Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Nasty Little Search Redirect Malware


  • This topic is locked This topic is locked
2 replies to this topic

#1 chanceusc

chanceusc

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:02:32 AM

Posted 06 September 2010 - 12:56 PM

I have a rather resistant search redirect malware. I followed various instructions found here, using malwarebytes' and DDS. I've attached the logs below. I ran MalwareBytes' yesterday and it found 2 registry keys and removed them fine. I performed a test and everything seemed okay so I thought I had beat it. However, it's back.

I can't run GMER because of the error "C:Windowssystem32configsystem: The system cannot find the file specified."

For clarity, this malware redirects to various search sites or adsites such as:
infomash.org (a very frequent one)
7search.com (very, very frequent)
pctools.com
bizzclick.com
butterflysearch.net - not as common, i dont think.

viewing my history, there appear to be php files that go off when the redirect occurs:
go.php (208.94.233.34)
ch_cf.php (208.94.233.34)
click.aspx (7search.com)


Any help would be greatly, greatly appreciated. Thanks!


First MalwareBytes' Log

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4552

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

9/5/2010 5:21:10 PM
mbam-log-2010-09-05 (17-21-10).txt

Scan type: Quick scan
Objects scanned: 154732
Time elapsed: 14 minute(s), 14 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 2
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
HKEY_CURRENT_USERSOFTWARE24d1ca9a-a864-4f7b-86fe-495eb56529d8 (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USERSOFTWARE7bde84a2-f58f-46ec-9eac-f1f90fead080 (Malware.Trace) -> Quarantined and deleted successfully.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)


Second (clean) MalwareBytes' Log
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4552

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

9/6/2010 1:08:26 PM
mbam-log-2010-09-06 (13-08-26).txt

Scan type: Quick scan
Objects scanned: 153772
Time elapsed: 7 minute(s), 22 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)


DDS

DDS (Ver_10-03-17.01) - NTFSX64
Run by Chance at 13:08:08.73 on Mon 09/06/2010
Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_21
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.8190.6033 [GMT -4:00]


============== Running Processes ===============

C:Windowssystem32wininit.exe
C:Windowssystem32lsm.exe
C:Windowssystem32svchost.exe -k DcomLaunch
C:Windowssystem32nvvsvc.exe
C:Windowssystem32svchost.exe -k RPCSS
C:WindowsSystem32svchost.exe -k LocalServiceNetworkRestricted
C:WindowsSystem32svchost.exe -k LocalSystemNetworkRestricted
C:Windowssystem32svchost.exe -k netsvcs
C:Windowssystem32svchost.exe -k LocalService
C:Windowssystem32svchost.exe -k NetworkService
C:WindowsSystem32spoolsv.exe
C:Windowssystem32svchost.exe -k LocalServiceNoNetwork
C:Windowssystem32svchost.exe -k apphost
C:Program Files (x86)Common FilesAppleMobile Device SupportAppleMobileDeviceService.exe
C:Program Files (x86)Kaspersky LabKaspersky Anti-Virus 2010avp.exe
C:Program Files (x86)BonjourmDNSResponder.exe
C:Windowssystem32svchost.exe -k LocalServiceAndNoImpersonation
C:Windowssystem32svchost.exe -k ftpsvc
C:Windowssystem32inetsrvinetinfo.exe
C:Program Files (x86)Common FilesLightScribeLSSrvc.exe
C:Program FilesMicrosoft SQL Server100DTSBinnMsDtsSrvr.exe
C:Windowssystem32nvvsvc.exe
C:Program FilesMicrosoft SQL ServerMSSQL10.SQLEXPRESSMSSQLBinnsqlservr.exe
C:Windowssystem32taskhost.exe
C:Windowssystem32Dwm.exe
C:WindowsExplorer.EXE
C:Program FilesMicrosoft SQL ServerMSSQL10.SQLSERVERMSSQLBinnsqlservr.exe
C:Program FilesRealtekAudioHDARAVCpl64.exe
C:Program FilesMySQLMySQL Server 5.1binmysqld.exe
C:Program Files (x86)IntelIntel Matrix Storage ManagerIAAnotif.exe
C:Program FilesZuneZuneLauncher.exe
C:WindowsMicrosoft.NETFramework64v4.0.30319SMSvcHost.exe
C:WindowsSystem32spooldriversx643WrtMon.exe
C:WindowsSystem32spooldriversx643WrtProc.exe
C:Program Files (x86)MicrosoftSearch Enhancement PackSeaPortSeaPort.exe
C:Program FilesMicrosoft SQL Server90Sharedsqlwriter.exe
C:Program Files (x86)NVIDIA Corporation3D VisionnvSCPAPISvr.exe
C:Windowssystem32svchost.exe -k imgsvc
C:Windowssystem32svchost.exe -k iissvcs
c:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSVC.EXE
C:Program Files (x86)IntelIntel Matrix Storage ManagerIAANTMon.exe
c:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSvcM.exe
C:Program FilesMicrosoft SQL ServerMSSQL10.SQLSERVERMSSQLBinnfdlauncher.exe
C:Windowssystem32SearchIndexer.exe
C:Program FilesMicrosoft SQL ServerMSSQL10.SQLSERVERMSSQLBinnfdhost.exe
C:Windowssystem32conhost.exe
C:Windowssystem32WUDFHost.exe
C:Program Files (x86)DisplayFusionDisplayFusion.exe
C:Program Files (x86)Common FilesLightScribeLightScribeControlPanel.exe
C:Program Files (x86)Microsoft OfficeOffice14ONENOTEM.EXE
C:Program FilesWindows Media Playerwmpnetwk.exe
C:Program Files (x86)BrownieBrStsW64.exe
C:Program Files (x86)Common FilesJavaJava Updatejusched.exe
C:Program Files (x86)Kaspersky LabKaspersky Anti-Virus 2010avp.exe
C:Program Files (x86)MSN ToolbarPlatform4.0.0401.0mswinext.exe
C:Program Files (x86)BrownieBrnipmon.exe
C:Program Files (x86)ScanSoftOmniPageSE4OpWareSE4.exe
C:Program Files (x86)iTunesiTunesHelper.exe
C:WindowsSystem32svchost.exe -k LocalServicePeerNet
C:Program FilesiPodbiniPodService.exe
C:Program Files (x86)DisplayFusionDisplayFusionHookx86.exe
C:Windowssystem32DllHost.exe
C:Program Files (x86)Microsoft Visual Studio 10.0Common7IDEdevenv.exe
C:WindowsSystem32svchost.exe -k secsvcs
C:Program Files (x86)Common FilesAdobeOOBEPDAppUWAAAM Updates Notifier.exe
C:Program Files (x86)Pidginpidgin.exe
C:Program FilesZuneZune.exe
D:ProjectsgettagettaProjectGetta.TasksbinReleasegetta.vshost.exe
C:Program Files (x86)Microsoft Visual Studio 10.0Common7IDERemote Debuggerx64msvsmon.exe
C:Program Files (x86)Malwarebytes' Anti-Malwarembam.exe
C:Program Files (x86)Mozilla Firefoxfirefox.exe
C:Program Files (x86)Kaspersky LabKaspersky Anti-Virus 2010x64klwtblfs.exe
C:Program Files (x86)MicrosoftSearch Enhancement PackSCServerSCServer.exe
C:Windowssystem32DllHost.exe
C:Windowssystem32DllHost.exe
C:UsersChanceDesktopdds.scr
C:Windowssystem32conhost.exe
C:Windowssystem32wbemwmiprvse.exe

============== Pseudo HJT Report ===============

mLocal Page = c:windowssyswow64blank.htm
uInternet Settings,ProxyOverride = *.local
BHO: ContributeBHO Class: {074c1dc5-9320-4a9a-947d-c042949c6216} - c:program files (x86)adobeadobe contribute cs5pluginsieplugincontributeieplugin.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:program files (x86)common filesadobeacrobatactivexAcroIEHelperShim.dll
BHO: IEVkbdBHO Class: {59273ab4-e7d3-40f9-a1a8-6fa9cca1862c} - c:program files (x86)kaspersky labkaspersky anti-virus 2010ievkbd.dll
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:program files (x86)microsoftsearch enhancement packsearch helperSEPsearchhelperie.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:progra~2mif5ba~1office14GROOVEEX.DLL
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:program files (x86)common filesmicrosoft sharedwindows liveWindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:program files (x86)googlegoogle toolbarGoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:program files (x86)googlegoogletoolbarnotifier5.5.5126.1836swg.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:progra~2mif5ba~1office14URLREDIR.DLL
BHO: MSN Toolbar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:program files (x86)msn toolbarplatform4.0.0401.0npwinext.dll
BHO: Javaâ„¢ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:program files (x86)javajre6binjp2ssv.dll
BHO: Microsoft Web Test Recorder 10.0 Helper: {dda57003-0068-4ed2-9d32-4d1ec707d94d} - c:program files (x86)microsoft visual studio 10.0common7ideprivateassembliesMicrosoft.VisualStudio.QualityTools.RecorderBarBHO100.dll
BHO: FilterBHO Class: {e33cf602-d945-461a-83f0-819f76a199f8} - c:program files (x86)kaspersky labkaspersky anti-virus 2010klwtbbho.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:program files (x86)googlegoogle toolbarGoogleToolbar_32.dll
TB: MSN Toolbar: {8dcb7100-df86-4384-8842-8fa844297b3f} - c:program files (x86)msn toolbarplatform4.0.0401.0npwinext.dll
TB: Contribute Toolbar: {517bdde4-e3a7-4570-b21e-2b52b6139fc7} - c:program files (x86)adobeadobe contribute cs5pluginsieplugincontributeieplugin.dll
EB: Web Test Recorder 10.0: {5802d092-1784-4908-8cdb-99b6842d353d} - mscoree.dll
uRun: [Google Update] "c:userschanceappdatalocalgoogleupdateGoogleUpdate.exe" /c
uRun: [DisplayFusion] "c:program files (x86)displayfusionDisplayFusion.exe"
uRun: [swg] "c:program files (x86)googlegoogletoolbarnotifierGoogleToolbarNotifier.exe"
uRun: [AdobeBridge]
uRun: [LightScribe Control Panel] c:program files (x86)common fileslightscribeLightScribeControlPanel.exe -hidden
mRun: [Adobe Reader Speed Launcher] "c:program files (x86)adobereader 9.0readerReader_sl.exe"
mRun: [Adobe ARM] "c:program files (x86)common filesadobearm1.0AdobeARM.exe"
mRun: [BrStsWnd] c:program files (x86)brownieBrstsW64.exe Autorun
mRun: [BCSSync] "c:program files (x86)microsoft officeoffice14BCSSync.exe" /DelayServices
mRun: [SunJavaUpdateSched] "c:program files (x86)common filesjavajava updatejusched.exe"
mRun: [AVP] "c:program files (x86)kaspersky labkaspersky anti-virus 2010avp.exe"
mRun: [MSN Toolbar] "c:program files (x86)msn toolbarplatform4.0.0401.0mswinext.exe"
mRun: [Microsoft Default Manager] "c:program files (x86)microsoftsearch enhancement packdefault managerDefMgr.exe" -resume
mRun: [AdobeCS5ServiceManager] "c:program files (x86)common filesadobecs5servicemanagerCS5ServiceManager.exe" -launchedbylogin
mRun: [SwitchBoard] c:program files (x86)common filesadobeswitchboardSwitchBoard.exe
mRun: [SSBkgdUpdate] "c:program files (x86)common filesscansoft sharedssbkgdupdateSSBkgdupdate.exe" -Embedding -boot
mRun: [OpwareSE4] "c:program files (x86)scansoftomnipagese4OpwareSE4.exe"
mRun: [QuickTime Task] "c:program files (x86)quicktimeQTTask.exe" -atboottime
mRun: [iTunesHelper] "c:program files (x86)itunesiTunesHelper.exe"
StartupFolder: c:userschanceappdataroamingmicros~1windowsstartm~1programsstartuponenot~1.lnk - c:program files (x86)microsoft officeoffice14ONENOTEM.EXE
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-explorer: ForceActiveDesktopOn = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
IE: E&xport to Microsoft Excel - c:progra~2mif5ba~1office14EXCEL.EXE/3000
IE: Google Sidewiki... - c:program files (x86)googlegoogle toolbarcomponentGoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
IE: Se&nd to OneNote - c:progra~2mif5ba~1office14ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:program files (x86)microsoft officeoffice14ONBttnIE.dll
IE: {4248FE82-7FCB-46AC-B270-339F08212110} - {4248FE82-7FCB-46AC-B270-339F08212110} - c:program files (x86)kaspersky labkaspersky anti-virus 2010klwtbbho.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:program files (x86)microsoft officeoffice14ONBttnIELinkedNotes.dll
IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - c:program files (x86)kaspersky labkaspersky anti-virus 2010klwtbbho.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:program files (x86)common filesmicrosoft sharedoffice14MSOXMLMF.DLL
AppInit_DLLs: c:progra~2kasper~1kasper~1mzvkbd3.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:progra~2mif5ba~1office14GROOVEEX.DLL
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "c:program files (x86)common fileslightscribeLSRunOnce.exe"
BHO-X64: IEVkbdBHO Class: {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - c:program files (x86)kaspersky labkaspersky anti-virus 2010x64ievkbd.dll
BHO-X64: IEVkbdBHO - No File
BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:progra~1mif5ba~1office14GROOVEEX.DLL
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:program filescommon filesmicrosoft sharedwindows liveWindowsLiveLogin.dll
BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:program files (x86)googlegoogle toolbarGoogleToolbar_64.dll
BHO-X64: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - c:program filesgooglegoogletoolbarnotifier5.5.5126.1836swg64.dll
BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - c:progra~1mif5ba~1office14URLREDIR.DLL
BHO-X64: URLRedirectionBHO - No File
BHO-X64: FilterBHO Class: {E33CF602-D945-461A-83F0-819F76A199F8} - c:program files (x86)kaspersky labkaspersky anti-virus 2010x64klwtbbho.dll
BHO-X64: link filter bho - No File
TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:program files (x86)googlegoogle toolbarGoogleToolbar_64.dll
mRun-x64: [RtHDVCpl] c:program filesrealtekaudiohdaRAVCpl64.exe -s
mRun-x64: [IAAnotif] c:program files (x86)intelintel matrix storage manageriaanotif.exe
mRun-x64: [Zune Launcher] "c:program fileszuneZuneLauncher.exe"
mRun-x64: [AdobeAAMUpdater-1.0] "c:program files (x86)common filesadobeoobepdappuwaUpdaterStartupUtility.exe"
mRun-x64: [CanonSolutionMenu] c:program files (x86)canonsolutionmenuCNSLMAIN.exe /logon
mRun-x64: [WrtMon.exe] c:windowssystem32spooldriversx643WrtMon.exe
SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:progra~1mif5ba~1office14GROOVEEX.DLL

================= FIREFOX ===================

FF - ProfilePath - c:userschanceappdataroamingmozillafirefoxprofilesuql48938.default
FF - prefs.js: browser.search.defaulturl - hxxp://www.bing.com/search?FORM=SO3TDF&PC=SUN3&q=
FF - prefs.js: browser.startup.homepage - hxxp://www.bing.com/
FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?FORM=SO3TDF&PC=SUN3&q=
FF - component: c:program files (x86)adobeadobe contribute cs5pluginsfirefoxplugin{01a8ca0a-4c96-465b-a49b-65c46fad54f9}componentsContribute.dll
FF - component: c:program files (x86)microsoftsearch enhancement packsearch helperfirefoxextensionsearchhelperextensioncomponentsSEPsearchhelperff.dll
FF - component: c:program files (x86)mozilla firefoxextensionslinkfilter@kaspersky.rucomponentsKavLinkFilter.dll
FF - plugin: c:progra~2mif5ba~1office14NPAUTHZ.DLL
FF - plugin: c:progra~2mif5ba~1office14NPSPWRAP.DLL
FF - plugin: c:program files (x86)googleupdate1.2.183.13npGoogleOneClick8.dll
FF - plugin: c:program files (x86)javajre6binnew_pluginnpdeployJava1.dll
FF - plugin: c:program files (x86)mozilla firefoxpluginsnpContribute.dll
FF - plugin: c:program files (x86)nvidia corporation3d visionnpnv3dv.dll
FF - plugin: c:program files (x86)nvidia corporation3d visionnpnv3dvstreaming.dll
FF - plugin: c:program filesmicrosoftweb platform installerNPWPIDetector.dll
FF - plugin: c:userschanceappdatalocalgoogleupdate1.2.183.29npGoogleOneClick8.dll
FF - plugin: c:userschanceappdataroamingmozillapluginsnpgoogletalk.dll
FF - plugin: c:userschanceappdataroamingmozillapluginsnpgtpo3dautoplugin.dll
FF - plugin: c:windowssyswow64macromedflashNPSWF32.dll
FF - HiddenExtension: Java Console: No Registry Reference - c:program files (x86)mozilla firefoxextensions{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:program files (x86)mozilla firefoxextensions{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----
c:program files (x86)mozilla firefoxgreprefsall.js - pref("ui.use_native_colors", true);
c:program files (x86)mozilla firefoxgreprefsall.js - pref("ui.use_native_popup_windows", false);
c:program files (x86)mozilla firefoxgreprefsall.js - pref("browser.enable_click_image_resizing", true);
c:program files (x86)mozilla firefoxgreprefsall.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:program files (x86)mozilla firefoxgreprefsall.js - pref("javascript.options.mem.high_water_mark", 32);
c:program files (x86)mozilla firefoxgreprefsall.js - pref("javascript.options.mem.gc_frequency", 1600);
c:program files (x86)mozilla firefoxgreprefsall.js - pref("network.IDN.whitelist.lu", true);
c:program files (x86)mozilla firefoxgreprefsall.js - pref("network.IDN.whitelist.nu", true);
c:program files (x86)mozilla firefoxgreprefsall.js - pref("network.IDN.whitelist.nz", true);
c:program files (x86)mozilla firefoxgreprefsall.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:program files (x86)mozilla firefoxgreprefsall.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:program files (x86)mozilla firefoxgreprefsall.js - pref("network.IDN.whitelist.xn--p1ai", true);
c:program files (x86)mozilla firefoxgreprefsall.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
c:program files (x86)mozilla firefoxgreprefsall.js - pref("network.IDN.whitelist.tel", true);
c:program files (x86)mozilla firefoxgreprefsall.js - pref("network.auth.force-generic-ntlm", false);
c:program files (x86)mozilla firefoxgreprefsall.js - pref("network.proxy.type", 5);
c:program files (x86)mozilla firefoxgreprefsall.js - pref("network.buffer.cache.count", 24);
c:program files (x86)mozilla firefoxgreprefsall.js - pref("network.buffer.cache.size", 4096);
c:program files (x86)mozilla firefoxgreprefsall.js - pref("dom.ipc.plugins.timeoutSecs", 45);
c:program files (x86)mozilla firefoxgreprefsall.js - pref("svg.smil.enabled", false);
c:program files (x86)mozilla firefoxgreprefsall.js - pref("ui.trackpoint_hack.enabled", -1);
c:program files (x86)mozilla firefoxgreprefsall.js - pref("browser.formfill.debug", false);
c:program files (x86)mozilla firefoxgreprefsall.js - pref("browser.formfill.agedWeight", 2);
c:program files (x86)mozilla firefoxgreprefsall.js - pref("browser.formfill.bucketSize", 1);
c:program files (x86)mozilla firefoxgreprefsall.js - pref("browser.formfill.maxTimeGroupings", 25);
c:program files (x86)mozilla firefoxgreprefsall.js - pref("browser.formfill.timeGroupingSize", 604800);
c:program files (x86)mozilla firefoxgreprefsall.js - pref("browser.formfill.boundaryWeight", 25);
c:program files (x86)mozilla firefoxgreprefsall.js - pref("browser.formfill.prefixWeight", 5);
c:program files (x86)mozilla firefoxgreprefsall.js - pref("accelerometer.enabled", true);
c:program files (x86)mozilla firefoxgreprefsall.js - pref("html5.enable", false);
c:program files (x86)mozilla firefoxgreprefssecurity-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:program files (x86)mozilla firefoxgreprefssecurity-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:program files (x86)mozilla firefoxgreprefssecurity-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:program files (x86)mozilla firefoxgreprefssecurity-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:program files (x86)mozilla firefoxgreprefssecurity-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
c:program files (x86)mozilla firefoxdefaultspreffirefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:program files (x86)mozilla firefoxdefaultspreffirefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:program files (x86)mozilla firefoxdefaultspreffirefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:program files (x86)mozilla firefoxdefaultspreffirefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:program files (x86)mozilla firefoxdefaultspreffirefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:program files (x86)mozilla firefoxdefaultspreffirefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:program files (x86)mozilla firefoxdefaultspreffirefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:program files (x86)mozilla firefoxdefaultspreffirefox.js - pref("lightweightThemes.update.enabled", true);
c:program files (x86)mozilla firefoxdefaultspreffirefox.js - pref("browser.allTabs.previews", false);
c:program files (x86)mozilla firefoxdefaultspreffirefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:program files (x86)mozilla firefoxdefaultspreffirefox.js - pref("plugins.update.notifyUser", false);
c:program files (x86)mozilla firefoxdefaultspreffirefox.js - pref("toolbar.customization.usesheet", false);
c:program files (x86)mozilla firefoxdefaultspreffirefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);
c:program files (x86)mozilla firefoxdefaultspreffirefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);
c:program files (x86)mozilla firefoxdefaultspreffirefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);
c:program files (x86)mozilla firefoxdefaultspreffirefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);
c:program files (x86)mozilla firefoxdefaultspreffirefox.js - pref("dom.ipc.plugins.enabled", false);
c:program files (x86)mozilla firefoxdefaultspreffirefox.js - pref("browser.taskbar.previews.enable", false);
c:program files (x86)mozilla firefoxdefaultspreffirefox.js - pref("browser.taskbar.previews.max", 20);
c:program files (x86)mozilla firefoxdefaultspreffirefox.js - pref("browser.taskbar.previews.cachetime", 20);

============= SERVICES / DRIVERS ===============

R0 KLBG;Kaspersky Lab Boot Guard Driver;c:windowssystem32driversklbg.sys [2009-10-14 40464]
R0 PxHlpa64;PxHlpa64;c:windowssystem32driversPxHlpa64.sys [2010-8-23 55280]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:windowssystem32driversklim6.sys [2009-9-14 27152]
R2 AVP;Kaspersky Anti-Virus;c:program files (x86)kaspersky labkaspersky anti-virus 2010avp.exe [2009-10-20 340520]
R2 ftpsvc;Microsoft FTP Service;c:windowssystem32svchost.exe -k ftpsvc [2009-7-13 27136]
R2 MsDtsServer100;SQL Server Integration Services 10.0;c:program filesmicrosoft sql server100dtsbinnMsDtsSrvr.exe [2008-7-10 214040]
R2 RtNdPt60;Realtek NDIS Protocol Driver;c:windowssystem32driversRtNdPt60.sys [2010-7-23 27136]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:program files (x86)nvidia corporation3d visionnvSCPAPISvr.exe [2010-7-9 248936]
R3 klmouflt;Kaspersky Lab KLMOUFLT;c:windowssystem32driversklmouflt.sys [2009-10-2 21008]
R3 MSSQLFDLauncher;SQL Full-text Filter Daemon Launcher (MSSQLSERVER);c:program filesmicrosoft sql servermssql10.sqlservermssqlbinnfdlauncher.exe [2008-7-10 34840]
R3 RTL8167;Realtek 8167 NT Driver;c:windowssystem32driversRt64win7.sys [2010-7-23 347680]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:windowsmicrosoft.netframeworkv4.0.30319mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:windowsmicrosoft.netframework64v4.0.30319mscorsvw.exe [2010-3-18 138576]
S2 CruiseControl;CruiseControl Service;"c:program files (x86)cruisecontrolwrapper.exe" -s "c:program files (x86)cruisecontrolwrapper.conf" --> c:program files (x86)cruisecontrolWrapper.exe [?]
S2 gupdate;Google Update Service (gupdate);c:program files (x86)googleupdateGoogleUpdate.exe [2010-7-28 135664]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:program files (x86)microsoft officeoffice14GROOVE.EXE [2010-3-25 30969208]
S3 osppsvc;Office Software Protection Platform;c:program filescommon filesmicrosoft sharedofficesoftwareprotectionplatformOSPPSVC.EXE [2010-1-9 4925184]
S3 RTTEAMPT;Realtek Teaming Protocol Driver (NDIS 6.0);c:windowssystem32driversRtTeam60.sys [2010-7-23 51712]
S3 RTVLANPT;Realtek Vlan Protocol Driver (NDIS 6.2);c:windowssystem32driversRtVlan60.sys [2010-7-23 24064]
S3 SwitchBoard;Adobe SwitchBoard;c:program files (x86)common filesadobeswitchboardSwitchBoard.exe [2010-2-19 517096]
S3 TEAM;Realtek Virtual Miniport Driver for Teaming (NDIS 6.0);c:windowssystem32driversRtTeam60.sys [2010-7-23 51712]
S3 USBAAPL64;Apple Mobile USB Driver;c:windowssystem32driversusbaapl64.sys [2010-4-19 50688]
S3 VLAN;Realtek Virtual Miniport Driver for VLAN (NDIS 6.2);c:windowssystem32driversRtVlan60.sys [2010-7-23 24064]
S3 VSPerfDrv100;Performance Tools Driver 10.0;c:program files (x86)microsoft visual studio 10.0team toolsperformance toolsx64VSPerfDrv100.sys [2010-3-17 68440]
S3 WatAdminSvc;Windows Activation Technologies Service;c:windowssystem32watWatAdminSvc.exe [2010-7-24 1255736]
S3 WMSVC;Web Management Service;c:windowssystem32inetsrvWMSvc.exe [2009-7-13 10752]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:program filesmicrosoft sql server100sharedsqladhlp.exe [2009-7-22 61976]
S4 RsFx0102;RsFx0102 Driver;c:windowssystem32driversRsFx0102.sys [2009-3-30 311640]
S4 RsFx0103;RsFx0103 Driver;c:windowssystem32driversRsFx0103.sys [2009-3-30 311656]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:program filesmicrosoft sql servermssql10.sqlexpressmssqlbinnSQLAGENT.EXE [2009-3-30 427880]

=============== Created Last 30 ================

2010-09-05 22:12:50 0 d-----w- c:windowssystem32appmgmt
2010-09-05 21:24:59 0 ----a-w- c:userschancedefogger_reenable
2010-09-05 21:06:19 0 d-----w- c:userschanceappdataroamingMalwarebytes
2010-09-05 21:02:07 0 d-----w- c:programdataMalwarebytes
2010-09-05 21:02:06 24664 ----a-w- c:windowssystem32driversmbam.sys
2010-09-05 21:02:06 0 d-----w- c:program files (x86)Malwarebytes' Anti-Malware
2010-09-05 20:09:46 19528 ----a-w- c:windowssystem32driverbleepmanpro35.sys
2010-09-05 20:08:20 0 d-----w- c:programdataHitman Pro
2010-09-05 20:08:19 0 d-----w- c:program filebleepman Pro 3.5
2010-09-05 14:33:32 0 d-----w- c:userschanceappdataroamingNewSoft
2010-09-04 20:41:31 0 d-----w- c:program files (x86)CruiseControl
2010-09-03 20:21:03 0 d-----w- c:program filesiTunes
2010-09-03 20:21:03 0 d-----w- c:program filesiPod
2010-09-03 20:21:03 0 d-----w- c:program files (x86)iTunes
2010-09-03 17:27:19 0 ---ha-w- c:windowssystem32driversMsft_User_WpdMtpDr_01_09_00.Wdf
2010-09-02 07:00:33 0 d-----w- c:program files (x86)Microsoft CAPICOM 2.1.0.2
2010-09-02 04:40:41 0 d-----w- c:programdataLavasoft
2010-09-02 04:40:41 0 d-----w- c:program files (x86)Lavasoft
2010-09-01 16:58:16 9606 ----a-w- c:windowssystem32NEWSOFT
2010-09-01 16:57:53 264 ----a-w- c:windowssetup.iss
2010-09-01 16:57:40 27632 ----a-w- c:windowssyswow64CTL3DV2.DLL
2010-09-01 16:57:40 11776 ----a-w- c:windowssyswow64pmsbfn32.dll
2010-09-01 16:57:30 0 d-----w- c:program files (x86)common filesNewSoft
2010-09-01 16:57:13 0 d-----w- c:program files (x86)NewSoft
2010-09-01 16:57:13 0 d-----w- c:program files (x86)common filesPDFView
2010-09-01 16:57:12 0 d-----w- c:windowssyswow64Color
2010-09-01 16:55:42 424 ----a-w- c:windowsMAXLINK.INI
2010-09-01 16:55:41 0 d-----w- c:programdataInstallShield
2010-09-01 16:55:31 0 d-----w- c:programdataScanSoft
2010-09-01 16:55:31 0 d-----w- c:program files (x86)common filesScanSoft Shared
2010-09-01 16:55:17 0 d-----w- c:program files (x86)ScanSoft
2010-09-01 16:50:32 212480 ----a-w- c:windowsPCDLIB32.DLL
2010-09-01 16:49:37 0 d-----w- c:program filescommon filesCANON
2010-09-01 16:47:58 0 d-----w- c:program files (x86)Canon
2010-08-30 07:00:41 0 d-----w- c:program files (x86)MSXML 4.0
2010-08-29 15:57:22 0 d-----w- c:userschanceappdataroamingchc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
2010-08-28 23:34:35 0 d-----w- c:programdataLightScribe
2010-08-28 23:28:58 0 d-----w- c:programdataNero
2010-08-28 23:19:31 1974616 ----a-w- c:windowssyswow64D3DCompiler_42.dll
2010-08-28 23:19:14 1892184 ----a-w- c:windowssyswow64D3DX9_42.dll
2010-08-28 23:18:57 4379984 ----a-w- c:windowssyswow64D3DX9_40.dll
2010-08-28 23:18:40 3727720 ----a-w- c:windowssyswow64d3dx9_35.dll
2010-08-28 23:18:24 3497832 ----a-w- c:windowssyswow64d3dx9_34.dll
2010-08-28 23:18:06 2388176 ----a-w- c:windowssyswow64d3dx9_30.dll
2010-08-28 23:07:03 0 d-----w- c:programdataDVD Shrink
2010-08-28 23:07:02 0 d-----w- c:program files (x86)DVD Shrink
2010-08-28 03:43:48 1245 ----a-w- c:userschance_viminfo
2010-08-28 01:14:11 0 d-----w- c:userschanceappdataroamingAdobe Mini Bridge CS5
2010-08-28 01:14:10 0 d-----w- c:userschanceappdataroamingStageManager.BD092818F67280F4B42B04877600987F0111B594.1
2010-08-26 00:53:27 0 d-----w- c:userschanceappdataroamingMicrosoft FxCop
2010-08-25 09:44:46 861184 ----a-w- c:windowssystem32oleaut32.dll
2010-08-25 09:44:46 571904 ----a-w- c:windowssyswow64oleaut32.dll
2010-08-23 21:37:58 0 d-----w- c:programdataregid.1986-12.com.adobe
2010-08-23 21:29:22 0 d-----w- c:programdataALM
2010-08-23 21:20:04 0 d-----w- c:userschanceAdobe Flash Builder 4
2010-08-23 21:11:25 55280 ------w- c:windowssystem32driversPxHlpa64.sys
2010-08-23 21:11:25 10224 ------w- c:windowssystem32driverscdralw2k.sys
2010-08-23 21:11:25 10224 ------w- c:windowssystem32driverscdr4_xp.sys
2010-08-23 21:11:24 0 d-----w- c:program files (x86)My Company Name
2010-08-23 21:11:24 0 d-----w- c:program files (x86)common filesSonic Shared
2010-08-23 21:11:24 0 d-----w- c:program files (x86)common filesPX Storage Engine
2010-08-23 21:08:01 0 d-----w- c:program filescommon filesAdobe
2010-08-23 21:07:57 0 d-----w- c:program filesAdobe
2010-08-15 15:09:39 0 d-----w- c:program files (x86)MSN Toolbar
2010-08-15 15:08:59 0 d-----w- c:program files (x86)MSN Toolbar Installer
2010-08-15 15:08:47 0 d-----w- c:programdataSun
2010-08-15 15:08:15 423656 ----a-w- c:windowssyswow64deployJava1.dll
2010-08-15 15:08:15 153376 ----a-w- c:windowssyswow64javaws.exe
2010-08-15 15:08:15 145184 ----a-w- c:windowssyswow64javaw.exe
2010-08-15 15:08:15 145184 ----a-w- c:windowssyswow64java.exe
2010-08-15 14:32:19 149773 ----a-w- c:windowssystem32driversklin.dat
2010-08-15 14:32:18 106765 ----a-w- c:windowssystem32driversklick.dat
2010-08-15 14:31:54 0 d-----w- c:programdataKaspersky Lab
2010-08-15 14:31:54 0 d-----w- c:program files (x86)Kaspersky Lab
2010-08-15 14:30:54 0 d-----w- c:programdataKaspersky Lab Setup Files
2010-08-15 14:26:31 0 d-----w- c:userschanceappdataroamingAnVi
2010-08-10 09:15:58 94208 ----a-w- c:windowssyswow64QuickTimeVR.qtx
2010-08-10 09:15:58 69632 ----a-w- c:windowssyswow64QuickTime.qts
2010-08-09 02:12:14 0 d-----w- c:program files (x86)Microsoft Visual Studio 8
2010-08-09 02:11:58 0 d-----w- c:program filesMicrosoft Office

==================== Find3M ====================

2010-07-29 06:30:34 82944 ----a-w- c:windowssyswow64iccvid.dll
2010-07-27 14:03:24 12867584 ----a-w- c:windowssyswow64shell32.dll
2010-07-23 01:42:19 0 ---ha-w- c:windowssystem32driversMsft_User_WpdFs_01_09_00.Wdf
2010-07-09 20:27:02 61032 ----a-w- c:windowssystem32nvshext.dll
2010-07-09 20:27:02 159336 ----a-w- c:windowssystem32nvvsvc.exe
2010-07-09 20:27:02 1585256 ----a-w- c:windowssystem32nvsvc64.dll
2010-07-09 20:27:02 15314024 ----a-w- c:windowssystem32nvcpl.dll
2010-07-09 20:27:02 116328 ----a-w- c:windowssystem32nvmctray.dll
2010-06-30 07:13:46 1192960 ----a-w- c:windowssystem32wininet.dll
2010-06-30 06:25:31 978432 ----a-w- c:windowssyswow64wininet.dll
2010-06-30 06:25:18 1226240 ----a-w- c:windowssyswow64urlmon.dll
2010-06-30 06:22:45 606208 ----a-w- c:windowssyswow64mstime.dll
2010-06-30 06:22:34 5971456 ----a-w- c:windowssyswow64mshtml.dll
2010-06-30 06:22:33 64512 ----a-w- c:windowssyswow64msfeedsbs.dll
2010-06-30 06:21:57 48128 ----a-w- c:windowssyswow64jsproxy.dll
2010-06-30 06:21:47 185856 ----a-w- c:windowssyswow64iepeers.dll
2010-06-30 06:21:47 176640 ----a-w- c:windowssyswow64ieui.dll
2010-06-30 06:21:46 10985472 ----a-w- c:windowssyswow64ieframe.dll
2010-06-30 06:21:44 381440 ----a-w- c:windowssyswow64iedkcs32.dll
2010-06-30 06:19:16 12800 ----a-w- c:windowssyswow64msfeedssync.exe
2010-06-19 07:05:01 5507968 ----a-w- c:windowssystem32ntoskrnl.exe
2010-06-19 06:53:18 52224 ----a-w- c:windowssystem32rtutils.dll
2010-06-19 06:33:29 3955080 ----a-w- c:windowssyswow64ntkrnlpa.exe
2010-06-19 06:33:29 3899784 ----a-w- c:windowssyswow64ntoskrnl.exe
2010-06-19 06:23:50 37376 ----a-w- c:windowssyswow64rtutils.dll
2010-06-19 04:32:34 3122688 ----a-w- c:windowssystem32win32k.sys
2010-06-16 06:11:10 340992 ----a-w- c:windowssystem32schannel.dll
2010-06-16 05:48:35 224256 ----a-w- c:windowssyswow64schannel.dll
2009-07-14 05:37:38 31548 ----a-w- c:windowsinfperflib0409perfd.dat
2009-07-14 05:37:38 31548 ----a-w- c:windowsinfperflib0409perfc.dat
2009-07-14 05:37:38 291294 ----a-w- c:windowsinfperflib0409perfi.dat
2009-07-14 05:37:38 291294 ----a-w- c:windowsinfperflib0409perfh.dat
2009-07-14 04:54:24 174 --sha-w- c:program filesdesktop.ini
2009-07-14 04:54:24 174 --sha-w- c:program files (x86)desktop.ini
2009-07-14 01:00:34 291294 ----a-w- c:windowsinfperflib0000perfi.dat
2009-07-14 01:00:34 291294 ----a-w- c:windowsinfperflib0000perfh.dat
2009-07-14 01:00:32 31548 ----a-w- c:windowsinfperflib0000perfd.dat
2009-07-14 01:00:32 31548 ----a-w- c:windowsinfperflib0000perfc.dat
2009-06-10 20:44:08 9633792 --sha-r- c:windowsfontsStaticCache.dat
2009-07-14 01:39:53 398848 --sha-w- c:windowswinsxsamd64_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_4d4d1f2f696639a2WinMail.exe
2009-07-14 01:14:45 396800 --sha-w- c:windowswinsxsx86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86cWinMail.exe

============= FINISH: 13:08:54.30 ===============

OTL Log
OTL logfile created on: 9/6/2010 2:34:00 PM - Run 1
OTL by OldTimer - Version 3.2.11.0 Folder = C:UsersChanceDesktop
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

8.00 Gb Total Physical Memory | 6.00 Gb Available Physical Memory | 70.00% Memory free
16.00 Gb Paging File | 12.00 Gb Available in Paging File | 75.00% Paging File free
Paging file location(s): c:pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:Windows | %ProgramFiles% = C:Program Files (x86)
Drive C: | 100.00 Gb Total Space | 37.78 Gb Free Space | 37.78% Space Free | Partition Type: NTFS
Drive D: | 50.17 Gb Total Space | 46.97 Gb Free Space | 93.63% Space Free | Partition Type: NTFS
Drive E: | 146.48 Gb Total Space | 142.99 Gb Free Space | 97.62% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
Drive H: | 270.74 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
I: Drive not present or media not loaded
Drive M: | 292.97 Gb Total Space | 123.83 Gb Free Space | 42.27% Space Free | Partition Type: NTFS
Drive Z: | 341.80 Gb Total Space | 252.35 Gb Free Space | 73.83% Space Free | Partition Type: NTFS

Computer Name: BLACKROCK
Current User Name: Chance
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - File not found -- C:WindowsSysWow64spooldriversx643WrtProc.exe
PRC - File not found -- C:WindowsSysWow64spooldriversx643WrtMon.exe
PRC - [2010/09/06 14:33:08 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:UsersChanceDesktopOTL.exe
PRC - [2010/08/13 12:58:56 | 000,144,672 | ---- | M] (Apple Inc.) -- C:Program Files (x86)Common FilesAppleMobile Device SupportAppleMobileDeviceService.exe
PRC - [2010/07/22 22:06:53 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:Program Files (x86)Mozilla Firefoxfirefox.exe
PRC - [2010/07/09 16:09:52 | 000,248,936 | ---- | M] (NVIDIA Corporation) -- C:Program Files (x86)NVIDIA Corporation3D VisionnvSCPAPISvr.exe
PRC - [2010/06/29 12:51:40 | 000,092,904 | ---- | M] (Binary Fortress Software) -- C:Program Files (x86)DisplayFusionDisplayFusionHookx86.exe
PRC - [2010/05/14 11:00:26 | 000,316,208 | ---- | M] (Microsoft Corporation) -- C:Program Files (x86)MicrosoftSearch Enhancement PackSCServerSCServer.exe
PRC - [2010/05/14 11:00:26 | 000,249,136 | ---- | M] (Microsoft Corporation) -- C:Program Files (x86)MicrosoftSearch Enhancement PackSeaPortSeaPort.exe
PRC - [2010/05/13 00:16:26 | 000,049,321 | ---- | M] (The Pidgin developer community) -- C:Program Files (x86)Pidginpidgin.exe
PRC - [2010/04/29 15:39:32 | 001,090,952 | ---- | M] (Malwarebytes Corporation) -- C:Program Files (x86)Malwarebytes' Anti-Malwarembam.exe
PRC - [2010/03/29 20:26:00 | 000,227,712 | ---- | M] (Microsoft Corporation) -- C:Program Files (x86)Microsoft OfficeOffice14ONENOTEM.EXE
PRC - [2010/03/18 23:21:56 | 000,570,184 | ---- | M] (Microsoft Corporation) -- C:Program Files (x86)Microsoft Visual Studio 10.0Common7IDEdevenv.exe
PRC - [2010/03/06 04:04:24 | 000,310,224 | ---- | M] (Adobe Systems Incorporated) -- C:Program Files (x86)Common FilesAdobeOOBEPDAppUWAAAM Updates Notifier.exe
PRC - [2010/02/12 11:02:08 | 000,240,992 | ---- | M] (Microsoft Corp.) -- C:Program Files (x86)MSN ToolbarPlatform4.0.0401.0mswinext.exe
PRC - [2009/06/04 19:03:32 | 000,186,904 | ---- | M] (Intel Corporation) -- C:Program Files (x86)IntelIntel Matrix Storage ManagerIAAnotif.exe
PRC - [2009/06/04 19:03:06 | 000,354,840 | ---- | M] (Intel Corporation) -- C:Program Files (x86)IntelIntel Matrix Storage ManagerIAANTmon.exe
PRC - [2008/10/20 14:01:28 | 000,222,512 | ---- | M] (Brother Industries, Ltd.) -- C:Program Files (x86)BrownieBRNIPMON.exe
PRC - [2007/02/04 12:02:14 | 000,079,400 | ---- | M] (Nuance Communications, Inc.) -- C:Program Files (x86)ScanSoftOmniPageSE4OpWareSE4.exe


========== Modules (SafeList) ==========

MOD - [2010/09/06 14:33:08 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:UsersChanceDesktopOTL.exe
MOD - [2010/06/29 12:51:40 | 000,047,848 | ---- | M] (Binary Fortress Software) -- C:Program Files (x86)DisplayFusionDisplayFusionHookx86.dll
MOD - [2009/07/13 21:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:WindowsSysWOW64msscript.ocx
MOD - [2009/07/13 21:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:Windowswinsxsx86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfccomctl32.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2010/01/07 15:24:16 | 000,470,240 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:WindowsSysNativeZuneWlanCfgSvc.exe -- (ZuneWlanCfgSvc)
SRV:64bit: - [2010/01/07 15:24:06 | 007,700,208 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:Program FilesZuneZuneNss.exe -- (ZuneNetworkSvc)
SRV:64bit: - [2009/08/18 12:48:02 | 002,291,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSVC.EXE -- (wlidsvc)
SRV:64bit: - [2009/07/22 04:17:44 | 000,061,976 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:Program FilesMicrosoft SQL Server100SharedSQLADHLP.EXE -- (MSSQLServerADHelper100)
SRV:64bit: - [2009/07/13 21:41:56 | 000,195,072 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:WindowsSysNativeumrdp.dll -- (UmRdpService)
SRV:64bit: - [2009/07/13 21:41:53 | 001,361,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:WindowsSysNativePeerDistSvc.dll -- (PeerDistSvc)
SRV:64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:Program FilesWindows DefenderMpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/13 21:41:08 | 000,451,072 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:WindowsSysNativeinetsrviisw3adm.dll -- (WAS)
SRV:64bit: - [2009/07/13 21:41:08 | 000,451,072 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:WindowsSysNativeinetsrviisw3adm.dll -- (W3SVC)
SRV:64bit: - [2009/07/13 21:40:55 | 000,349,184 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:WindowsSysNativeinetsrvftpsvc.dll -- (ftpsvc)
SRV:64bit: - [2009/07/13 21:40:24 | 000,689,152 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:WindowsSysNativecscsvc.dll -- (CscService)
SRV:64bit: - [2009/07/13 21:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:WindowsSysNativeappmgmts.dll -- (AppMgmt)
SRV:64bit: - [2009/07/13 21:40:01 | 000,065,536 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:WindowsSysNativeinetsrvapphostsvc.dll -- (AppHostSvc)
SRV:64bit: - [2009/07/13 21:39:56 | 000,010,752 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:WindowsSysNativeinetsrvWMSvc.exe -- (WMSVC)
SRV:64bit: - [2009/07/13 21:39:13 | 000,015,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:WindowsSysNativeinetsrvinetinfo.exe -- (IISADMIN)
SRV:64bit: - [2009/03/30 04:02:56 | 057,617,752 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:Program FilesMicrosoft SQL ServerMSSQL10.SQLEXPRESSMSSQLBinnsqlservr.exe -- (MSSQL$SQLEXPRESS)
SRV:64bit: - [2009/03/30 04:01:06 | 000,427,880 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:Program FilesMicrosoft SQL ServerMSSQL10.SQLEXPRESSMSSQLBinnSQLAGENT.EXE -- (SQLAgent$SQLEXPRESS)
SRV:64bit: - [2008/07/10 08:31:06 | 057,820,696 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:Program FilesMicrosoft SQL ServerMSSQL10.SQLSERVERMSSQLBinnsqlservr.exe -- (MSSQLSERVER)
SRV:64bit: - [2008/07/10 08:31:00 | 000,430,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:Program FilesMicrosoft SQL ServerMSSQL10.SQLSERVERMSSQLBinnSQLAGENT.EXE -- (SQLSERVERAGENT)
SRV:64bit: - [2008/07/10 04:40:50 | 000,214,040 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:Program FilesMicrosoft SQL Server100DTSBinnMsDtsSrvr.exe -- (MsDtsServer100)
SRV:64bit: - [2008/07/10 04:39:08 | 000,034,840 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:Program FilesMicrosoft SQL ServerMSSQL10.SQLSERVERMSSQLBinnfdlauncher.exe -- (MSSQLFDLauncher)
SRV - [2010/08/18 12:11:11 | 000,340,520 | ---- | M] (Kaspersky Lab) [Auto | Stopped] -- C:Program Files (x86)Kaspersky LabKaspersky Anti-Virus 2010avp.exe -- (AVP)
SRV - [2010/08/13 12:58:56 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:Program Files (x86)Common FilesAppleMobile Device SupportAppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/07/09 16:09:52 | 000,248,936 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:Program Files (x86)NVIDIA Corporation3D VisionnvSCPAPISvr.exe -- (Stereo Service)
SRV - [2010/05/14 11:00:26 | 000,249,136 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:Program Files (x86)MicrosoftSearch Enhancement PackSeaPortSeaPort.exe -- (SeaPort)
SRV - [2010/03/25 10:25:22 | 030,969,208 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:Program Files (x86)Microsoft OfficeOffice14GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2010/03/18 17:23:04 | 000,044,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:WindowsMicrosoft.NETFramework64v4.0.30319aspnet_state.exe -- (aspnet_state)
SRV - [2010/03/18 14:27:14 | 000,138,576 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:WindowsMicrosoft.NETFramework64v4.0.30319mscorsvw.exe -- (clr_optimization_v4.0.30319_64)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:WindowsMicrosoft.NETFrameworkv4.0.30319mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:Program Files (x86)Common FilesAdobeSwitchBoardSwitchBoard.exe -- (SwitchBoard)
SRV - [2009/07/13 21:15:31 | 000,396,288 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:WindowsSysWOW64inetsrviisw3adm.dll -- (WAS)
SRV - [2009/07/13 21:15:31 | 000,396,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:WindowsSysWOW64inetsrviisw3adm.dll -- (W3SVC)
SRV - [2009/07/13 21:14:53 | 000,061,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:WindowsSysWOW64inetsrvapphostsvc.dll -- (AppHostSvc)
SRV - [2009/06/04 19:03:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:Program Files (x86)IntelIntel Matrix Storage ManagerIAANTmon.exe -- (IAANTMON) Intel®


========== Driver Services (SafeList) ==========

DRV:64bit: - [2010/08/15 10:41:23 | 000,353,296 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:WindowsSysNativedriversklif.sys -- (KLIF)
DRV:64bit: - [2010/04/19 20:47:42 | 000,050,688 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:WindowsSysNativedriversusbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2010/03/22 05:57:20 | 000,347,680 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:WindowsSysNativedriversRt64win7.sys -- (RTL8167)
DRV:64bit: - [2009/12/21 11:39:40 | 000,051,712 | ---- | M] (Realtek Corporation) [Kernel | On_Demand | Stopped] -- C:WindowsSysNativedriversRtTeam60.sys -- (TEAM) Realtek Virtual Miniport Driver for Teaming (NDIS 6.0)
DRV:64bit: - [2009/12/21 11:39:40 | 000,051,712 | ---- | M] (Realtek Corporation) [Kernel | On_Demand | Stopped] -- C:WindowsSysNativedriversRtTeam60.sys -- (RTTEAMPT) Realtek Teaming Protocol Driver (NDIS 6.0)
DRV:64bit: - [2009/10/14 21:18:38 | 000,040,464 | ---- | M] (Kaspersky Lab) [Kernel | Boot | Running] -- C:WindowsSysNativedriversklbg.sys -- (KLBG)
DRV:64bit: - [2009/10/02 19:39:32 | 000,021,008 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:WindowsSysNativedriversklmouflt.sys -- (klmouflt)
DRV:64bit: - [2009/09/14 14:46:42 | 000,027,152 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:WindowsSysNativedriversklim6.sys -- (KLIM6)
DRV:64bit: - [2009/09/01 15:29:56 | 000,157,712 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:WindowsSysNativedriverskl1.sys -- (kl1)
DRV:64bit: - [2009/07/19 22:27:34 | 000,027,136 | ---- | M] (Realtek ) [Kernel | Auto | Running] -- C:WindowsSysNativedriversRtNdPt60.sys -- (RtNdPt60)
DRV:64bit: - [2009/07/13 21:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:WindowsSysNativedriversamdsata.sys -- (amdsata)
DRV:64bit: - [2009/07/13 21:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:WindowsSysNativedriversamdxata.sys -- (amdxata)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:WindowsSysNativedriversamdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:WindowsSysNativedriverslsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:WindowsSysNativedriversHpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/13 21:45:55 | 000,200,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:WindowsSysNativedriversvmbus.sys -- (vmbus)
DRV:64bit: - [2009/07/13 21:45:55 | 000,046,672 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:WindowsSysNativedriversvmstorfl.sys -- (storflt)
DRV:64bit: - [2009/07/13 21:45:55 | 000,034,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:WindowsSysNativedriversstorvsc.sys -- (storvsc)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:WindowsSysNativedriversstexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 19:42:58 | 000,006,656 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:WindowsSysNativedriversvms3cap.sys -- (s3cap)
DRV:64bit: - [2009/07/13 19:42:44 | 000,021,760 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:WindowsSysNativedriversVMBusHID.sys -- (VMBusHID)
DRV:64bit: - [2009/07/13 19:24:27 | 000,514,048 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:WindowsSysNativedriverscsc.sys -- (CSC)
DRV:64bit: - [2009/07/09 03:00:00 | 000,055,280 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:WindowsSysNativedriversPxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2009/06/10 16:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:WindowsSysNativewbemntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:WindowsSysNativedriversevbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:WindowsSysNativedriversbxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:WindowsSysNativedriversb57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:WindowsSysNativedrivershcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/06/04 18:54:36 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:WindowsSysNativedriversiaStor.sys -- (iaStor)
DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:WindowsSysNativedriversGEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009/03/30 03:53:56 | 000,311,656 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:WindowsSysNativedriversRsFx0103.sys -- (RsFx0103)
DRV:64bit: - [2009/03/30 03:53:56 | 000,311,640 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:WindowsSysNativedriversRsFx0102.sys -- (RsFx0102)
DRV:64bit: - [2007/12/02 22:20:54 | 000,024,064 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:WindowsSysNativedriversRtVlan60.sys -- (VLAN) Realtek Virtual Miniport Driver for VLAN (NDIS 6.2)
DRV:64bit: - [2007/12/02 22:20:54 | 000,024,064 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:WindowsSysNativedriversRtVlan60.sys -- (RTVLANPT) Realtek Vlan Protocol Driver (NDIS 6.2)
DRV - [2010/03/17 23:34:36 | 000,068,440 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:Program Files (x86)Microsoft Visual Studio 10.0Team ToolsPerformance Toolsx64VSPerfDrv100.sys -- (VSPerfDrv100)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLMSOFTWAREMicrosoftInternet ExplorerMain,Local Page = C:WindowsSysWOW64blank.htm

IE - HKCUSOFTWAREMicrosoftInternet ExplorerMain,Start Page Redirect Cache = http://www.msn.com/
IE - HKCUSOFTWAREMicrosoftInternet ExplorerMain,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCUSOFTWAREMicrosoftInternet ExplorerMain,Start Page Redirect Cache_TIMESTAMP = EC 33 BB A7 71 42 CB 01 [binary data]
IE - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings: "ProxyEnable" = 0
IE - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Bing"
FF - prefs.js..browser.search.defaulturl: "http://www.bing.com/search?FORM=SO3TDF&PC=SUN3&q="
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.bing.com/"
FF - prefs.js..extensions.enabledItems: firebug@software.joehewitt.com:1.5.4
FF - prefs.js..extensions.enabledItems: linkfilter@kaspersky.ru:9.0.0.736
FF - prefs.js..extensions.enabledItems: {924CE1A0-EE6A-435E-8A3A-5DE3EA11E39E}:1.9.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {27182e60-b5f3-411c-b545-b44205977502}:1.0
FF - prefs.js..extensions.enabledItems: {01A8CA0A-4C96-465b-A49B-65C46FAD54F9}:6.0
FF - prefs.js..keyword.URL: "http://www.bing.com/search?FORM=SO3TDF&PC=SUN3&q="

FF - HKLMsoftwaremozillaFirefoxExtensions{27182e60-b5f3-411c-b545-b44205977502}: C:Program Files (x86)MicrosoftSearch Enhancement PackSearch HelperfirefoxextensionSearchHelperExtension [2010/08/17 03:00:37 | 000,000,000 | ---D | M]
FF - HKLMsoftwaremozillaFirefoxExtensions{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}: C:Program Files (x86)AdobeAdobe Contribute CS5PluginsFirefoxPlugin{01A8CA0A-4C96-465b-A49B-65C46FAD54F9} [2010/08/23 17:14:36 | 000,000,000 | ---D | M]
FF - HKLMsoftwaremozillaMozilla Firefox 3.6.8extensionsComponents: C:Program Files (x86)Mozilla Firefoxcomponents [2010/09/03 16:19:01 | 000,000,000 | ---D | M]
FF - HKLMsoftwaremozillaMozilla Firefox 3.6.8extensionsPlugins: C:Program Files (x86)Mozilla Firefoxplugins [2010/09/05 15:35:17 | 000,000,000 | ---D | M]

[2010/07/24 09:28:23 | 000,000,000 | ---D | M] -- C:UsersChanceAppDataRoamingMozillaExtensions
[2010/09/05 16:42:31 | 000,000,000 | ---D | M] -- C:UsersChanceAppDataRoamingMozillaFirefoxProfilesuql48938.defaultextensions
[2010/07/29 22:10:33 | 000,000,000 | ---D | M] -- C:UsersChanceAppDataRoamingMozillaFirefoxProfilesuql48938.defaultextensionsfirebug@software.joehewitt.com
[2010/08/19 16:25:29 | 000,001,832 | ---- | M] () -- C:UsersChanceAppDataRoamingMozillaFirefoxProfilesuql48938.defaultsearchpluginsbing.xml
[2010/08/15 11:08:17 | 000,000,000 | ---D | M] -- C:Program Files (x86)Mozilla Firefoxextensions
[2010/08/15 11:08:17 | 000,000,000 | ---D | M] (Java Console) -- C:Program Files (x86)Mozilla Firefoxextensions{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/08/15 10:32:26 | 000,000,000 | ---D | M] -- C:Program Files (x86)Mozilla Firefoxextensionslinkfilter@kaspersky.ru
[2010/03/27 18:06:04 | 000,067,032 | ---- | M] (Adobe Systems, Inc.) -- C:Program Files (x86)Mozilla FirefoxpluginsnpContribute.dll
[2010/07/17 05:00:04 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:Program Files (x86)Mozilla FirefoxpluginsnpdeployJava1.dll

O1 HOSTS File: ([2009/06/10 17:00:26 | 000,000,824 | ---- | M]) - C:WindowsSysNativedriversetchosts
O2:64bit: - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:Program Files (x86)Kaspersky LabKaspersky Anti-Virus 2010x64ievkbd.dll (Kaspersky Lab)
O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:Program FilesMicrosoft OfficeOffice14GROOVEEX.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:Program FilesCommon FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll (Microsoft Corporation)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:Program Files (x86)GoogleGoogle ToolbarGoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:Program FilesGoogleGoogleToolbarNotifier5.5.5126.1836swg64.dll (Google Inc.)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:Program FilesMicrosoft OfficeOffice14URLREDIR.DLL (Microsoft Corporation)
O2:64bit: - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:Program Files (x86)Kaspersky LabKaspersky Anti-Virus 2010x64klwtbbho.dll (Kaspersky Lab)
O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:Program Files (x86)AdobeAdobe Contribute CS5PluginsIEPlugincontributeieplugin.dll (Adobe Systems, Inc.)
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:Program Files (x86)Kaspersky LabKaspersky Anti-Virus 2010ievkbd.dll (Kaspersky Lab)
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:Program Files (x86)MicrosoftSearch Enhancement PackSearch HelperSEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:Program Files (x86)Microsoft OfficeOffice14GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:Program Files (x86)GoogleGoogle ToolbarGoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:Program Files (x86)GoogleGoogleToolbarNotifier5.5.5126.1836swg.dll (Google Inc.)
O2 - BHO: (MSN Toolbar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:Program Files (x86)MSN ToolbarPlatform4.0.0401.0npwinext.dll (Microsoft Corporation)
O2 - BHO: (Microsoft Web Test Recorder 10.0 Helper) - {DDA57003-0068-4ed2-9D32-4D1EC707D94D} - C:Program Files (x86)Microsoft Visual Studio 10.0Common7IDEPrivateAssembliesMicrosoft.VisualStudio.QualityTools.RecorderBarBHO100.dll (Microsoft Corporation)
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:Program Files (x86)Kaspersky LabKaspersky Anti-Virus 2010klwtbbho.dll (Kaspersky Lab)
O3:64bit: - HKLM..Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:Program Files (x86)GoogleGoogle ToolbarGoogleToolbar_64.dll (Google Inc.)
O3 - HKLM..Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:Program Files (x86)GoogleGoogle ToolbarGoogleToolbar_32.dll (Google Inc.)
O3 - HKLM..Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:Program Files (x86)AdobeAdobe Contribute CS5PluginsIEPlugincontributeieplugin.dll (Adobe Systems, Inc.)
O3 - HKLM..Toolbar: (MSN Toolbar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - c:Program Files (x86)MSN ToolbarPlatform4.0.0401.0npwinext.dll (Microsoft Corporation)
O3:64bit: - HKCU..ToolbarWebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:Program Files (x86)GoogleGoogle ToolbarGoogleToolbar_64.dll (Google Inc.)
O3 - HKCU..ToolbarWebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:Program Files (x86)GoogleGoogle ToolbarGoogleToolbar_32.dll (Google Inc.)
O4:64bit: - HKLM..Run: [AdobeAAMUpdater-1.0] C:Program Files (x86)Common FilesAdobeOOBEPDAppUWAUpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..Run: [CanonSolutionMenu] C:Program Files (x86)CanonSolutionMenuCNSLMAIN.exe (CANON INC.)
O4:64bit: - HKLM..Run: [IAAnotif] C:Program Files (x86)IntelIntel Matrix Storage ManagerIAAnotif.exe (Intel Corporation)
O4:64bit: - HKLM..Run: [RtHDVCpl] C:Program FilesRealtekAudioHDARAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..Run: [WrtMon.exe] C:WindowsSysNativespooldriversx643WrtMon.exe ()
O4:64bit: - HKLM..Run: [Zune Launcher] C:Program FilesZuneZuneLauncher.exe (Microsoft Corporation)
O4 - HKLM..Run: [AdobeCS5ServiceManager] C:Program Files (x86)Common FilesAdobeCS5ServiceManagerCS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..Run: [AVP] C:Program Files (x86)Kaspersky LabKaspersky Anti-Virus 2010avp.exe (Kaspersky Lab)
O4 - HKLM..Run: [BCSSync] C:Program Files (x86)Microsoft OfficeOffice14BCSSync.exe (Microsoft Corporation)
O4 - HKLM..Run: [BrStsWnd] C:Program Files (x86)BrownieBrstsW64.exe (brother)
O4 - HKLM..Run: [Microsoft Default Manager] C:Program Files (x86)MicrosoftSearch Enhancement PackDefault ManagerDefMgr.exe (Microsoft Corporation)
O4 - HKLM..Run: [MSN Toolbar] c:Program Files (x86)MSN ToolbarPlatform4.0.0401.0mswinext.exe (Microsoft Corp.)
O4 - HKLM..Run: [OpwareSE4] C:Program Files (x86)ScanSoftOmniPageSE4OpwareSE4.exe (Nuance Communications, Inc.)
O4 - HKLM..Run: [SSBkgdUpdate] C:Program Files (x86)Common FilesScansoft SharedSSBkgdUpdateSSBkgdupdate.exe (Nuance Communications, Inc.)
O4 - HKLM..Run: [SwitchBoard] C:Program Files (x86)Common FilesAdobeSwitchBoardSwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKCU..Run: [AdobeBridge] File not found
O4 - HKCU..Run: [DisplayFusion] C:Program Files (x86)DisplayFusionDisplayFusion.exe (Binary Fortress Software)
O4 - HKCU..Run: [swg] C:Program Files (x86)GoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe (Google Inc.)
O4 - Startup: C:UsersChanceAppDataRoamingMicrosoftWindowsStart MenuProgramsStartupOneNote 2010 Screen Clipper and Launcher.lnk = C:Program Files (x86)Microsoft OfficeOffice14ONENOTEM.EXE (Microsoft Corporation)
O6 - HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoActiveDesktop = 1
O6 - HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciesSystem: ConsentPromptBehaviorAdmin = 5
O6 - HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciesSystem: ConsentPromptBehaviorUser = 3
O6 - HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciesSystem: PromptOnSecureDesktop = 0
O8:64bit: - Extra context menu item: Google Sidewiki... - C:Program Files (x86)GoogleGoogle ToolbarComponentGoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll (Google Inc.)
O8:64bit: - Extra context menu item: Se&nd to OneNote - C:Program Files (x86)Microsoft OfficeOffice14ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Google Sidewiki... - C:Program Files (x86)GoogleGoogle ToolbarComponentGoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll (Google Inc.)
O8 - Extra context menu item: Se&nd to OneNote - C:Program Files (x86)Microsoft OfficeOffice14ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: &Virtual keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:Program Files (x86)Kaspersky LabKaspersky Anti-Virus 2010x64klwtbbho.dll (Kaspersky Lab)
O9:64bit: - Extra Button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:Program Files (x86)Kaspersky LabKaspersky Anti-Virus 2010x64klwtbbho.dll (Kaspersky Lab)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:Program Files (x86)Microsoft OfficeOffice14ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:Program Files (x86)Microsoft OfficeOffice14ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: &Virtual keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:Program Files (x86)Kaspersky LabKaspersky Anti-Virus 2010klwtbbho.dll (Kaspersky Lab)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:Program Files (x86)Microsoft OfficeOffice14ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:Program Files (x86)Microsoft OfficeOffice14ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:Program Files (x86)Kaspersky LabKaspersky Anti-Virus 2010klwtbbho.dll (Kaspersky Lab)
O10:64bit: - NameSpace_Catalog5Catalog_Entries000000000007 [] - C:Program Files (x86)BonjourmdnsNSP.dll (Apple Inc.)
O10:64bit: - NameSpace_Catalog5Catalog_Entries000000000008 [] - c:Program Files (x86)Common Filesmicrosoft sharedWindows LiveWLIDNSP.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5Catalog_Entries000000000009 [] - c:Program Files (x86)Common Filesmicrosoft sharedWindows LiveWLIDNSP.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5Catalog_Entries000000000007 [] - C:Program Files (x86)BonjourmdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5Catalog_Entries000000000008 [] - c:Program Files (x86)Common Filesmicrosoft sharedWindows LiveWLIDNSP.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5Catalog_Entries000000000009 [] - c:Program Files (x86)Common Filesmicrosoft sharedWindows LiveWLIDNSP.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLMSystemCCSServicesTcpipParameters: DhcpNameServer = 209.18.47.61 209.18.47.62
O18:64bit: - ProtocolHandlerms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - ProtocolHandlermso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - Reg Error: Key error. File not found
O18 - ProtocolFiltertext/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:Program Files (x86)Common Filesmicrosoft sharedOFFICE14MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:PROGRA~2KASPER~1KASPER~1mzvkbd3.dll) - C:Program Files (x86)Kaspersky LabKaspersky Anti-Virus 2010mzvkbd3.dll (Kaspersky Lab)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:Windowsexplorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:WindowsSysNativeSystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:WindowsSysWow64explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:WindowsSysWow64SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - WinlogonNotifyklogon: DllName - Reg Error: Key error. - C:WindowsSysNativeklogon.dll (Kaspersky Lab)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:Program FilesMicrosoft OfficeOffice14GROOVEEX.DLL (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:Program Files (x86)Microsoft OfficeOffice14GROOVEEX.DLL (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (livessp) - C:WindowsSysNativelivessp.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (livessp) - C:WindowsSysWow64livessp.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/12/06 11:24:00 | 000,000,178 | R--- | M] () - H:AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2{5cdff903-95fb-11df-98dc-806e6f6e6963}Shell - "" = AutoRun
O33 - MountPoints2{5cdff903-95fb-11df-98dc-806e6f6e6963}ShellAutoRuncommand - "" = H:MSETUP4.EXE -- [2007/02/09 14:12:24 | 000,071,248 | R--- | M] (CANON INC.)
O33 - MountPoints2{f8d2086e-b0e1-11df-bf8f-00241d800586}Shell - "" = AutoRun
O33 - MountPoints2{f8d2086e-b0e1-11df-bf8f-00241d800586}ShellAutoRuncommand - "" = F:LaunchU3.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM..comfile [open] -- "%1" %*
O35:64bit: - HKLM..exefile [open] -- "%1" %*
O35 - HKLM..comfile [open] -- "%1" %*
O35 - HKLM..exefile [open] -- "%1" %*
O37:64bit: - HKLM...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM...exe [@ = exefile] -- "%1" %*
O37 - HKLM...com [@ = comfile] -- "%1" %*
O37 - HKLM...exe [@ = exefile] -- "%1" %*

NetSvcs:64bit: AppMgmt - C:WindowsSysNativeappmgmts.dll (Microsoft Corporation)

Drivers32:64bit: msacm.l3acm - C:WindowsSystem32l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:WindowsSysWOW64l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:WindowsSysWow64iccvid.dll (Radius Inc.)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 90 Days ==========

[2010/09/06 14:33:07 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:UsersChanceDesktopOTL.exe
[2010/09/06 14:20:30 | 000,000,000 | R--D | C] -- C:32788R22FWJFW
[2010/09/05 18:12:50 | 000,000,000 | ---D | C] -- C:WindowsSysNativeappmgmt
[2010/09/05 17:06:19 | 000,000,000 | ---D | C] -- C:UsersChanceAppDataRoamingMalwarebytes
[2010/09/05 17:02:09 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:WindowsSysWow64driversmbamswissarmy.sys
[2010/09/05 17:02:07 | 000,000,000 | ---D | C] -- C:ProgramDataMalwarebytes
[2010/09/05 17:02:06 | 000,024,664 | ---- | C] (Malwarebytes Corporation) -- C:WindowsSysNativedriversmbam.sys
[2010/09/05 17:02:06 | 000,000,000 | ---D | C] -- C:Program Files (x86)Malwarebytes' Anti-Malware
[2010/09/05 16:08:20 | 000,000,000 | ---D | C] -- C:ProgramDataHitman Pro
[2010/09/05 16:08:19 | 000,000,000 | ---D | C] -- C:Program Filebleepman Pro 3.5
[2010/09/05 16:08:00 | 007,009,088 | ---- | C] (SurfRight B.V.) -- C:UsersChanceDesktopHitmanPro35_x64.exe
[2010/09/05 12:29:10 | 000,000,000 | ---D | C] -- C:UsersChanceDesktopGooredFix Backups
[2010/09/05 10:46:21 | 000,000,000 | ---D | C] -- C:UsersChanceDocumentsMy Albums
[2010/09/05 10:46:21 | 000,000,000 | ---D | C] -- C:UsersChanceAppDataRoamingArcSoft
[2010/09/05 10:33:32 | 000,000,000 | ---D | C] -- C:UsersChanceAppDataRoamingNewSoft
[2010/09/05 10:33:26 | 000,000,000 | ---D | C] -- C:UsersChanceAppDataLocalNewSoft
[2010/09/05 10:33:26 | 000,000,000 | ---D | C] -- C:UsersChanceDocumentsMy PageManager
[2010/09/04 16:41:31 | 000,000,000 | ---D | C] -- C:Program Files (x86)CruiseControl
[2010/09/03 16:21:03 | 000,000,000 | ---D | C] -- C:Program FilesiTunes
[2010/09/03 16:21:03 | 000,000,000 | ---D | C] -- C:Program Files (x86)iTunes
[2010/09/03 16:21:03 | 000,000,000 | ---D | C] -- C:Program FilesiPod
[2010/09/03 16:18:47 | 000,000,000 | ---D | C] -- C:Program Files (x86)QuickTime
[2010/09/02 03:00:33 | 000,000,000 | ---D | C] -- C:Program Files (x86)Microsoft CAPICOM 2.1.0.2
[2010/09/02 00:44:38 | 000,000,000 | ---D | C] -- C:UsersChanceAppDataLocalSunbelt Software
[2010/09/02 00:40:41 | 000,000,000 | ---D | C] -- C:ProgramDataLavasoft
[2010/09/02 00:40:41 | 000,000,000 | ---D | C] -- C:Program Files (x86)Lavasoft
[2010/09/01 23:45:27 | 000,000,000 | ---D | C] -- C:UsersChanceAppDataLocalScansoft
[2010/09/01 13:00:16 | 000,000,000 | ---D | C] -- C:UsersChanceAppDataRoamingCanon
[2010/09/01 12:57:30 | 000,000,000 | ---D | C] -- C:Program Files (x86)Common FilesNewSoft
[2010/09/01 12:57:13 | 000,000,000 | ---D | C] -- C:Program Files (x86)Common FilesPDFView
[2010/09/01 12:57:13 | 000,000,000 | ---D | C] -- C:Program Files (x86)NewSoft
[2010/09/01 12:57:12 | 000,000,000 | ---D | C] -- C:WindowsSysWow64Color
[2010/09/01 12:55:41 | 000,000,000 | ---D | C] -- C:ProgramDataInstallShield
[2010/09/01 12:55:37 | 000,000,000 | ---D | C] -- C:UsersChanceAppDataRoamingScanSoft
[2010/09/01 12:55:31 | 000,000,000 | ---D | C] -- C:Program Files (x86)Common FilesScanSoft Shared
[2010/09/01 12:55:31 | 000,000,000 | ---D | C] -- C:ProgramDataScanSoft
[2010/09/01 12:55:17 | 000,000,000 | ---D | C] -- C:Program Files (x86)ScanSoft
[2010/09/01 12:50:32 | 000,212,480 | ---- | C] (Eastman Kodak) -- C:WindowsPCDLIB32.DLL
[2010/09/01 12:50:32 | 000,000,000 | ---D | C] -- C:Program Files (x86)ArcSoft
[2010/09/01 12:49:37 | 000,000,000 | ---D | C] -- C:Program FilesCommon FilesCANON
[2010/09/01 12:47:58 | 000,000,000 | ---D | C] -- C:Program Files (x86)Canon
[2010/08/30 23:44:10 | 000,000,000 | ---D | C] -- C:UsersChanceDocumentsOneNote Notebooks
[2010/08/30 23:44:01 | 000,000,000 | ---D | C] -- C:UsersChanceDocumentsOutlook Files
[2010/08/30 03:00:41 | 000,000,000 | ---D | C] -- C:Program Files (x86)MSXML 4.0
[2010/08/29 11:57:22 | 000,000,000 | ---D | C] -- C:UsersChanceAppDataRoamingchc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2010/08/28 19:34:36 | 000,000,000 | ---D | C] -- C:UsersChanceAppDataLocalNero
[2010/08/28 19:34:35 | 000,000,000 | ---D | C] -- C:ProgramDataLightScribe
[2010/08/28 19:34:23 | 000,000,000 | ---D | C] -- C:UsersChanceAppDataLocalNero_AG
[2010/08/28 19:33:57 | 000,000,000 | ---D | C] -- C:UsersChanceAppDataRoamingNero
[2010/08/28 19:28:58 | 000,000,000 | ---D | C] -- C:ProgramDataNero
[2010/08/28 19:20:03 | 000,000,000 | ---D | C] -- C:Program Files (x86)Common FilesLightScribe
[2010/08/28 19:07:03 | 000,000,000 | ---D | C] -- C:ProgramDataDVD Shrink
[2010/08/28 19:07:02 | 000,000,000 | ---D | C] -- C:Program Files (x86)DVD Shrink
[2010/08/27 21:14:11 | 000,000,000 | ---D | C] -- C:UsersChanceAppDataRoamingAdobe Mini Bridge CS5
[2010/08/27 21:14:10 | 000,000,000 | ---D | C] -- C:UsersChanceAppDataRoamingStageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2010/08/25 20:53:27 | 000,000,000 | ---D | C] -- C:UsersChanceAppDataRoamingMicrosoft FxCop
[2010/08/23 17:37:58 | 000,000,000 | ---D | C] -- C:ProgramDataregid.1986-12.com.adobe
[2010/08/23 17:29:22 | 000,000,000 | ---D | C] -- C:ProgramDataALM
[2010/08/23 17:20:04 | 000,000,000 | ---D | C] -- C:UsersChanceAdobe Flash Builder 4
[2010/08/23 17:15:32 | 000,000,000 | ---D | C] -- C:UsersPublicDocumentsAdobe
[2010/08/23 17:11:36 | 000,000,000 | ---D | C] -- C:Program Files (x86)Adobe Media Player
[2010/08/23 17:11:24 | 000,000,000 | ---D | C] -- C:Program Files (x86)Common FilesSonic Shared
[2010/08/23 17:11:24 | 000,000,000 | ---D | C] -- C:Program Files (x86)Common FilesPX Storage Engine
[2010/08/23 17:11:24 | 000,000,000 | ---D | C] -- C:Program Files (x86)My Company Name
[2010/08/23 17:08:01 | 000,000,000 | ---D | C] -- C:Program FilesCommon FilesAdobe
[2010/08/23 17:07:57 | 000,000,000 | ---D | C] -- C:Program FilesAdobe
[2010/08/20 15:02:26 | 000,000,000 | ---D | C] -- C:UsersChanceAppDataLocalassembly
[2010/08/19 23:02:04 | 000,000,000 | ---D | C] -- C:UsersChanceDesktopMarriage
[2010/08/15 11:09:39 | 000,000,000 | ---D | C] -- C:Program Files (x86)MSN Toolbar
[2010/08/15 11:08:59 | 000,000,000 | ---D | C] -- C:Program Files (x86)MSN Toolbar Installer
[2010/08/15 11:08:47 | 000,000,000 | ---D | C] -- C:ProgramDataSun
[2010/08/15 11:08:47 | 000,000,000 | ---D | C] -- C:Program Files (x86)Common FilesJava
[2010/08/15 10:31:54 | 000,000,000 | ---D | C] -- C:ProgramDataKaspersky Lab
[2010/08/15 10:31:54 | 000,000,000 | ---D | C] -- C:Program Files (x86)Kaspersky Lab
[2010/08/15 10:31:47 | 000,353,296 | ---- | C] (Kaspersky Lab) -- C:WindowsSysNativedriversklif.sys
[2010/08/15 10:30:54 | 000,000,000 | ---D | C] -- C:ProgramDataKaspersky Lab Setup Files
[2010/08/15 10:26:31 | 000,000,000 | ---D | C] -- C:UsersChanceAppDataRoamingAnVi
[2010/08/15 10:23:05 | 000,000,000 | ---D | C] -- C:UsersChanceAppDataLocal{924CE1A0-EE6A-435E-8A3A-5DE3EA11E39E}
[2010/08/14 16:52:04 | 000,000,000 | ---D | C] -- C:Program Files (x86)Java
[2010/08/10 22:14:56 | 000,000,000 | ---D | C] -- C:UsersChanceAppDataLocalDiagnostics
[2010/08/08 22:15:01 | 000,000,000 | ---D | C] -- C:Program Files (x86)Common FilesDESIGNER
[2010/08/08 22:14:45 | 000,000,000 | ---D | C] -- C:Program Files (x86)Microsoft Sync Framework
[2010/08/08 22:12:14 | 000,000,000 | ---D | C] -- C:Program Files (x86)Microsoft Visual Studio 8
[2010/08/08 22:11:58 | 000,000,000 | ---D | C] -- C:Program FilesMicrosoft Office
[2010/08/08 22:11:19 | 000,000,000 | RH-D | C] -- C:MSOCache
[2010/08/06 00:48:23 | 000,000,000 | ---D | C] -- C:UsersChanceAppDataRoamingMicrosoft Corporation
[2010/08/04 21:37:14 | 000,176,128 | ---- | C] (Brother Industries, Ltd.) -- C:WindowsSysWow64BROSNMP.DLL
[2010/08/04 21:37:14 | 000,077,824 | ---- | C] (Brother Industries, Ltd.) -- C:WindowsSysWow64brlmw03a.dll
[2010/08/04 21:37:14 | 000,000,000 | ---D | C] -- C:Program Files (x86)Brownie
[2010/08/04 21:37:12 | 000,196,608 | ---- | C] (brother) -- C:WindowsSysWow64Pdrvinst.dll
[2010/08/04 21:37:12 | 000,111,928 | ---- | C] (Brother Industries Ltd) -- C:WindowsSysWow64BRRBTOOL.EXE
[2010/08/04 21:37:12 | 000,024,223 | ---- | C] (Brother Industries, Ltd) -- C:WindowsSysWow64BRLM03A.DLL
[2010/08/04 21:37:12 | 000,000,000 | ---D | C] -- C:Program Files (x86)Brother
[2010/08/01 11:31:26 | 000,000,000 | ---D | C] -- C:WindowsSysWow64BestPractices
[2010/08/01 11:31:24 | 000,000,000 | ---D | C] -- C:WindowsSysNativeBestPractices
[2010/08/01 11:31:22 | 000,000,000 | ---D | C] -- C:inetpub
[2010/07/31 21:41:12 | 000,000,000 | ---D | C] -- C:UsersChanceDocumentsMy Web Sites
[2010/07/31 21:41:12 | 000,000,000 | ---D | C] -- C:UsersChanceDocumentsIISExpress8
[2010/07/31 21:40:55 | 000,000,000 | ---D | C] -- C:Program Files (x86)Microsoft WebMatrix
[2010/07/31 21:40:55 | 000,000,000 | ---D | C] -- C:iisexpress8
[2010/07/31 21:37:29 | 000,000,000 | ---D | C] -- C:Program FilesMicrosoft
[2010/07/31 21:37:29 | 000,000,000 | ---D | C] -- C:Program Files (x86)Microsoft
[2010/07/31 08:42:30 | 000,000,000 | ---D | C] -- C:ProgramDataMicrosoft Visual Studio
[2010/07/31 08:35:16 | 000,000,000 | ---D | C] -- C:Program Files (x86)NUnit 2.5.5
[2010/07/29 20:54:23 | 000,000,000 | ---D | C] -- C:UsersChanceAppDataLocalJetBrains
[2010/07/29 20:54:13 | 000,000,000 | ---D | C] -- C:UsersChanceAppDataRoamingJetBrains
[2010/07/28 22:30:27 | 000,000,000 | ---D | C] -- C:Program Files (x86)JetBrains
[2010/07/28 22:25:32 | 000,000,000 | ---D | C] -- C:UsersChance.ssh
[2010/07/28 22:20:20 | 000,000,000 | ---D | C] -- C:UsersChanceDocumentsSQL Server Management Studio
[2010/07/28 22:20:08 | 000,000,000 | ---D | C] -- C:UsersChanceDocumentsIntegration Services Script Component
[2010/07/28 22:19:54 | 000,000,000 | ---D | C] -- C:UsersChanceDocumentsIntegration Services Script Task
[2010/07/28 22:15:25 | 000,000,000 | ---D | C] -- C:Program FilesMicrosoft Analysis Services
[2010/07/28 22:15:25 | 000,000,000 | ---D | C] -- C:Program Files (x86)Microsoft Analysis Services
[2010/07/28 22:12:22 | 000,000,000 | ---D | C] -- C:Program Files (x86)Microsoft Office
[2010/07/28 22:11:41 | 000,000,000 | ---D | C] -- C:UsersChanceDocumentsVisual Studio 2005
[2010/07/28 22:11:40 | 000,000,000 | ---D | C] -- C:UsersChanceAppDataLocalMicrosoft Help
[2010/07/28 22:11:29 | 000,000,000 | ---D | C] -- C:ProgramDataMicrosoft Help
[2010/07/28 22:10:01 | 000,000,000 | ---D | C] -- C:Program Files (x86)Git
[2010/07/28 20:56:39 | 000,000,000 | ---D | C] -- C:UsersChanceAppDataLocalMicrosoft_Corporation
[2010/07/28 19:42:29 | 000,000,000 | ---D | C] -- C:WindowsSysNativeRsFx
[2010/07/28 19:41:54 | 000,000,000 | ---D | C] -- C:Program FilesMicrosoft Visual Studio 9.0
[2010/07/28 19:41:36 | 000,000,000 | ---D | C] -- C:Program FilesMicrosoft.NET
[2010/07/28 19:39:09 | 000,000,000 | ---D | C] -- C:Program FilesMicrosoft SQL Server
[2010/07/28 19:39:01 | 000,000,000 | ---D | C] -- C:Program Files (x86)Microsoft SQL Server
[2010/07/28 19:38:45 | 000,000,000 | ---D | C] -- C:Program FilesMicrosoft Sync Framework
[2010/07/28 19:38:38 | 000,000,000 | ---D | C] -- C:Program FilesMicrosoft Synchronization Services
[2010/07/28 19:38:38 | 000,000,000 | ---D | C] -- C:Program FilesMicrosoft SQL Server Compact Edition
[2010/07/28 19:38:35 | 000,000,000 | ---D | C] -- C:Program Files (x86)Microsoft Synchronization Services
[2010/07/28 19:38:35 | 000,000,000 | ---D | C] -- C:Program Files (x86)Microsoft SQL Server Compact Edition
[2010/07/28 19:38:02 | 000,000,000 | ---D | C] -- C:ProgramDataPreEmptive Solutions
[2010/07/28 19:36:52 | 000,000,000 | ---D | C] -- C:Program Files (x86)Microsoft Silverlight
[2010/07/28 19:36:02 | 000,000,000 | ---D | C] -- C:Program Files (x86)Microsoft ASP.NET
[2010/07/28 19:36:00 | 000,000,000 | ---D | C] -- C:Program FilesIIS
[2010/07/28 19:36:00 | 000,000,000 | ---D | C] -- C:Program Files (x86)IIS
[2010/07/28 19:35:35 | 000,000,000 | ---D | C] -- C:UsersChanceDocumentsVisual Studio 2008
[2010/07/28 19:35:18 | 000,000,000 | ---D | C] -- C:UsersChanceDocumentsVisual Studio 2010
[2010/07/28 19:32:40 | 000,000,000 | ---D | C] -- C:WindowsSysWow641033
[2010/07/28 19:32:31 | 000,000,000 | ---D | C] -- C:Program Files (x86)Microsoft Visual Studio 10.0
[2010/07/28 19:32:31 | 000,000,000 | ---D | C] -- C:Program Files (x86)Microsoft F#
[2010/07/28 19:32:31 | 000,000,000 | ---D | C] -- C:Program Files (x86)Common FilesMerge Modules
[2010/07/28 19:32:31 | 000,000,000 | ---D | C] -- C:Program Files (x86)HTML Help Workshop
[2010/07/28 19:30:28 | 000,000,000 | ---D | C] -- C:Program Files (x86)Microsoft Visual Studio 9.0
[2010/07/28 19:30:21 | 000,000,000 | ---D | C] -- C:Windowssymbols
[2010/07/28 19:30:20 | 000,000,000 | ---D | C] -- C:Program FilesMicrosoft Visual Studio 10.0
[2010/07/28 19:30:20 | 000,000,000 | ---D | C] -- C:Program Files (x86)Microsoft SDKs
[2010/07/28 19:30:20 | 000,000,000 | ---D | C] -- C:Program FilesMicrosoft Help Viewer
[2010/07/28 19:30:20 | 000,000,000 | ---D | C] -- C:WindowsSysNative1033
[2010/07/27 21:39:13 | 000,000,000 | ---D | C] -- C:Program FilesBonjour
[2010/07/27 21:39:13 | 000,000,000 | ---D | C] -- C:Program Files (x86)Bonjour
[2010/07/26 20:24:54 | 000,000,000 | ---D | C] -- C:UsersChanceAppDataRoaminggtk-2.0
[2010/07/25 17:07:05 | 000,000,000 | ---D | C] -- C:UsersChanceAppDataRoamingGoogle
[2010/07/25 17:06:24 | 000,000,000 | ---D | C] -- C:Program Files (x86)Common FilesAdobe
[2010/07/25 17:05:20 | 000,000,000 | ---D | C] -- C:Program Files (x86)Common FilesAdobe AIR
[2010/07/25 17:05:20 | 000,000,000 | ---D | C] -- C:ProgramDataAdobe
[2010/07/25 17:05:20 | 000,000,000 | ---D | C] -- C:Program Files (x86)Adobe
[2010/07/25 17:05:02 | 000,000,000 | ---D | C] -- C:Program FilesGoogle
[2010/07/25 17:04:59 | 000,000,000 | ---D | C] -- C:ProgramDataGoogle
[2010/07/25 17:04:59 | 000,000,000 | ---D | C] -- C:Program Files (x86)Google
[2010/07/25 17:04:59 | 000,000,000 | ---D | C] -- C:UsersChanceAppDataLocalAdobe
[2010/07/25 17:04:53 | 000,000,000 | ---D | C] -- C:ProgramDataNOS
[2010/07/25 13:03:37 | 000,000,000 | ---D | C] -- C:ProgramDataMySQL
[2010/07/25 13:03:37 | 000,000,000 | ---D | C] -- C:Program FilesMySQL
[2010/07/24 14:44:31 | 000,000,000 | ---D | C] -- C:UsersChance.gem
[2010/07/24 14:27:33 | 000,000,000 | ---D | C] -- C:Program Files7-Zip
[2010/07/24 11:23:10 | 000,000,000 | ---D | C] -- C:UsersPublicDocumentsmicrosoft
[2010/07/24 11:18:38 | 000,000,000 | ---D | C] -- C:UsersChanceAppDataRoamingDisplayFusion
[2010/07/24 11:16:48 | 000,000,000 | ---D | C] -- C:UsersChanceAppDataRoamingenchant
[2010/07/24 11:16:46 | 000,000,000 | ---D | C] -- C:UsersChanceAppDataRoaming.purple
[2010/07/24 11:14:55 | 000,000,000 | ---D | C] -- C:Program Files (x86)DisplayFusion
[2010/07/24 09:29:44 | 000,000,000 | ---D | C] -- C:Program Files (x86)Microsoft.NET
[2010/07/24 09:28:18 | 000,000,000 | ---D | C] -- C:UsersChanceAppDataRoamingMozilla
[2010/07/24 09:28:18 | 000,000,000 | ---D | C] -- C:UsersChanceAppDataLocalMozilla
[2010/07/24 09:21:16 | 000,000,000 | R--D | C] -- C:UsersChancePodcasts
[2010/07/24 09:19:27 | 000,000,000 | ---D | C] -- C:WindowsSysWow64Wat
[2010/07/24 09:19:27 | 000,000,000 | ---D | C] -- C:WindowsSysNativeWat
[2010/07/23 23:50:51 | 000,000,000 | ---D | C] -- C:Program Files (x86)Pidgin
[2010/07/23 23:48:04 | 000,000,000 | ---D | C] -- C:Program Files (x86)FileZilla FTP Client
[2010/07/23 23:47:13 | 000,000,000 | ---D | C] -- C:Program FilesZune
[2010/07/23 23:46:56 | 000,000,000 | ---D | C] -- C:WindowsPCHEALTH
[2010/07/23 23:44:46 | 000,000,000 | ---D | C] -- C:UsersChanceAppDataRoamingApple Computer
[2010/07/23 23:44:46 | 000,000,000 | ---D | C] -- C:UsersChanceAppDataLocalApple Computer
[2010/07/23 23:44:43 | 000,000,000 | ---D | C] -- C:WindowsSysNativeDRVSTORE
[2010/07/23 23:44:35 | 000,000,000 | ---D | C] -- C:ProgramData{93E26451-CD9A-43A5-A2FA-C42392EA4001}
[2010/07/23 23:44:00 | 000,000,000 | ---D | C] -- C:Program Files (x86)Apple Software Update
[2010/07/23 23:43:53 | 000,000,000 | ---D | C] -- C:Program FilesCommon FilesApple
[2010/07/23 23:42:24 | 000,000,000 | ---D | C] -- C:UsersChanceAppDataRoamingNotepad++
[2010/07/23 23:42:24 | 000,000,000 | ---D | C] -- C:Program Files (x86)Notepad++
[2010/07/23 23:41:25 | 000,000,000 | ---D | C] -- C:Program Files (x86)Safari
[2010/07/23 23:41:25 | 000,000,000 | ---D | C] -- C:ProgramDataApple Computer
[2010/07/23 23:41:01 | 000,000,000 | ---D | C] -- C:Program Files (x86)Common FilesApple
[2010/07/23 23:40:57 | 000,000,000 | ---D | C] -- C:UsersChanceAppDataLocalApple
[2010/07/23 23:40:56 | 000,000,000 | ---D | C] -- C:ProgramDataApple
[2010/07/23 23:39:27 | 000,000,000 | ---D | C] -- C:Program Files (x86)Mozilla Firefox
[2010/07/23 23:38:55 | 000,000,000 | ---D | C] -- C:UsersChanceAppDataLocalGoogle
[2010/07/23 23:38:48 | 000,000,000 | ---D | C] -- C:UsersChanceAppDataLocalDeployment
[2010/07/23 23:38:48 | 000,000,000 | ---D | C] -- C:UsersChanceAppDataLocalApps
[2010/07/23 23:38:19 | 000,000,000 | ---D | C] -- C:UsersChanceAppDataRoamingMacromedia
[2010/07/23 23:36:09 | 000,000,000 | ---D | C] -- C:UsersChanceAppDataRoamingAdobe
[2010/07/23 23:35:50 | 000,000,000 | ---D | C] -- C:WindowsSysWow64Macromed
[2010/07/23 23:29:35 | 000,000,000 | ---D | C] -- C:UsersChanceAppDataRoamingInstallShield
[2010/07/23 23:29:09 | 000,000,000 | ---D | C] -- C:WindowsSysWow64RTCOM
[2010/07/23 23:29:09 | 000,000,000 | ---D | C] -- C:Program FilesRealtek
[2010/07/23 23:29:01 | 002,610,008 | ---- | C] (Waves Audio Ltd.) -- C:WindowsSysNativeWavesGUILib.dll
[2010/07/23 23:29:01 | 002,197,264 | ---- | C] (Waves Audio Ltd.) -- C:WindowsSysNativeMaxxAudioEQ.dll
[2010/07/23 23:29:01 | 000,518,896 | ---- | C] (SRS Labs, Inc.) -- C:WindowsSysNativeSRSTSX64.dll
[2010/07/23 23:29:01 | 000,372,936 | ---- | C] (Dolby Laboratories, Inc.) -- C:WindowsSysNativeRTEEP64A.dll
[2010/07/23 23:29:01 | 000,318,808 | ---- | C] (Waves Audio Ltd.) -- C:WindowsSysNativeMaxxAudioAPO20.dll
[2010/07/23 23:29:01 | 000,307,920 | ---- | C] (Dolby Laboratories, Inc.) -- C:WindowsSysNativeRP3DHT64.dll
[2010/07/23 23:29:01 | 000,307,920 | ---- | C] (Dolby Laboratories, Inc.) -- C:WindowsSysNativeRP3DAA64.dll
[2010/07/23 23:29:01 | 000,211,184 | ---- | C] (SRS Labs, Inc.) -- C:WindowsSysNativeSRSTSH64.dll
[2010/07/23 23:29:01 | 000,201,928 | ---- | C] (Dolby Laboratories, Inc.) -- C:WindowsSysNativeRTEED64A.dll
[2010/07/23 23:29:01 | 000,198,896 | ---- | C] (SRS Labs, Inc.) -- C:WindowsSysNativeSRSHP64.dll
[2010/07/23 23:29:01 | 000,155,888 | ---- | C] (SRS Labs, Inc.) -- C:WindowsSysNativeSRSWOW64.dll
[2010/07/23 23:29:01 | 000,099,016 | ---- | C] (Dolby Laboratories, Inc.) -- C:WindowsSysNativeRTEEL64A.dll
[2010/07/23 23:29:01 | 000,076,488 | ---- | C] (Dolby Laboratories, Inc.) -- C:WindowsSysNativeRTEEG64A.dll
[2010/07/23 23:29:00 | 000,330,656 | ---- | C] (Fortemedia Corporation) -- C:WindowsSysNativeFMAPO64.dll
[2010/07/23 23:28:58 | 000,000,000 | -H-D | C] -- C:Program Files (x86)Temp
[2010/07/23 23:28:56 | 000,000,000 | ---D | C] -- C:Program Files (x86)Common FilesInstallShield
[2010/07/23 23:28:43 | 000,053,248 | ---- | C] (Windows XP Bundled build C-Centric Single User) -- C:WindowsSysWow64CSVer.dll
[2010/07/23 23:28:43 | 000,000,000 | ---D | C] -- C:Program Files (x86)Intel
[2010/07/23 23:28:36 | 000,000,000 | ---D | C] -- C:Intel
[2010/07/23 23:26:25 | 000,051,712 | ---- | C] (Realtek Corporation) -- C:WindowsSysNativedriversRtTeam60.sys
[2010/07/23 23:26:25 | 000,027,136 | ---- | C] (Realtek ) -- C:WindowsSysNativedriversRtNdPt60.sys
[2010/07/23 23:26:25 | 000,024,064 | ---- | C] (Windows ® Codename Longhorn DDK provider) -- C:WindowsSysNativedriversRtVlan60.sys
[2010/07/23 23:24:16 | 000,347,680 | ---- | C] (Realtek ) -- C:WindowsSysNativedriversRt64win7.sys
[2010/07/23 23:24:16 | 000,107,552 | ---- | C] (Realtek Semiconductor Corporation) -- C:WindowsSysNativeRTNUninst64.dll
[2010/07/23 23:24:12 | 000,000,000 | -H-D | C] -- C:Program Files (x86)InstallShield Installation Information
[2010/07/23 23:24:12 | 000,000,000 | ---D | C] -- C:Program Files (x86)Realtek
[2010/07/22 22:40:07 | 000,000,000 | ---D | C] -- C:WindowsPanther
[2010/07/22 21:43:50 | 000,000,000 | ---D | C] -- C:WindowsSoftwareDistribution
[2010/07/22 21:41:45 | 000,000,000 | ---D | C] -- C:WindowsPrefetch
[2010/07/22 21:41:14 | 000,000,000 | -HSD | C] -- C:System Volume Information
[2010/07/22 20:03:01 | 000,000,000 | ---D | C] -- C:ProgramDataNVIDIA
[2010/07/22 20:02:29 | 000,000,000 | ---D | C] -- C:Program Files (x86)NVIDIA Corporation
[2010/07/22 20:02:26 | 000,000,000 | -HSD | C] -- C:WindowsInstaller
[2010/07/22 20:02:25 | 000,000,000 | ---D | C] -- C:ProgramDataNVIDIA Corporation
[2010/07/22 20:02:21 | 000,000,000 | ---D | C] -- C:Program FilesNVIDIA Corporation
[2010/07/22 20:01:34 | 000,065,128 | ---- | C] (Khronos Group) -- C:WindowsSysNativeOpenCL.dll
[2010/07/22 20:01:34 | 000,056,936 | ---- | C] (Khronos Group) -- C:WindowsSysWow64OpenCL.dll
[2010/07/22 20:01:23 | 000,000,000 | ---D | C] -- C:NVIDIA
[2010/07/22 18:56:08 | 000,000,000 | R--D | C] -- C:UsersChanceSearches
[2010/07/22 18:56:08 | 000,000,000 | -H-D | C] -- C:UsersChanceApplication DataMicrosoftInternet ExplorerQuick LaunchUser Pinned
[2010/07/22 18:55:57 | 000,000,000 | ---D | C] -- C:UsersChanceAppDataRoamingIdentities
[2010/07/22 18:55:54 | 000,000,000 | R--D | C] -- C:UsersChanceContacts
[2010/07/22 18:55:53 | 000,000,000 | ---D | C] -- C:UsersChanceAppDataLocalVirtualStore
[2010/07/22 18:55:45 | 000,000,000 | --SD | C] -- C:UsersChanceAppDataRoamingMicrosoft
[2010/07/22 18:55:45 | 000,000,000 | R--D | C] -- C:UsersChanceVideos
[2010/07/22 18:55:45 | 000,000,000 | R--D | C] -- C:UsersChanceSaved Games
[2010/07/22 18:55:45 | 000,000,000 | R--D | C] -- C:UsersChancePictures
[2010/07/22 18:55:45 | 000,000,000 | R--D | C] -- C:UsersChanceMusic
[2010/07/22 18:55:45 | 000,000,000 | R--D | C] -- C:UsersChanceLinks
[2010/07/22 18:55:45 | 000,000,000 | R--D | C] -- C:UsersChanceFavorites
[2010/07/22 18:55:45 | 000,000,000 | R--D | C] -- C:UsersChanceDownloads
[2010/07/22 18:55:45 | 000,000,000 | R--D | C] -- C:UsersChanceMy Documents
[2010/07/22 18:55:45 | 000,000,000 | R--D | C] -- C:UsersChanceDesktop
[2010/07/22 18:55:45 | 000,000,000 | -HSD | C] -- C:UsersChanceAppDataLocalTemporary Internet Files
[2010/07/22 18:55:45 | 000,000,000 | -HSD | C] -- C:UsersChanceTemplates
[2010/07/22 18:55:45 | 000,000,000 | -HSD | C] -- C:UsersChanceStart Menu
[2010/07/22 18:55:45 | 000,000,000 | -HSD | C] -- C:UsersChanceSendTo
[2010/07/22 18:55:45 | 000,000,000 | -HSD | C] -- C:UsersChanceRecent
[2010/07/22 18:55:45 | 000,000,000 | -HSD | C] -- C:UsersChancePrintHood
[2010/07/22 18:55:45 | 000,000,000 | -HSD | C] -- C:UsersChanceNetHood
[2010/07/22 18:55:45 | 000,000,000 | -HSD | C] -- C:UsersChanceDocumentsMy Videos
[2010/07/22 18:55:45 | 000,000,000 | -HSD | C] -- C:UsersChanceDocumentsMy Pictures
[2010/07/22 18:55:45 | 000,000,000 | -HSD | C] -- C:UsersChanceDocumentsMy Music
[2010/07/22 18:55:45 | 000,000,000 | -HSD | C] -- C:UsersChanceMy Documents
[2010/07/22 18:55:45 | 000,000,000 | -HSD | C] -- C:UsersChanceLocal Settings
[2010/07/22 18:55:45 | 000,000,000 | -HSD | C] -- C:UsersChanceAppDataLocalHistory
[2010/07/22 18:55:45 | 000,000,000 | -HSD | C] -- C:UsersChanceCookies
[2010/07/22 18:55:45 | 000,000,000 | -HSD | C] -- C:UsersChanceApplication Data
[2010/07/22 18:55:45 | 000,000,000 | -HSD | C] -- C:UsersChanceAppDataLocalApplication Data
[2010/07/22 18:55:45 | 000,000,000 | -H-D | C] -- C:UsersChanceAppData
[2010/07/22 18:55:45 | 000,000,000 | ---D | C] -- C:UsersChanceAppDataLocalTemp
[2010/07/22 18:55:45 | 000,000,000 | ---D | C] -- C:UsersChanceAppDataLocalMicrosoft
[2010/07/22 18:55:45 | 000,000,000 | ---D | C] -- C:UsersChanceAppDataRoamingMedia Center Programs
[2010/07/22 18:55:27 | 000,000,000 | -HSD | C] -- C:Recovery

========== Files - Modified Within 90 Days ==========

[2010/09/06 14:35:49 | 007,077,888 | -HS- | M] () -- C:UsersChanceNTUSER.DAT
[2010/09/06 14:33:08 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:UsersChanceDesktopOTL.exe
[2010/09/06 14:30:47 | 000,034,560 | ---- | M] () -- C:WindowsSysWow64driversNormandy.sys
[2010/09/06 14:20:22 | 003,839,056 | ---- | M] () -- C:UsersChanceDesktopComboFix.exe
[2010/09/06 14:19:22 | 000,363,520 | ---- | M] () -- C:UsersChanceDesktoprkill.scr
[2010/09/06 13:57:00 | 000,000,898 | ---- | M] () -- C:WindowstasksGoogleUpdateTaskMachineUA.job
[2010/09/06 13:43:00 | 000,000,912 | ---- | M] () -- C:WindowstasksGoogleUpdateTaskUserS-1-5-21-391631999-2240494431-946906962-1001UA.job
[2010/09/06 12:57:43 | 000,067,584 | --S- | M] () -- C:Windowsbootstat.dat
[2010/09/06 11:05:47 | 000,000,860 | ---- | M] () -- C:WindowstasksGoogleUpdateTaskUserS-1-5-21-391631999-2240494431-946906962-1001Core.job
[2010/09/06 11:02:56 | 000,000,894 | ---- | M] () -- C:WindowstasksGoogleUpdateTaskMachineCore.job
[2010/09/05 18:18:29 | 000,014,816 | -H-- | M] () -- C:WindowsSysNative7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010/09/05 18:18:28 | 000,014,816 | -H-- | M] () -- C:WindowsSysNative7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010/09/05 18:16:05 | 001,060,022 | ---- | M] () -- C:WindowsSysNativePerfStringBackup.INI
[2010/09/05 18:16:05 | 000,861,010 | ---- | M] () -- C:WindowsSysNativeperfh009.dat
[2010/09/05 18:16:05 | 000,193,974 | ---- | M] () -- C:WindowsSysNativeperfc009.dat
[2010/09/05 18:13:03 | 000,000,000 | ---- | M] () -- C:UsersChancedefogger_reenable
[2010/09/05 18:10:48 | 000,000,327 | ---- | M] () -- C:WindowsBrownie.ini
[2010/09/05 18:09:58 | 000,000,006 | -H-- | M] () -- C:WindowstasksSA.DAT
[2010/09/05 18:09:22 | 2146,119,679 | -HS- | M] () -- C:hiberfil.sys
[2010/09/05 18:08:26 | 013,529,887 | -H-- | M] () -- C:UsersChanceAppDataLocalIconCache.db
[2010/09/05 18:07:09 | 000,000,394 | ---- | M] () -- C:WindowstasksAd-Aware Update (Weekly).job
[2010/09/05 17:25:38 | 000,525,824 | ---- | M] () -- C:UsersChanceDesktopdds.scr
[2010/09/05 17:24:12 | 000,050,477 | ---- | M] () -- C:UsersChanceDesktopDefogger.exe
[2010/09/05 17:02:31 | 000,293,376 | ---- | M] () -- C:UsersChanceDesktop0rgj1r80.exe
[2010/09/05 17:02:11 | 000,001,009 | ---- | M] () -- C:UsersPublicDesktopMalwarebytes' Anti-Malware.lnk
[2010/09/05 16:14:50 | 000,019,528 | ---- | M] () -- C:WindowsSysNativedriverbleepmanpro35.sys
[2010/09/05 16:09:35 | 000,001,974 | ---- | M] () -- C:UsersPublicDesktopHitman Pro 3.5.lnk
[2010/09/05 16:09:30 | 007,009,088 | ---- | M] (SurfRight B.V.) -- C:UsersChanceDesktopHitmanPro35_x64.exe
[2010/09/05 15:35:17 | 000,002,014 | ---- | M] () -- C:UsersPublicDesktopAdobe Reader 9.lnk
[2010/09/05 11:09:43 | 000,002,014 | -H-- | M] () -- C:UsersChanceDocumentsDefault.rdp
[2010/09/03 16:21:19 | 000,002,429 | ---- | M] () -- C:UsersPublicDesktopiTunes.lnk
[2010/09/03 13:27:19 | 000,000,000 | -H-- | M] () -- C:WindowsSysNativedriversMsft_User_WpdMtpDr_01_09_00.Wdf
[2010/09/02 00:17:39 | 000,014,250 | ---- | M] () -- C:UsersChanceDocumentsOrderReport-Aug31st - 2010.xlsx
[2010/09/01 12:58:17 | 000,000,264 | ---- | M] () -- C:Windowssetup.iss
[2010/09/01 12:55:42 | 000,000,424 | ---- | M] () -- C:WindowsMAXLINK.INI
[2010/08/31 23:20:49 | 000,001,704 | ---- | M] () -- C:UsersChanceAppDataLocalAdobe Save for Web 12.0 Prefs
[2010/08/30 23:44:11 | 000,001,292 | ---- | M] () -- C:UsersChanceAppDataRoamingMicrosoftWindowsStart MenuProgramsStartupOneNote 2010 Screen Clipper and Launcher.lnk
[2010/08/30 23:44:03 | 000,001,131 | ---- | M] () -- C:UsersChanceApplication DataMicrosoftInternet ExplorerQuick LaunchMicrosoft Outlook.lnk
[2010/08/30 00:43:57 | 000,001,245 | ---- | M] () -- C:UsersChance_viminfo
[2010/08/28 19:24:24 | 006,231,344 | ---- | M] () -- C:WindowsSysNativeFNTCACHE.DAT
[2010/08/28 19:20:04 | 000,002,037 | ---- | M] () -- C:UsersPublicDesktopLightScribe.lnk
[2010/08/28 19:07:02 | 000,000,983 | ---- | M] () -- C:UsersChanceDesktopDVD Shrink 3.2.lnk
[2010/08/27 20:43:04 | 000,202,928 | ---- | M] () -- C:UsersChanceAppDataLocalGDIPFONTCACHEV1.DAT
[2010/08/27 18:31:05 | 000,011,246 | ---- | M] () -- C:UsersChanceDocumentsgetta_image.gif
[2010/08/25 19:05:57 | 000,013,153 | ---- | M] () -- C:UsersChanceDocumentsOrderReport-8-24-2010.xlsx
[2010/08/25 19:00:24 | 000,013,172 | ---- | M] () -- C:UsersChanceDocumentsOrderReport-Aug23rd - 2010.xlsx
[2010/08/25 00:15:19 | 000,043,650 | ---- | M] () -- C:UsersChanceDesktopbody-bg.jpg
[2010/08/25 00:11:13 | 000,041,252 | ---- | M] () -- C:UsersChanceDesktopbackground.jpg
[2010/08/25 00:10:08 | 000,012,021 | ---- | M] () -- C:UsersChanceDesktopbg_light.jpg
[2010/08/23 15:46:46 | 000,063,488 | ---- | M] () -- C:UsersChanceDocumentsFW-Change-Request-Form-v2.1.xls
[2010/08/22 23:06:30 | 000,013,231 | ---- | M] () -- C:UsersChanceDocumentsOrderReport-Aug22nd - 2010.xlsx
[2010/08/20 21:43:28 | 000,002,403 | ---- | M] () -- C:UsersChanceDesktopGoogle Chrome.lnk
[2010/08/20 16:00:17 | 000,011,767 | ---- | M] () -- C:UsersChanceDocumentsOrderReport-Aug20th-2010.xlsx
[2010/08/19 21:57:33 | 000,000,120 | ---- | M] () -- C:UsersChanceAppDataLocalTwifitegigu.dat
[2010/08/19 01:26:19 | 000,000,000 | ---- | M] () -- C:UsersChanceAppDataLocalAroto.bin
[2010/08/18 23:43:46 | 000,044,032 | ---- | M] () -- C:UsersChanceDocumentsChance_Dinkins_Resume.doc
[2010/08/15 11:35:39 | 000,002,491 | ---- | M] () -- C:UsersPublicDesktopSafari.lnk
[2010/08/15 10:41:23 | 000,353,296 | ---- | M] (Kaspersky Lab) -- C:WindowsSysNativedriversklif.sys
[2010/08/15 10:41:23 | 000,149,773 | ---- | M] () -- C:WindowsSysNativedriversklin.dat
[2010/08/15 10:41:23 | 000,106,765 | ---- | M] () -- C:WindowsSysNativedriversklick.dat
[2010/08/08 22:11:54 | 000,000,478 | ---- | M] () -- C:Windowswin.ini
[2010/08/04 21:38:17 | 014,053,376 | ---- | M] () -- C:UsersChanceDocuments2100inst-0103-US.exe
[2010/08/04 21:37:16 | 000,000,410 | ---- | M] () -- C:WindowsBRWMARK.INI
[2010/08/04 21:37:16 | 000,000,034 | ---- | M] () -- C:WindowsSysWow64BD2170W.DAT
[2010/08/04 21:37:14 | 000,009,868 | ---- | M] () -- C:WindowsHL-2170W.INI
[2010/08/04 21:37:14 | 000,000,152 | ---- | M] () -- C:WindowsBRVIDEO.INI
[2010/08/04 21:37:14 | 000,000,000 | ---- | M] () -- C:Windowsbrmx2001.ini
[2010/08/04 19:26:17 | 000,001,378 | ---- | M] () -- C:UsersChanceDesktopVisual Studio 2010.lnk
[2010/08/01 11:34:58 | 001,025,758 | ---- | M] () -- C:WindowsSysWow64PerfStringBackup.INI
[2010/07/29 22:15:50 | 000,000,051 | ---- | M] () -- C:UsersChance.gitconfig
[2010/07/28 22:10:09 | 000,001,856 | ---- | M] () -- C:UsersChanceApplication DataMicrosoftInternet ExplorerQuick LaunchGit Bash.lnk
[2010/07/28 22:10:09 | 000,001,832 | ---- | M] () -- C:UsersPublicDesktopGit Bash.lnk
[2010/07/28 19:08:51 | 000,002,515 | ---- | M] () -- C:UsersChanceApplication DataMicrosoftInternet ExplorerQuick LaunchApple Safari.lnk
[2010/07/24 11:14:56 | 000,001,067 | ---- | M] () -- C:UsersPublicDesktopDisplayFusion.lnk
[2010/07/23 23:50:58 | 000,000,979 | ---- | M] () -- C:UsersPublicDesktopPidgin.lnk
[2010/07/23 23:48:05 | 000,002,000 | ---- | M] () -- C:UsersPublicDesktopFileZilla Client.lnk
[2010/07/23 23:47:14 | 000,000,927 | ---- | M] () -- C:UsersPublicDesktopZune.lnk
[2010/07/23 23:42:25 | 000,001,045 | ---- | M] () -- C:UsersPublicDesktopNotepad++.lnk
[2010/07/23 23:39:28 | 000,001,963 | ---- | M] () -- C:UsersChanceApplication DataMicrosoftInternet ExplorerQuick LaunchMozilla Firefox.lnk
[2010/07/23 23:39:28 | 000,001,939 | ---- | M] () -- C:UsersPublicDesktopMozilla Firefox.lnk
[2010/07/22 21:46:29 | 000,042,045 | ---- | M] () -- C:WindowsSysWow64license.rtf
[2010/07/22 21:46:29 | 000,042,045 | ---- | M] () -- C:WindowsSysNativelicense.rtf
[2010/07/22 21:46:04 | 000,001,351 | ---- | M] () -- C:UsersChanceDesktopSticky Notes.lnk
[2010/07/22 21:42:19 | 000,000,000 | -H-- | M] () -- C:WindowsSysNativedriversMsft_User_WpdFs_01_09_00.Wdf
[2010/07/22 19:39:57 | 000,001,437 | ---- | M] () -- C:UsersChanceApplication DataMicrosoftInternet ExplorerQuick LaunchLaunch Internet Explorer Browser.lnk
[2010/07/22 19:37:36 | 000,524,288 | -HS- | M] () -- C:UsersChanceNTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
[2010/07/22 19:37:36 | 000,524,288 | -HS- | M] () -- C:UsersChanceNTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
[2010/07/22 19:37:36 | 000,065,536 | -HS- | M] () -- C:UsersChanceNTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
[2010/07/22 18:56:14 | 000,001,443 | ---- | M] () -- C:UsersChanceDesktopInternet Explorer.lnk
[2010/07/22 18:55:45 | 000,000,020 | -HS- | M] () -- C:UsersChancentuser.ini
[2010/07/09 18:38:00 | 000,065,128 | ---- | M] (Khronos Group) -- C:WindowsSysNativeOpenCL.dll
[2010/07/09 18:38:00 | 000,056,936 | ---- | M] (Khronos Group) -- C:WindowsSysWow64OpenCL.dll
[2010/07/09 18:38:00 | 000,012,264 | ---- | M] () -- C:WindowsSysNativenvinfo.pb

========== Files Created - No Company Name ==========

[2010/09/06 14:30:38 | 000,034,560 | ---- | C] () -- C:WindowsSysWow64driversNormandy.sys
[2010/09/06 14:20:18 | 003,839,056 | ---- | C] () -- C:UsersChanceDesktopComboFix.exe
[2010/09/06 14:19:21 | 000,363,520 | ---- | C] () -- C:UsersChanceDesktoprkill.scr
[2010/09/05 18:07:09 | 000,000,394 | ---- | C] () -- C:WindowstasksAd-Aware Update (Weekly).job
[2010/09/05 17:25:36 | 000,525,824 | ---- | C] () -- C:UsersChanceDesktopdds.scr
[2010/09/05 17:24:59 | 000,000,000 | ---- | C] () -- C:UsersChancedefogger_reenable
[2010/09/05 17:23:27 | 000,050,477 | ---- | C] () -- C:UsersChanceDesktopDefogger.exe
[2010/09/05 17:02:30 | 000,293,376 | ---- | C] () -- C:UsersChanceDesktop0rgj1r80.exe
[2010/09/05 17:02:11 | 000,001,009 | ---- | C] () -- C:UsersPublicDesktopMalwarebytes' Anti-Malware.lnk
[2010/09/05 16:09:46 | 000,019,528 | ---- | C] () -- C:WindowsSysNativedriverbleepmanpro35.sys
[2010/09/05 16:08:19 | 000,001,974 | ---- | C] () -- C:UsersPublicDesktopHitman Pro 3.5.lnk
[2010/09/03 16:21:19 | 000,002,429 | ---- | C] () -- C:UsersPublicDesktopiTunes.lnk
[2010/09/03 13:27:19 | 000,000,000 | -H-- | C] () -- C:WindowsSysNativedriversMsft_User_WpdMtpDr_01_09_00.Wdf
[2010/09/01 23:25:36 | 000,014,250 | ---- | C] () -- C:UsersChanceDocumentsOrderReport-Aug31st - 2010.xlsx
[2010/09/01 13:00:29 | 000,000,000 | ---- | C] () -- C:UsersChanceSti_Trace.log
[2010/09/01 12:58:16 | 000,009,606 | ---- | C] () -- C:WindowsSysNativeNEWSOFT
[2010/09/01 12:57:53 | 000,000,264 | ---- | C] () -- C:Windowssetup.iss
[2010/09/01 12:57:40 | 000,011,776 | ---- | C] () -- C:WindowsSysWow64pmsbfn32.dll
[2010/09/01 12:55:42 | 000,000,424 | ---- | C] () -- C:WindowsMAXLINK.INI
[2010/08/30 23:44:11 | 000,001,292 | ---- | C] () -- C:UsersChanceAppDataRoamingMicrosoftWindowsStart MenuProgramsStartupOneNote 2010 Screen Clipper and Launcher.lnk
[2010/08/30 23:44:03 | 000,001,131 | ---- | C] () -- C:UsersChanceApplication DataMicrosoftInternet ExplorerQuick LaunchMicrosoft Outlook.lnk
[2010/08/28 19:20:04 | 000,002,037 | ---- | C] () -- C:UsersPublicDesktopLightScribe.lnk
[2010/08/28 19:07:02 | 000,000,983 | ---- | C] () -- C:UsersChanceDesktopDVD Shrink 3.2.lnk
[2010/08/27 23:43:48 | 000,001,245 | ---- | C] () -- C:UsersChance_viminfo
[2010/08/27 18:31:05 | 000,011,246 | ---- | C] () -- C:UsersChanceDocumentsgetta_image.gif
[2010/08/25 19:00:36 | 000,013,153 | ---- | C] () -- C:UsersChanceDocumentsOrderReport-8-24-2010.xlsx
[2010/08/25 00:19:33 | 000,001,704 | ---- | C] () -- C:UsersChanceAppDataLocalAdobe Save for Web 12.0 Prefs
[2010/08/25 00:15:19 | 000,043,650 | ---- | C] () -- C:UsersChanceDesktopbody-bg.jpg
[2010/08/25 00:11:13 | 000,041,252 | ---- | C] () -- C:UsersChanceDesktopbackground.jpg
[2010/08/25 00:10:08 | 000,012,021 | ---- | C] () -- C:UsersChanceDesktopbg_light.jpg
[2010/08/24 00:59:09 | 000,013,172 | ---- | C] () -- C:UsersChanceDocumentsOrderReport-Aug23rd - 2010.xlsx
[2010/08/23 15:15:02 | 000,063,488 | ---- | C] () -- C:UsersChanceDocumentsFW-Change-Request-Form-v2.1.xls
[2010/08/22 23:02:34 | 000,013,231 | ---- | C] () -- C:UsersChanceDocumentsOrderReport-Aug22nd - 2010.xlsx
[2010/08/20 15:08:01 | 000,011,767 | ---- | C] () -- C:UsersChanceDocumentsOrderReport-Aug20th-2010.xlsx
[2010/08/18 23:43:46 | 000,044,032 | ---- | C] () -- C:UsersChanceDocumentsChance_Dinkins_Resume.doc
[2010/08/15 10:32:19 | 000,149,773 | ---- | C] () -- C:WindowsSysNativedriversklin.dat
[2010/08/15 10:32:18 | 000,106,765 | ---- | C] () -- C:WindowsSysNativedriversklick.dat
[2010/08/15 10:23:08 | 000,000,000 | ---- | C] () -- C:UsersChanceAppDataLocalAroto.bin
[2010/08/15 10:23:07 | 000,000,120 | ---- | C] () -- C:UsersChanceAppDataLocalTwifitegigu.dat
[2010/08/04 21:41:38 | 014,053,376 | ---- | C] () -- C:UsersChanceDocuments2100inst-0103-US.exe
[2010/08/04 21:37:16 | 000,000,410 | ---- | C] () -- C:WindowsBRWMARK.INI
[2010/08/04 21:37:16 | 000,000,034 | ---- | C] () -- C:WindowsSysWow64BD2170W.DAT
[2010/08/04 21:37:14 | 000,009,868 | ---- | C] () -- C:WindowsHL-2170W.INI
[2010/08/04 21:37:14 | 000,000,152 | ---- | C] () -- C:WindowsBRVIDEO.INI
[2010/08/04 21:37:14 | 000,000,114 | ---- | C] () -- C:WindowsSysWow64brlmw03a.ini
[2010/08/04 21:37:14 | 000,000,000 | ---- | C] () -- C:Windowsbrmx2001.ini
[2010/08/04 21:36:16 | 000,000,327 | ---- | C] () -- C:WindowsBrownie.ini
[2010/08/04 19:26:17 | 000,001,378 | ---- | C] () -- C:UsersChanceDesktopVisual Studio 2010.lnk
[2010/07/31 21:36:06 | 000,001,443 | ---- | C] () -- C:UsersChanceDesktopInternet Explorer.lnk
[2010/07/29 22:15:42 | 000,000,051 | ---- | C] () -- C:UsersChance.gitconfig
[2010/07/28 22:10:09 | 000,001,856 | ---- | C] () -- C:UsersChanceApplication DataMicrosoftInternet ExplorerQuick LaunchGit Bash.lnk
[2010/07/28 22:10:09 | 000,001,832 | ---- | C] () -- C:UsersPublicDesktopGit Bash.lnk
[2010/07/28 21:52:25 | 000,000,898 | ---- | C] () -- C:WindowstasksGoogleUpdateTaskMachineUA.job
[2010/07/28 21:52:25 | 000,000,894 | ---- | C] () -- C:WindowstasksGoogleUpdateTaskMachineCore.job
[2010/07/28 19:29:57 | 001,025,758 | ---- | C] () -- C:WindowsSysWow64PerfStringBackup.INI
[2010/07/25 17:06:34 | 000,002,014 | ---- | C] () -- C:UsersPublicDesktopAdobe Reader 9.lnk
[2010/07/24 15:29:57 | 000,002,014 | -H-- | C] () -- C:UsersChanceDocumentsDefault.rdp
[2010/07/24 11:14:56 | 000,001,067 | ---- | C] () -- C:UsersPublicDesktopDisplayFusion.lnk
[2010/07/23 23:50:58 | 000,000,979 | ---- | C] () -- C:UsersPublicDesktopPidgin.lnk
[2010/07/23 23:48:05 | 000,002,000 | ---- | C] () -- C:UsersPublicDesktopFileZilla Client.lnk
[2010/07/23 23:47:14 | 000,000,927 | ---- | C] () -- C:UsersPublicDesktopZune.lnk
[2010/07/23 23:42:25 | 000,001,045 | ---- | C] () -- C:UsersPublicDesktopNotepad++.lnk
[2010/07/23 23:41:28 | 000,002,515 | ---- | C] () -- C:UsersChanceApplication DataMicrosoftInternet ExplorerQuick LaunchApple Safari.lnk
[2010/07/23 23:41:28 | 000,002,491 | ---- | C] () -- C:UsersPublicDesktopSafari.lnk
[2010/07/23 23:39:35 | 000,002,403 | ---- | C] () -- C:UsersChanceDesktopGoogle Chrome.lnk
[2010/07/23 23:39:28 | 000,001,963 | ---- | C] () -- C:UsersChanceApplication DataMicrosoftInternet ExplorerQuick LaunchMozilla Firefox.lnk
[2010/07/23 23:39:28 | 000,001,939 | ---- | C] () -- C:UsersPublicDesktopMozilla Firefox.lnk
[2010/07/23 23:38:56 | 000,000,912 | ---- | C] () -- C:WindowstasksGoogleUpdateTaskUserS-1-5-21-391631999-2240494431-946906962-1001UA.job
[2010/07/23 23:38:55 | 000,000,860 | ---- | C] () -- C:WindowstasksGoogleUpdateTaskUserS-1-5-21-391631999-2240494431-946906962-1001Core.job
[2010/07/23 23:24:16 | 000,074,272 | ---- | C] () -- C:WindowsSysNativeRtNicProp64.dll
[2010/07/22 21:46:04 | 000,001,351 | ---- | C] () -- C:UsersChanceDesktopSticky Notes.lnk
[2010/07/22 21:42:19 | 000,000,000 | -H-- | C] () -- C:WindowsSysNativedriversMsft_User_WpdFs_01_09_00.Wdf
[2010/07/22 21:41:14 | 2146,119,679 | -HS- | C] () -- C:hiberfil.sys
[2010/07/22 20:01:34 | 000,012,264 | ---- | C] () -- C:WindowsSysNativenvinfo.pb
[2010/07/22 19:39:57 | 000,001,437 | ---- | C] () -- C:UsersChanceApplication DataMicrosoftInternet ExplorerQuick LaunchLaunch Internet Explorer Browser.lnk
[2010/07/22 18:55:45 | 007,077,888 | -HS- | C] () -- C:UsersChanceNTUSER.DAT
[2010/07/22 18:55:45 | 000,524,288 | -HS- | C] () -- C:UsersChanceNTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
[2010/07/22 18:55:45 | 000,524,288 | -HS- | C] () -- C:UsersChanceNTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
[2010/07/22 18:55:45 | 000,262,144 | -HS- | C] () -- C:UsersChancentuser.dat.LOG1
[2010/07/22 18:55:45 | 000,065,536 | -HS- | C] () -- C:UsersChanceNTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
[2010/07/22 18:55:45 | 000,000,290 | ---- | C] () -- C:UsersChanceApplication DataMicrosoftInternet ExplorerQuick LaunchShows Desktop.lnk
[2010/07/22 18:55:45 | 000,000,272 | ---- | C] () -- C:UsersChanceApplication DataMicrosoftInternet ExplorerQuick LaunchWindow Switcher.lnk
[2010/07/22 18:55:45 | 000,000,020 | -HS- | C] () -- C:UsersChancentuser.ini
[2010/07/22 18:55:45 | 000,000,000 | -HS- | C] () -- C:UsersChancentuser.dat.LOG2
[2009/07/13 19:42:10 | 000,064,000 | ---- | C] () -- C:WindowsSysWow64BWContextHandler.dll
[2009/07/13 17:03:59 | 000,364,544 | ---- | C] () -- C:WindowsSysWow64msjetoledb40.dll

========== LOP Check ==========

[2010/09/06 14:29:37 | 000,000,000 | ---D | M] -- C:UsersChanceAppDataRoaming.purple
[2010/08/15 10:26:31 | 000,000,000 | ---D | M] -- C:UsersChanceAppDataRoamingAnVi
[2010/09/01 13:00:29 | 000,000,000 | ---D | M] -- C:UsersChanceAppDataRoamingCanon
[2010/08/29 11:57:22 | 000,000,000 | ---D | M] -- C:UsersChanceAppDataRoamingchc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2010/07/24 11:18:38 | 000,000,000 | ---D | M] -- C:UsersChanceAppDataRoamingDisplayFusion
[2010/07/24 11:16:48 | 000,000,000 | ---D | M] -- C:UsersChanceAppDataRoamingenchant
[2010/08/04 19:42:25 | 000,000,000 | ---D | M] -- C:UsersChanceAppDataRoaminggtk-2.0
[2010/07/29 20:54:13 | 000,000,000 | ---D | M] -- C:UsersChanceAppDataRoamingJetBrains
[2010/09/05 10:33:32 | 000,000,000 | ---D | M] -- C:UsersChanceAppDataRoamingNewSoft
[2010/07/24 14:22:11 | 000,000,000 | ---D | M] -- C:UsersChanceAppDataRoamingNotepad++
[2010/09/01 12:55:37 | 000,000,000 | ---D | M] -- C:UsersChanceAppDataRoamingScanSoft
[2010/08/27 21:14:10 | 000,000,000 | ---D | M] -- C:UsersChanceAppDataRoamingStageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2010/09/05 18:07:09 | 000,000,394 | ---- | M] () -- C:WindowsTasksAd-Aware Update (Weekly).job
[2009/07/14 01:08:49 | 000,006,370 | ---- | M] () -- C:WindowsTasksSCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%*.* >
[2010/09/05 18:04:19 | 000,000,220 | ---- | M] () -- C:aaw7boot.log
[2010/09/05 18:09:22 | 2146,119,679 | -HS- | M] () -- C:hiberfil.sys
[2010/09/05 18:09:30 | 4293,148,671 | -HS- | M] () -- C:pagefile.sys
[2010/09/06 14:19:39 | 000,000,377 | ---- | M] () -- C:rkill.log

< %systemroot%Fonts*.com >
[2009/07/14 01:32:31 | 000,026,040 | ---- | M] () -- C:WindowsFontsGlobalMonospace.CompositeFont
[2009/07/14 01:32:31 | 000,026,489 | ---- | M] () -- C:WindowsFontsGlobalSansSerif.CompositeFont
[2009/07/14 01:32:31 | 000,029,779 | ---- | M] () -- C:WindowsFontsGlobalSerif.CompositeFont
[2009/07/14 01:32:31 | 000,043,318 | ---- | M] () -- C:WindowsFontsGlobalUserInterface.CompositeFont

< %systemroot%Fonts*.dll >

< %systemroot%Fonts*.ini >
[2009/06/10 16:49:50 | 000,000,065 | ---- | M] () -- C:WindowsFontsdesktop.ini

< %systemroot%Fonts*.ini2 >

< %systemroot%Fonts*.exe >

< %systemroot%system32spoolprtprocsw32x86*.* >

< %systemroot%REPAIR*.bak1 >

< %systemroot%REPAIR*.ini >

< %systemroot%system32*.jpg >

< %systemroot%*.jpg >

< %systemroot%*.png >

< %systemroot%*.scr >

< %systemroot%*._sy >

< %APPDATA%AdobeUpdate*.* >

< %ALLUSERSPROFILE%Favorites*.* >

< %APPDATA%Microsoft*.* >

< %PROGRAMFILES%*.* >
[2009/07/14 00:54:24 | 000,000,174 | -HS- | M] () -- C:Program Files (x86)desktop.ini

< %APPDATA%Update*.* >

< %systemroot%*. /mp /s >

< %systemroot%System32config*.sav >

< %PROGRAMFILES%bak. /s >

< %systemroot%system32bak. /s >

< %ALLUSERSPROFILE%Start Menu*.lnk /x >

< %systemroot%system32configsystemprofile*.dat /x >

< %systemroot%*.config >

< %systemroot%system32*.db >

< %APPDATA%MicrosoftInternet ExplorerQuick Launch*.lnk /x >
[2010/07/22 19:39:57 | 000,000,221 | -HS- | M] () -- C:UsersChanceAppDataRoamingMicrosoftInternet ExplorerQuick Launchdesktop.ini

< %USERPROFILE%Desktop*.exe >
[2010/09/05 17:02:31 | 000,293,376 | ---- | M] () -- C:UsersChanceDesktop0rgj1r80.exe
[2010/09/06 14:20:22 | 003,839,056 | ---- | M] () -- C:UsersChanceDesktopComboFix.exe
[2010/09/05 17:24:12 | 000,050,477 | ---- | M] () -- C:UsersChanceDesktopDefogger.exe
[2004/07/26 03:16:40 | 001,117,491 | ---- | M] (DVD Shrink ) -- C:UsersChanceDesktopdvdshrink32setup.exe
[2010/09/05 16:09:30 | 007,009,088 | ---- | M] (SurfRight B.V.) -- C:UsersChanceDesktopHitmanPro35_x64.exe
[2010/09/06 14:33:08 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:UsersChanceDesktopOTL.exe

< %PROGRAMFILES%Common Files*.* >

< %systemroot%*.src >

< %systemroot%install*.* >

< %systemroot%system32DLL*.* >

< %systemroot%system32HelpFiles*.* >

< %systemroot%system32rundll*.* >

< %systemroot%winn32*.* >

< %systemroot%Java*.* >

< %systemroot%system32test*.* >

< %systemroot%system32Rundll32*.* >

< %systemroot%AppPatchCustom*.* >

< %APPDATA%RoamingMicrosoftWindowsRecent*.lnk /x >

< %PROGRAMFILES%PC-DoctorDownloads*.* >

< %PROGRAMFILES%Internet Explorer*.tmp >

< %PROGRAMFILES%Internet Explorer*.dat >

< %USERPROFILE%My Documents*.exe >

< %USERPROFILE%*.exe >

< %systemroot%ADDINS*.* >
[2009/06/10 17:20:04 | 000,000,802 | ---- | M] () -- C:WindowsaddinsFXSEXT.ecf

< %systemroot%assembly*.bak2 >

< %systemroot%Config*.* >

< %systemroot%REPAIR*.bak2 >

< %systemroot%SECURITYDatabase*.sdb /x >
[2010/07/22 20:02:55 | 000,008,192 | ---- | M] () -- C:Windowssecuritydatabaseedb.chk
[2010/07/22 20:02:55 | 001,048,576 | ---- | M] () -- C:Windowssecuritydatabaseedb.log
[2010/07/22 21:45:37 | 001,048,576 | ---- | M] () -- C:Windowssecuritydatabaseedbres00001.jrs
[2010/07/22 21:45:37 | 001,048,576 | ---- | M] () -- C:Windowssecuritydatabaseedbres00002.jrs
[2010/07/22 20:02:55 | 001,056,768 | ---- | M] () -- C:Windowssecuritydatabasetmp.edb

< %systemroot%SYSTEM*.bak2 >

< %systemroot%Web*.bak2 >

< %systemroot%Driver Cache*.* >

< %PROGRAMFILES%Mozilla Firefox�*.exe >

< %ProgramFiles%Microsoft Common*.* >

< %ProgramFiles%TinyProxy. >

< %USERPROFILE%Favorites*.url /x >
[2010/08/03 18:36:27 | 000,000,402 | -HS- | M] () -- C:UsersChanceFavoritesdesktop.ini

< %systemroot%system32*.bk >

< %systemroot%*.te >

< %systemroot%system32system32*.* >

< %ALLUSERSPROFILE%*.dat /x >

< %systemroot%system32drivers*.rmv >

< dir /b "%systemroot%system32*.exe" | find /i " " /c >

< dir /b "%systemroot%*.exe" | find /i " " /c >

< %PROGRAMFILES%Microsoft*.* >

< %systemroot%System32Wbemproquota.exe >

< %PROGRAMFILES%Mozilla Firefox*.dat >

< %USERPROFILE%Cookies*.txt /x >

< %SystemRoot%system32fonts*.* >

< %systemroot%system32winlog*.* >

< %systemroot%system32Language*.* >

< %systemroot%system32Settings*.* >

< %systemroot%system32*.quo >

< %SYSTEMROOT%AppPatch*.exe >

< %SYSTEMROOT%inf*.exe >

< %SYSTEMROOT%Installer*.exe >

< %USERPROFILE%Templates*.* >

< %systemroot%system32config*.bak2 >

< %systemroot%system32Computers*.* >

< %SystemRoot%system32Sound*.* >

< %SystemRoot%system32SpecialImg*.* >

< %SystemRoot%system32code*.* >

< %SystemRoot%system32draft*.* >

< %SystemRoot%system32MSSSys*.* >

< %ProgramFiles%Javascript*.* >

< HKEY_LOCAL_MACHINESOFTWAREPoliciesMicrosoftWindowsWindowsUpdateAU >

< HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionWindowsUpdateAuto UpdateResultsInstall|LastSuccessTime /rs >
< End of report >

Extras.Txt
OTL Extras logfile created on: 9/6/2010 2:34:00 PM - Run 1
OTL by OldTimer - Version 3.2.11.0 Folder = C:UsersChanceDesktop
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

8.00 Gb Total Physical Memory | 6.00 Gb Available Physical Memory | 70.00% Memory free
16.00 Gb Paging File | 12.00 Gb Available in Paging File | 75.00% Paging File free
Paging file location(s): c:pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:Windows | %ProgramFiles% = C:Program Files (x86)
Drive C: | 100.00 Gb Total Space | 37.78 Gb Free Space | 37.78% Space Free | Partition Type: NTFS
Drive D: | 50.17 Gb Total Space | 46.97 Gb Free Space | 93.63% Space Free | Partition Type: NTFS
Drive E: | 146.48 Gb Total Space | 142.99 Gb Free Space | 97.62% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
Drive H: | 270.74 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
I: Drive not present or media not loaded
Drive M: | 292.97 Gb Total Space | 123.83 Gb Free Space | 42.27% Space Free | Partition Type: NTFS
Drive Z: | 341.80 Gb Total Space | 252.35 Gb Free Space | 73.83% Space Free | Partition Type: NTFS

Computer Name: BLACKROCK
Current User Name: Chance
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINESOFTWAREClasses<extension>]

[HKEY_LOCAL_MACHINESOFTWAREClasses<extension>]
.cpl [@ = cplfile] -- C:WindowsSysWow64control.exe (Microsoft Corporation)

[HKEY_CURRENT_USERSOFTWAREClasses<extension>]
.html [@ = ChromeHTML] -- C:UsersChanceAppDataLocalGoogleChromeApplicationchrome.exe (Google Inc.)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINESOFTWAREClasses<key>shell[command]command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:Program Files (x86)Microsoft OfficeOffice14msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:Program Files (x86)Microsoft OfficeOffice14msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%System32InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:WindowsSystem32rundll32.exe" "C:WindowsSystem32mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%system32rundll32.exe %SystemRoot%system32shell32.dll,OpenAs_RunDLL %1 File not found
Directory [Bridge] -- C:Program Files (x86)AdobeAdobe Bridge CS5Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%Explorer.exe (Microsoft Corporation)
Directory [git_shell] -- wscript "C:Program Files (x86)GitGit Bash.vbs" "%1" File not found
Folder [open] -- %SystemRoot%Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINESOFTWAREClasses<key>shell[command]command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%System32control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:Program Files (x86)Microsoft OfficeOffice14msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:Program Files (x86)Microsoft OfficeOffice14msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%System32InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:WindowsSystem32rundll32.exe" "C:WindowsSystem32mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%system32rundll32.exe %SystemRoot%system32shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:Program Files (x86)AdobeAdobe Bridge CS5Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%Explorer.exe (Microsoft Corporation)
Directory [git_shell] -- wscript "C:Program Files (x86)GitGit Bash.vbs" "%1"
Folder [open] -- %SystemRoot%Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoring]

64bit: [HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterSvc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterSvcVol]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity Center]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoring]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringKasperskyAntiVirus]
"DisableMonitoring" = 1
"" =

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterSvc]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyDomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyStandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyPublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionUninstall]
"{0076E1AC-9E7B-4B9F-A62A-4CC9511AD8E3}" = Zune Language Pack (FR)
"{034106B5-54B7-467F-B477-5B7DBB492624}" = Microsoft Sync Framework Services v1.0 SP1 (x64)
"{0826F9E4-787E-481D-83E0-BC6A57B056D5}" = Microsoft SQL Server VSS Writer
"{0C6C4C8A-3B96-4681-90BA-0E15CDE96298}" = Microsoft SQL Server 2008 Management Studio
"{0F37D969-1260-419E-B308-EF7D29ABDE20}" = Web Deployment Tool
"{108C8C1D-DA02-4A6C-94CD-5603F6A6FC72}" = Microsoft SQL Server 2008 Management Studio
"{1AB7EDC5-D891-34C5-9FF1-BE6A85ACC44B}" = Microsoft Team Foundation Server 2010 Object Model - ENU
"{1CB6C387-65A7-327F-B4A5-7DDC75A291AF}" = Microsoft Visual Studio 2010 Office Developer Tools (x64)
"{1D1CEEF8-3741-45BD-8E77-963E1DEBDDD3}" = Microsoft Sync Services for ADO.NET v2.0 SP1 (x64)
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{2180B33F-3225-423E-BBC1-7798CFD3CD1F}" = Microsoft SQL Server 2008 R2 Native Client
"{23170F69-40C1-2702-0915-000001000000}" = 7-Zip 9.15 (x64 edition)
"{2F14965D-567B-4E59-ADEB-0A2CC1E3ADDF}" = Sql Server Customer Experience Improvement Program
"{33EB1061-ABF1-4470-A540-32E97A610536}" = Apple Mobile Device Support
"{370BCBBA-67D7-4535-ADCD-58CD1C8DEC99}" = Zune Language Pack (DE)
"{40EC6323-497B-44DA-8A88-74578622D9B3}" = Zune Language Pack (IT)
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{4A8CE6D7-4D52-43B9-970B-03FC75FAD667}" = Microsoft SQL Server System CLR Types (x64)
"{5318020E-E32C-4A33-BC8D-EEF5CC2F6CA1}" = Microsoft SQL Server 2008 Database Engine Services
"{5340A3B5-3853-4745-BED2-DD9FF5371331}" = Microsoft SQL Server 2008 Common Files
"{5D068141-189F-39E2-A052-E40D4B561256}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"{5F02C14D-A630-4771-8409-0BA89FCCA8D6}" = iTunes
"{662014D2-0450-37ED-ABAE-157C88127BEB}" = Visual Studio 2010 Prerequisites - English
"{67C816AF-93F0-4C11-A355-AABC5FC00083}" = Microsoft SQL Server 2008 BI Development Studio
"{7ACE202B-1B01-4B43-B6AE-03D66D621CDE}" = Microsoft SQL Server 2008 RsFx Driver
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8438EC02-B8A9-462D-AC72-1B521349C001}" = Microsoft Sync Framework Runtime v1.0 SP1 (x64)
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{888FFC82-688D-46AB-A776-B417885432B6}" = Zune
"{88BAE373-00F4-3E33-828F-96E89E5E0CB9}" = Microsoft Visual Studio 2010 IntelliTrace Collection (x64)
"{893F27E6-D6BE-4B9F-80E6-0ADA694A31A8}" = Microsoft SQL Server 2008 Common Files
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{8FF0ACBD-17A5-3637-95F4-D7C69723E2BF}" = Microsoft Visual Studio 2010 Performance Collection Tools - ENU
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010
"{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{910A147A-75D7-4ECD-A00D-727AAC0FD0E7}" = Microsoft SQL Server 2008 Client Tools
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{94D70749-4281-39AC-AD90-B56A0E0A402E}" = Microsoft Visual C++ 2010 x64 Runtime - 10.0.30319
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
"{9FFAE13C-6160-4DD0-A67A-DAC5994F81BD}" = Microsoft SQL Server 2008 Database Engine Services
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{A7E4E7DD-2099-4D58-AE31-6E0F663066DD}" = Microsoft SQL Server 2008 Full text search
"{AE479CE0-753F-49C0-B8E6-79A37403999F}" = Microsoft SQL Server 2008 BI Development Studio
"{B40EE88B-400A-4266-A17B-E3DE64E94431}" = Microsoft SQL Server 2008 Setup Support Files
"{B702C53B-D809-4DD3-8C77-23EC0C948959}" = Microsoft SQL Server 2008 Integration Services
"{B91110FB-33B4-468B-90C2-4D5E8AE3FAE1}" = Bonjour
"{BAACB61F-43E0-4E70-BDC9-F81CC3B22970}" = Microsoft SQL Server 2008 Client Tools
"{BF7B0C91-5AF6-46B7-91CE-C8DD3D36E4BD}" = MySQL Server 5.1
"{C87C93C9-9E5E-4885-98D8-619CA1E1EA97}" = Microsoft SQL Server Compact 4.0 x64 ENU CTP1
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{CC8BA866-16A7-4667-BA0C-C494A1E7B2BF}" = Microsoft SQL Server 2008 Database Engine Shared
"{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}" = Microsoft SQL Server Compact 3.5 SP2 x64 ENU
"{DA67488A-2689-4F10-B90F-D2F6977509D6}" = Microsoft SQL Server 2008 R2 Management Objects (x64)
"{DF167CE3-60E7-44EA-99EC-2507C51F37AE}" = Microsoft SQL Server 2008 Database Engine Shared
"{EE4ACABF-531E-419A-9225-B8E0FA4955AF}" = Zune Language Pack (ES)
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F5079164-1DB9-3BDA-853B-F78AF67CE071}" = Microsoft Visual C++ 2010 x64 Designtime - 10.0.30319
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F5FEEB7E-F647-4D18-85BA-096750A15547}" = Microsoft SQL Server 2008 Integration Services
"{FA7394B8-CE65-4F9E-AC99-F372AD365424}" = Microsoft SQL Server 2008 Database Engine Services
"{FB78FA97-FDCE-444B-9FE3-C06E80D77782}" = Microsoft Web Platform Installer 3.0
"{FBD367D1-642F-47CF-B79B-9BE48FB34007}" = Microsoft SQL Server 2008 Database Engine Services
"{FCADA26A-5672-31DD-BF0E-BA76ECF9B02D}" = Microsoft Help Viewer 1.0
"HitmanPro35" = Hitman Pro 3.5
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Help Viewer 1.0" = Microsoft Help Viewer 1.0
"Microsoft SQL Server 10" = Microsoft SQL Server 2008 (64-bit)
"Microsoft SQL Server 10 Release" = Microsoft SQL Server 2008 (64-bit)
"Microsoft Team Foundation Server 2010 Object Model - ENU" = Microsoft Team Foundation Server 2010 Object Model - ENU
"Microsoft Visual Studio 2010 Tools for Office Runtime (x64)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"Zune" = Zune

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionUninstall]
"{01C5A10F-AD9B-405B-853A-6659841A1242}" = Microsoft SQL Server 2008 Policies
"{024521CF-C07E-4F8E-8481-0D75695E03AF}" = PxMergeModule
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{06E6E30D-B498-442F-A943-07DE41D7F785}" = Microsoft Search Enhancement Pack
"{08234a0d-cf39-4dca-99f0-0c5cb496da81}" = MSN Toolbar
"{08427321-24B6-48D2-AE17-F8C8F09F4A49}" = Microsoft SQL Server Compact 4.0 Web Tools ENU CTP1
"{086C4797-72C6-48F4-8E1F-BF554C7C2DFA}" = JetBrains ReSharper 5.1
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0DDCEC37-369C-484B-B16D-B4413FD42FB9}" = Microsoft SQL Server 2008 R2 Data-Tier Application Framework
"{0E3DFC64-CC49-4BE2-8C9C-58EF129675DB}" = Microsoft Sync Framework SDK v1.0 SP1
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{112C23F2-C036-4D40-BED4-0CB47BF5555C}" = Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU
"{14DD7530-CCD2-3798-B37D-3839ED6A441C}" = Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools
"{1803A630-3C38-4D2B-9B9A-0CB37243539C}" = Microsoft ASP.NET MVC 2
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2012098D-EEE9-4769-8DD3-B038050854D4}" = Microsoft Silverlight 3 SDK
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2656D0AB-9EA4-4C58-A117-635F3CED8B93}" = Microsoft UI Engine
"{26A24AE4-039D-4CA4-87B4-2F83216015FF}" = Java™ 6 Update 21
"{26B878A8-5704-3B64-BDBC-4F0EACA38121}" = Google Talk Plugin
"{288DB08D-0708-4A94-B055-55B99E39EB62}" = Adobe Creative Suite 5 Master Collection
"{2A2F3AE8-246A-4252-BB26-1BEB45627074}" = Microsoft SQL Server System CLR Types
"{2A845F24-768F-4AB7-998D-6C3ACB49AD8A}" = Microsoft ASP.NET Web Pages 1
"{2D9FEBEE-F1B7-344F-BFDF-760E18332D96}" = Microsoft Visual Studio 2010 SharePoint Developer Tools
"{3431A7A3-6287-46B0-8AF1-BE2452A1FE62}" = Microsoft SQL Server 2008 Books Online (English)
"{3A9FC03D-C685-4831-94CF-4EDFD3749497}" = Microsoft SQL Server Compact 3.5 SP2 ENU
"{40416836-56CC-4C0E-A6AF-5C34BADCE483}" = Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools
"{41B31ABE-5A6E-498A-8F28-3BA3B8779A41}" = Dotfuscator Software Services - Community Edition
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{52E27BD7-A034-4AFA-B6B5-390EEFB33607}" = Brother HL-2170W
"{61BEA823-ECAF-49F1-8378-A59B3B8AD247}" = Microsoft Default Manager
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{64CDE8F2-3791-46F5-BAD2-72FFF5252FAB}" = Microsoft SQL Server Compact 3.5 SP1 Query Tools English
"{66468F4D-BC4E-470C-9093-B3B6A1BB378C}" = MSN Toolbar Platform
"{6A86554B-8928-30E4-A53C-D7337689134D}" = Microsoft Visual C++ 2010 x86 Runtime - 10.0.30319
"{6CDEAD7E-F8D8-37F7-AB6F-1E22716E30F3}" = Microsoft Visual Studio Macro Tools
"{6E9EF98E-259E-416D-B5F8-0ABDB99942CE}" = Adobe Flash Player 10 ActiveX
"{7236672F-6430-439E-9B27-27EDEAF1D676}" = Diagnostic Utility
"{729A3000-BC8A-3B74-BA5D-5068FE12D70C}" = Microsoft Visual F# 2.0 Runtime
"{757D12F7-1DC1-4073-8C6E-64792CDC0B3D}" = Microsoft ASP.NET MVC 3
"{78C3657E-742C-40B1-9F53-E5A921D40F17}" = Microsoft SQL Server 2008 R2 Transact-SQL Language Service
"{82EF29B1-9B60-4142-A155-0599216DD053}" = LightScribe System Software
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{85309D89-7BE9-4094-BB17-24999C6118FC}" = ArcSoft PhotoStudio 5.5
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows 7
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A809006-C25A-4A3A-9DAB-94659BCDB107}" = NVIDIA PhysX
"{90120000-00A4-0409-0000-0000000FF1CE}" = Microsoft Office 2003 Web Components
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{91140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{9137E62C-1C49-4323-9E09-8F20B1DA9561}" = NUnit 2.5.5
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{943B6738-4801-4982-90EC-0442EF7AEB16}" = Kaspersky Anti-Virus 2010
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}" = Microsoft Visual Studio Tools for Applications 2.0 - ENU
"{AC41D924-8C68-4BD5-A7A1-0AE4176C31A6}" = Crystal Reports for Visual Studio
"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3.4
"{ACE28263-76A4-4BF5-B6F4-8BD719595969}" = Microsoft SQL Server Database Publishing Wizard 1.4
"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
"{B2F3DBD9-A9D2-4838-B45D-C917DAB32BC3}" = ScanSoft OmniPage SE 4
"{B692E59A-055C-43B7-BE0A-9C2FE0AB88B6}" = Microsoft SQL Server 2008 R2 Management Objects
"{B7E38540-E355-3503-AFD7-635B2F2F76E1}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974
"{BA0C9AAF-1327-3F06-B49C-349B4BE8F740}" = Microsoft Visual Studio 2008 Shell (integrated mode) - ENU
"{BC0464FA-A0BA-3E38-85BF-DC5B3A401F48}" = Microsoft Visual Studio 2010 Ultimate - ENU
"{BC41C09D-FAA9-4346-9FE6-1E0017BC551A}" = Adobe Flash Player 10 Plugin
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C688457E-03FD-4941-923B-A27F4D42A7DD}" = Microsoft SQL Server 2008 Browser
"{CB688F84-ACAD-4C9F-96BD-A2EC2A296659}" = Microsoft WebMatrix Beta
"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}" = Microsoft Primary Interoperability Assemblies 2005
"{D2D6B9EB-C6DC-4DAA-B4DE-BB7D9735E7DA}" = Presto! PageManager 7.15.16
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}" = Apple Application Support
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{E5AE9031-79A5-4627-9641-BEFA82819B08}" = Microsoft SQL Server 2008 R2 Data-Tier Application Project
"{EAFEF30E-3789-49C7-A6D9-77C12E005BAC}" = Safari
"{EB900AF8-CC61-4E15-871B-98D1EA3E8025}" = QuickTime
"{F114B3D1-C4A2-482A-B223-62D2A7454F93}" = Microsoft ASP.NET MVC 3 - Visual Studio 2010 Tools
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"B076073A-5527-4f4f-B46B-B10692277DA2_is1" = DisplayFusion 3.1.10
"Canon CanoScan 8800F User Registration" = Canon CanoScan 8800F User Registration
"CanonSolutionMenu" = Canon Utilities Solution Menu
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"DVD Shrink_is1" = DVD Shrink 3.2
"FileZilla Client" = FileZilla Client 3.3.3
"Git_is1" = Git 1.7.0.2-preview20100309
"InstallWIX_{943B6738-4801-4982-90EC-0442EF7AEB16}" = Kaspersky Anti-Virus 2010
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft Visual Studio 2010 Ultimate - ENU" = Microsoft Visual Studio 2010 Ultimate - ENU
"Microsoft Visual Studio Macro Tools" = Microsoft Visual Studio Macro Tools
"Mozilla Firefox (3.6.8)" = Mozilla Firefox (3.6.8)
"MP Navigator EX 1.0" = Canon MP Navigator EX 1.0
"Notepad++" = Notepad++
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"Pidgin" = Pidgin

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionUninstall]
"{F6377277-9DF1-4a1f-A487-CB5D34DCD793}_is1" = Ruby 1.8.7-p299
"Google Chrome" = Google Chrome

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 9/6/2010 11:48:47 AM | Computer Name = Blackrock | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 9032

Error - 9/6/2010 11:48:47 AM | Computer Name = Blackrock | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 9032

Error - 9/6/2010 11:48:48 AM | Computer Name = Blackrock | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 9/6/2010 11:48:48 AM | Computer Name = Blackrock | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 10031

Error - 9/6/2010 11:48:48 AM | Computer Name = Blackrock | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 10031

Error - 9/6/2010 11:48:49 AM | Computer Name = Blackrock | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 9/6/2010 11:48:49 AM | Computer Name = Blackrock | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 11029

Error - 9/6/2010 11:48:49 AM | Computer Name = Blackrock | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 11029

Error - 9/6/2010 1:46:35 PM | Computer Name = Blackrock | Source = VSTTExecution | ID = 0
Description =

Error - 9/6/2010 1:46:59 PM | Computer Name = Blackrock | Source = VSTTExecution | ID = 0
Description =

[ Media Center Events ]
Error - 7/26/2010 5:20:52 PM | Computer Name = Blackrock | Source = MCUpdate | ID = 0
Description = 5:20:52 PM - Error connecting to the internet. 5:20:52 PM - Unable
to contact server..

Error - 8/7/2010 5:47:54 PM | Computer Name = Blackrock | Source = MCUpdate | ID = 0
Description = 5:47:53 PM - Error connecting to the internet. 5:47:53 PM - Unable
to contact server..

Error - 8/7/2010 6:48:44 PM | Computer Name = Blackrock | Source = MCUpdate | ID = 0
Description = 6:48:43 PM - Error connecting to the internet. 6:48:43 PM - Unable
to contact server..

Error - 9/2/2010 3:59:34 AM | Computer Name = Blackrock | Source = MCUpdate | ID = 0
Description = 3:59:29 AM - Error connecting to the internet. 3:59:29 AM - Unable
to contact server..

[ System Events ]
Error - 9/5/2010 6:02:44 PM | Computer Name = Blackrock | Source = cdrom | ID = 262151
Description = The device, DeviceCdRom0, has a bad block.

Error - 9/5/2010 6:02:46 PM | Computer Name = Blackrock | Source = cdrom | ID = 262151
Description = The device, DeviceCdRom0, has a bad block.

Error - 9/5/2010 6:02:49 PM | Computer Name = Blackrock | Source = cdrom | ID = 262151
Description = The device, DeviceCdRom0, has a bad block.

Error - 9/5/2010 6:02:52 PM | Computer Name = Blackrock | Source = cdrom | ID = 262151
Description = The device, DeviceCdRom0, has a bad block.

Error - 9/5/2010 6:02:54 PM | Computer Name = Blackrock | Source = cdrom | ID = 262151
Description = The device, DeviceCdRom0, has a bad block.

Error - 9/5/2010 6:04:52 PM | Computer Name = Blackrock | Source = EventLog | ID = 6008
Description = The previous system shutdown at 6:02:48 PM on ?9/?5/?2010 was unexpected.

Error - 9/5/2010 6:05:01 PM | Computer Name = Blackrock | Source = Service Control Manager | ID = 7000
Description = The CruiseControl Service service failed to start due to the following
error: %%2

Error - 9/5/2010 6:10:02 PM | Computer Name = Blackrock | Source = Service Control Manager | ID = 7000
Description = The CruiseControl Service service failed to start due to the following
error: %%2

Error - 9/6/2010 2:30:39 PM | Computer Name = Blackrock | Source = Application Popup | ID = 1060
Description = SystemRootSysWow64DriversNormandy.SYS has been blocked from loading
due to incompatibility with this system. Please contact your software vendor for
a compatible version of the driver.

Error - 9/6/2010 2:30:47 PM | Computer Name = Blackrock | Source = Application Popup | ID = 1060
Description = SystemRootSysWow64DriversNormandy.SYS has been blocked from loading
due to incompatibility with this system. Please contact your software vendor for
a compatible version of the driver.


< End of report >


Hijack This Log
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 7:12:16 PM, on 9/6/2010
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\System32\spool\drivers\x64\3\WrtMon.exe
C:\Windows\System32\spool\drivers\x64\3\WrtProc.exe
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe
C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0401.0\mswinext.exe
C:\Program Files (x86)\Brownie\Brnipmon.exe
C:\Program Files (x86)\ScanSoft\OmniPageSE4\OpWareSE4.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\DisplayFusion\DisplayFusionHookx86.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SCServer\SCServer.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files (x86)\Pidgin\pidgin.exe
C:\Program Files (x86)\iTunes\iTunes.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
C:\Users\Chance\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
C:\Windows\SysWOW64\NOTEPAD.EXE
C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SCServer\SCServer.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2010\ievkbd.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MIF5BA~1\Office14\GROOVEEX.DLL
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MIF5BA~1\Office14\URLREDIR.DLL
O2 - BHO: MSN Toolbar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN Toolbar\Platform\4.0.0401.0\npwinext.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Microsoft Web Test Recorder 10.0 Helper - {DDA57003-0068-4ed2-9D32-4D1EC707D94D} - C:\Program Files (x86)\Microsoft Visual Studio 10.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: MSN Toolbar - {8dcb7100-df86-4384-8842-8fa844297b3f} - c:\Program Files (x86)\MSN Toolbar\Platform\4.0.0401.0\npwinext.dll
O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [BrStsWnd] C:\Program Files (x86)\Brownie\BrstsW64.exe Autorun
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe"
O4 - HKLM\..\Run: [MSN Toolbar] "c:\Program Files (x86)\MSN Toolbar\Platform\4.0.0401.0\mswinext.exe"
O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files (x86)\ScanSoft\OmniPageSE4\OpwareSE4.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\Chance\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [DisplayFusion] "C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe"
O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: OneNote 2010 Screen Clipper and Launcher.lnk = C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MIF5BA~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MIF5BA~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Virtual keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\PROGRA~2\KASPER~1\KASPER~1\mzvkbd3.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Kaspersky Anti-Virus (AVP) - Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: CruiseControl Service (CruiseControl) - Unknown owner - C:\Program Files (x86)\CruiseControl\Wrapper.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: @%windir%\system32\inetsrv\iisres.dll,-30007 (IISADMIN) - Unknown owner - C:\Windows\system32\inetsrv\inetinfo.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MySQL - Unknown owner - C:\Program.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: Adobe SwitchBoard (SwitchBoard) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: @%windir%\system32\inetsrv\iisres.dll,-20001 (WMSVC) - Unknown owner - C:\Windows\system32\inetsrv\wmsvc.exe (file missing)
O23 - Service: Zune Wireless Configuration Service (ZuneWlanCfgSvc) - Unknown owner - C:\Windows\system32\ZuneWlanCfgSvc.exe (file missing)

--
End of file - 14504 bytes


Merged 3 posts. ~ OB

Edited by chanceusc, 06 September 2010 - 06:13 PM.


BC AdBot (Login to Remove)

 


#2 chanceusc

chanceusc
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:02:32 AM

Posted 09 September 2010 - 08:02 AM

I am smoking my drive and reinstalling Windows. Thanks anyway guys!

#3 Budapest

Budapest

    Bleepin' Cynic


  • Moderator
  • 23,579 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:32 PM

Posted 09 September 2010 - 04:41 PM

As this issue appears to be resolved I am closing the topic. Please send me (or any other Moderator) a Personal Message (PM) if you would like the topic re-opened.
The power of accurate observation is commonly called cynicism by those who haven't got it.

—George Bernard Shaw




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users