] ()
"RemoteControl" -> %ProgramFiles%\CyberLink\PowerDVD\PDVDServ.exe ["C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"] -> [2005/01/12 04:01:32 | 00,032,768 | ---- | M] (Cyberlink Corp.)
"SigmatelSysTrayApp" -> %SystemRoot%\stsystra.exe [stsystra.exe] -> [2006/02/13 11:23:38 | 00,282,624 | ---- | M] (SigmaTel, Inc.)
"SMSERIAL" -> %SystemRoot%\sm56hlpr.exe [sm56hlpr.exe] -> [2006/01/20 07:34:26 | 00,544,768 | ---- | M] (Motorola Inc.)
"SunJavaUpdateSched" -> %ProgramFiles%\Java\jre1.6.0_07\bin\jusched.exe ["C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"] -> [2008/06/10 03:27:04 | 00,144,784 | ---- | M] (Sun Microsystems, Inc.)
"SynTPEnh" -> %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [C:\Program Files\Synaptics\SynTP\SynTPEnh.exe] -> [2004/11/05 03:47:00 | 00,688,218 | ---- | M] (Synaptics, Inc.)
"SynTPLpr" -> %ProgramFiles%\Synaptics\SynTP\SynTPLpr.exe [C:\Program Files\Synaptics\SynTP\SynTPLpr.exe] -> [2004/11/05 03:47:00 | 00,098,394 | ---- | M] (Synaptics, Inc.)
"UserFaultCheck" ->  [%systemroot%\system32\dumprep 0 -u] -> File not found
< Run [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> 
"OE" -> %ProgramFiles%\Trend Micro\Internet Security 2007\TMAS_OE\TMAS_OEMon.exe ["C:\Program Files\Trend Micro\Internet Security 2007\TMAS_OE\TMAS_OEMon.exe"] -> [2006/08/18 12:06:30 | 00,315,392 | ---- | M] (Trend Micro Inc.)
"Power2GoExpress" ->  [NA] -> File not found
< All Users Startup Folder > -> C:\Documents and Settings\All Users\Start Menu\Programs\Startup -> 
%AllUsersProfile%\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk -> %SystemRoot%\Installer\{AC76BA86-1033-0000-BA7E-000000000002}\SC_Acrobat.exe -> [2008/05/11 18:12:14 | 00,025,214 | R--- | M] ()
%AllUsersProfile%\Start Menu\Programs\Startup\Logitech SetPoint.lnk -> %ProgramFiles%\Logitech\SetPoint\SetPoint.exe -> [2007/04/23 04:00:00 | 00,692,224 | ---- | M] (Logitech Inc.)
%AllUsersProfile%\Start Menu\Programs\Startup\Spyder3Utility.lnk -> %ProgramFiles%\Datacolor\Spyder3Pro\Utility\Spyder3Utility.exe -> [2007/11/07 16:17:08 | 06,306,019 | ---- | M] ()
< dhayden Startup Folder > -> C:\Documents and Settings\dhayden\Start Menu\Programs\Startup -> 
%UserProfile%\Start Menu\Programs\Startup\Picture Motion Browser Media Check Tool.lnk -> %ProgramFiles%\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe -> [2007/01/19 18:13:32 | 00,344,064 | ---- | M] (Sony Corporation)
%UserProfile%\Start Menu\Programs\Startup\restart_vs.lnk -> E:\Viewsonic.exe -> File not found
< CurrentVersion Policy Settings - Explorer [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoCDBurning" ->  [0] -> File not found
< CurrentVersion Policy Settings - System [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System
\\"dontdisplaylastusername" ->  [0] -> File not found
\\"legalnoticecaption" ->  [] -> File not found
\\"legalnoticetext" ->  [] -> File not found
\\"shutdownwithoutlogon" ->  [1] -> File not found
\\"undockwithoutlogon" ->  [1] -> File not found
< CurrentVersion Policy Settings - Explorer [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDriveTypeAutoRun" ->  [145] -> File not found
< Internet Explorer Menu Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\ -> 
Convert link target to Adobe PDF -> %ProgramFiles%\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html] -> [2006/12/18 04:18:14 | 00,231,160 | ---- | M] (Adobe Systems Incorporated)
Convert link target to existing PDF -> %ProgramFiles%\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html] -> [2006/12/18 04:18:14 | 00,231,160 | ---- | M] (Adobe Systems Incorporated)
Convert selected links to Adobe PDF -> %ProgramFiles%\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html] -> [2006/12/18 04:18:14 | 00,231,160 | ---- | M] (Adobe Systems Incorporated)
Convert selected links to existing PDF -> %ProgramFiles%\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html] -> [2006/12/18 04:18:14 | 00,231,160 | ---- | M] (Adobe Systems Incorporated)
Convert selection to Adobe PDF -> %ProgramFiles%\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html] -> [2006/12/18 04:18:14 | 00,231,160 | ---- | M] (Adobe Systems Incorporated)
Convert selection to existing PDF -> %ProgramFiles%\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html] -> [2006/12/18 04:18:14 | 00,231,160 | ---- | M] (Adobe Systems Incorporated)
Convert to Adobe PDF -> %ProgramFiles%\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html] -> [2006/12/18 04:18:14 | 00,231,160 | ---- | M] (Adobe Systems Incorporated)
Convert to existing PDF -> %ProgramFiles%\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html] -> [2006/12/18 04:18:14 | 00,231,160 | ---- | M] (Adobe Systems Incorporated)
E&xport to Microsoft Excel -> %ProgramFiles%\Microsoft Office\OFFICE11\EXCEL.EXE [res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000] -> [2008/08/04 15:12:50 | 10,354,176 | ---- | M] (Microsoft Corporation)
< Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ -> 
{08B0E5C0-4FCB-11CF-AAA5-00401C608501}:{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC} [HKLM] -> %ProgramFiles%\Java\jre1.6.0_07\bin\npjpi160_07.dll [Menu: Sun Java Console] -> [2008/06/10 03:27:02 | 00,132,496 | ---- | M] (Sun Microsystems, Inc.)
{92780B25-18CC-41C8-B9BE-3C9C571A8263}:{FF059E31-CC5A-4E2E-BF3B-96E929D65503} [HKLM] -> %ProgramFiles%\Microsoft Office\OFFICE11\REFIEBAR.DLL [Button: Research] -> [2007/04/19 13:10:18 | 00,063,840 | ---- | M] (Microsoft Corporation)
{e2e2dd38-d088-4134-82b7-f2ba38496583}:Exec [HKLM] -> %SystemRoot%\network diagnostic\xpnetdiag.exe [Menu: @xpsp3res.dll,-20001] -> [2008/04/13 12:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation)
{FB5F1910-F110-11d2-BB9E-00C04F795683}:Exec [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Button: Messenger] -> [2008/04/13 18:12:28 | 01,695,232 | -HS- | M] (Microsoft Corporation)
{FB5F1910-F110-11d2-BB9E-00C04F795683}:Exec [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Menu: Windows Messenger] -> [2008/04/13 18:12:28 | 01,695,232 | -HS- | M] (Microsoft Corporation)
< Internet Explorer Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\ -> 
CmdMapping\\"{08B0E5C0-4FCB-11CF-AAA5-00401C608501}" [HKLM] -> %ProgramFiles%\Java\jre1.6.0_07\bin\npjpi160_07.dll [Sun Java Console] -> [2008/06/10 03:27:02 | 00,132,496 | ---- | M] (Sun Microsystems, Inc.)
CmdMapping\\"{92780B25-18CC-41C8-B9BE-3C9C571A8263}" [HKLM] -> %ProgramFiles%\Microsoft Office\OFFICE11\REFIEBAR.DLL [Research] -> [2007/04/19 13:10:18 | 00,063,840 | ---- | M] (Microsoft Corporation)
CmdMapping\\"{FB5F1910-F110-11d2-BB9E-00C04F795683}" [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Messenger] -> [2008/04/13 18:12:28 | 01,695,232 | -HS- | M] (Microsoft Corporation)
< Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ -> 
PluginsPageFriendlyName -> Microsoft ActiveX Gallery -> 
PluginsPage -> http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s -> 
< Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix
"" -> http://
< Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 1 domain(s) found. -> 
1 domain(s) and sub-domain(s) not assigned to a zone.
< Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> 
< Trusted Sites Domains [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> 
< Trusted Sites Ranges [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> 
< Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ -> 
{406B5949-7190-4245-91A9-30A17DE16AD0} [HKLM] -> http://photo.walgreens.com/WalgreensActivia.cab[Snapfish Activia] -> 
{8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab[Java Plug-in 1.6.0_07] -> 
{8FFBE65D-2C9C-4669-84BD-5829DC0B603C} [HKLM] -> http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab[Reg Error: Key does not exist or could not be opened.] -> 
{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab[Java Plug-in 1.4.2] -> 
{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.5.0/jinstall-1_5_0_05-windows-i586.cab[Java Plug-in 1.5.0_05] -> 
{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.5.0/jinstall-1_5_0_09-windows-i586.cab[Java Plug-in 1.5.0_09] -> 
{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab[Java Plug-in 1.5.0_10] -> 
{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.5.0/jinstall-1_5_0_11-windows-i586.cab[Java Plug-in 1.5.0_11] -> 
{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab[Java Plug-in 1.6.0_01] -> 
{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab[Java Plug-in 1.6.0_02] -> 
{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab[Java Plug-in 1.6.0_03] -> 
{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab[Java Plug-in 1.6.0_05] -> 
{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab[Java Plug-in 1.6.0_07] -> 
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab[Java Plug-in 1.6.0_07] -> 
{D27CDB6E-AE6D-11CF-96B8-444553540000} [HKLM] -> http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab[Shockwave Flash Object] -> 
< DNS Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ -> 
{09D74499-55BE-40C1-BA6A-64E522E0AB9A} ->    (1394 Net Adapter) -> 
{C6A9B8CA-DB2E-41AD-A734-D9D2777C3D7B} ->    (Intel(R) PRO/Wireless 3945ABG Network Connection) -> 
{CC70C91F-62AB-4DBF-B09B-0DD01223039D} ->    () -> 
{E8159572-2BFF-4119-8A79-99BB149B19C7} ->    (Intel(R) PRO/1000 PL Network Connection) -> 
< Winlogon\Notify settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ -> 
igfxcui -> %SystemRoot%\system32\igfxdev.dll -> [2005/11/28 08:51:04 | 00,135,168 | ---- | M] (Intel Corporation)
< Domain Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List -> 
"%windir%\Network Diagnostic\xpnetdiag.exe" -> C:\WINDOWS\network diagnostic\xpnetdiag.exe [%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000] -> [2008/04/13 12:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" -> C:\WINDOWS\system32\sessmgr.exe [%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019] -> [2008/04/13 18:12:34 | 00,141,312 | ---- | M] (Microsoft Corporation)
"C:\Program Files\Bonjour\mDNSResponder.exe" -> C:\Program Files\Bonjour\mDNSResponder.exe [C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour] -> File not found
< Standard Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List -> 
"%windir%\Network Diagnostic\xpnetdiag.exe" -> C:\WINDOWS\network diagnostic\xpnetdiag.exe [%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000] -> [2008/04/13 12:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" -> C:\WINDOWS\system32\sessmgr.exe [%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019] -> [2008/04/13 18:12:34 | 00,141,312 | ---- | M] (Microsoft Corporation)
"C:\Program Files\VirusRL2009\VirusRL2009.exe" -> C:\Program Files\VirusRL2009\VirusRL2009.exe [C:\Program Files\VirusRL2009\VirusRL2009.exe:*:Enabled:VirusResponse Lab 2009] -> File not found
< SafeBoot AlternateShell [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot -> 
"AlternateShell" -> cmd.exe -> 
< CDROM Autorun Setting [HKEY_LOCAL_MACHINE]> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom ->
"AutoRun" -> 1 -> 
"DisplayName" -> CD-ROM Driver -> 
"ImagePath" -> %SystemRoot%\system32\drivers\cdrom.sys [system32\DRIVERS\cdrom.sys] -> [2008/04/13 12:40:46 | 00,062,976 | ---- | M] (Microsoft Corporation)
< Drives with AutoRun files > ->  -> 
C:\AUTOEXEC.BAT [] -> %SystemDrive%\AUTOEXEC.BAT [ NTFS ] -> [2006/05/31 21:32:15 | 00,000,000 | ---- | M] ()
D:\Autorun.inf [[AUTORUN] | SHELLEXECUTE=Info.exe folder.htt 480 480 | ] -> D:\Autorun.inf [ FAT32 ] -> [2004/09/13 19:15:24 | 00,000,053 | -HS- | M] ()
< MountPoints2 [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2 -> 
\F
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\F\Shell
\F\Shell\\"" ->  [AutoRun] -> File not found
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\F\Shell\AutoRun
\F\Shell\AutoRun\\"" ->  [Auto&Play] -> File not found
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\F\Shell\AutoRun\command
\F\Shell\AutoRun\command\\"" -> F:\LaunchU3.exe [F:\LaunchU3.exe -a] -> File not found
 
 
[Files/Folders - Created Within 30 Days]
1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> 
OTScanIt2 -> %UserProfile%\Desktop\OTScanIt2 -> [2008/11/09 08:01:10 | 00,000,000 | ---D | C]
OTScanIt2.exe -> %UserProfile%\Desktop\OTScanIt2.exe -> [2008/11/09 07:56:02 | 00,635,476 | ---- | C] ()
hiberfil.sys -> %SystemDrive%\hiberfil.sys -> [2008/11/08 19:18:54 | 10,633,09312 | -HS- | C] ()
Malwarebytes -> %AppData%\Malwarebytes -> [2008/11/08 18:00:41 | 00,000,000 | ---D | C]
Malwarebytes' Anti-Malware.lnk -> %AllUsersProfile%\Desktop\Malwarebytes' Anti-Malware.lnk -> [2008/11/08 18:00:40 | 00,000,696 | ---- | C] ()
mbam.sys -> %SystemRoot%\System32\drivers\mbam.sys -> [2008/11/08 18:00:39 | 00,015,504 | ---- | C] (Malwarebytes Corporation)
mbamswissarmy.sys -> %SystemRoot%\System32\drivers\mbamswissarmy.sys -> [2008/11/08 18:00:31 | 00,038,496 | ---- | C] (Malwarebytes Corporation)
Malwarebytes -> %AllUsersProfile%\Application Data\Malwarebytes -> [2008/11/08 18:00:30 | 00,000,000 | ---D | C]
Malwarebytes' Anti-Malware -> %ProgramFiles%\Malwarebytes' Anti-Malware -> [2008/11/08 18:00:29 | 00,000,000 | ---D | C]
Download Manager -> %CommonProgramFiles%\Download Manager -> [2008/11/08 17:57:31 | 00,000,000 | ---D | C]
ERDNT -> %SystemRoot%\ERDNT -> [2008/11/08 17:52:23 | 00,000,000 | ---D | C]
NTREGOPT.lnk -> %UserProfile%\Desktop\NTREGOPT.lnk -> [2008/11/08 17:51:36 | 00,000,611 | ---- | C] ()
ERUNT.lnk -> %UserProfile%\Desktop\ERUNT.lnk -> [2008/11/08 17:51:36 | 00,000,592 | ---- | C] ()
ERUNT -> %ProgramFiles%\ERUNT -> [2008/11/08 17:51:35 | 00,000,000 | ---D | C]
SysRestorePoint_v13 -> %UserProfile%\Desktop\SysRestorePoint_v13 -> [2008/11/08 17:50:24 | 00,000,000 | ---D | C]
!FixIEDef -> %SystemDrive%\!FixIEDef -> [2008/11/08 17:46:03 | 00,000,000 | ---D | C]
SysRestorePoint_v13.zip -> %UserProfile%\Desktop\SysRestorePoint_v13.zip -> [2008/11/08 17:45:02 | 00,009,334 | ---- | C] ()
erunt_setup.exe -> %UserProfile%\Desktop\erunt_setup.exe -> [2008/11/08 17:44:58 | 00,791,393 | ---- | C] (Lars Hederer                                                )
FixIEDef.exe -> %UserProfile%\Desktop\FixIEDef.exe -> [2008/11/08 17:44:58 | 00,469,087 | ---- | C] (Malwareteks.com)
HiJackThis.exe -> %UserProfile%\Desktop\HiJackThis.exe -> [2008/11/08 17:44:58 | 00,401,720 | ---- | C] (Trend Micro Inc.)
IL 159 Project Report Outline.doc -> %UserProfile%\Desktop\IL 159 Project Report Outline.doc -> [2008/11/08 17:44:58 | 00,061,440 | ---- | C] ()
Download_mbam-setup.exe -> %UserProfile%\Desktop\Download_mbam-setup.exe -> [2008/11/08 17:44:54 | 00,128,368 | ---- | C] (Digital River)
utility adjustment flowchart (modified) - south.pdf -> %UserProfile%\Desktop\utility adjustment flowchart (modified) - south.pdf -> [2008/11/07 11:20:13 | 00,244,492 | ---- | C] ()
utility adjustment flowchart (modified).pdf -> %UserProfile%\Desktop\utility adjustment flowchart (modified).pdf -> [2008/11/07 10:13:02 | 00,378,143 | ---- | C] ()
Drainage-Utilities Drafting Guidelines (BDE Chpt 63).pdf -> %UserProfile%\Desktop\Drainage-Utilities Drafting Guidelines (BDE Chpt 63).pdf -> [2008/11/06 09:17:12 | 00,638,211 | ---- | C] ()
Halloween & Hunting -> %UserProfile%\Desktop\Halloween & Hunting -> [2008/11/04 17:21:29 | 00,000,000 | ---D | C]
ZbThumbnail.info -> %UserProfile%\Desktop\ZbThumbnail.info -> [2008/11/04 17:14:23 | 00,003,044 | -H-- | C] ()
DRH corrected IL 159 Project Report FINAL Draft (10.30.08 - 9am).doc -> %UserProfile%\Desktop\DRH corrected IL 159 Project Report FINAL Draft (10.30.08 - 9am).doc -> [2008/10/30 07:50:23 | 00,703,488 | ---- | C] ()
MRH.JPG -> %UserProfile%\Desktop\MRH.JPG -> [2008/10/29 23:08:49 | 00,272,393 | ---- | C] ()
Camping_20081011_114.JPG -> %UserProfile%\Desktop\Camping_20081011_114.JPG -> [2008/10/27 15:28:18 | 05,545,057 | ---- | C] ()
IL 159 Stakeholder Involvement Plan - DRAFT (10.27.08).doc -> %UserProfile%\Desktop\IL 159 Stakeholder Involvement Plan - DRAFT (10.27.08).doc -> [2008/10/27 14:58:00 | 00,721,408 | ---- | C] ()
Maddox - 5 months0006.JPG -> %UserProfile%\Desktop\Maddox - 5 months0006.JPG -> [2008/10/27 10:00:48 | 00,151,865 | ---- | C] ()
Maddox - 5 months0005.JPG -> %UserProfile%\Desktop\Maddox - 5 months0005.JPG -> [2008/10/27 10:00:43 | 00,157,929 | ---- | C] ()
Maddox - 5 months0004.JPG -> %UserProfile%\Desktop\Maddox - 5 months0004.JPG -> [2008/10/27 10:00:38 | 00,153,873 | ---- | C] ()
Maddox - 5 months0003.JPG -> %UserProfile%\Desktop\Maddox - 5 months0003.JPG -> [2008/10/27 10:00:32 | 00,104,363 | ---- | C] ()
Maddox - 5 months0002.JPG -> %UserProfile%\Desktop\Maddox - 5 months0002.JPG -> [2008/10/27 10:00:27 | 00,103,076 | ---- | C] ()
Maddox - 5 months0001.JPG -> %UserProfile%\Desktop\Maddox - 5 months0001.JPG -> [2008/10/27 10:00:22 | 00,102,718 | ---- | C] ()
TEMP MRB FILES -> %UserProfile%\Desktop\TEMP MRB FILES -> [2008/10/26 17:47:14 | 00,000,000 | ---D | C]
IL 159 TMA 10-24-08 DRH comments (2).doc -> %UserProfile%\Desktop\IL 159 TMA 10-24-08 DRH comments (2).doc -> [2008/10/24 09:13:34 | 00,249,344 | ---- | C] ()
netapi32.dll -> %SystemRoot%\System32\dllcache\netapi32.dll -> [2008/10/24 08:06:17 | 00,337,408 | ---- | C] (Microsoft Corporation)
Nov 10 Status Report - DRH update.xls -> %UserProfile%\Desktop\Nov 10 Status Report - DRH update.xls -> [2008/10/21 22:28:28 | 00,049,664 | ---- | C] ()
MRT.INI -> %SystemRoot%\System32\MRT.INI -> [2008/10/16 09:47:09 | 00,000,208 | ---- | C] ()
srv.sys -> %SystemRoot%\System32\dllcache\srv.sys -> [2008/10/16 07:18:40 | 00,333,824 | ---- | C] (Microsoft Corporation)
win32k.sys -> %SystemRoot%\System32\dllcache\win32k.sys -> [2008/10/16 07:14:36 | 01,846,400 | ---- | C] (Microsoft Corporation)
ntkrnlmp.exe -> %SystemRoot%\System32\dllcache\ntkrnlmp.exe -> [2008/10/16 07:13:52 | 02,145,280 | ---- | C] (Microsoft Corporation)
ntoskrnl.exe -> %SystemRoot%\System32\dllcache\ntoskrnl.exe -> [2008/10/16 07:13:51 | 02,189,184 | ---- | C] (Microsoft Corporation)
ntkrnlpa.exe -> %SystemRoot%\System32\dllcache\ntkrnlpa.exe -> [2008/10/16 07:13:50 | 02,066,048 | ---- | C] (Microsoft Corporation)
ntkrpamp.exe -> %SystemRoot%\System32\dllcache\ntkrpamp.exe -> [2008/10/16 07:13:50 | 02,023,936 | ---- | C] (Microsoft Corporation)
Camping 2008 (JPEG) -> %UserProfile%\Desktop\Camping 2008 (JPEG) -> [2008/10/15 18:04:37 | 00,000,000 | ---D | C]
Camping 2008 (RAW) -> %UserProfile%\Desktop\Camping 2008 (RAW) -> [2008/10/15 17:42:43 | 00,000,000 | ---D | C]
 
[Files/Folders - Modified Within 30 Days]
4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> 
1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> 
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\ -> C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader -> [2006/10/19 11:54:56 | 00,000,000 | ---D | M]
qmgr0.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat -> [2008/10/24 08:06:15 | 00,004,232 | ---- | M] ()
qmgr1.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat -> [2008/10/24 08:06:15 | 00,004,646 | ---- | M] ()
C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\DATA\ -> C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\DATA -> [2007/02/28 12:23:47 | 00,000,000 | ---D | M]
opa11.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\DATA\opa11.dat -> [2006/10/19 12:11:47 | 00,011,098 | ---- | M] ()
opa12.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\DATA\opa12.dat -> [2007/02/28 13:08:49 | 00,008,468 | ---- | M] ()
C:\Documents and Settings\dhayden\Local Settings\Temp\ -> C:\Documents and Settings\dhayden\Local Settings\Temp -> [2008/11/09 08:01:05 | 00,000,000 | ---D | M]
Stp22_TMP.EXE -> C:\Documents and Settings\dhayden\Local Settings\Temp\Stp22_TMP.EXE -> [2008/11/08 17:57:32 | 02,351,120 | ---- | M] (Malwarebytes Corporation                                    )
_isD.exe -> C:\Documents and Settings\dhayden\Local Settings\Temp\_isD.exe -> [2007/01/20 05:46:42 | 00,455,600 | R--- | M] (Macrovision Corporation)
25 C:\Documents and Settings\dhayden\Local Settings\Temp\*.tmp files -> C:\Documents and Settings\dhayden\Local Settings\Temp\*.tmp -> 
C:\Documents and Settings\dhayden\Local Settings\Temp\_ir_sf7_temp_0\ -> C:\Documents and Settings\dhayden\Local Settings\Temp\_ir_sf7_temp_0 -> [2007/11/21 10:12:23 | 00,000,000 | ---D | M]
irsetup.exe -> C:\Documents and Settings\dhayden\Local Settings\Temp\_ir_sf7_temp_0\irsetup.exe -> [2007/11/21 10:10:58 | 00,472,064 | ---- | M] ()
C:\Documents and Settings\dhayden\Local Settings\Temp\{6F47A23E-5605-4211-890F-789C39C9C91F}\ -> C:\Documents and Settings\dhayden\Local Settings\Temp\{6F47A23E-5605-4211-890F-789C39C9C91F} -> [2008/01/19 09:57:26 | 00,000,000 | ---D | M]
dotnetinstaller.exe -> C:\Documents and Settings\dhayden\Local Settings\Temp\{6F47A23E-5605-4211-890F-789C39C9C91F}\dotnetinstaller.exe -> [2006/05/17 09:21:16 | 00,010,672 | ---- | M] (InstallShield Software Corporation)
C:\Documents and Settings\dhayden\Local Settings\Temp\{945D80EE-AD37-4E03-A3E0-4709CFB96029}\{3B07D847-8077-4242-91C7-DFA3CE5113E0}\ -> C:\Documents and Settings\dhayden\Local Settings\Temp\{945D80EE-AD37-4E03-A3E0-4709CFB96029}\{3B07D847-8077-4242-91C7-DFA3CE5113E0} -> [2007/11/28 10:35:25 | 00,000,000 | ---D | M]
WMFDist.exe -> C:\Documents and Settings\dhayden\Local Settings\Temp\{945D80EE-AD37-4E03-A3E0-4709CFB96029}\{3B07D847-8077-4242-91C7-DFA3CE5113E0}\WMFDist.exe -> [2001/05/15 19:11:30 | 02,447,000 | ---- | M] (Microsoft Corporation)
C:\Documents and Settings\dhayden\Local Settings\Temp\{945D80EE-AD37-4E03-A3E0-4709CFB96029}\{3B07D847-8077-4242-91C7-DFA3CE5113E0}\DIRECTX8\ -> C:\Documents and Settings\dhayden\Local Settings\Temp\{945D80EE-AD37-4E03-A3E0-4709CFB96029}\{3B07D847-8077-4242-91C7-DFA3CE5113E0}\DIRECTX8 -> [2007/11/28 10:34:17 | 00,000,000 | ---D | M]
DXSETUP.EXE -> C:\Documents and Settings\dhayden\Local Settings\Temp\{945D80EE-AD37-4E03-A3E0-4709CFB96029}\{3B07D847-8077-4242-91C7-DFA3CE5113E0}\DIRECTX8\DXSETUP.EXE -> [2000/10/21 20:39:38 | 00,147,456 | R--- | M] (Microsoft Corporation)
C:\Documents and Settings\dhayden\Local Settings\Temp\DRDld\ -> C:\Documents and Settings\dhayden\Local Settings\Temp\DRDld -> [2008/11/08 17:56:24 | 00,000,000 | ---D | M]
mbam-setup.exe -> C:\Documents and Settings\dhayden\Local Settings\Temp\DRDld\mbam-setup.exe -> [2008/11/08 17:57:31 | 02,400,286 | ---- | M] (Malwarebytes Corporation                                    )
C:\Documents and Settings\dhayden\Local Settings\Temp\Temporary Directory 2 for arcreader92.zip\ -> C:\Documents and Settings\dhayden\Local Settings\Temp\Temporary Directory 2 for arcreader92.zip\ -> [2007/01/11 10:49:16 | 00,000,000 | -H-D | M]
setup.exe -> C:\Documents and Settings\dhayden\Local Settings\Temp\Temporary Directory 2 for arcreader92.zip\setup.exe -> [2006/10/13 09:25:26 | 00,059,480 | ---- | M] ()
C:\Documents and Settings\dhayden\Local Settings\Temp\VSD88.tmp\ -> C:\Documents and Settings\dhayden\Local Settings\Temp\VSD88.tmp\ -> [2007/09/08 13:04:29 | 00,000,000 | ---D | M]
setup.exe -> C:\Documents and Settings\dhayden\Local Settings\Temp\VSD88.tmp\setup.exe -> [2007/03/16 13:09:56 | 00,435,712 | R--- | M] ()
C:\Documents and Settings\dhayden\Local Settings\Temp\VSD88.tmp\dotnetfx\ -> C:\Documents and Settings\dhayden\Local Settings\Temp\VSD88.tmp\dotnetfx -> [2007/09/08 13:04:24 | 00,000,000 | ---D | M]
dotnetchk.exe -> C:\Documents and Settings\dhayden\Local Settings\Temp\VSD88.tmp\dotnetfx\dotnetchk.exe -> [2007/09/08 13:04:24 | 00,061,632 | ---- | M] (Microsoft Corporation)
C:\Documents and Settings\dhayden\Local Settings\Temp\VSD88.tmp\vcredist_x86\ -> C:\Documents and Settings\dhayden\Local Settings\Temp\VSD88.tmp\vcredist_x86 -> [2007/09/08 13:04:29 | 00,000,000 | ---D | M]
vcredist_x86.exe -> C:\Documents and Settings\dhayden\Local Settings\Temp\VSD88.tmp\vcredist_x86\vcredist_x86.exe -> [2005/09/23 07:34:06 | 02,648,768 | R--- | M] (Microsoft Corporation)
C:\Documents and Settings\dhayden\Local Settings\Temp\WMC0000.tmp\ -> C:\Documents and Settings\dhayden\Local Settings\Temp\WMC0000.tmp\ -> [2007/10/25 09:58:06 | 00,000,000 | ---D | M]
WMPAU.exe -> C:\Documents and Settings\dhayden\Local Settings\Temp\WMC0000.tmp\WMPAU.exe -> [2006/11/01 17:31:38 | 01,669,120 | ---- | M] (Microsoft Corporation)
C:\Documents and Settings\dhayden\Local Settings\Temp\_PASFX341\ -> C:\Documents and Settings\dhayden\Local Settings\Temp\_PASFX341 -> [2008/02/27 15:00:03 | 00,000,000 | ---D | M]
7Z.DLL -> C:\Documents and Settings\dhayden\Local Settings\Temp\_PASFX341\7Z.DLL -> [2008/02/27 14:53:03 | 00,076,288 | ---- | M] ()
C:\Documents and Settings\dhayden\Local Settings\Temp\{6F47A23E-5605-4211-890F-789C39C9C91F}\{2E8EAC71-BFE4-417A-88F0-5A1BDFBCF5D3}\ -> C:\Documents and Settings\dhayden\Local Settings\Temp\{6F47A23E-5605-4211-890F-789C39C9C91F}\{2E8EAC71-BFE4-417A-88F0-5A1BDFBCF5D3} -> [2008/01/19 09:57:27 | 00,000,000 | ---D | M]
BTHhlpr.dll -> C:\Documents and Settings\dhayden\Local Settings\Temp\{6F47A23E-5605-4211-890F-789C39C9C91F}\{2E8EAC71-BFE4-417A-88F0-5A1BDFBCF5D3}\BTHhlpr.dll -> [2007/04/23 04:00:00 | 00,286,720 | ---- | M] ()
isrt.dll -> C:\Documents and Settings\dhayden\Local Settings\Temp\{6F47A23E-5605-4211-890F-789C39C9C91F}\{2E8EAC71-BFE4-417A-88F0-5A1BDFBCF5D3}\isrt.dll -> [2007/01/20 04:44:26 | 00,208,304 | ---- | M] (Macrovision Corporation)
MstrHD.dll -> C:\Documents and Settings\dhayden\Local Settings\Temp\{6F47A23E-5605-4211-890F-789C39C9C91F}\{2E8EAC71-BFE4-417A-88F0-5A1BDFBCF5D3}\MstrHD.dll -> [2007/04/23 04:00:00 | 00,126,976 | ---- | M] ()
SPHlpr.dll -> C:\Documents and Settings\dhayden\Local Settings\Temp\{6F47A23E-5605-4211-890F-789C39C9C91F}\{2E8EAC71-BFE4-417A-88F0-5A1BDFBCF5D3}\SPHlpr.dll -> [2007/04/23 04:00:00 | 00,385,024 | ---- | M] ()
_IsRes.dll -> C:\Documents and Settings\dhayden\Local Settings\Temp\{6F47A23E-5605-4211-890F-789C39C9C91F}\{2E8EAC71-BFE4-417A-88F0-5A1BDFBCF5D3}\_IsRes.dll -> [2006/05/17 09:19:28 | 00,123,312 | ---- | M] (Macrovision Corporation)
C:\Documents and Settings\dhayden\Local Settings\Temp\{8CC990CD-87C8-475C-AC32-8A7984E2FCFA}\ -> C:\Documents and Settings\dhayden\Local Settings\Temp\{8CC990CD-87C8-475C-AC32-8A7984E2FCFA} -> [2008/01/19 09:58:15 | 00,000,000 | ---D | M]
SPHlpr.dll -> C:\Documents and Settings\dhayden\Local Settings\Temp\{8CC990CD-87C8-475C-AC32-8A7984E2FCFA}\SPHlpr.dll -> [2008/01/19 09:58:15 | 00,385,024 | ---- | M] ()
C:\Documents and Settings\dhayden\Local Settings\Temp\{945D80EE-AD37-4E03-A3E0-4709CFB96029}\{3B07D847-8077-4242-91C7-DFA3CE5113E0}\DIRECTX8\ -> C:\Documents and Settings\dhayden\Local Settings\Temp\{945D80EE-AD37-4E03-A3E0-4709CFB96029}\{3B07D847-8077-4242-91C7-DFA3CE5113E0}\DIRECTX8 -> [2007/11/28 10:34:17 | 00,000,000 | ---D | M]
CFGMGR32.DLL -> C:\Documents and Settings\dhayden\Local Settings\Temp\{945D80EE-AD37-4E03-A3E0-4709CFB96029}\{3B07D847-8077-4242-91C7-DFA3CE5113E0}\DIRECTX8\CFGMGR32.DLL -> [2000/09/23 07:10:00 | 00,041,984 | R--- | M] (Microsoft Corporation)
DSETUP.DLL -> C:\Documents and Settings\dhayden\Local Settings\Temp\{945D80EE-AD37-4E03-A3E0-4709CFB96029}\{3B07D847-8077-4242-91C7-DFA3CE5113E0}\DIRECTX8\DSETUP.DLL -> [2000/12/16 14:58:56 | 00,044,544 | R--- | M] (Microsoft Corporation)
DSETUP32.DLL -> C:\Documents and Settings\dhayden\Local Settings\Temp\{945D80EE-AD37-4E03-A3E0-4709CFB96029}\{3B07D847-8077-4242-91C7-DFA3CE5113E0}\DIRECTX8\DSETUP32.DLL -> [2000/12/16 08:46:46 | 01,772,544 | R--- | M] (Microsoft Corporation)
SETUPAPI.DLL -> C:\Documents and Settings\dhayden\Local Settings\Temp\{945D80EE-AD37-4E03-A3E0-4709CFB96029}\{3B07D847-8077-4242-91C7-DFA3CE5113E0}\DIRECTX8\SETUPAPI.DLL -> [2000/09/23 07:10:02 | 00,341,264 | R--- | M] (Microsoft Corporation)
C:\Documents and Settings\dhayden\Local Settings\Temp\{AC76BA86-1033-0000-BA7E-000000000002}\ -> C:\Documents and Settings\dhayden\Local Settings\Temp\{AC76BA86-1033-0000-BA7E-000000000002} -> [2006/10/20 08:40:53 | 00,000,000 | ---D | M]
asneu.dll -> C:\Documents and Settings\dhayden\Local Settings\Temp\{AC76BA86-1033-0000-BA7E-000000000002}\asneu.dll -> [2008/05/11 18:11:05 | 00,212,992 | ---- | M] ()
C:\Documents and Settings\dhayden\Local Settings\Temp\{FA0A095A-6A26-4350-906B-2A804E397A56}\ -> C:\Documents and Settings\dhayden\Local Settings\Temp\{FA0A095A-6A26-4350-906B-2A804E397A56} -> [2008/01/19 09:57:24 | 00,000,000 | ---D | M]
ISSetup.dll -> C:\Documents and Settings\dhayden\Local Settings\Temp\{FA0A095A-6A26-4350-906B-2A804E397A56}\ISSetup.dll -> [2007/04/23 20:20:28 | 00,546,582 | R--- | M] (Macrovision Corporation)
_Setup.dll -> C:\Documents and Settings\dhayden\Local Settings\Temp\{FA0A095A-6A26-4350-906B-2A804E397A56}\_Setup.dll -> [2006/05/17 10:21:04 | 00,385,968 | R--- | M] (Macrovision Corporation)
tmvsthfud.bin -> %SystemRoot%\System32\drivers\etc\tmvsthfud.bin -> [2008/11/09 08:00:29 | 00,000,734 | ---- | M] ()
tmvsthfss.bin -> %SystemRoot%\System32\drivers\etc\tmvsthfss.bin -> [2008/11/09 07:57:37 | 00,000,734 | ---- | M] ()
OTScanIt2.exe -> %UserProfile%\Desktop\OTScanIt2.exe -> [2008/11/09 07:56:11 | 00,635,476 | ---- | M] ()
Adobe Acrobat Speed Launcher.lnk -> %AllUsersProfile%\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk -> [2008/11/09 07:42:18 | 00,002,335 | ---- | M] ()
wpa.dbl -> %SystemRoot%\System32\wpa.dbl -> [2008/11/09 07:42:14 | 00,001,158 | ---- | M] ()
SA.DAT -> %SystemRoot%\tasks\SA.DAT -> [2008/11/09 07:42:11 | 00,000,006 | -H-- | M] ()
hiberfil.sys -> %SystemDrive%\hiberfil.sys -> [2008/11/09 07:42:07 | 10,633,09312 | -HS- | M] ()
bootstat.dat -> %SystemRoot%\bootstat.dat -> [2008/11/09 07:42:07 | 00,002,048 | --S- | M] ()
Malwarebytes' Anti-Malware.lnk -> %AllUsersProfile%\Desktop\Malwarebytes' Anti-Malware.lnk -> [2008/11/08 18:00:40 | 00,000,696 | ---- | M] ()
NTREGOPT.lnk -> %UserProfile%\Desktop\NTREGOPT.lnk -> [2008/11/08 17:51:36 | 00,000,611 | ---- | M] ()
ERUNT.lnk -> %UserProfile%\Desktop\ERUNT.lnk -> [2008/11/08 17:51:36 | 00,000,592 | ---- | M] ()
Nov 10 Status Report - DRH update.xls -> %UserProfile%\Desktop\Nov 10 Status Report - DRH update.xls -> [2008/11/07 14:57:54 | 00,049,664 | ---- | M] ()
utility adjustment flowchart (modified).pdf -> %UserProfile%\Desktop\utility adjustment flowchart (modified).pdf -> [2008/11/07 11:20:19 | 00,378,143 | ---- | M] ()
utility adjustment flowchart (modified) - south.pdf -> %UserProfile%\Desktop\utility adjustment flowchart (modified) - south.pdf -> [2008/11/07 11:20:13 | 00,244,492 | ---- | M] ()
Drainage-Utilities Drafting Guidelines (BDE Chpt 63).pdf -> %UserProfile%\Desktop\Drainage-Utilities Drafting Guidelines (BDE Chpt 63).pdf -> [2008/11/06 12:06:25 | 00,638,211 | ---- | M] ()
ZbThumbnail.info -> %UserProfile%\Desktop\ZbThumbnail.info -> [2008/11/04 17:14:32 | 00,003,044 | -H-- | M] ()
SmitfraudFix.exe -> %UserProfile%\Desktop\SmitfraudFix.exe -> [2008/11/04 17:09:43 | 01,664,758 | ---- | M] ()
PerfStringBackup.INI -> %SystemRoot%\System32\PerfStringBackup.INI -> [2008/11/03 20:26:25 | 00,483,120 | ---- | M] ()
perfh009.dat -> %SystemRoot%\System32\perfh009.dat -> [2008/11/03 20:26:25 | 00,410,676 | ---- | M] ()
perfc009.dat -> %SystemRoot%\System32\perfc009.dat -> [2008/11/03 20:26:25 | 00,065,292 | ---- | M] ()
DRH corrected IL 159 Project Report FINAL Draft (10.30.08 - 9am).doc -> %UserProfile%\Desktop\DRH corrected IL 159 Project Report FINAL Draft (10.30.08 - 9am).doc -> [2008/10/30 08:29:47 | 00,703,488 | ---- | M] ()
MRH.JPG -> %UserProfile%\Desktop\MRH.JPG -> [2008/10/29 23:08:49 | 00,272,393 | ---- | M] ()
Hayden Time.xls -> %UserProfile%\Desktop\Hayden Time.xls -> [2008/10/29 22:59:54 | 00,017,920 | ---- | M] ()
Camping_20081011_114.JPG -> %UserProfile%\Desktop\Camping_20081011_114.JPG -> [2008/10/27 15:28:19 | 05,545,057 | ---- | M] ()
IL 159 Stakeholder Involvement Plan - DRAFT (10.27.08).doc -> %UserProfile%\Desktop\IL 159 Stakeholder Involvement Plan - DRAFT (10.27.08).doc -> [2008/10/27 15:10:56 | 00,721,408 | ---- | M] ()
Maddox - 5 months0006.JPG -> %UserProfile%\Desktop\Maddox - 5 months0006.JPG -> [2008/10/27 10:00:48 | 00,151,865 | ---- | M] ()
Maddox - 5 months0005.JPG -> %UserProfile%\Desktop\Maddox - 5 months0005.JPG -> [2008/10/27 10:00:43 | 00,157,929 | ---- | M] ()
Maddox - 5 months0004.JPG -> %UserProfile%\Desktop\Maddox - 5 months0004.JPG -> [2008/10/27 10:00:38 | 00,153,873 | ---- | M] ()
Maddox - 5 months0003.JPG -> %UserProfile%\Desktop\Maddox - 5 months0003.JPG -> [2008/10/27 10:00:32 | 00,104,363 | ---- | M] ()
Maddox - 5 months0002.JPG -> %UserProfile%\Desktop\Maddox - 5 months0002.JPG -> [2008/10/27 10:00:27 | 00,103,076 | ---- | M] ()
Maddox - 5 months0001.JPG -> %UserProfile%\Desktop\Maddox - 5 months0001.JPG -> [2008/10/27 10:00:22 | 00,102,718 | ---- | M] ()
IL 159 TMA 10-24-08 DRH comments (2).doc -> %UserProfile%\Desktop\IL 159 TMA 10-24-08 DRH comments (2).doc -> [2008/10/24 09:13:35 | 00,249,344 | ---- | M] ()
ODBC.INI -> %SystemRoot%\ODBC.INI -> [2008/10/23 21:24:55 | 00,000,376 | ---- | M] ()
mbamswissarmy.sys -> %SystemRoot%\System32\drivers\mbamswissarmy.sys -> [2008/10/22 16:10:38 | 00,038,496 | ---- | M] (Malwarebytes Corporation)
mbam.sys -> %SystemRoot%\System32\drivers\mbam.sys -> [2008/10/22 16:10:22 | 00,015,504 | ---- | M] (Malwarebytes Corporation)
IL 159 Project Report Outline.doc -> %UserProfile%\Desktop\IL 159 Project Report Outline.doc -> [2008/10/21 10:10:46 | 00,061,440 | ---- | M] ()
FNTCACHE.DAT -> %SystemRoot%\System32\FNTCACHE.DAT -> [2008/10/16 10:11:44 | 01,611,760 | ---- | M] ()
imsins.BAK -> %SystemRoot%\imsins.BAK -> [2008/10/16 09:54:05 | 00,001,393 | ---- | M] ()
win.ini -> %SystemRoot%\win.ini -> [2008/10/16 09:51:26 | 00,000,709 | ---- | M] ()
MRT.INI -> %SystemRoot%\System32\MRT.INI -> [2008/10/16 09:47:09 | 00,000,208 | ---- | M] ()
netapi32.dll -> %SystemRoot%\System32\netapi32.dll -> [2008/10/15 10:34:24 | 00,337,408 | ---- | M] (Microsoft Corporation)
netapi32.dll -> %SystemRoot%\System32\dllcache\netapi32.dll -> [2008/10/15 10:34:24 | 00,337,408 | ---- | M] (Microsoft Corporation)
< End of report >
[/code]