Solved MSE detects Win32/Hoicfh.A but cannot clear issue

[Tom Clindaniel]

Good afternoon,
Your forum was very helpful a year ago when I got infected and I am now back with another issue. MSE continually detects a threat called Win32/Hoicfh.A but cannot clear it once and for all. I have also ran MAM and it detects a file threat called "C:\msr5.exe" but after a reboot that same file shows up again. I sure could use your help and expertise again...please ! My logs are pasted below for your use...

**********MAM LOG*************
Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Database version: v2012.07.18.06

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 8.0.7601.17514
Tom :: TOM-LAPTOP [administrator]

7/18/2012 11:09:27 AM
mbam-log-2012-07-18 (11-09-27).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 252739
Time elapsed: 6 minute(s), 31 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\msr5.exe (Trojan.Lethic) -> Quarantined and deleted successfully.

(end)
**********GMER LOG***************
GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2012-07-18 13:38:40
Windows 6.1.7601 Service Pack 1
Running: tikbv54r.exe
---- Registry - GMER 1.0.15 ----
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@s1 771343423
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@s2 285507792
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@h0 1
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0xD4 0xC3 0x97 0x02 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x63 0xF4 0x71 0x76 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0xD4 0xC3 0x97 0x02 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x63 0xF4 0x71 0x76 ...
---- EOF - GMER 1.0.15 ----
**********DDS DDS LOG***************

.DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 8.0.7601.17514 BrowserJavaVersion: 10.5.1
Run by Tom at 13:39:40 on 2012-07-18
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.2003.896 [GMT -4:00]
.
AV: Microsoft Security Essentials *Disabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Microsoft Security Essentials *Disabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
C:\Program Files (x86)\Juniper Networks\Common Files\dsNcService.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Jungle Disk Workgroup\JungleDiskWorkgroup.exe
C:\Windows\system32\lxdncoms.exe
c:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\sqlservr.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\DellTPad\Apoint.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\Sun\Java\bin\javaw.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
C:\Windows\system32\conhost.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Windows\system32\conhost.exe
C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe
C:\Windows\Sun\Java\bin\javaw.exe
C:\Windows\Sun\Java\bin\javaw.exe
C:\Windows\SysWOW64\{71.74.95.131}\4d8d0f4
C:\Windows\system32\wuauclt.exe
C:\Windows\Sun\Java\bin\javaw.exe
C:\Windows\Sun\Java\bin\javaw.exe
C:\Windows\Sun\Java\bin\javaw.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.cnn.com/
uInternet Settings,ProxyOverride = *.local
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Virtual Storage Mount Notification: {5ff49fe8-b332-4cb9-b102-fb6951629e55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
BHO: SmartSelect Class: {f4971ee7-daa0-4053-9964-665d8ee6a077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
uRun: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
uRun: [null-4d8d0ec] C:\Windows\Sun\Java\bin\javaw.exe -jar C:\Windows\config\systemprofile\AppData\Local\Google\Update\Manifest\Initial\2bcb978e3a0
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [4d8d0ec] C:\Windows\Sun\Java\bin\javaw.exe -jar C:\Windows\config\systemprofile\AppData\Local\Google\Update\Manifest\Initial\2bcb978e3a33
mRun: [Intuit SyncManager] C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe startup
mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
mRun: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
mRun: [AdobeCS4ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
mRun: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
mRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
mRun: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
IE: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_04-windows-i586.cab
DPF: {983A9C21-8207-4B58-BBB8-0EBC3D7C5505} - hxxps://my-remote.johnsoncontrols.com/https/jwimkns9.na.jci.com/dwa8W.cab
DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} - hxxps://my.ohiohealth.com/dana-cached/sc/JuniperSetupClient.cab
TCP: DhcpNameServer = 10.0.0.1
TCP: Interfaces\{F3792406-77F2-4AA7-BC9A-7273B3D1CF73} : DhcpNameServer = 10.0.0.1
TCP: Interfaces\{F3792406-77F2-4AA7-BC9A-7273B3D1CF73}\0516E6562716 : DhcpNameServer = 208.67.222.222 208.67.220.220
TCP: Interfaces\{F3792406-77F2-4AA7-BC9A-7273B3D1CF73}\14E64627F69646455647865627 : DhcpNameServer = 192.168.3.254
TCP: Interfaces\{F3792406-77F2-4AA7-BC9A-7273B3D1CF73}\241637479616E6C4B4E4 : DhcpNameServer = 10.0.0.1
TCP: Interfaces\{F3792406-77F2-4AA7-BC9A-7273B3D1CF73}\245736B637 : DhcpNameServer = 192.168.1.1 209.18.47.61 209.18.47.62
TCP: Interfaces\{F3792406-77F2-4AA7-BC9A-7273B3D1CF73}\261637479616E6D6E636 : DhcpNameServer = 10.0.0.1
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll
STS: Virtual Storage Mount Notification: {5ff49fe8-b332-4cb9-b102-fb6951629e55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: Virtual Storage Mount Notification: {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll
BHO-X64: Virtual Storage Mount Notification - No File
BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO-X64: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
BHO-X64: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO-X64: SmartSelect - No File
TB-X64: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB-X64: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
mRun-x64: [Intuit SyncManager] C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe startup
mRun-x64: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
mRun-x64: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
mRun-x64: [AdobeCS4ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
mRun-x64: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
mRun-x64: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
mRun-x64: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun-x64: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
IE-X64: {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe
SSODL-X64: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll
STS-X64: Virtual Storage Mount Notification: {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll
SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\system32\DRIVERS\MpFilter.sys --> C:\Windows\system32\DRIVERS\MpFilter.sys [?]
R1 cbfs3;cbfs3;\??\C:\Windows\system32\drivers\cbfs3.sys --> C:\Windows\system32\drivers\cbfs3.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-6-6 64952]
R2 JungleDiskWorkgroupService;JungleDiskWorkgroupService;C:\Program Files\Jungle Disk Workgroup\JungleDiskWorkgroup.exe [2011-5-17 9769800]
R2 lxdn_device;lxdn_device;C:\Windows\system32\lxdncoms.exe -service --> C:\Windows\system32\lxdncoms.exe -service [?]
R3 SrvHsfHDA;SrvHsfHDA;C:\Windows\system32\DRIVERS\VSTAZL6.SYS --> C:\Windows\system32\DRIVERS\VSTAZL6.SYS [?]
R3 SrvHsfV92;SrvHsfV92;C:\Windows\system32\DRIVERS\VSTDPV6.SYS --> C:\Windows\system32\DRIVERS\VSTDPV6.SYS [?]
R3 SrvHsfWinac;SrvHsfWinac;C:\Windows\system32\DRIVERS\VSTCNXT6.SYS --> C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [?]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-1-16 136176]
S2 Sentinel64;Sentinel64;C:\Windows\system32\Drivers\Sentinel64.sys --> C:\Windows\system32\Drivers\Sentinel64.sys [?]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-5-5 250056]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-1-16 136176]
S3 NisDrv;Microsoft Network Inspection System;C:\Windows\system32\DRIVERS\NisDrvWFP.sys --> C:\Windows\system32\DRIVERS\NisDrvWFP.sys [?]
S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-3-26 291696]
S3 SNTUSB64;SafeNet USB SuperPro/UltraPro/HardwareKey;C:\Windows\system32\DRIVERS\SNTUSB64.SYS --> C:\Windows\system32\DRIVERS\SNTUSB64.SYS [?]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\system32\DRIVERS\wdcsam64.sys --> C:\Windows\system32\DRIVERS\wdcsam64.sys [?]
S3 WSDPrintDevice;WSD Print Support via UMB;C:\Windows\system32\DRIVERS\WSDPrint.sys --> C:\Windows\system32\DRIVERS\WSDPrint.sys [?]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;C:\Program Files (x86)\Microsoft SQL Server\100\Shared\sqladhlp.exe [2010-4-3 44896]
.
=============== Created Last 30 ================
.
2012-07-18 16:19:41607260----a-w-C:\Users\Tom\dds.scr
2012-07-18 15:22:100----a-w-C:\msr5.exe
2012-07-18 15:18:2669000----a-w-C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{07B6D11E-59BA-44CF-9559-855F44A72C67}\offreg.dll
2012-07-18 12:15:30--------d-----w-C:\Program Files\Enigma Software Group
2012-07-18 12:13:45--------d-----w-C:\Windows\F896D02690164122B9BD957FF092FFE9.TMP
2012-07-18 12:13:33--------d-----w-C:\Program Files (x86)\Common Files\Wise Installation Wizard
2012-07-18 12:01:279133488----a-w-C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{07B6D11E-59BA-44CF-9559-855F44A72C67}\mpengine.dll
2012-07-18 10:56:579133488----a-w-C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-07-18 01:46:52--------d-----w-C:\Users\Tom\AppData\Local\Temp
2012-07-18 01:10:27--------d-----w-C:\Users\Tom\AppData\Local\LogMeIn Rescue Applet
2012-07-18 00:40:37--------d-----w-C:\Users\Tom\AppData\Roaming\SpeedyPC Software
2012-07-18 00:40:37--------d-----w-C:\Users\Tom\AppData\Roaming\DriverCure
2012-07-18 00:40:09--------d-----w-C:\ProgramData\SpeedyPC Software
2012-07-16 14:28:193148800----a-w-C:\Windows\System32\win32k.sys
2012-07-16 13:37:03210944----a-w-C:\Windows\System32\drivers\rdpwd.sys
2012-07-16 13:35:58451072----a-w-C:\Program Files\Internet Explorer\ieproxy.dll
2012-07-16 13:34:59225280----a-w-C:\Windows\SysWow64\schannel.dll
2012-07-16 13:34:5895600----a-w-C:\Windows\System32\drivers\ksecdd.sys
2012-07-16 13:34:5596768----a-w-C:\Windows\SysWow64\sspicli.dll
2012-07-16 13:34:5522016----a-w-C:\Windows\SysWow64\secur32.dll
2012-07-16 13:32:189216----a-w-C:\Windows\System32\rdrmemptylst.exe
2012-07-16 13:32:1877312----a-w-C:\Windows\System32\rdpwsx.dll
2012-07-16 13:32:18149504----a-w-C:\Windows\System32\rdpcorekmts.dll
2012-07-16 13:32:021462272----a-w-C:\Windows\System32\crypt32.dll
2012-07-16 13:32:011158656----a-w-C:\Windows\SysWow64\crypt32.dll
2012-07-16 13:32:00184320----a-w-C:\Windows\System32\cryptsvc.dll
2012-07-16 13:32:00140288----a-w-C:\Windows\SysWow64\cryptsvc.dll
2012-07-16 13:32:00140288----a-w-C:\Windows\System32\cryptnet.dll
2012-07-16 13:32:00103936----a-w-C:\Windows\SysWow64\cryptnet.dll
2012-07-16 11:14:18--------d-----w-C:\Program Files (x86)\Oracle
2012-07-15 14:00:3154784----a-w-C:\Windows\System32\lsassr.exe
2012-07-12 12:26:509226440----a-w-C:\Windows\SysWow64\FlashPlayerInstaller.exe
2012-07-04 19:06:41--------d--h--w-C:\Windows\SysWow64\{71.74.95.131}
2012-07-04 16:56:30927800------w-C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{1ACA8E6C-DD25-4663-BBFF-C5297E44762B}\gapaengine.dll
2012-06-19 10:12:152622464----a-w-C:\Windows\System32\wucltux.dll
2012-06-19 10:11:5799840----a-w-C:\Windows\System32\wudriver.dll
2012-06-19 10:11:1936864----a-w-C:\Windows\System32\wuapp.exe
2012-06-19 10:11:19186752----a-w-C:\Windows\System32\wuwebv.dll
.
==================== Find3M ====================
.
2012-07-12 12:27:4770344----a-w-C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-07-12 12:27:47426184----a-w-C:\Windows\SysWow64\FlashPlayerApp.exe
2012-07-06 02:06:30772544----a-w-C:\Windows\SysWow64\npDeployJava1.dll
2012-07-06 02:06:20687544----a-w-C:\Windows\SysWow64\deployJava1.dll
2012-07-04 19:06:339520---ha-w-C:\Windows\SysWow64\vaultcps.dll
2012-07-03 17:46:4424904----a-w-C:\Windows\System32\drivers\mbam.sys
2012-06-06 06:06:162004480----a-w-C:\Windows\System32\msxml6.dll
2012-06-06 06:06:161881600----a-w-C:\Windows\System32\msxml3.dll
2012-06-06 06:02:541133568----a-w-C:\Windows\System32\cdosys.dll
2012-06-06 05:05:521390080----a-w-C:\Windows\SysWow64\msxml6.dll
2012-06-06 05:05:521236992----a-w-C:\Windows\SysWow64\msxml3.dll
2012-06-06 05:03:06805376----a-w-C:\Windows\SysWow64\cdosys.dll
2012-06-02 05:50:10458704----a-w-C:\Windows\System32\drivers\cng.sys
2012-06-02 05:48:16151920----a-w-C:\Windows\System32\drivers\ksecpkg.sys
2012-06-02 05:45:31340992----a-w-C:\Windows\System32\schannel.dll
2012-06-02 05:44:21307200----a-w-C:\Windows\System32\ncrypt.dll
2012-06-02 04:39:10219136----a-w-C:\Windows\SysWow64\ncrypt.dll
2012-05-31 16:25:12279656------w-C:\Windows\System32\MpSigStub.exe
2012-05-15 04:01:311188864----a-w-C:\Windows\System32\wininet.dll
2012-05-15 03:03:54981504----a-w-C:\Windows\SysWow64\wininet.dll
2012-05-05 11:45:11955848----a-w-C:\Windows\System32\npDeployJava1.dll
2012-05-05 11:45:11839112----a-w-C:\Windows\System32\deployJava1.dll
2012-05-04 11:06:225559664----a-w-C:\Windows\System32\ntoskrnl.exe
2012-05-04 10:03:533968368----a-w-C:\Windows\SysWow64\ntkrnlpa.exe
2012-05-04 10:03:503913072----a-w-C:\Windows\SysWow64\ntoskrnl.exe
2012-04-20 03:45:411638912----a-w-C:\Windows\System32\mshtml.tlb
2012-04-20 03:16:441638912----a-w-C:\Windows\SysWow64\mshtml.tlb
.
============= FINISH: 13:40:18.02 ===============
**********DDS ATTACH LOG***************
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 9/22/2010 6:31:53 PM
System Uptime: 7/18/2012 11:17:54 AM (2 hours ago)
.
Motherboard: Dell Inc. | | 0D695C
Processor: Intel(R) Celeron(R) CPU 900 @ 2.20GHz | Microprocessor | 2194/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 149 GiB total, 87.346 GiB free.
D: is CDROM ()
J: is Removable
K: is Removable
L: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Cisco Systems VPN Adapter for 64-bit Windows
Device ID: ROOT\NET\0000
Manufacturer: Cisco Systems
Name: Cisco Systems VPN Adapter for 64-bit Windows
PNP Device ID: ROOT\NET\0000
Service: CVirtA
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: Sentinel64
Device ID: ROOT\LEGACY_SENTINEL64\0000
Manufacturer:
Name: Sentinel64
PNP Device ID: ROOT\LEGACY_SENTINEL64\0000
Service: Sentinel64
.
==== System Restore Points ===================
.
RP170: 7/8/2012 12:43:54 PM - Windows Update
RP171: 7/12/2012 8:38:02 AM - Windows Update
RP172: 7/15/2012 10:55:26 AM - Windows Update
RP173: 7/16/2012 7:11:32 AM - Installed Java(TM) 7 Update 5
RP174: 7/16/2012 7:13:32 AM - Removed JavaFX 2.1.0
RP175: 7/16/2012 7:14:02 AM - Installed JavaFX 2.1.1
RP176: 7/16/2012 9:37:51 AM - Windows Update
RP177: 7/17/2012 9:15:07 PM - SpeedyPC Pro Backup
RP178: 7/17/2012 9:43:21 PM - SpeedyPC Pro Backup
RP179: 7/18/2012 8:14:16 AM - Installed SpyHunter
RP180: 7/18/2012 10:46:54 AM - Removed SpyHunter
RP181: 7/18/2012 10:50:20 AM - Removed Aspect Viewer
RP182: 7/18/2012 10:53:28 AM - Removed MP3 Rocket Toolbar.
RP183: 7/18/2012 10:54:05 AM - Removed Realtime Landscaping Architect 2 Trial
RP184: 7/18/2012 10:56:56 AM - Removed NBPro.
RP185: 7/18/2012 10:59:27 AM - Removed Sentinel System Driver Installer 7.5.0
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
Adobe Acrobat 9 Pro - English, Français, Deutsch
Adobe After Effects CS4 Third Party Content
Adobe AIR
Adobe Anchor Service CS4
Adobe Bridge CS4
Adobe CMaps CS4
Adobe Creative Suite 4 Master Collection
Adobe CSI CS4
Adobe Default Language CS4
Adobe Dreamweaver CS4
Adobe Encore CS4 Codecs
Adobe ExtendScript Toolkit CS4
Adobe Flash Player 11 ActiveX
Adobe Media Encoder CS4 Exporter
Adobe Media Encoder CS4 Importer
Adobe Output Module
Adobe PDF Library Files CS4
Adobe Premiere Pro CS4 Third Party Content
Adobe Reader X (10.1.1)
Adobe Search for Help
Adobe Service Manager Extension
Adobe Setup
Adobe Shockwave Player 11.6
Adobe Soundbooth CS4 Codecs
Adobe Type Support CS4
Adobe Update Manager CS4
Adobe XMP Panels CS4
Apple Application Support
Apple Software Update
BlackBerry Device Software Updater
CoffeeCup Free DHTML Menu Builder
Connect
Customer License Upgrade Utility
ESET Online Scanner v3
FileZilla Client 3.5.0
GDR 1617 for SQL Server 2008 R2 (KB2494088)
GO Contact Sync
Google Calendar Sync
Google Chrome
Google Earth
Google Talk Plugin
Google Update Helper
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946040)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946308)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946344)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947540)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947789)
HP Officejet 7500 E910 Help
HP Update
I.R.I.S. OCR
Intuit SiteBuilder
Java Auto Updater
Java(TM) 6 Update 16
Java(TM) 7 Update 5
JavaFX 2.1.1
Juniper Networks Host Checker
Juniper Networks Network Connect 6.5.0
Juniper Networks Setup Client
kuler
Malwarebytes Anti-Malware version 1.62.0.1300
Marketsplash Shortcuts
Metasys CCT 5.1.0.4400
Microsoft Application Error Reporting
Microsoft Default Manager
Microsoft Office 2007 Primary Interop Assemblies
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Report Viewer Redistributable 2008 (KB971119)
Microsoft Report Viewer Redistributable 2008 SP1
Microsoft Silverlight
Microsoft SQL Server 2008 R2
Microsoft SQL Server 2008 R2 Policies
Microsoft SQL Server 2008 R2 RsFx Driver
Microsoft SQL Server 2008 R2 Setup (English)
Microsoft SQL Server 2008 Setup Support Files
Microsoft SQL Server Browser
Microsoft SQL Server Compact 3.5 SP2 ENU
Microsoft SQL Server Compact 3.5 SP2 Query Tools ENU
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual J# 2.0 Redistributable Package
Microsoft Visual Studio 2005 Tools for Office Runtime
Microsoft Visual Studio Tools for Applications 2.0 - ENU
Microsoft XML Parser
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
Photoshop Camera Raw
PokerStars
QuickTime
RICOH Media Driver ver.2.07.01.01
RICOH R5C83x/84x Media Driver Ver.3.53.02
Roblox
Safari
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft Office 2007 suites (KB2596666) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596880) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597162) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2598041) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2596786) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2596917) 32-Bit Edition
SQL Server 2008 R2 Common Files
SQL Server 2008 R2 Database Engine Services
SQL Server 2008 R2 Database Engine Shared
SQL Server 2008 R2 Management Studio
Sql Server Customer Experience Improvement Program
Suite Shared Configuration CS4
swMSM
Unity Web Player
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687310) 32-Bit Edition
Web Studio 5.0
WinRAR 4.00 (32-bit)
.
==== Event Viewer Messages From Past Week ========
.
7/18/2012 8:10:16 AM, Error: Service Control Manager [7031] - The Microsoft Antimalware Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 15000 milliseconds: Restart the service.
7/18/2012 8:02:16 AM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?lin...:Java/CVE-2012-0507.D!ldr&threatid=2147655409 Name: Exploit:Java/CVE-2012-0507.D!ldr ID: 2147655409 Severity: Severe Category: Exploit Path: containerfile:_C:\Users\Tom\Downloads\FX4.0.zip;file:_C:\Users\Tom\Downloads\FX4.0.zip->LP-FXTSPDEM/dist/3.6.31/nre-config-linux-x86.dist->lib/editions/j2se-headless/rt.jar->sun/security/provider/PolicyFile.class;file:_C:\Users\Tom\Downloads\FX4.0.zip->LP-FXTSPDEM/dist/3.6.31/nre-config-win-x64.dist->lib/editions/j2se-headless/rt.jar->sun/security/provider/PolicyFile.class Detection Origin: Local machine Detection Type: Concrete Detection Source: System User: NT AUTHORITY\SYSTEM Process Name: Unknown Action: Quarantine Action Status: No additional actions required Error Code: 0x80070021 Error description: The process cannot access the file because another process has locked a portion of the file. Signature Version: AV: 1.131.96.0, AS: 1.131.96.0, NIS: 11.159.0.0 Engine Version: AM: 1.1.8601.0, NIS: 2.0.8001.0
7/18/2012 11:18:34 AM, Error: Service Control Manager [7023] - The Windows Defender service terminated with the following error: The specified module could not be found.
7/18/2012 11:18:19 AM, Error: Service Control Manager [7000] - The Sentinel64 service failed to start due to the following error: The system cannot find the device specified.
7/18/2012 11:18:08 AM, Error: Microsoft-Windows-Kernel-Processor-Power [35] - Performance power management features on processor 0 in group 0 are disabled due to a firmware problem. Check with the computer manufacturer for updated firmware.
7/18/2012 10:46:15 AM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?lin...Downloader:Win32/Hoicfh.A&threatid=2147645627 Name: TrojanDownloader:Win32/Hoicfh.A ID: 2147645627 Severity: Severe Category: Trojan Downloader Path: containerfile:_C:\Users\Tom\AppData\Local\Temp\IXP000.TMP\compressed.exe;file:_C:\Users\Tom\AppData\Local\Temp\IXP000.TMP\compressed.exe->(UPX) Detection Origin: Local machine Detection Type: Concrete Detection Source: Real-Time Protection User: NT AUTHORITY\SYSTEM Process Name: C:\msr5.exe Action: Quarantine Action Status: No additional actions required Error Code: 0x80070002 Error description: The system cannot find the file specified. Signature Version: AV: 1.131.132.0, AS: 1.131.132.0, NIS: 11.159.0.0 Engine Version: AM: 1.1.8601.0, NIS: 2.0.8001.0
7/17/2012 9:54:54 PM, Error: Service Control Manager [7022] - The Windows Update service hung on starting.
7/17/2012 8:29:15 PM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?lin...Downloader:Win32/Hoicfh.A&threatid=2147645627 Name: TrojanDownloader:Win32/Hoicfh.A ID: 2147645627 Severity: Severe Category: Trojan Downloader Path: containerfile:_C:\Users\Tom\AppData\Local\Temp\IXP000.TMP\compressed.exe;file:_C:\Users\Tom\AppData\Local\Temp\IXP000.TMP\compressed.exe->(UPX) Detection Origin: Local machine Detection Type: Concrete Detection Source: Real-Time Protection User: NT AUTHORITY\SYSTEM Process Name: C:\msr5.exe Action: Quarantine Action Status: No additional actions required Error Code: 0x80070002 Error description: The system cannot find the file specified. Signature Version: AV: 1.131.96.0, AS: 1.131.96.0, NIS: 11.159.0.0 Engine Version: AM: 1.1.8601.0, NIS: 2.0.8001.0
7/17/2012 7:11:24 PM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?lin...Downloader:Win32/Hoicfh.A&threatid=2147645627 Name: TrojanDownloader:Win32/Hoicfh.A ID: 2147645627 Severity: Severe Category: Trojan Downloader Path: containerfile:_C:\Users\Tom\AppData\Local\Temp\IXP000.TMP\compressed.exe;file:_C:\Users\Tom\AppData\Local\Temp\IXP000.TMP\compressed.exe->(UPX) Detection Origin: Local machine Detection Type: Concrete Detection Source: Real-Time Protection User: NT AUTHORITY\SYSTEM Process Name: C:\msr5.exe Action: Quarantine Action Status: No additional actions required Error Code: 0x80070002 Error description: The system cannot find the file specified. Signature Version: AV: 1.131.53.0, AS: 1.131.53.0, NIS: 11.159.0.0 Engine Version: AM: 1.1.8601.0, NIS: 2.0.8001.0
7/17/2012 6:01:44 PM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.
7/17/2012 6:01:37 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}
7/17/2012 6:01:37 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
7/17/2012 6:01:34 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
7/17/2012 6:01:26 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
7/17/2012 6:01:21 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD cbfs3 DfsC discache MpFilter NetBIOS NetBT nsiproxy Psched rdbss spldr sptd tdx vwififlt Wanarpv6 WfpLwf ws2ifsl
7/17/2012 6:01:21 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service TermService with arguments "" in order to run the server: {F9A874B6-F8A8-4D73-B5A8-AB610816828B}
7/17/2012 6:01:20 PM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
7/17/2012 6:01:20 PM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
7/17/2012 6:01:20 PM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.
7/17/2012 6:01:20 PM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
7/17/2012 6:01:20 PM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
7/17/2012 6:01:20 PM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning.
7/17/2012 6:01:20 PM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
7/17/2012 6:01:20 PM, Error: Service Control Manager [7001] - The Network Connections service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
7/17/2012 6:01:20 PM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start.
7/17/2012 6:01:20 PM, Error: Service Control Manager [7001] - The HomeGroup Listener service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
7/17/2012 6:01:20 PM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.
7/17/2012 6:01:20 PM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
7/17/2012 6:01:20 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
7/17/2012 6:00:57 PM, Error: sptd [4] - Driver detected an internal error in its data structures for .
7/17/2012 4:25:54 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the lmhosts service.
7/17/2012 4:25:54 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the hidserv service.
7/17/2012 10:28:29 PM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?lin...:Java/CVE-2012-0507.D!ldr&threatid=2147655409 Name: Exploit:Java/CVE-2012-0507.D!ldr ID: 2147655409 Severity: Severe Category: Exploit Path: containerfile:_C:\Users\Tom\Downloads\FX4.0.zip;file:_C:\Users\Tom\Downloads\FX4.0.zip->LP-FXTSPDEM/dist/3.6.31/nre-config-linux-x86.dist->lib/editions/j2se-headless/rt.jar->sun/security/provider/PolicyFile.class;file:_C:\Users\Tom\Downloads\FX4.0.zip->LP-FXTSPDEM/dist/3.6.31/nre-config-win-x64.dist->lib/editions/j2se-headless/rt.jar->sun/security/provider/PolicyFile.class Detection Origin: Local machine Detection Type: Concrete Detection Source: System User: NT AUTHORITY\SYSTEM Process Name: Unknown Action: Quarantine Action Status: No additional actions required Error Code: 0x80070021 Error description: The process cannot access the file because another process has locked a portion of the file. Signature Version: AV: 1.131.96.0, AS: 1.131.96.0, NIS: 11.159.0.0 Engine Version: AM: 1.1.8601.0, NIS: 2.0.8001.0
7/17/2012 10:12:32 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the wlidsvc service.
7/17/2012 10:12:32 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.
7/16/2012 9:56:30 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Windows Defender - KB915597 (Definition 1.129.1589.0).
7/16/2012 9:00:51 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.129.1723.0 Update Source: Microsoft Update Server Update Stage: Install Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8502.0 Error code: 0x8024001e Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
7/16/2012 6:55:29 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Error Reporting Service service to connect.
7/16/2012 6:53:53 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service.
7/16/2012 10:14:09 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Wlansvc service.
7/14/2012 9:39:46 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the RasMan service.
7/13/2012 3:31:06 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the SQL Server (MSSQLSERVER) service to connect.
7/13/2012 3:31:06 PM, Error: Service Control Manager [7000] - The SQL Server (MSSQLSERVER) service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
7/13/2012 12:49:47 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service gupdate with arguments "/comsvc" in order to run the server: {4EB61BAC-A3B6-4760-9581-655041EF4D69}
7/13/2012 12:49:45 AM, Error: Service Control Manager [7000] - The Google Update Service (gupdate) service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
7/13/2012 12:49:43 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Google Update Service (gupdate) service to connect.
7/13/2012 12:45:04 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the LanmanServer service.
7/11/2012 10:43:16 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the dsNcService service.
.
==== End Of File ===========================

 

[Jay Pfoutz]

Hello, and welcome to TechSpot.

Please see here for the board rules and other FAQ.

Please feel free to introduce yourself, after you follow the steps below to get started.

Information

• From this point on, please do not make any more changes to your computer; such as install/uninstall programs, use special fix tools, delete files, edit the registry, etc. - unless advised by a malware removal helper.
• Please do not ask for help elsewhere (in this site or other sites). Doing so can result in system changes, which may not show up in the logs you post.
• If you have already asked for help somewhere, please post the link to the topic you were helped.
• We try our best to reply quickly, but for any reason we do not reply in two days, please reply to this topic with the word BUMP!
• Lastly, keep in mind that we are volunteers, so you do not have to pay for malware removal. Persist in this topic until its close, and your computer is declared clean.

Please download OTL to your Desktop. (If you already have it downloaded, then just follow the instructions below).

• Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
• Under the Custom Scan box paste this in
  
  msconfig
  safebootminimal
  activex
  drivers32
  netsvcs
  CreateRestorePoint
  %AppData%\Roaming\Mozilla\Firefox\Profiles\*.default\extensions\ /s /md5
  %AppData%\Local\
  %systemroot%\system32\sysprep
  *.xpi /md5
  %systemroot%\Downloaded Program Files\
  HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
  hklm\software\clients\startmenuinternet|command /rs
  hklm\software\clients\startmenuinternet|command /64 /rs
  %systemroot%\system32\drivers\*.sys /lockedfiles
  %systemroot%\system32\drivers\*.sys /90
  %systemroot%\System32\config\*.sav
  %SYSTEMDRIVE%\*.exe /md5
  "%WinDir%\$NtUninstallKB*$." /30
  %systemdrive%\Program Files\Common Files\ComObjects\*.* /s
  %systemroot%\*. /mp /s
  %systemroot%\*. /rp /s
  %systemroot%\system32\*.dll /lockedfiles
  %systemroot%\Tasks\*.job /lockedfiles
  %USERPROFILE%\AppData\Local\Google\Chrome\User Data\*.* /s
  %USERPROFILE%\AppData\Local\ /s
  %systemroot%\Installer\ /s
  %systemroot%\system32\Cache\ /s
  %systemroot%\system32\config\systemprofile\Application Data /s
  %PROGRAMFILES%\*.
  %appdata%\*.*
  /md5start
  volsnap.sys
  services.exe
  userinit.exe
  afd.sys
  tcpip.sys
  netbt.sys
  ipsec.sys
  dnsrslvr.dll
  ipnathlp.dll
  netman.dll
  WMIsvc.dll
  srsvc.dll
  sr.sys
  wscsvc.dll
  wuauserv.dll
  qmgr.dll
  es.dll
  cryptsvc.dll
  svchost.exe
  rpcss.dll
  tdx.sys
  wininit.exe
  winlogon.exe
  atapi.sys
  explorer.exe
  /md5stop
• Click the Run Scanbutton. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) and paste (Edit->Paste) the contents of these files, one at a time

Note: in the event that OTL fails to run, please use alternate download links to try again:

http://oldtimer.geekstogo.com/OTL.com
http://oldtimer.geekstogo.com/OTL.scr

 

[Tom Clindaniel]

Good afternoon GragonMasterJay... and thanks so much for your help... it is appreciated !! Name is Tom, and my logs are below but I had to break them up over several replies due to their size...

*******OTL LOG***********
OTL logfile created on: 7/18/2012 4:26:39 PM - Run 1
OTL by OldTimer - Version 3.2.54.0 Folder = C:\Users\Tom\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.96 Gb Total Physical Memory | 1.15 Gb Available Physical Memory | 58.60% Memory free
4.89 Gb Paging File | 3.28 Gb Available in Paging File | 67.02% Paging File free
Paging file location(s): C:\pagefile.sys 3004 3004 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 148.95 Gb Total Space | 87.32 Gb Free Space | 58.63% Space Free | Partition Type: NTFS
Drive J: | 500.00 Gb Total Space | 500.00 Gb Free Space | 100.00% Space Free | Partition Type: FAT32
Drive K: | 500.00 Gb Total Space | 500.00 Gb Free Space | 100.00% Space Free | Partition Type: FAT32
Drive L: | 500.00 Gb Total Space | 500.00 Gb Free Space | 100.00% Space Free | Partition Type: FAT32

Computer Name: TOM-LAPTOP | User Name: Tom | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/07/18 16:24:15 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Tom\Desktop\OTL.exe
PRC - [2012/07/18 07:20:02 | 000,054,784 | -H-- | M] () -- C:\Windows\SysWOW64\{71.74.95.131}\4d8d0f4
PRC - [2012/02/23 12:30:40 | 000,059,240 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
PRC - [2011/06/06 13:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2010/11/20 08:17:55 | 000,257,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
PRC - [2010/03/23 13:19:32 | 001,528,616 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
PRC - [2010/02/18 20:22:04 | 000,615,792 | ---- | M] (Juniper Networks) -- C:\Program Files (x86)\Juniper Networks\Common Files\dsNcService.exe
PRC - [2008/06/11 22:43:26 | 000,640,376 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe


========== Modules (No Company Name) ==========

MOD - [2012/07/18 07:20:02 | 000,054,784 | -H-- | M] () -- C:\Windows\SysWOW64\{71.74.95.131}\4d8d0f4
MOD - [2011/06/24 22:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/06/24 22:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2012/03/26 18:49:56 | 000,291,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2012/03/26 18:49:56 | 000,012,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2011/05/17 16:19:52 | 009,769,800 | ---- | M] (Jungle Disk, Inc.) [Auto | Running] -- C:\Program Files\Jungle Disk Workgroup\JungleDiskWorkgroup.exe -- (JungleDiskWorkgroupService)
SRV:64bit: - [2010/11/20 09:24:49 | 000,015,872 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\inetsrv\inetinfo.exe -- (IISADMIN)
SRV:64bit: - [2007/11/28 15:51:42 | 001,039,872 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysNative\lxdncoms.exe -- (lxdn_device)
SRV - [2012/07/12 08:27:51 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2011/06/06 13:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/03/23 14:17:55 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010/11/20 08:19:20 | 000,397,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (WAS)
SRV - [2010/11/20 08:19:20 | 000,397,824 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (W3SVC)
SRV - [2010/11/20 08:18:03 | 000,061,440 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll -- (AppHostSvc)
SRV - [2010/03/23 13:19:32 | 001,528,616 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe -- (CVPND)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/02/18 20:22:04 | 000,615,792 | ---- | M] (Juniper Networks) [Auto | Running] -- C:\Program Files (x86)\Juniper Networks\Common Files\dsNcService.exe -- (dsNcService)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys -- (esgiguard)
DRV:64bit: - [2012/03/20 20:44:12 | 000,098,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/02/15 11:01:50 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2010/11/30 11:03:06 | 000,321,424 | ---- | M] (EldoS Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\cbfs3.sys -- (cbfs3)
DRV:64bit: - [2010/11/20 09:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 09:32:47 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 09:32:46 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2010/11/20 07:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 05:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010/09/22 19:18:52 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2010/07/28 21:10:42 | 010,610,400 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2010/07/21 16:59:28 | 000,045,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\point64.sys -- (Point64)
DRV:64bit: - [2010/03/23 13:29:46 | 000,304,784 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CVPNDRVA.sys -- (CVPNDRVA)
DRV:64bit: - [2010/03/10 18:23:48 | 000,300,592 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService)
DRV:64bit: - [2010/02/18 20:07:58 | 000,032,768 | ---- | M] (Juniper Networks) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dsNcAdpt.sys -- (dsNcAdpt)
DRV:64bit: - [2010/02/08 08:32:00 | 000,014,992 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CVirtA64.sys -- (CVirtA)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 20:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2009/07/13 20:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009/07/08 00:45:50 | 002,769,400 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2009/06/25 17:04:20 | 000,067,584 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rimmpx64.sys -- (rimmptsk)
DRV:64bit: - [2009/06/10 17:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
DRV:64bit: - [2009/06/10 17:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:64bit: - [2009/06/10 17:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2008/11/16 18:39:44 | 000,157,968 | ---- | M] (Deterministic Networks, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dne64x.sys -- (DNE)
DRV:64bit: - [2008/07/11 07:05:00 | 000,145,448 | ---- | M] (SafeNet, Inc.) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\sentinel64.sys -- (Sentinel64)
DRV:64bit: - [2008/07/11 07:05:00 | 000,058,664 | ---- | M] (SafeNet, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SNTUSB64.SYS -- (SNTUSB64)
DRV:64bit: - [2008/05/20 18:33:36 | 000,028,416 | ---- | M] (Research In Motion Limited) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys -- (RimUsb)
DRV:64bit: - [2008/05/06 17:06:00 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={sea...putEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={sea...putEncoding}&oe={outputEncoding}&sourceid=ie7

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.cnn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = F0 23 19 52 A7 5A CB 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={sea...={outputEncoding}&sourceid=ie7&rlz=1I7ADFA_en
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.0: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.4.0: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0: C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@nsroblox.roblox.com/launcher: C:\Program Files (x86)\Roblox\Versions\version-87d7b36a1a2e43ec\\NPRobloxProxy.dll ()
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Tom\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Tom\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Tom\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Tom\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Tom\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)



========== Chrome ==========

CHR - homepage: http://www.google.com
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{googleriginalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms},
CHR - homepage: http://www.google.com
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\20.0.1132.57\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\20.0.1132.57\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\20.0.1132.57\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Tom\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Screen Capture Plugin (Enabled) = C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\5.0.4_0\plugin/screen_capture.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Google Talk Plugin (Enabled) = C:\Users\Tom\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Users\Tom\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
CHR - plugin: RIM Handheld Application Loader (Enabled) = C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Bing Bar (Enabled) = C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\npwinext.dll
CHR - plugin: Java(TM) Platform SE 7 U4 (Enabled) = C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 7.0.40.255 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - plugin: Roblox Launcher Plugin (Enabled) = C:\Program Files (x86)\Roblox\Versions\version-87d7b36a1a2e43ec\\NPRobloxProxy.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Unity Player (Enabled) = C:\Users\Tom\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll
CHR - Extension: YouTube = C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Adblock Plus (Beta) = C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.2_0\
CHR - Extension: Google Search = C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Screen Capture (by Google) = C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\5.0.4_0\
CHR - Extension: Springpad = C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkmopoamfjnmppabeaphohombnjcjgla\6_0\
CHR - Extension: Daily Stats for Google Analytics\u2122 = C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbijjbopjcchmieelnldoceohfdbnjkk\0.3.2_0\
CHR - Extension: Google Mail Checker = C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\3.2_0\
CHR - Extension: Springpad Extension = C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0\
CHR - Extension: Gmail = C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012/05/04 09:43:50 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (Virtual Storage Mount Notification) - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysNative\CbFsMntNtf3.dll (EldoS Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Virtual Storage Mount Notification) - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll (EldoS Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IntelliPoint] c:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [Intuit SyncManager] C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe (Intuit Inc. All rights reserved.)
O4 - HKCU..\Run: [4d8d0ec] C:\Windows\Sun\Java\bin\javaw.exe (Oracle Corporation)
O4 - HKCU..\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe (Apple Inc.)
O4 - HKCU..\Run: [null-4d8d0ec] C:\Windows\Sun\Java\bin\javaw.exe (Oracle Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe (PokerStars)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_04-windows-i586.cab (Java Plug-in 10.5.1)
O16 - DPF: {983A9C21-8207-4B58-BBB8-0EBC3D7C5505} https://my-remote.johnsoncontrols.com/https/jwimkns9.na.jci.com/dwa8W.cab (Domino Web Access 8 Control)
O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 10.5.1)
O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://my.ohiohealth.com/dana-cached/sc/JuniperSetupClient.cab (JuniperSetupClientControl Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F3792406-77F2-4AA7-BC9A-7273B3D1CF73}: DhcpNameServer = 10.0.0.1
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysNative\CbFsMntNtf3.dll (EldoS Corporation)
O21 - SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll (EldoS Corporation)
O22:64bit: - SharedTaskScheduler: {5FF49FE8-B332-4CB9-B102-FB6951629E55} - Virtual Storage Mount Notification - C:\Windows\SysNative\CbFsMntNtf3.dll (EldoS Corporation)
O22 - SharedTaskScheduler: {5FF49FE8-B332-4CB9-B102-FB6951629E55} - Virtual Storage Mount Notification - C:\Windows\SysWOW64\CbFsMntNtf3.dll (EldoS Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)


SafeBootMin:64bit: Base - Driver Group
SafeBootMin:64bit: Boot Bus Extender - Driver Group
SafeBootMin:64bit: Boot file system - Driver Group
SafeBootMin:64bit: File system - Driver Group
SafeBootMin:64bit: Filter - Driver Group
SafeBootMin:64bit: HelpSvc - Service
SafeBootMin:64bit: MsMpSvc - c:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
SafeBootMin:64bit: PCI Configuration - Driver Group
SafeBootMin:64bit: PNP Filter - Driver Group
SafeBootMin:64bit: Primary disk - Driver Group
SafeBootMin:64bit: sacsvr - Service
SafeBootMin:64bit: SCSI Class - Driver Group
SafeBootMin:64bit: System Bus Extender - Driver Group
SafeBootMin:64bit: vmms - Service
SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /I:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /I:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /I:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /I:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)

*********continued**********

 

[Tom Clindaniel]

*****OTL continued********
CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2012/07/18 16:24:18 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Users\Tom\Desktop\OTL.exe
[2012/07/18 12:20:05 | 000,607,260 | R--- | C] (Swearware) -- C:\Users\Tom\Desktop\dds.scr
[2012/07/18 12:19:41 | 000,607,260 | ---- | C] (Swearware) -- C:\Users\Tom\dds.scr
[2012/07/18 08:15:30 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group
[2012/07/18 08:13:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
[2012/07/17 21:46:52 | 000,000,000 | ---D | C] -- C:\Users\Tom\AppData\Local\Temp
[2012/07/17 21:46:15 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2012/07/17 21:10:27 | 000,000,000 | ---D | C] -- C:\Users\Tom\AppData\Local\LogMeIn Rescue Applet
[2012/07/17 20:40:37 | 000,000,000 | ---D | C] -- C:\Users\Tom\AppData\Roaming\SpeedyPC Software
[2012/07/17 20:40:37 | 000,000,000 | ---D | C] -- C:\Users\Tom\AppData\Roaming\DriverCure
[2012/07/17 20:40:09 | 000,000,000 | ---D | C] -- C:\ProgramData\SpeedyPC Software
[2012/07/17 19:59:00 | 000,000,000 | ---D | C] -- C:\Users\Tom\AppData\Roaming\Mozilla
[2012/07/16 09:36:12 | 000,735,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012/07/16 09:36:07 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012/07/16 09:36:06 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012/07/16 09:36:02 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012/07/16 09:36:01 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012/07/16 09:35:56 | 000,134,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012/07/16 09:35:56 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012/07/16 09:35:23 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll
[2012/07/16 09:35:23 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll
[2012/07/16 09:35:16 | 005,559,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2012/07/16 09:35:13 | 003,913,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2012/07/16 09:35:12 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2012/07/16 09:35:01 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2012/07/16 09:32:18 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll
[2012/07/16 09:32:18 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll
[2012/07/16 09:32:18 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdrmemptylst.exe
[2012/07/16 09:32:02 | 001,462,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2012/07/16 09:32:00 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2012/07/16 09:20:15 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cdosys.dll
[2012/07/16 09:20:12 | 001,133,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdosys.dll
[2012/07/16 07:14:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Oracle
[2012/07/16 07:13:56 | 000,227,760 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2012/07/16 07:13:20 | 000,174,064 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2012/07/16 07:13:20 | 000,174,064 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2012/07/15 10:00:31 | 000,054,784 | ---- | C] (Secured Solutions, LLC) -- C:\Windows\SysNative\lsassr.exe
[2012/07/12 08:26:50 | 009,226,440 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe
[2012/07/04 15:06:41 | 000,000,000 | -H-D | C] -- C:\Windows\SysWow64\{71.74.95.131}
[2012/06/19 06:12:15 | 002,622,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2012/06/19 06:12:15 | 000,057,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2012/06/19 06:12:15 | 000,044,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2012/06/19 06:11:57 | 000,701,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2012/06/19 06:11:57 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2012/06/19 06:11:57 | 000,038,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2012/06/19 06:11:19 | 000,186,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2012/06/19 06:11:19 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/07/18 16:33:05 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/07/18 16:24:15 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Tom\Desktop\OTL.exe
[2012/07/18 16:09:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/07/18 15:50:00 | 000,000,900 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1582047655-2410839964-2795636096-1001UA.job
[2012/07/18 15:00:05 | 000,000,290 | ---- | M] () -- C:\Windows\tasks\Web Studio 5.0 Updates.job
[2012/07/18 13:34:58 | 000,000,000 | ---- | M] () -- C:\msr5.exe
[2012/07/18 12:17:59 | 000,607,260 | R--- | M] (Swearware) -- C:\Users\Tom\Desktop\dds.scr
[2012/07/18 12:17:59 | 000,607,260 | ---- | M] (Swearware) -- C:\Users\Tom\dds.scr
[2012/07/18 11:26:05 | 000,014,336 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/07/18 11:26:05 | 000,014,336 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/07/18 11:23:07 | 000,956,514 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/07/18 11:23:07 | 000,788,232 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/07/18 11:23:07 | 000,166,464 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/07/18 11:19:18 | 000,000,888 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/07/18 11:18:15 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/07/18 11:18:02 | 1575,354,368 | -HS- | M] () -- C:\hiberfil.sys
[2012/07/18 11:10:35 | 000,302,592 | ---- | M] () -- C:\Users\Tom\Desktop\tikbv54r.exe
[2012/07/17 21:53:24 | 000,054,784 | ---- | M] (Secured Solutions, LLC) -- C:\Windows\SysNative\lsassr.exe
[2012/07/17 18:32:01 | 000,001,151 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/07/17 16:50:04 | 000,000,848 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1582047655-2410839964-2795636096-1001Core.job
[2012/07/17 06:39:34 | 000,001,175 | ---- | M] () -- C:\Users\Tom\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Outlook.lnk
[2012/07/16 11:03:37 | 000,417,456 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/07/12 16:45:01 | 000,002,382 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2012/07/12 08:27:47 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012/07/12 08:27:47 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012/07/12 08:26:52 | 009,226,440 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe
[2012/07/05 22:06:48 | 000,227,760 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2012/07/05 22:06:30 | 000,772,544 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll
[2012/07/05 22:06:20 | 000,687,544 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll
[2012/07/04 15:06:33 | 000,009,520 | -H-- | M] () -- C:\Windows\SysWow64\vaultcps.dll
[2012/07/03 13:46:44 | 000,024,904 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012/06/27 01:43:17 | 000,174,064 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2012/06/27 01:43:11 | 000,174,064 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/07/18 11:22:10 | 000,000,000 | ---- | C] () -- C:\msr5.exe
[2012/07/18 11:10:46 | 000,302,592 | ---- | C] () -- C:\Users\Tom\Desktop\tikbv54r.exe
[2012/06/10 17:30:33 | 000,009,520 | -H-- | C] () -- C:\Windows\SysWow64\vaultcps.dll
[2012/01/04 08:51:23 | 000,196,648 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2011/12/22 13:30:31 | 000,000,121 | ---- | C] () -- C:\Windows\ODBC.INI
[2011/12/22 13:29:05 | 000,015,033 | ---- | C] () -- C:\Users\Tom\AppData\Roaming\CCTInstallLog.htm
[2011/12/22 10:25:17 | 000,023,826 | ---- | C] () -- C:\Users\Tom\AppData\Roaming\SCTInstallLog.htm
[2011/09/07 07:28:12 | 000,970,476 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010/11/10 18:48:09 | 000,037,839 | ---- | C] () -- C:\Users\Tom\AppData\Roaming\Comma Separated Values (Windows).ADR
[2010/10/10 17:25:36 | 000,000,090 | ---- | C] () -- C:\Windows\QBChanUtil_Trigger.ini
[2010/09/25 09:31:39 | 000,098,136 | ---- | C] () -- C:\Windows\gzip.exe
[2010/07/28 21:08:46 | 000,439,308 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng500.bin
[2010/07/28 21:08:44 | 000,092,356 | ---- | C] () -- C:\Windows\SysWow64\igfcg500m.bin
[2010/07/28 21:08:42 | 000,982,240 | ---- | C] () -- C:\Windows\SysWow64\igkrng500.bin
[2010/07/28 20:14:38 | 000,208,896 | ---- | C] () -- C:\Windows\SysWow64\iglhsip32.dll
[2010/07/28 20:14:38 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\iglhcp32.dll

========== Custom Scans ==========

< %AppData%\Roaming\Mozilla\Firefox\Profiles\*.default\extensions\ /s /md5 >

< %AppData%\Local\ >

< %systemroot%\system32\sysprep >

< *.xpi /md5 >

< %systemroot%\Downloaded Program Files\ >

< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile >
"DisableNotifications" = 0
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\Logging]

< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: firefox.exe
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: firefox.exe
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --show-icons [2012/07/10 00:09:02 | 001,250,328 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --hide-icons [2012/07/10 00:09:02 | 001,250,328 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --make-default-browser [2012/07/10 00:09:02 | 001,250,328 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" [2012/07/10 00:09:02 | 001,250,328 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\System32\ie4uinit.exe" -show [2010/11/20 08:17:13 | 000,176,128 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\System32\ie4uinit.exe" -reinstall [2010/11/20 08:17:13 | 000,176,128 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\System32\ie4uinit.exe" -hide [2010/11/20 08:17:13 | 000,176,128 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -extoff [2010/11/20 08:22:51 | 000,673,040 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: iexplore.exe
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ReinstallCommand: "C:\Program Files (x86)\Safari\Safari.exe" /reinstall [2012/04/25 10:36:36 | 002,388,336 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\HideIconsCommand: "C:\Program Files (x86)\Safari\Safari.exe" /hideicons [2012/04/25 10:36:36 | 002,388,336 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ShowIconsCommand: "C:\Program Files (x86)\Safari\Safari.exe" /showicons [2012/04/25 10:36:36 | 002,388,336 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\shell\open\command\\: "C:\Program Files (x86)\Safari\Safari.exe" [2012/04/25 10:36:36 | 002,388,336 | ---- | M] (Apple Inc.)

< hklm\software\clients\startmenuinternet|command /64 /rs >
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: FIREFOX.EXE
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: FIREFOX.EXE
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --SHOW-ICONS [2012/07/10 00:09:02 | 001,250,328 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --HIDE-ICONS [2012/07/10 00:09:02 | 001,250,328 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --MAKE-DEFAULT-BROWSER [2012/07/10 00:09:02 | 001,250,328 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" [2012/07/10 00:09:02 | 001,250,328 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -SHOW [2009/07/13 21:39:12 | 000,073,728 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -REINSTALL [2009/07/13 21:39:12 | 000,073,728 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -HIDE [2009/07/13 21:39:12 | 000,073,728 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE" -EXTOFF [2010/11/20 08:22:51 | 000,673,040 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: IEXPLORE.EXE
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ReinstallCommand: "C:\PROGRAM FILES (X86)\SAFARI\SAFARI.EXE" /REINSTALL [2012/04/25 10:36:36 | 002,388,336 | ---- | M] (Apple Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\HideIconsCommand: "C:\PROGRAM FILES (X86)\SAFARI\SAFARI.EXE" /HIDEICONS [2012/04/25 10:36:36 | 002,388,336 | ---- | M] (Apple Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ShowIconsCommand: "C:\PROGRAM FILES (X86)\SAFARI\SAFARI.EXE" /SHOWICONS [2012/04/25 10:36:36 | 002,388,336 | ---- | M] (Apple Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\shell\open\command\\: "C:\PROGRAM FILES (X86)\SAFARI\SAFARI.EXE" [2012/04/25 10:36:36 | 002,388,336 | ---- | M] (Apple Inc.)

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\system32\drivers\*.sys /90 >

< %systemroot%\System32\config\*.sav >

< %SYSTEMDRIVE%\*.exe /md5 >
[2012/07/18 13:34:58 | 000,000,000 | ---- | M] () MD5=D41D8CD98F00B204E9800998ECF8427E -- C:\msr5.exe

< "%WinDir%\$NtUninstallKB*$." /30 >

< %systemdrive%\Program Files\Common Files\ComObjects\*.* /s >

< %systemroot%\*. /mp /s >

< %systemroot%\*. /rp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %USERPROFILE%\AppData\Local\Google\Chrome\User Data\*.* /s >
[2011/03/29 17:43:17 | 000,001,764 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\.ChromotingConfig.json
[2012/07/18 07:16:41 | 000,230,332 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Certificate Revocation Lists
[2012/07/18 16:26:36 | 000,000,005 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\chrome_shutdown_ms.txt
[2011/07/28 17:23:08 | 000,000,053 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Custom Dictionary.txt
[2012/01/16 18:10:39 | 000,000,000 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\First Run
[2012/07/18 16:26:35 | 000,012,785 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Local State
[2012/07/18 16:26:06 | 006,201,844 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Safe Browsing Bloom
[2012/07/18 16:26:08 | 002,329,481 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Safe Browsing Bloom Filter 2
[2012/05/21 16:38:18 | 000,006,144 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Safe Browsing Cookies
[2012/05/21 16:38:18 | 000,001,544 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Safe Browsing Cookies-journal
[2012/07/18 16:26:08 | 000,134,356 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Safe Browsing Csd Whitelist
[2012/07/18 16:26:05 | 005,250,496 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Safe Browsing Download
[2012/07/18 16:26:08 | 000,016,132 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Safe Browsing Download Whitelist
[2011/11/30 08:41:05 | 000,000,055 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Service State
[2012/07/17 21:50:17 | 000,057,344 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Archived History
[2012/07/17 21:50:18 | 000,000,512 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Archived History-journal
[2012/07/18 08:48:59 | 000,028,581 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Bookmarks
[2012/07/18 08:48:59 | 000,028,581 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Bookmarks.bak
[2012/07/18 16:26:10 | 000,064,512 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cookies
[2012/07/18 16:26:10 | 000,016,384 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cookies-journal
[2012/07/18 16:26:35 | 000,103,458 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Current Session
[2012/07/18 16:26:35 | 000,031,594 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Current Tabs
[2012/07/05 08:40:50 | 000,003,608 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extension Cookies-journal
[2012/07/18 16:24:05 | 000,299,008 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Favicons
[2012/07/18 16:24:05 | 000,016,384 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Favicons-journal
[2012/03/31 18:03:54 | 000,150,798 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Google Profile.ico
[2012/07/18 16:26:35 | 000,217,088 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\History
[2012/07/17 21:50:50 | 000,036,864 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\History Index 2012-05
[2012/07/17 21:50:51 | 000,036,864 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\History Index 2012-06
[2012/07/18 16:25:51 | 001,101,824 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\History Index 2012-07
[2012/07/18 16:25:51 | 000,016,384 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\History Index 2012-07-journal
[2012/07/18 16:26:35 | 000,077,683 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\History Provider Cache
[2012/07/18 16:26:35 | 000,016,384 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\History-journal
[2012/07/18 15:53:44 | 000,139,973 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Last Session
[2012/07/18 15:53:44 | 000,071,270 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Last Tabs
[2012/07/18 16:23:46 | 000,071,680 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Login Data
[2012/07/18 16:23:46 | 000,014,904 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Login Data-journal
[2012/07/18 15:43:14 | 000,358,400 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Network Action Predictor
[2012/07/18 15:43:14 | 000,016,384 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Network Action Predictor-journal
[2012/07/07 09:34:29 | 000,005,120 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Origin Bound Certs
[2012/07/07 09:34:29 | 000,001,544 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Origin Bound Certs-journal
[2012/07/18 16:26:36 | 000,108,701 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Preferences
[2012/07/18 16:24:16 | 000,013,312 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\QuotaManager
[2012/07/18 16:24:16 | 000,006,704 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\QuotaManager-journal
[2012/05/21 16:39:08 | 000,000,180 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\README
[2012/07/18 14:44:45 | 000,020,480 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Shortcuts
[2012/07/18 14:44:45 | 000,016,384 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Shortcuts-journal
[2012/07/18 16:23:55 | 000,204,800 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Top Sites
[2012/07/18 16:23:55 | 000,016,384 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Top Sites-journal
[2012/07/18 08:56:39 | 000,000,280 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\TransportSecurity
[2012/07/18 16:26:36 | 000,131,072 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Visited Links
[2012/07/18 16:23:46 | 001,177,600 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Web Data
[2012/07/18 16:23:46 | 000,016,384 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal
[2012/03/31 18:03:52 | 000,171,008 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Application Cache\Index
[2012/02/04 07:43:56 | 000,081,920 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Application Cache\Cache\data_0
[2012/02/04 07:43:56 | 001,581,056 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Application Cache\Cache\data_1
[2012/02/04 07:43:56 | 001,056,768 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Application Cache\Cache\data_2
[2012/02/04 07:43:56 | 004,202,496 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Application Cache\Cache\data_3
[2011/09/09 09:37:48 | 000,524,656 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Application Cache\Cache\index
[2012/07/18 16:26:36 | 000,192,512 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\data_0
[2012/07/18 16:26:36 | 003,416,064 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\data_1
[2012/07/18 16:26:36 | 009,445,376 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\data_2
[2012/07/18 16:26:36 | 016,785,408 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\data_3
[2012/07/17 21:50:29 | 000,017,003 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000001
[2012/07/17 21:50:29 | 000,042,844 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000002
[2012/07/17 21:50:31 | 000,017,973 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000003
[2012/07/17 21:50:34 | 000,194,012 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000004
[2012/07/17 21:51:00 | 000,059,554 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000005
[2012/07/17 21:51:00 | 000,394,238 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000006
[2012/07/17 21:51:01 | 000,059,469 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000007
[2012/07/17 21:51:08 | 000,059,469 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000008
[2012/07/17 21:51:11 | 000,028,014 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000009
[2012/07/17 21:51:12 | 000,036,510 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00000a
[2012/07/17 21:51:16 | 000,017,152 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00000b
[2012/07/17 21:51:17 | 000,036,582 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00000c
[2012/07/17 21:51:18 | 000,039,852 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00000d
[2012/07/17 21:51:18 | 000,077,029 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00000e
[2012/07/17 21:51:20 | 000,025,032 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00000f
[2012/07/17 21:51:20 | 000,072,567 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000010
[2012/07/17 21:51:21 | 000,157,446 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000011
[2012/07/17 21:51:22 | 000,049,291 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000012
[2012/07/17 21:51:27 | 000,017,002 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000013
[2012/07/17 21:51:27 | 000,042,859 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000014
[2012/07/17 21:51:38 | 000,027,319 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000015
[2012/07/17 21:51:38 | 000,026,205 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000016
[2012/07/17 21:51:39 | 000,028,586 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000017
[2012/07/17 21:51:39 | 000,033,622 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000018
[2012/07/17 21:51:40 | 000,019,118 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000019
[2012/07/17 21:51:40 | 000,028,487 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00001a
[2012/07/17 21:51:40 | 000,026,851 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00001b
[2012/07/17 21:51:40 | 000,045,614 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00001c
[2012/07/17 21:51:44 | 000,030,605 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00001d
[2012/07/17 21:51:44 | 000,048,796 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00001e
[2012/07/17 21:51:44 | 000,048,211 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00001f
[2012/07/17 21:51:45 | 000,058,417 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000020
[2012/07/17 21:51:46 | 000,074,917 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000021
[2012/07/17 21:51:47 | 000,096,879 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000022
[2012/07/17 21:51:48 | 000,194,012 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000023
[2012/07/17 21:51:51 | 000,028,923 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000024
[2012/07/17 21:51:53 | 000,033,073 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000025
[2012/07/17 21:51:53 | 000,068,866 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000026
[2012/07/17 21:51:55 | 000,043,259 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000027
[2012/07/17 21:52:00 | 000,037,500 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000028
[2012/07/17 21:52:22 | 000,023,678 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000029
[2012/07/17 21:52:22 | 000,025,821 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00002a
[2012/07/17 21:52:22 | 000,187,174 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00002b
[2012/07/17 21:52:23 | 000,094,132 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00002c
[2012/07/17 21:52:25 | 000,051,893 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00002d
[2012/07/17 21:52:25 | 000,018,462 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00002e
[2012/07/17 21:52:30 | 000,039,781 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000030
[2012/07/17 21:52:30 | 000,032,103 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000031
[2012/07/17 21:52:31 | 000,018,147 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000032
[2012/07/17 21:52:32 | 000,050,262 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000033
[2012/07/17 21:52:32 | 000,042,427 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000034
[2012/07/17 21:52:33 | 000,038,539 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000035
[2012/07/17 21:52:34 | 000,055,382 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000036
[2012/07/17 21:52:36 | 000,068,279 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000037
[2012/07/17 21:52:37 | 000,025,792 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000038
[2012/07/17 21:52:37 | 000,037,736 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000039
[2012/07/17 21:52:37 | 000,019,179 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00003a
[2012/07/17 21:52:38 | 000,053,938 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00003b
[2012/07/17 21:52:38 | 000,105,299 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00003c
[2012/07/17 21:52:39 | 000,068,002 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00003d
[2012/07/17 21:52:40 | 000,047,888 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00003e
[2012/07/17 21:52:41 | 000,543,119 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00003f
[2012/07/17 21:52:44 | 000,208,470 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000040
[2012/07/17 21:52:51 | 000,159,742 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000041
[2012/07/17 21:52:53 | 000,021,457 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000042
[2012/07/17 21:52:58 | 000,030,588 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000043
[2012/07/17 21:53:00 | 000,071,484 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000044
[2012/07/17 21:53:33 | 000,048,690 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000045
[2012/07/17 21:53:33 | 000,049,937 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000046
[2012/07/18 07:10:41 | 000,044,020 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000048
[2012/07/18 07:10:41 | 000,031,819 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000049
[2012/07/18 07:10:41 | 000,147,920 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00004a
[2012/07/18 07:10:44 | 000,062,796 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00004b
[2012/07/18 07:10:46 | 000,032,032 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00004c
[2012/07/18 07:10:46 | 000,017,973 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00004d
[2012/07/18 07:10:59 | 000,032,493 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00004e
[2012/07/18 07:10:59 | 000,018,255 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00004f
[2012/07/18 07:10:59 | 000,033,695 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000050
[2012/07/18 07:10:59 | 000,028,477 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000051
[2012/07/18 07:10:59 | 000,025,724 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000052
[2012/07/18 07:11:05 | 000,062,441 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000053
[2012/07/18 07:11:13 | 000,019,932 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000054
[2012/07/18 07:11:14 | 000,039,169 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000055
[2012/07/18 07:11:16 | 000,055,391 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000056
[2012/07/18 07:11:47 | 000,017,812 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000057
[2012/07/18 07:11:47 | 000,035,001 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000058
[2012/07/18 07:11:49 | 000,023,987 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000059
[2012/07/18 07:11:49 | 000,019,406 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00005a
[2012/07/18 07:11:50 | 000,029,355 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00005b
[2012/07/18 07:11:50 | 000,021,140 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00005c
[2012/07/18 07:11:50 | 000,024,571 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00005d
[2012/07/18 07:11:50 | 000,060,198 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00005e
[2012/07/18 07:11:50 | 000,030,665 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00005f
[2012/07/18 07:11:50 | 000,032,245 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000060
[2012/07/18 07:11:50 | 000,028,489 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000061
[2012/07/18 07:11:50 | 000,037,187 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000062
[2012/07/18 07:11:51 | 000,031,619 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000063
[2012/07/18 07:11:51 | 000,028,008 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000064
[2012/07/18 07:11:51 | 000,030,565 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000065
[2012/07/18 07:11:51 | 000,033,469 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000066
[2012/07/18 07:11:51 | 000,039,583 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000067
[2012/07/18 07:11:53 | 000,033,355 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000068
[2012/07/18 07:11:58 | 000,077,119 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000069
[2012/07/18 07:12:07 | 000,025,123 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00006a
[2012/07/18 07:12:26 | 000,029,240 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00006b
[2012/07/18 07:12:26 | 000,052,273 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00006c
[2012/07/18 07:12:26 | 000,064,478 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00006d
[2012/07/18 07:12:27 | 000,026,380 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00006e
[2012/07/18 07:12:27 | 000,032,391 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00006f
[2012/07/18 07:12:27 | 000,084,188 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000070
[2012/07/18 07:12:27 | 000,040,159 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000071
[2012/07/18 07:12:27 | 000,034,601 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000072
[2012/07/18 07:13:24 | 000,023,535 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000073
[2012/07/18 07:13:42 | 000,071,394 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000074
[2012/07/18 07:14:18 | 000,025,483 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000075
[2012/07/18 07:14:19 | 000,023,085 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000076
[2012/07/18 07:14:19 | 000,036,065 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000077
[2012/07/18 07:14:19 | 000,036,690 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000078
[2012/07/18 07:14:19 | 000,027,583 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000079
[2012/07/18 07:14:19 | 000,032,240 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00007a
[2012/07/18 07:14:19 | 000,038,008 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00007b
[2012/07/18 07:14:19 | 000,040,554 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00007c
[2012/07/18 07:14:51 | 000,020,606 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00007d
[2012/07/18 07:14:51 | 000,022,262 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00007e
[2012/07/18 07:14:52 | 000,030,955 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00007f
[2012/07/18 07:14:52 | 000,041,406 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000080
[2012/07/18 07:16:00 | 000,093,317 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000081
[2012/07/18 07:16:13 | 000,047,378 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000084
[2012/07/18 07:16:14 | 000,017,966 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000086
[2012/07/18 07:16:14 | 000,019,692 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000087
[2012/07/18 07:16:14 | 000,016,496 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000088
[2012/07/18 07:16:15 | 000,019,847 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00008a

*****continued************

 

[Tom Clindaniel]

*******OTL continued*******
[2012/07/18 07:16:15 | 000,061,534 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00008c
[2012/07/18 07:16:15 | 000,066,982 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00008d
[2012/07/18 07:16:15 | 000,034,611 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00008e
[2012/07/18 07:16:16 | 000,065,832 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00008f
[2012/07/18 07:16:17 | 000,274,947 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000090
[2012/07/18 07:16:17 | 000,019,500 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000091
[2012/07/18 07:16:23 | 000,016,740 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000095
[2012/07/18 07:16:24 | 000,018,062 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000096
[2012/07/18 07:16:24 | 000,016,880 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000097
[2012/07/18 07:16:24 | 000,087,258 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000098
[2012/07/18 07:16:37 | 000,086,949 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000099
[2012/07/18 07:16:52 | 000,024,605 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00009a
[2012/07/18 07:16:53 | 000,032,128 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00009b
[2012/07/18 07:16:53 | 000,021,459 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00009c
[2012/07/18 07:16:54 | 000,037,594 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00009d
[2012/07/18 07:16:54 | 000,021,250 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00009e
[2012/07/18 07:17:09 | 000,032,081 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00009f
[2012/07/18 07:17:11 | 000,278,456 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000a0
[2012/07/18 07:17:14 | 000,019,793 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000a1
[2012/07/18 07:17:23 | 000,068,874 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000a2
[2012/07/18 07:18:22 | 000,096,882 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000a3
[2012/07/18 07:18:24 | 000,027,362 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000a5
[2012/07/18 07:18:24 | 000,016,927 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000a6
[2012/07/18 07:19:31 | 000,016,729 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000a7
[2012/07/18 07:19:31 | 000,031,465 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000a8
[2012/07/18 07:19:31 | 000,035,812 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000a9
[2012/07/18 07:19:55 | 000,017,161 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000aa
[2012/07/18 07:22:53 | 000,113,409 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000ab
[2012/07/18 07:22:55 | 000,229,698 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000ac
[2012/07/18 07:31:17 | 000,041,763 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000ad
[2012/07/18 07:31:18 | 000,039,458 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000ae
[2012/07/18 07:31:22 | 000,018,578 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000af
[2012/07/18 07:32:23 | 000,069,416 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000b0
[2012/07/18 07:32:25 | 000,041,554 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000b1
[2012/07/18 07:32:25 | 000,057,117 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000b2
[2012/07/18 07:32:26 | 000,016,392 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000b3
[2012/07/18 07:32:39 | 000,032,077 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000b4
[2012/07/18 07:32:39 | 000,020,741 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000b5
[2012/07/18 07:32:40 | 000,023,764 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000b6
[2012/07/18 07:32:48 | 000,030,416 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000b7
[2012/07/18 07:32:48 | 000,024,753 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000b8
[2012/07/18 07:32:49 | 000,028,889 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000b9
[2012/07/18 07:33:28 | 000,017,753 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000ba
[2012/07/18 07:33:28 | 000,035,425 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000bb
[2012/07/18 08:24:13 | 000,018,114 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000bc
[2012/07/18 08:24:48 | 000,063,111 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000bd
[2012/07/18 08:24:49 | 000,050,877 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000be
[2012/07/18 08:24:51 | 000,078,770 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000bf
[2012/07/18 08:24:51 | 000,017,829 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000c0
[2012/07/18 08:24:55 | 000,030,944 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000c1
[2012/07/18 08:24:55 | 000,102,386 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000c2
[2012/07/18 08:24:55 | 000,027,769 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000c3
[2012/07/18 08:25:01 | 000,036,510 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000c4
[2012/07/18 08:25:09 | 000,093,317 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000c5
[2012/07/18 08:25:15 | 000,164,991 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000c6
[2012/07/18 08:25:26 | 000,039,967 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000c7
[2012/07/18 08:31:45 | 000,021,600 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000c8
[2012/07/18 08:34:40 | 000,270,079 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000c9
[2012/07/18 08:34:45 | 000,055,253 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000ca
[2012/07/18 08:34:50 | 001,781,747 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000cb
[2012/07/18 08:34:55 | 001,781,760 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000cc
[2012/07/18 08:35:00 | 001,781,760 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000cd
[2012/07/18 08:35:06 | 001,781,760 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000ce
[2012/07/18 08:35:30 | 001,742,363 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000cf
[2012/07/18 08:35:37 | 000,020,638 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000d0
[2012/07/18 08:35:37 | 000,095,421 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000d1
[2012/07/18 08:36:19 | 000,023,144 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000d2
[2012/07/18 08:37:25 | 000,145,305 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000d4
[2012/07/18 08:37:25 | 000,019,973 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000d5
[2012/07/18 08:37:26 | 000,033,980 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000d6
[2012/07/18 08:37:26 | 000,023,335 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000d7
[2012/07/18 08:37:27 | 000,037,340 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000d8
[2012/07/18 08:37:27 | 000,041,515 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000d9
[2012/07/18 08:37:27 | 000,035,140 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000da
[2012/07/18 08:37:27 | 000,022,656 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000db
[2012/07/18 08:37:27 | 000,021,956 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000dc
[2012/07/18 08:37:28 | 000,022,604 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000dd
[2012/07/18 08:37:28 | 000,022,748 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000de
[2012/07/18 08:37:31 | 000,047,839 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000df
[2012/07/18 08:37:31 | 000,028,693 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000e0
[2012/07/18 08:37:32 | 000,160,356 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000e1
[2012/07/18 08:38:01 | 000,019,562 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000e2
[2012/07/18 08:38:08 | 000,033,673 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000e3
[2012/07/18 08:38:08 | 000,023,691 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000e4
[2012/07/18 08:38:10 | 000,048,309 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000e5
[2012/07/18 08:38:10 | 000,029,947 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000e6
[2012/07/18 08:38:11 | 000,021,552 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000e7
[2012/07/18 08:38:12 | 000,023,526 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000e8
[2012/07/18 08:38:12 | 000,018,666 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000e9
[2012/07/18 08:51:06 | 000,021,503 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000ed
[2012/07/18 08:56:29 | 000,028,951 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000ee
[2012/07/18 09:26:22 | 000,026,354 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000ef
[2012/07/18 09:26:22 | 000,054,970 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000f0
[2012/07/18 09:26:59 | 000,093,317 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000f1
[2012/07/18 10:12:09 | 000,019,317 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000f3
[2012/07/18 10:12:12 | 000,029,221 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000f4
[2012/07/18 10:12:12 | 000,033,575 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000f5
[2012/07/18 10:12:18 | 000,039,855 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000f6
[2012/07/18 10:12:18 | 000,030,945 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000f7
[2012/07/18 10:12:23 | 000,036,510 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000f8
[2012/07/18 10:18:36 | 000,029,050 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000fa
[2012/07/18 10:28:40 | 000,070,079 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000fb
[2012/07/18 10:30:08 | 000,040,821 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000fc
[2012/07/18 10:30:10 | 000,045,268 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000fd
[2012/07/18 10:31:07 | 000,093,317 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000fe
[2012/07/18 10:31:22 | 000,090,679 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000ff
[2012/07/18 10:31:36 | 000,055,983 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000100
[2012/07/18 10:33:44 | 000,064,053 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000101
[2012/07/18 10:33:45 | 000,030,434 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000102
[2012/07/18 10:33:45 | 000,033,226 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000103
[2012/07/18 10:33:45 | 000,017,094 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000104
[2012/07/18 10:33:48 | 000,028,412 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000105
[2012/07/18 10:33:48 | 000,020,934 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000106
[2012/07/18 10:33:59 | 000,035,388 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000107
[2012/07/18 10:34:44 | 000,037,681 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000108
[2012/07/18 11:06:18 | 000,028,010 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00010c
[2012/07/18 11:06:58 | 000,028,566 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00010d
[2012/07/18 13:42:04 | 000,017,205 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000110
[2012/07/18 13:42:46 | 000,019,823 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000113
[2012/07/18 13:43:26 | 000,024,224 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000115
[2012/07/18 13:43:29 | 000,072,890 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000116
[2012/07/18 13:43:29 | 000,019,324 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000117
[2012/07/18 13:50:25 | 000,019,036 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00011a
[2012/07/18 13:50:26 | 000,031,512 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00011b
[2012/07/18 13:50:27 | 000,041,784 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00011c
[2012/07/18 13:50:28 | 000,029,394 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00011d
[2012/07/18 13:50:28 | 000,024,209 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00011e
[2012/07/18 13:50:36 | 000,028,851 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00011f
[2012/07/18 13:50:36 | 000,038,490 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000120
[2012/07/18 13:50:36 | 000,032,478 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000121
[2012/07/18 13:50:37 | 000,021,463 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000122
[2012/07/18 13:51:07 | 000,016,449 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000123
[2012/07/18 13:52:33 | 000,022,860 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000125
[2012/07/18 13:53:34 | 000,020,341 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000126
[2012/07/18 13:53:34 | 000,017,358 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000127
[2012/07/18 13:53:34 | 000,019,783 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000128
[2012/07/18 13:53:34 | 000,019,489 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000129
[2012/07/18 13:53:34 | 000,018,837 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00012a
[2012/07/18 13:54:03 | 000,070,774 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00012b
[2012/07/18 13:54:04 | 000,032,161 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00012c
[2012/07/18 13:54:07 | 000,031,867 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00012d
[2012/07/18 13:54:07 | 000,033,012 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00012e
[2012/07/18 13:55:11 | 000,027,988 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00012f
[2012/07/18 13:55:11 | 000,037,451 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000130
[2012/07/18 13:55:11 | 000,021,547 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000131
[2012/07/18 13:55:12 | 000,063,069 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000132
[2012/07/18 13:55:12 | 000,070,182 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000133
[2012/07/18 13:55:12 | 000,054,875 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000134
[2012/07/18 13:55:13 | 000,071,748 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000135
[2012/07/18 13:55:13 | 000,316,359 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000136
[2012/07/18 13:56:45 | 000,032,705 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000138
[2012/07/18 13:56:45 | 000,052,438 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000139
[2012/07/18 13:56:45 | 000,040,789 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00013a
[2012/07/18 13:56:45 | 000,033,665 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00013b
[2012/07/18 13:56:46 | 000,026,357 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00013c
[2012/07/18 13:56:46 | 000,027,986 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00013d
[2012/07/18 13:56:52 | 000,093,317 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00013e
[2012/07/18 13:59:05 | 000,044,297 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00013f
[2012/07/18 14:00:02 | 000,022,092 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000141
[2012/07/18 14:00:49 | 000,022,504 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000142
[2012/07/18 14:00:50 | 000,021,270 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000143
[2012/07/18 14:00:57 | 000,018,901 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000144
[2012/07/18 14:01:51 | 000,125,479 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000145
[2012/07/18 14:01:51 | 000,299,957 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000146
[2012/07/18 14:01:53 | 000,021,956 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000147
[2012/07/18 14:01:54 | 000,058,540 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000148
[2012/07/18 14:01:54 | 000,045,683 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000149
[2012/07/18 14:01:55 | 000,042,330 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00014a
[2012/07/18 14:01:55 | 000,086,049 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00014b
[2012/07/18 14:01:55 | 000,087,661 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00014c
[2012/07/18 14:01:56 | 000,072,500 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00014d
[2012/07/18 14:01:57 | 000,061,830 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00014e
[2012/07/18 14:01:57 | 000,044,677 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00014f
[2012/07/18 14:01:57 | 000,069,828 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000150
[2012/07/18 14:01:57 | 000,061,246 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000151
[2012/07/18 14:01:57 | 000,021,245 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000152
[2012/07/18 14:01:59 | 000,081,857 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000153
[2012/07/18 14:02:00 | 000,022,173 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000154
[2012/07/18 14:02:00 | 000,030,092 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000155
[2012/07/18 14:02:00 | 000,017,242 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000156
[2012/07/18 14:02:00 | 000,022,794 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000157
[2012/07/18 14:02:00 | 000,019,804 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000158
[2012/07/18 14:02:01 | 000,019,127 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000159
[2012/07/18 14:02:01 | 000,023,530 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00015a
[2012/07/18 14:02:01 | 000,051,157 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00015b
[2012/07/18 14:02:01 | 000,035,307 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00015c
[2012/07/18 14:02:01 | 000,024,092 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00015d
[2012/07/18 14:02:01 | 000,017,723 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00015e
[2012/07/18 14:02:01 | 000,024,326 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00015f
[2012/07/18 14:02:01 | 000,017,616 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000160
[2012/07/18 14:02:01 | 000,019,912 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000161
[2012/07/18 14:02:01 | 000,044,000 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000162
[2012/07/18 14:02:01 | 000,073,881 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000163
[2012/07/18 14:04:26 | 000,018,612 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000164
[2012/07/18 14:05:11 | 000,031,873 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000165
[2012/07/18 14:05:11 | 000,067,736 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000166
[2012/07/18 14:05:12 | 000,096,158 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000167
[2012/07/18 14:05:12 | 000,033,977 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000168
[2012/07/18 14:05:12 | 000,018,575 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000169
[2012/07/18 14:05:53 | 000,096,158 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00016b
[2012/07/18 14:06:21 | 000,018,575 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00016c
[2012/07/18 14:06:22 | 000,067,736 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00016d
[2012/07/18 14:07:41 | 000,028,527 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00016e
[2012/07/18 14:07:42 | 000,026,814 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00016f
[2012/07/18 14:07:42 | 000,027,489 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000170
[2012/07/18 14:07:42 | 000,031,192 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000171
[2012/07/18 14:07:50 | 000,029,535 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000172
[2012/07/18 14:10:18 | 000,049,426 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000173
[2012/07/18 14:10:24 | 000,025,071 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000174
[2012/07/18 14:10:37 | 000,043,804 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000175
[2012/07/18 14:10:42 | 000,020,656 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000176
[2012/07/18 14:13:37 | 000,016,791 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00017f
[2012/07/18 14:14:11 | 000,016,414 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000180
[2012/07/18 14:14:12 | 000,017,855 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000181
[2012/07/18 14:14:13 | 000,017,934 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000182
[2012/07/18 14:14:14 | 000,016,893 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000183
[2012/07/18 14:26:06 | 000,030,944 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000184
[2012/07/18 14:26:17 | 000,016,622 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000185
[2012/07/18 14:41:43 | 000,042,855 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000186
[2012/07/18 14:41:44 | 000,036,314 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000187
[2012/07/18 14:44:47 | 000,058,969 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000188
[2012/07/18 14:44:57 | 000,034,184 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000189
[2012/07/18 14:44:57 | 000,020,794 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00018a
[2012/07/18 14:44:58 | 000,017,549 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00018b
[2012/07/18 14:44:58 | 000,029,064 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00018c
[2012/07/18 14:44:58 | 000,076,312 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00018d
[2012/07/18 14:45:06 | 000,094,105 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00018e
[2012/07/18 14:45:15 | 000,027,227 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00018f
[2012/07/18 14:45:16 | 000,016,929 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000190
[2012/07/18 15:43:17 | 000,044,020 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000192
[2012/07/18 15:43:21 | 000,031,308 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000193
[2012/07/18 15:43:21 | 000,067,750 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000194
[2012/07/18 15:44:24 | 000,042,738 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000195
[2012/07/18 15:48:35 | 000,032,032 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00019c
[2012/07/18 15:48:36 | 000,277,929 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00019d
*******continued*******

 

[Tom Clindaniel]

***********OTL continued***********
[2012/07/18 15:48:36 | 000,019,793 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00019e
[2012/07/18 15:52:17 | 000,042,744 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00019f
[2012/07/18 15:52:17 | 000,029,261 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001a0
[2012/07/18 15:52:18 | 000,026,956 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001a1
[2012/07/18 15:52:19 | 000,018,600 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001a2
[2012/07/18 15:52:20 | 000,020,808 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001a3
[2012/07/18 15:52:20 | 000,031,565 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001a4
[2012/07/18 15:52:23 | 000,050,404 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001a5
[2012/07/18 15:52:49 | 000,016,855 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001a6
[2012/07/18 15:52:51 | 000,017,127 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001a7
[2012/07/18 15:52:56 | 000,019,021 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001a8
[2012/07/18 15:52:58 | 000,017,270 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001a9
[2012/07/18 15:52:59 | 000,019,709 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001aa
[2012/07/18 15:53:01 | 000,016,994 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001ab
[2012/07/18 15:53:02 | 000,019,021 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001ac
[2012/07/18 15:53:03 | 000,019,762 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001ad
[2012/07/18 15:53:04 | 000,017,748 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001ae
[2012/07/18 15:53:23 | 000,050,404 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001af
[2012/07/18 15:53:29 | 000,017,840 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001b0
[2012/07/18 16:23:42 | 000,026,013 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001b1
[2012/07/18 16:25:40 | 000,027,437 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001b2
[2012/07/17 21:50:16 | 000,524,656 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\index
[2012/07/17 21:05:45 | 000,009,216 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\databases\Databases.db
[2012/07/17 21:05:45 | 000,005,672 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\databases\Databases.db-journal
[2011/11/29 07:22:44 | 000,004,096 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\databases\http_twitter.com_0\8
[2011/07/19 06:54:52 | 000,004,096 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\databases\http_www.cnn.com_0\1
[2011/11/29 07:36:03 | 000,007,168 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\databases\http_www.manta.com_0\9
[2011/09/08 08:04:01 | 000,006,144 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\databases\http_www.siemens.com_0\4
[2011/09/09 16:42:49 | 000,004,096 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\databases\http_www.specialtyrvsales.com_0\6
[2011/11/02 07:16:13 | 000,004,096 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\databases\https_docs.google.com_0\2
[2012/01/18 17:30:03 | 002,785,280 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\databases\https_mail.google.com_0\3
[2012/07/17 21:05:50 | 000,005,120 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\databases\https_safecart.com_0\13
[2012/07/18 15:43:27 | 000,024,576 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\databases\https_www.google.com_0\7
[2012/02/24 13:55:15 | 000,003,524 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\128.png
[2012/02/24 13:55:15 | 000,000,745 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\manifest.json
[2012/02/24 13:55:15 | 000,000,401 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\ar\messages.json
[2012/02/24 13:55:15 | 000,000,427 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\bg\messages.json
[2012/02/24 13:55:15 | 000,000,250 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\ca\messages.json
[2012/02/24 13:55:15 | 000,000,255 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\cs\messages.json
[2012/02/24 13:55:15 | 000,000,242 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\da\messages.json
[2012/02/24 13:55:15 | 000,000,226 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\de\messages.json
[2012/02/24 13:55:15 | 000,000,475 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\el\messages.json
[2012/02/24 13:55:15 | 000,000,227 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\en\messages.json
[2012/02/24 13:55:15 | 000,000,240 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\es\messages.json
[2012/02/24 13:55:15 | 000,000,222 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\fi\messages.json
[2012/02/24 13:55:15 | 000,000,236 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\fil\messages.json
[2012/02/24 13:55:15 | 000,000,249 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\fr\messages.json
[2012/02/24 13:55:15 | 000,000,419 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\he\messages.json
[2012/02/24 13:55:15 | 000,000,408 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\hi\messages.json
[2012/02/24 13:55:15 | 000,000,220 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\hr\messages.json
[2012/02/24 13:55:15 | 000,000,253 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\hu\messages.json
[2012/02/24 13:55:15 | 000,000,231 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\id\messages.json
[2012/02/24 13:55:15 | 000,000,224 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\it\messages.json
[2012/02/24 13:55:15 | 000,000,349 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\ja\messages.json
[2012/02/24 13:55:15 | 000,000,323 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\ko\messages.json
[2012/02/24 13:55:15 | 000,000,266 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\lt\messages.json
[2012/02/24 13:55:15 | 000,000,245 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\lv\messages.json
[2012/02/24 13:55:15 | 000,000,225 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\nl\messages.json
[2012/02/24 13:55:15 | 000,000,216 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\no\messages.json
[2012/02/24 13:55:15 | 000,000,274 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\pl\messages.json
[2012/02/24 13:55:15 | 000,000,237 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\pt_BR\messages.json
[2012/02/24 13:55:15 | 000,000,236 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\pt_PT\messages.json
[2012/02/24 13:55:15 | 000,000,248 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\ro\messages.json
[2012/02/24 13:55:15 | 000,000,394 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\ru\messages.json
[2012/02/24 13:55:15 | 000,000,241 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\sk\messages.json
[2012/02/24 13:55:15 | 000,000,245 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\sl\messages.json
[2012/02/24 13:55:15 | 000,000,437 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\sr\messages.json
[2012/02/24 13:55:15 | 000,000,238 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\sv\messages.json
[2012/02/24 13:55:15 | 000,000,365 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\th\messages.json
[2012/02/24 13:55:15 | 000,000,255 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\tr\messages.json
[2012/02/24 13:55:15 | 000,000,442 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\uk\messages.json
[2012/02/24 13:55:15 | 000,000,310 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\vi\messages.json
[2012/02/24 13:55:15 | 000,000,257 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\zh_CN\messages.json
[2012/02/24 13:55:15 | 000,000,269 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\zh_TW\messages.json
[2012/03/01 07:40:45 | 000,019,260 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.2_0\background.html
[2012/03/01 07:40:45 | 000,003,402 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.2_0\block.html
[2012/03/01 07:40:46 | 000,002,745 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.2_0\contentScript1.js
[2012/03/01 07:40:46 | 000,047,027 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.2_0\contentScript2.js
[2012/03/01 07:40:46 | 000,022,215 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.2_0\contentScript3.js
[2012/03/01 07:40:45 | 000,001,509 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.2_0\i18n.js
[2012/03/01 07:40:47 | 000,001,564 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.2_0\manifest.json
[2012/03/01 07:40:46 | 000,023,846 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.2_0\options.html
[2012/03/01 07:40:46 | 000,004,714 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.2_0\popup.html
[2012/03/01 07:40:46 | 000,003,648 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.2_0\subscriptions.xml
[2012/03/01 07:40:46 | 000,003,907 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.2_0\webrequest.js
[2012/03/01 07:40:47 | 000,010,788 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.2_0\_locales\ar\messages.json
[2012/03/01 07:40:47 | 000,003,839 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.2_0\_locales\bg\messages.json
[2012/03/01 07:40:47 | 000,001,637 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.2_0\_locales\ca\messages.json
[2012/03/01 07:40:47 | 000,002,044 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.2_0\_locales\cs\messages.json
[2012/03/01 07:40:47 | 000,001,731 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.2_0\_locales\da\messages.json
[2012/03/01 07:40:47 | 000,006,439 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.2_0\_locales\de\messages.json
[2012/03/01 07:40:47 | 000,003,729 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.2_0\_locales\el\messages.json
[2012/03/01 07:40:47 | 000,005,755 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.2_0\_locales\en\messages.json
[2012/03/01 07:40:47 | 000,001,714 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.2_0\_locales\en_GB\messages.json
[2012/03/01 07:40:47 | 000,006,424 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.2_0\_locales\es\messages.json
[2012/03/01 07:40:47 | 000,001,889 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.2_0\_locales\es_419\messages.json
[2012/03/01 07:40:47 | 000,001,709 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.2_0\_locales\et\messages.json
[2012/03/01 07:40:47 | 000,006,154 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.2_0\_locales\fi\messages.json
[2012/03/01 07:40:47 | 000,006,322 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.2_0\_locales\fr\messages.json
[2012/03/01 07:40:47 | 000,010,444 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.2_0\_locales\he\messages.json
[2012/03/01 07:40:47 | 000,001,407 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.2_0\_locales\hr\messages.json
[2012/03/01 07:40:47 | 000,006,535 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.2_0\_locales\hu\messages.json
[2012/03/01 07:40:47 | 000,006,361 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.2_0\_locales\it\messages.json
[2012/03/01 07:40:47 | 000,002,377 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.2_0\_locales\ja\messages.json
[2012/03/01 07:40:47 | 000,007,922 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.2_0\_locales\ko\messages.json
[2012/03/01 07:40:47 | 000,001,882 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.2_0\_locales\lt\messages.json
[2012/03/01 07:40:47 | 000,006,251 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.2_0\_locales\lv\messages.json
[2012/03/01 07:40:47 | 000,001,765 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.2_0\_locales\nl\messages.json
[2012/03/01 07:40:47 | 000,006,051 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.2_0\_locales\pl\messages.json
[2012/03/01 07:40:47 | 000,006,773 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.2_0\_locales\pt_BR\messages.json
[2012/03/01 07:40:47 | 000,001,871 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.2_0\_locales\pt_PT\messages.json
[2012/03/01 07:40:47 | 000,001,821 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.2_0\_locales\ro\messages.json
[2012/03/01 07:40:47 | 000,012,825 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.2_0\_locales\ru\messages.json
[2012/03/01 07:40:47 | 000,001,871 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.2_0\_locales\sk\messages.json
[2012/03/01 07:40:47 | 000,001,436 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.2_0\_locales\sl\messages.json
[2012/03/01 07:40:47 | 000,003,498 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.2_0\_locales\sr\messages.json
[2012/03/01 07:40:47 | 000,006,124 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.2_0\_locales\sv\messages.json
[2012/03/01 07:40:47 | 000,003,704 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.2_0\_locales\th\messages.json
[2012/03/01 07:40:47 | 000,001,921 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.2_0\_locales\tr\messages.json
[2012/03/01 07:40:47 | 000,003,657 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.2_0\_locales\uk\messages.json
[2012/03/01 07:40:47 | 000,007,573 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.2_0\_locales\vi\messages.json
[2012/03/01 07:40:47 | 000,006,931 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.2_0\_locales\zh_CN\messages.json
[2012/03/01 07:40:47 | 000,006,929 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.2_0\_locales\zh_TW\messages.json
[2012/03/01 07:40:47 | 000,015,615 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.2_0\icons\abp-128.png
[2012/03/01 07:40:47 | 000,000,834 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.2_0\icons\abp-16.png
[2012/03/01 07:40:46 | 000,000,562 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.2_0\icons\abp-19-whitelisted.png
[2012/03/01 07:40:46 | 000,000,903 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.2_0\icons\abp-19.png
[2012/03/01 07:40:47 | 000,002,350 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.2_0\icons\abp-32.png
[2012/03/01 07:40:47 | 000,003,639 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.2_0\icons\abp-48.png
[2012/03/01 07:40:46 | 000,022,785 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.2_0\jquery-ui\css\smoothness\jquery-ui-1.8.16.custom.css
[2012/03/01 07:40:46 | 000,000,180 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.2_0\jquery-ui\css\smoothness\images\ui-bg_flat_0_aaaaaa_40x100.png
[2012/03/01 07:40:46 | 000,000,178 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.2_0\jquery-ui\css\smoothness\images\ui-bg_flat_75_ffffff_40x100.png
[2012/03/01 07:40:46 | 000,000,120 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.2_0\jquery-ui\css\smoothness\images\ui-bg_glass_55_fbf9ee_1x400.png
[2012/03/01 07:40:46 | 000,000,105 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.2_0\jquery-ui\css\smoothness\images\ui-bg_glass_65_ffffff_1x400.png
[2012/03/01 07:40:46 | 000,000,111 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.2_0\jquery-ui\css\smoothness\images\ui-bg_glass_75_dadada_1x400.png
[2012/03/01 07:40:46 | 000,000,110 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.2_0\jquery-ui\css\smoothness\images\ui-bg_glass_75_e6e6e6_1x400.png
[2012/03/01 07:40:46 | 000,000,119 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.2_0\jquery-ui\css\smoothness\images\ui-bg_glass_95_fef1ec_1x400.png
[2012/03/01 07:40:46 | 000,000,101 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.2_0\jquery-ui\css\smoothness\images\ui-bg_highlight-soft_75_cccccc_1x100.png
[2012/03/01 07:40:46 | 000,004,369 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.2_0\jquery-ui\css\smoothness\images\ui-icons_222222_256x240.png
[2012/03/01 07:40:46 | 000,004,369 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.2_0\jquery-ui\css\smoothness\images\ui-icons_2e83ff_256x240.png
[2012/03/01 07:40:46 | 000,004,369 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.2_0\jquery-ui\css\smoothness\images\ui-icons_454545_256x240.png
[2012/03/01 07:40:46 | 000,004,369 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.2_0\jquery-ui\css\smoothness\images\ui-icons_888888_256x240.png
[2012/03/01 07:40:46 | 000,004,369 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.2_0\jquery-ui\css\smoothness\images\ui-icons_cd0a0a_256x240.png
[2012/03/01 07:40:46 | 000,093,868 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.2_0\jquery-ui\js\jquery-1.7.1.min.js
[2012/03/01 07:40:46 | 000,030,148 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.2_0\jquery-ui\js\jquery-ui-1.8.16.custom.min.js
[2012/03/01 07:40:46 | 000,002,766 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.2_0\lib\basedomain.js
[2012/03/01 07:40:46 | 000,092,476 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.2_0\lib\publicSuffixList.js
[2012/03/01 07:40:46 | 000,013,945 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.2_0\lib\punycode.js
[2012/03/01 07:40:46 | 000,009,452 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.2_0\modules\ElemHide.jsm
[2012/03/01 07:40:46 | 000,015,245 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.2_0\modules\FilterClasses.jsm
[2012/03/01 07:40:46 | 000,009,734 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.2_0\modules\FilterListener.jsm
[2012/03/01 07:40:46 | 000,001,135 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.2_0\modules\FilterNotifier.jsm
[2012/03/01 07:40:46 | 000,019,487 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.2_0\modules\FilterStorage.jsm
[2012/03/01 07:40:46 | 000,011,569 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.2_0\modules\Matcher.jsm
[2012/03/01 07:40:46 | 000,012,847 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.2_0\modules\patches.js
[2012/03/01 07:40:46 | 000,010,876 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.2_0\modules\SubscriptionClasses.jsm
[2012/03/01 07:40:46 | 000,016,917 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.2_0\modules\Synchronizer.jsm
[2012/04/01 13:04:56 | 000,005,369 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\128.png
[2012/04/01 13:04:56 | 000,000,496 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\16.png
[2012/04/01 13:04:56 | 000,001,143 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\32.png
[2012/04/01 13:04:56 | 000,001,858 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\48.png
[2012/04/01 13:04:56 | 000,000,790 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\manifest.json
[2012/04/01 13:04:56 | 000,000,423 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\ar\messages.json
[2012/04/01 13:04:56 | 000,000,515 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\bg\messages.json
[2012/04/01 13:04:56 | 000,000,330 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\ca\messages.json
[2012/04/01 13:04:56 | 000,000,355 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\cs\messages.json
[2012/04/01 13:04:56 | 000,000,328 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\da\messages.json
[2012/04/01 13:04:56 | 000,000,307 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\de\messages.json
[2012/04/01 13:04:56 | 000,000,569 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\el\messages.json
[2012/04/01 13:04:56 | 000,000,314 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\en\messages.json
[2012/04/01 13:04:56 | 000,000,314 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\en_GB\messages.json
[2012/04/01 13:04:56 | 000,000,314 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\en_US\messages.json
[2012/04/01 13:04:56 | 000,000,340 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\es\messages.json
[2012/04/01 13:04:56 | 000,000,341 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\es_419\messages.json
[2012/04/01 13:04:56 | 000,000,314 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\et\messages.json
[2012/04/01 13:04:56 | 000,000,305 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\fi\messages.json
[2012/04/01 13:04:56 | 000,000,337 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\fil\messages.json
[2012/04/01 13:04:56 | 000,000,329 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\fr\messages.json
[2012/04/01 13:04:56 | 000,000,471 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\he\messages.json
[2012/04/01 13:04:56 | 000,000,326 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\hi\messages.json
[2012/04/01 13:04:56 | 000,000,340 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\hr\messages.json
[2012/04/01 13:04:56 | 000,000,336 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\hu\messages.json
[2012/04/01 13:04:56 | 000,000,319 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\id\messages.json
[2012/04/01 13:04:56 | 000,000,324 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\it\messages.json
[2012/04/01 13:04:56 | 000,000,388 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\ja\messages.json
[2012/04/01 13:04:56 | 000,000,380 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\ko\messages.json
[2012/04/01 13:04:56 | 000,000,359 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\lt\messages.json
[2012/04/01 13:04:56 | 000,000,360 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\lv\messages.json
[2012/04/01 13:04:56 | 000,000,323 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\nl\messages.json
[2012/04/01 13:04:56 | 000,000,300 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\no\messages.json
[2012/04/01 13:04:56 | 000,000,336 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\pl\messages.json
[2012/04/01 13:04:56 | 000,000,332 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\pt_BR\messages.json
[2012/04/01 13:04:56 | 000,000,331 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\pt_PT\messages.json
[2012/04/01 13:04:56 | 000,000,332 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\ro\messages.json
[2012/04/01 13:04:56 | 000,000,471 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\ru\messages.json
[2012/04/01 13:04:56 | 000,000,338 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\sk\messages.json
[2012/04/01 13:04:56 | 000,000,329 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\sl\messages.json
[2012/04/01 13:04:56 | 000,000,483 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\sr\messages.json
[2012/04/01 13:04:56 | 000,000,333 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\sv\messages.json
[2012/04/01 13:04:56 | 000,000,472 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\th\messages.json
[2012/04/01 13:04:56 | 000,000,330 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\tr\messages.json
[2012/04/01 13:04:56 | 000,000,501 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\uk\messages.json
[2012/04/01 13:04:56 | 000,000,363 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\vi\messages.json
[2012/04/01 13:04:56 | 000,000,346 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\zh_CN\messages.json
[2012/04/01 13:04:56 | 000,000,346 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\zh_TW\messages.json
[2012/03/01 07:40:50 | 000,001,883 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\5.0.4_0\account.js
[2012/03/01 07:40:50 | 000,006,769 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\5.0.4_0\ajax.js
[2012/03/01 07:40:49 | 000,012,761 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\5.0.4_0\background.html
[2012/03/01 07:40:50 | 000,007,688 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\5.0.4_0\editor.js
[2012/03/01 07:40:49 | 000,004,174 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\5.0.4_0\facebook.js
[2012/03/01 07:40:50 | 000,001,613 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\5.0.4_0\hotkey_storage.js
[2012/03/01 07:40:49 | 000,000,311 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\5.0.4_0\hub.html
[2012/03/01 07:40:50 | 000,007,660 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\5.0.4_0\imgur.js
[2012/03/01 07:40:49 | 000,000,426 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\5.0.4_0\isLoad.js
[2012/03/01 07:40:50 | 000,001,535 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\5.0.4_0\manifest.json
[2012/03/01 07:40:49 | 000,001,416 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\5.0.4_0\notification.html
[2012/03/01 07:40:49 | 000,021,332 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\5.0.4_0\oauth.js
[2012/03/01 07:40:50 | 000,013,832 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\5.0.4_0\options.html
[2012/03/01 07:40:49 | 000,031,181 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\5.0.4_0\page.js
[2012/03/01 07:40:49 | 000,010,754 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\5.0.4_0\page_context.js

**********continued********

 

[Tom Clindaniel]

******OTL continued********
[2012/03/01 07:40:50 | 000,007,899 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\5.0.4_0\picasa.js
[2012/03/01 07:40:50 | 000,010,714 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\5.0.4_0\popup.html
[2012/03/01 07:40:50 | 000,005,752 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\5.0.4_0\sha1.js
[2012/03/01 07:40:49 | 000,001,006 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\5.0.4_0\shortcut.js
[2012/03/01 07:40:50 | 000,010,872 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\5.0.4_0\showimage.css
[2012/03/01 07:40:49 | 000,042,373 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\5.0.4_0\showimage.html
[2012/03/01 07:40:50 | 000,007,611 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\5.0.4_0\sina_microblog.js
[2012/03/01 07:40:49 | 000,001,927 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\5.0.4_0\site.js
[2012/03/01 07:40:49 | 000,002,806 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\5.0.4_0\style.css
[2012/03/01 07:40:49 | 000,002,165 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\5.0.4_0\ui.js
[2012/03/01 07:40:49 | 000,015,440 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\5.0.4_0\upload_ui.js
[2012/03/01 07:40:50 | 000,003,215 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\5.0.4_0\_locales\de\messages.json
[2012/03/01 07:40:50 | 000,006,985 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\5.0.4_0\_locales\en\messages.json
[2012/03/01 07:40:50 | 000,003,601 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\5.0.4_0\_locales\fr\messages.json
[2012/03/01 07:40:50 | 000,003,369 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\5.0.4_0\_locales\pl\messages.json
[2012/03/01 07:40:50 | 000,016,979 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\5.0.4_0\_locales\ru\messages.json
[2012/03/01 07:40:50 | 000,009,097 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\5.0.4_0\_locales\zh_CN\messages.json
[2012/03/01 07:40:49 | 000,000,108 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\5.0.4_0\i18n_styles\en_options.css
[2012/03/01 07:40:49 | 000,000,035 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\5.0.4_0\i18n_styles\en_US_upload_image.css
[2012/03/01 07:40:49 | 000,000,035 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\5.0.4_0\i18n_styles\zh_CN_upload_image.css
[2012/03/01 07:40:50 | 000,000,244 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\5.0.4_0\images\arrow.png
[2012/03/01 07:40:50 | 000,000,423 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\5.0.4_0\images\copy.png
[2012/03/01 07:40:50 | 000,001,547 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\5.0.4_0\images\cross.png
[2012/03/01 07:40:50 | 000,000,285 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\5.0.4_0\images\custom.png
[2012/03/01 07:40:50 | 000,001,387 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\5.0.4_0\images\delete_account_icon.png
[2012/03/01 07:40:50 | 000,001,040 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\5.0.4_0\images\down_arrow.png
[2012/03/01 07:40:50 | 000,002,304 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\5.0.4_0\images\facebook_icon.png
[2012/03/01 07:40:50 | 000,006,650 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\5.0.4_0\images\icon_128.png
[2012/03/01 07:40:50 | 000,000,548 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\5.0.4_0\images\icon_16.png
[2012/03/01 07:40:49 | 000,000,813 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\5.0.4_0\images\icon_19.png
[2012/03/01 07:40:50 | 000,001,223 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\5.0.4_0\images\icon_32.png
[2012/03/01 07:40:50 | 000,001,933 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\5.0.4_0\images\icon_48.png
[2012/03/01 07:40:50 | 000,001,570 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\5.0.4_0\images\icon_close.png
[2012/03/01 07:40:50 | 000,003,025 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\5.0.4_0\images\icon_copy.png
[2012/03/01 07:40:50 | 000,001,358 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\5.0.4_0\images\icon_save.png
[2012/03/01 07:40:50 | 000,003,204 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\5.0.4_0\images\imgur_icon.png
[2012/03/01 07:40:50 | 000,000,232 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\5.0.4_0\images\line.png
[2012/03/01 07:40:49 | 000,002,608 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\5.0.4_0\images\loading.gif
[2012/03/01 07:40:50 | 000,001,879 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\5.0.4_0\images\loading_icon.gif
[2012/03/01 07:40:50 | 000,000,232 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\5.0.4_0\images\mark.png
[2012/03/01 07:40:50 | 000,002,136 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\5.0.4_0\images\picasa_icon.png
[2012/03/01 07:40:50 | 000,002,405 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\5.0.4_0\images\popup_bg.jpg
[2012/03/01 07:40:49 | 000,000,501 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\5.0.4_0\images\print.png
[2012/03/01 07:40:50 | 000,000,283 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\5.0.4_0\images\region.png
[2012/03/01 07:40:50 | 000,000,290 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\5.0.4_0\images\screen.png
[2012/03/01 07:40:50 | 000,002,951 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\5.0.4_0\images\sina_icon.png
[2012/03/01 07:40:50 | 000,000,290 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\5.0.4_0\images\toolbar_bg.png
[2012/03/01 07:40:50 | 000,003,066 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\5.0.4_0\images\upload.png
[2012/03/01 07:40:50 | 000,000,320 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\5.0.4_0\images\whole.png
[2012/03/01 07:40:49 | 000,357,376 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\5.0.4_0\plugin\screen_capture.dll
[2012/03/01 07:40:49 | 000,084,384 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\5.0.4_0\plugin\screen_capture.so
[2012/03/01 07:40:49 | 000,091,215 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\5.0.4_0\plugin\screen_capture_64.so
[2012/03/01 07:40:49 | 000,001,741 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\5.0.4_0\plugin\screen_capture.plugin\Contents\Info.plist
[2012/03/01 07:40:49 | 000,141,028 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\5.0.4_0\plugin\screen_capture.plugin\Contents\MacOS\screen_capture

******continued**********

 

[Tom Clindaniel]

****OTL continued********
[2012/04/13 16:45:44 | 000,008,736 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkmopoamfjnmppabeaphohombnjcjgla\6_0\icon_128.png
[2012/04/13 16:45:44 | 000,000,780 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkmopoamfjnmppabeaphohombnjcjgla\6_0\manifest.json
[2012/03/01 07:40:53 | 000,001,552 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbijjbopjcchmieelnldoceohfdbnjkk\0.3.2_0\background.html
[2012/03/01 07:40:53 | 000,000,707 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbijjbopjcchmieelnldoceohfdbnjkk\0.3.2_0\chrome_ex_oauth.html
[2012/03/01 07:40:53 | 000,022,453 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbijjbopjcchmieelnldoceohfdbnjkk\0.3.2_0\chrome_ex_oauth.js
[2012/03/01 07:40:53 | 000,019,628 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbijjbopjcchmieelnldoceohfdbnjkk\0.3.2_0\chrome_ex_oauthsimple.js
[2012/03/01 07:40:54 | 000,001,135 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbijjbopjcchmieelnldoceohfdbnjkk\0.3.2_0\manifest.json
[2012/03/01 07:40:53 | 000,006,696 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbijjbopjcchmieelnldoceohfdbnjkk\0.3.2_0\options.html
[2012/03/01 07:40:53 | 000,008,207 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbijjbopjcchmieelnldoceohfdbnjkk\0.3.2_0\popup.html
[2012/03/01 07:40:53 | 000,000,781 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbijjbopjcchmieelnldoceohfdbnjkk\0.3.2_0\img\accept.png
[2012/03/01 07:40:53 | 000,000,587 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbijjbopjcchmieelnldoceohfdbnjkk\0.3.2_0\img\cancel.png
[2012/03/01 07:40:54 | 000,003,012 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbijjbopjcchmieelnldoceohfdbnjkk\0.3.2_0\img\icon128.png
[2012/03/01 07:40:54 | 000,000,408 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbijjbopjcchmieelnldoceohfdbnjkk\0.3.2_0\img\icon16.png
[2012/03/01 07:40:54 | 000,000,725 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbijjbopjcchmieelnldoceohfdbnjkk\0.3.2_0\img\icon32.png
[2012/03/01 07:40:53 | 000,001,462 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbijjbopjcchmieelnldoceohfdbnjkk\0.3.2_0\img\icon64.png
[2012/03/01 07:40:53 | 000,000,586 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbijjbopjcchmieelnldoceohfdbnjkk\0.3.2_0\img\icon_off.png
[2012/03/01 07:40:53 | 000,000,524 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbijjbopjcchmieelnldoceohfdbnjkk\0.3.2_0\img\icon_on.png
[2012/03/01 07:40:53 | 000,001,388 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbijjbopjcchmieelnldoceohfdbnjkk\0.3.2_0\img\spinner.gif
[2012/03/01 07:40:51 | 000,007,157 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\3.2_0\background.html
[2012/03/01 07:40:51 | 000,003,482 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\3.2_0\gmail_logged_in.png
[2012/03/01 07:40:51 | 000,003,360 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\3.2_0\gmail_not_logged_in.png
[2012/03/01 07:40:52 | 000,005,455 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\3.2_0\icon_128.png
[2012/03/01 07:40:52 | 000,000,713 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\3.2_0\manifest.json
[2012/03/01 07:40:51 | 000,001,804 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\3.2_0\options.html
[2012/03/01 07:40:52 | 000,001,184 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\3.2_0\_locales\ar\messages.json
[2012/03/01 07:40:52 | 000,001,379 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\3.2_0\_locales\bg\messages.json
[2012/03/01 07:40:52 | 000,000,618 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\3.2_0\_locales\ca\messages.json
[2012/03/01 07:40:52 | 000,000,666 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\3.2_0\_locales\cs\messages.json
[2012/03/01 07:40:52 | 000,000,586 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\3.2_0\_locales\da\messages.json
[2012/03/01 07:40:52 | 000,000,598 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\3.2_0\_locales\de\messages.json
[2012/03/01 07:40:52 | 000,001,543 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\3.2_0\_locales\el\messages.json
[2012/03/01 07:40:52 | 000,000,533 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\3.2_0\_locales\en\messages.json
[2012/03/01 07:40:52 | 000,000,533 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\3.2_0\_locales\en_GB\messages.json
[2012/03/01 07:40:52 | 000,000,647 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\3.2_0\_locales\es\messages.json
[2012/03/01 07:40:52 | 000,000,614 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\3.2_0\_locales\es_419\messages.json
[2012/03/01 07:40:52 | 000,000,565 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\3.2_0\_locales\et\messages.json
[2012/03/01 07:40:52 | 000,000,613 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\3.2_0\_locales\fi\messages.json
[2012/03/01 07:40:52 | 000,000,588 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\3.2_0\_locales\fil\messages.json
[2012/03/01 07:40:52 | 000,000,675 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\3.2_0\_locales\fr\messages.json
[2012/03/01 07:40:52 | 000,001,164 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\3.2_0\_locales\he\messages.json
[2012/03/01 07:40:52 | 000,001,338 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\3.2_0\_locales\hi\messages.json
[2012/03/01 07:40:52 | 000,000,613 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\3.2_0\_locales\hr\messages.json
[2012/03/01 07:40:52 | 000,000,634 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\3.2_0\_locales\hu\messages.json
[2012/03/01 07:40:52 | 000,000,578 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\3.2_0\_locales\id\messages.json
[2012/03/01 07:40:52 | 000,000,582 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\3.2_0\_locales\it\messages.json
[2012/03/01 07:40:52 | 000,000,828 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\3.2_0\_locales\ja\messages.json
[2012/03/01 07:40:52 | 000,000,806 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\3.2_0\_locales\ko\messages.json
[2012/03/01 07:40:52 | 000,000,729 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\3.2_0\_locales\lt\messages.json
[2012/03/01 07:40:52 | 000,000,642 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\3.2_0\_locales\lv\messages.json
[2012/03/01 07:40:52 | 000,000,554 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\3.2_0\_locales\nb\messages.json
[2012/03/01 07:40:52 | 000,000,581 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\3.2_0\_locales\nl\messages.json
[2012/03/01 07:40:52 | 000,000,667 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\3.2_0\_locales\pl\messages.json
[2012/03/01 07:40:52 | 000,000,617 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\3.2_0\_locales\pt_BR\messages.json
[2012/03/01 07:40:52 | 000,000,631 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\3.2_0\_locales\pt_PT\messages.json
[2012/03/01 07:40:52 | 000,000,656 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\3.2_0\_locales\ro\messages.json
[2012/03/01 07:40:52 | 000,001,330 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\3.2_0\_locales\ru\messages.json
[2012/03/01 07:40:52 | 000,000,715 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\3.2_0\_locales\sk\messages.json
[2012/03/01 07:40:52 | 000,000,586 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\3.2_0\_locales\sl\messages.json
[2012/03/01 07:40:52 | 000,001,266 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\3.2_0\_locales\sr\messages.json
[2012/03/01 07:40:52 | 000,000,576 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\3.2_0\_locales\sv\messages.json
[2012/03/01 07:40:52 | 000,001,322 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\3.2_0\_locales\th\messages.json
[2012/03/01 07:40:52 | 000,000,663 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\3.2_0\_locales\tr\messages.json
[2012/03/01 07:40:52 | 000,001,668 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\3.2_0\_locales\uk\messages.json
[2012/03/01 07:40:52 | 000,000,830 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\3.2_0\_locales\vi\messages.json
[2012/03/01 07:40:52 | 000,000,675 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\3.2_0\_locales\zh_CN\messages.json
[2012/03/01 07:40:52 | 000,000,687 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\3.2_0\_locales\zh_TW\messages.json
[2012/04/13 16:45:50 | 000,000,974 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0\manifest.json
[2012/04/13 16:45:50 | 000,002,421 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0\_locales\en\messages.json
[2012/04/13 16:45:49 | 000,008,505 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0\css\calendar.css
[2012/04/13 16:45:49 | 000,047,609 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0\css\springpad.css
[2012/04/13 16:45:49 | 000,002,802 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0\css\ext\infobar.css
[2012/04/13 16:45:49 | 000,000,571 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0\html\background.html
[2012/04/13 16:45:49 | 000,000,283 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0\html\blank.html
[2012/04/13 16:45:49 | 000,000,087 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0\html\options.html
[2012/04/13 16:45:49 | 000,001,139 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0\html\springpad.html
[2012/04/13 16:45:49 | 000,003,034 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0\images\calendar\arrow-left-hover-blue.png
[2012/04/13 16:45:49 | 000,003,009 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0\images\calendar\arrow-left.png
[2012/04/13 16:45:49 | 000,003,047 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0\images\calendar\arrow-right-hover-blue.png
[2012/04/13 16:45:49 | 000,003,009 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0\images\calendar\arrow-right.png
[2012/04/13 16:45:49 | 000,007,934 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0\images\elements\logo.springpad.300x60.dark.png
[2012/04/13 16:45:49 | 000,008,157 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0\images\elements\logo.springpad.300x60.png
[2012/04/13 16:45:49 | 000,006,991 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0\images\elements\logo.springpad.300x60.white.png
[2012/04/13 16:45:49 | 000,013,502 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0\images\elements\logo.springpad.400x80.png
[2012/04/13 16:45:49 | 000,001,567 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0\images\elements\openid.favicons.png
[2012/04/13 16:45:49 | 000,011,713 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0\images\elements\watermark.corner.botton_right.png
[2012/04/13 16:45:49 | 000,046,439 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0\images\elements\welcome.png
[2012/04/13 16:45:49 | 000,000,148 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0\images\icons\arrow.down.black.centered.19w.png
[2012/04/13 16:45:49 | 000,000,144 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0\images\icons\arrow.up.black.centered.19w.png
[2012/04/13 16:45:49 | 000,001,150 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0\images\icons\favicon.ico
[2012/04/13 16:45:49 | 000,000,229 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0\images\icons\icon.10.flag.grayed.png
[2012/04/13 16:45:49 | 000,000,233 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0\images\icons\icon.10.flag.red.png
[2012/04/13 16:45:49 | 000,000,228 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0\images\icons\icon.10.notebook.blue.png
[2012/04/13 16:45:49 | 000,000,168 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0\images\icons\icon.10.notebook.grayed.png
[2012/04/13 16:45:49 | 000,000,245 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0\images\icons\icon.10.tag.blue.png
[2012/04/13 16:45:49 | 000,000,237 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0\images\icons\icon.10.tag.grayed.png
[2012/04/13 16:45:49 | 000,000,066 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0\images\icons\icon.11.x.black.gif
[2012/04/13 16:45:49 | 000,000,066 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0\images\icons\icon.11.x.white.gif
[2012/04/13 16:45:49 | 000,000,219 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0\images\icons\icon.12.flag.grayed.png
[2012/04/13 16:45:49 | 000,000,230 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0\images\icons\icon.12.flag.red.png
[2012/04/13 16:45:49 | 000,000,412 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0\images\icons\icon.12.loading.gif
[2012/04/13 16:45:49 | 000,000,301 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0\images\icons\icon.12.pencil.png
[2012/04/13 16:45:49 | 000,000,287 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0\images\icons\icon.12.star.gold.png
[2012/04/13 16:45:49 | 000,000,266 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0\images\icons\icon.12.star.gray.png
[2012/04/13 16:45:49 | 000,000,414 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0\images\icons\icon.12.tag.blue.png
[2012/04/13 16:45:49 | 000,000,232 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0\images\icons\icon.12.tag.grayed.png
[2012/04/13 16:45:50 | 000,002,145 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0\images\icons\icon.128.springpad.png
[2012/04/13 16:45:49 | 000,000,860 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0\images\icons\icon.16.circle.green.check.png
[2012/04/13 16:45:49 | 000,000,793 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0\images\icons\icon.16.circle.red.x.png
[2012/04/13 16:45:49 | 000,000,803 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0\images\icons\icon.16.circled.blue.info.png
[2012/04/13 16:45:49 | 000,000,643 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0\images\icons\icon.16.circled.gray.dash.png
[2012/04/13 16:45:49 | 000,000,857 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0\images\icons\icon.16.circled.green.dollar_sign.png
[2012/04/13 16:45:49 | 000,000,769 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0\images\icons\icon.16.circled.orange.info.png
[2012/04/13 16:45:49 | 000,000,775 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0\images\icons\icon.16.circled.red.exclamation.png
[2012/04/13 16:45:49 | 000,000,408 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0\images\icons\icon.16.menu.arrow_back.faded.png
[2012/04/13 16:45:49 | 000,000,334 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0\images\icons\icon.16.menu.arrow_back.png
[2012/04/13 16:45:49 | 000,000,232 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0\images\icons\icon.16.menu.home.png
[2012/04/13 16:45:49 | 000,000,086 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0\images\icons\icon.16.menu.plus.png
[2012/04/13 16:45:49 | 000,000,426 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0\images\icons\icon.16.menu.scissors.png
[2012/04/13 16:45:49 | 000,000,413 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0\images\icons\icon.16.menu.search.png
[2012/04/13 16:45:49 | 000,000,580 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0\images\icons\icon.16.note.png
[2012/04/13 16:45:49 | 000,000,428 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0\images\icons\icon.16.send_to_phone.png
[2012/04/13 16:45:50 | 000,000,305 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0\images\icons\icon.16.springpad.png
[2012/04/13 16:45:49 | 000,000,795 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0\images\icons\icon.16.type.tvshow.png
[2012/04/13 16:45:49 | 000,000,946 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0\images\icons\icon.16.world.blue.png
[2012/04/13 16:45:49 | 000,000,282 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0\images\icons\icon.24.corner_lock.gray.png
[2012/04/13 16:45:49 | 000,001,286 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0\images\icons\icon.32.menu.checkmark.png
[2012/04/13 16:45:49 | 000,001,621 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0\images\icons\icon.32.menu.scissors.png
[2012/04/13 16:45:49 | 000,000,591 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0\images\icons\icon.32.menu.sticky_note.png
[2012/04/13 16:45:49 | 000,002,136 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0\images\icons\icon.32.menu.world.png
[2012/04/13 16:45:49 | 000,001,084 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0\images\icons\icon.48.file.generic.png
[2012/04/13 16:45:49 | 000,002,483 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0\images\icons\icon.48.file.pdf.png
[2012/04/13 16:45:49 | 000,001,762 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0\images\icons\icon.48.file.zip.png
[2012/04/13 16:45:50 | 000,001,019 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0\images\icons\icon.48.springpad.png
[2012/04/13 16:45:49 | 000,009,143 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0\images\icons\icon.75.address_book.blue.png
[2012/04/13 16:45:49 | 000,002,551 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0\images\icons\icon.75.binder.orange.png
[2012/04/13 16:45:49 | 000,006,580 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0\images\icons\icon.75.calendar.red.png
[2012/04/13 16:45:49 | 000,008,616 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0\images\icons\icon.75.cardboard_box.collections.png
[2012/04/13 16:45:49 | 000,006,800 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0\images\icons\icon.75.cardboard_box.green_arrow.png
[2012/04/13 16:45:49 | 000,001,760 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0\images\icons\icon.75.checkbox.blue.png
[2012/04/13 16:45:49 | 000,003,219 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0\images\icons\icon.75.checkbox.checked.blue.png
[2012/04/13 16:45:49 | 000,002,439 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0\images\icons\icon.75.checkbox.checked.png
[2012/04/13 16:45:50 | 000,001,422 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0\images\icons\icon.75.checkbox.png
[2012/04/13 16:45:50 | 000,006,321 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0\images\icons\icon.75.dinner_setting.png
[2012/04/13 16:45:50 | 000,006,099 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0\images\icons\icon.75.gears.png
[2012/04/13 16:45:50 | 000,005,269 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0\images\icons\icon.75.house.png
[2012/04/13 16:45:50 | 000,008,400 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0\images\icons\icon.75.notebook.ring.blue.png
[2012/04/13 16:45:50 | 000,002,303 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0\images\icons\icon.75.pages.stacked.png
[2012/04/13 16:45:50 | 000,002,927 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0\images\icons\icon.75.silhoutte.blue.png
[2012/04/13 16:45:50 | 000,004,067 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0\images\icons\icon.75.ticket.admit_one.png
[2012/04/13 16:45:50 | 000,001,454 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0\images\icons\icon.75.type.activity.png
[2012/04/13 16:45:50 | 000,007,657 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0\images\icons\icon.75.type.alarm.png
[2012/04/13 16:45:50 | 000,007,564 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0\images\icons\icon.75.type.album.png
[2012/04/13 16:45:50 | 000,006,580 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0\images\icons\icon.75.type.appointment.png
[2012/04/13 16:45:50 | 000,003,469 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0\images\icons\icon.75.type.book.png
[2012/04/13 16:45:50 | 000,004,710 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0\images\icons\icon.75.type.bookmark.png
[2012/04/13 16:45:50 | 000,006,590 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0\images\icons\icon.75.type.budget.png
[2012/04/13 16:45:50 | 000,007,434 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0\images\icons\icon.75.type.business.png
[2012/04/13 16:45:50 | 000,005,599 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0\images\icons\icon.75.type.caterer.png
[2012/04/13 16:45:50 | 000,006,243 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0\images\icons\icon.75.type.checklist.png
[2012/04/13 16:45:50 | 000,003,183 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0\images\icons\icon.75.type.church.png
[2012/04/13 16:45:50 | 000,002,431 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0\images\icons\icon.75.type.concert.png
[2012/04/13 16:45:50 | 000,005,937 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0\images\icons\icon.75.type.contact.png
[2012/04/13 16:45:50 | 000,004,514 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0\images\icons\icon.75.type.coupon.png
[2012/04/13 16:45:50 | 000,001,825 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0\images\icons\icon.75.type.file.png
[2012/04/13 16:45:50 | 000,007,725 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0\images\icons\icon.75.type.florist.png
[2012/04/13 16:45:50 | 000,006,243 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0\images\icons\icon.75.type.generallist.png
[2012/04/13 16:45:50 | 000,008,711 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0\images\icons\icon.75.type.gift.png
[2012/04/13 16:45:50 | 000,005,894 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0\images\icons\icon.75.type.group.png
[2012/04/13 16:45:50 | 000,006,592 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0\images\icons\icon.75.type.hotel.png
[2012/04/13 16:45:50 | 000,005,894 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0\images\icons\icon.75.type.list.png
[2012/04/13 16:45:50 | 000,007,172 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0\images\icons\icon.75.type.milestone.png
[2012/04/13 16:45:50 | 000,005,557 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0\images\icons\icon.75.type.movie.png
[2012/04/13 16:45:50 | 000,002,431 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0\images\icons\icon.75.type.musicalartist.png
[2012/04/13 16:45:50 | 000,002,020 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0\images\icons\icon.75.type.note.png
[2012/04/13 16:45:50 | 000,003,591 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0\images\icons\icon.75.type.packinglist.png
[2012/04/13 16:45:50 | 000,003,591 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0\images\icons\icon.75.type.packinglsit.png
[2012/04/13 16:45:50 | 000,005,937 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0\images\icons\icon.75.type.person.png
[2012/04/13 16:45:50 | 000,008,103 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0\images\icons\icon.75.type.photographer.png
[2012/04/13 16:45:50 | 000,005,427 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0\images\icons\icon.75.type.product.png
[2012/04/13 16:45:50 | 000,003,691 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0\images\icons\icon.75.type.recipe.png
[2012/04/13 16:45:50 | 000,007,657 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0\images\icons\icon.75.type.reminder.png
[2012/04/13 16:45:50 | 000,007,422 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0\images\icons\icon.75.type.restaurant.png
[2012/04/13 16:45:50 | 000,004,440 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0\images\icons\icon.75.type.shoppinglist.png
[2012/04/13 16:45:50 | 000,002,375 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0\images\icons\icon.75.type.task.png
[2012/04/13 16:45:50 | 000,004,238 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0\images\icons\icon.75.type.tasklist.png
[2012/04/13 16:45:50 | 000,006,781 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0\images\icons\icon.75.type.tvshow.png
[2012/04/13 16:45:50 | 000,004,260 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0\images\icons\icon.75.type.wine.png
[2012/04/13 16:45:50 | 000,008,020 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0\images\icons\icon.75.world.blue.png
[2012/04/13 16:45:50 | 000,000,434 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0\images\icons\icon.sort.png
[2012/04/13 16:45:50 | 000,003,208 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0\images\icons\loading.gif
[2012/04/13 16:45:50 | 000,000,308 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0\images\icons\numbers.mini.7w.white.black_outline.png
[2012/04/13 16:45:50 | 000,009,016 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0\images\layout\bg.texture.main.png
[2012/04/13 16:45:50 | 000,000,137 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0\images\layout\spacer.png
[2012/04/13 16:45:50 | 000,007,787 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0\js\background.js
[2012/04/13 16:45:50 | 000,007,815 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0\js\bookmarker.js
[2012/04/13 16:45:50 | 000,001,945 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0\js\chrome.proxy.js
[2012/04/13 16:45:50 | 000,024,377 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0\js\common\calendar.js
[2012/04/13 16:45:50 | 000,004,621 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0\js\common\HashListener.js
[2012/04/13 16:45:50 | 000,014,694 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0\js\common\mootools-more.js
[2012/04/13 16:45:50 | 000,102,991 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0\js\common\mootools.js
[2012/04/13 16:45:50 | 000,010,133 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0\js\common\seedrandom.js
[2012/04/13 16:45:50 | 000,059,647 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0\js\common\springapp.js
[2012/04/13 16:45:50 | 000,000,854 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0\js\common\storage.js
[2012/04/13 16:45:50 | 000,028,816 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0\js\common\ui.blocks.js
[2012/04/13 16:45:50 | 000,028,304 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0\js\common\ui.js
[2012/04/13 16:45:50 | 000,003,612 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0\js\ext\get_page_info.js
[2012/04/13 16:45:50 | 000,001,830 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0\js\ext\infobar.js
[2012/04/13 16:45:50 | 000,013,051 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0\js\lib\block.js
[2012/04/13 16:45:50 | 000,000,485 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0\js\lib\constants.js
[2012/04/13 16:45:50 | 000,012,649 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0\js\lib\springpad.js
[2012/04/13 16:45:50 | 000,032,630 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0\js\lib\utils.js
[2012/01/16 19:14:30 | 000,005,920 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\128.png
[2012/01/16 19:14:30 | 000,000,755 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\manifest.json
[2012/01/16 19:14:30 | 000,000,556 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\ar\messages.json
[2012/01/16 19:14:30 | 000,000,492 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\bg\messages.json
[2012/01/16 19:14:30 | 000,000,262 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\ca\messages.json
[2012/01/16 19:14:30 | 000,000,289 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\cs\messages.json
[2012/01/16 19:14:30 | 000,000,240 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\da\messages.json
[2012/01/16 19:14:30 | 000,000,239 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\de\messages.json
[2012/01/16 19:14:30 | 000,000,624 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\el\messages.json
[2012/01/16 19:14:30 | 000,000,215 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\en\messages.json
[2012/01/16 19:14:30 | 000,000,281 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\es\messages.json
[2012/01/16 19:14:30 | 000,000,284 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\fi\messages.json
[2012/01/16 19:14:30 | 000,000,234 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\fil\messages.json
[2012/01/16 19:14:30 | 000,000,272 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\fr\messages.json
[2012/01/16 19:14:30 | 000,000,391 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\hi\messages.json
[2012/01/16 19:14:30 | 000,000,246 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\hr\messages.json
[2012/01/16 19:14:30 | 000,000,234 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\hu\messages.json
[2012/01/16 19:14:30 | 000,000,242 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\id\messages.json
[2012/01/16 19:14:30 | 000,000,260 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\it\messages.json
[2012/01/16 19:14:30 | 000,000,364 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\ja\messages.json
[2012/01/16 19:14:30 | 000,000,328 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\ko\messages.json
[2012/01/16 19:14:30 | 000,000,269 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\lt\messages.json
[2012/01/16 19:14:30 | 000,000,262 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\lv\messages.json
[2012/01/16 19:14:30 | 000,000,232 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\nl\messages.json
[2012/01/16 19:14:29 | 000,000,210 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\no\messages.json
[2012/01/16 19:14:30 | 000,000,292 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\pl\messages.json
[2012/01/16 19:14:30 | 000,000,230 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\pt_BR\messages.json
[2012/01/16 19:14:30 | 000,000,231 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\pt_PT\messages.json
[2012/01/16 19:14:30 | 000,000,281 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\ro\messages.json
[2012/01/16 19:14:30 | 000,000,482 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\ru\messages.json

****continued******

 

[Tom Clindaniel]

*********OTL continued*******
[2012/01/16 19:14:29 | 000,000,210 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\se\messages.json
[2012/01/16 19:14:30 | 000,000,238 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\sk\messages.json
[2012/01/16 19:14:30 | 000,000,249 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\sl\messages.json
[2012/01/16 19:14:30 | 000,000,511 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\sr\messages.json
[2012/01/16 19:14:30 | 000,000,471 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\th\messages.json
[2012/01/16 19:14:30 | 000,000,250 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\tr\messages.json
[2012/01/16 19:14:30 | 000,000,536 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\uk\messages.json
[2012/01/16 19:14:30 | 000,000,257 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\vi\messages.json
[2012/01/16 19:14:30 | 000,000,339 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\zh_CN\messages.json
[2012/01/16 19:14:30 | 000,000,321 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\zh_TW\messages.json
[2012/07/16 07:17:28 | 000,000,024 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\File System\000\p\.usage
[2012/03/01 07:40:54 | 000,528,882 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\File System\000\p\00\00000002
[2012/04/04 07:58:46 | 000,000,000 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\File System\000\p\00\00000007
[2012/04/04 07:58:46 | 000,000,000 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\File System\000\p\00\00000008
[2012/04/04 07:59:56 | 000,529,011 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\File System\000\p\00\00000010
[2012/04/21 06:51:03 | 000,529,037 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\File System\000\p\00\00000011
[2012/07/16 07:17:28 | 000,529,037 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\File System\000\p\00\00000013
[2012/07/16 07:58:49 | 000,000,740 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\File System\000\p\Paths\000361.sst
[2012/07/18 16:23:42 | 000,000,000 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\File System\000\p\Paths\000403.log
[2012/07/18 16:23:42 | 000,000,016 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\File System\000\p\Paths\CURRENT
[2012/03/01 07:40:48 | 000,000,000 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\File System\000\p\Paths\LOCK
[2012/07/18 16:23:42 | 000,000,113 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\File System\000\p\Paths\MANIFEST-000402
[2012/04/26 07:32:16 | 000,000,163 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\File System\000\p\Paths\lost\MANIFEST-000227
[2012/03/01 09:01:53 | 000,000,208 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\File System\Origins\000005.sst
[2012/07/18 16:23:42 | 000,000,000 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\File System\Origins\000697.log
[2012/07/18 16:23:42 | 000,000,016 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\File System\Origins\CURRENT
[2012/03/01 07:40:47 | 000,000,000 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\File System\Origins\LOCK
[2012/07/18 16:23:42 | 000,000,142 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\File System\Origins\MANIFEST-000696
[2012/04/26 07:32:15 | 000,000,142 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\File System\Origins\lost\MANIFEST-000257
[9 C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\JumpListIcons\*.tmp files -> C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\JumpListIcons\*.tmp -> ]
[9 C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\JumpListIconsOld\*.tmp files -> C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\JumpListIconsOld\*.tmp -> ]
[2012/07/13 17:30:30 | 000,003,072 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-devtools_devtools_0.localstorage
[2012/07/13 17:30:30 | 000,003,608 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-devtools_devtools_0.localstorage-journal
[2012/07/18 16:23:45 | 000,003,072 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_cfhdojbkjhnklbpkdaibdccddilifddb_0.localstorage
[2012/07/18 16:23:45 | 000,003,608 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_cfhdojbkjhnklbpkdaibdccddilifddb_0.localstorage-journal
[2012/07/18 16:23:44 | 000,005,120 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_cpngackimfmofbokmjmljamhdncknpmg_0.localstorage
[2012/07/18 16:23:44 | 000,003,608 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_cpngackimfmofbokmjmljamhdncknpmg_0.localstorage-journal
[2012/01/16 19:08:09 | 000,005,120 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_eemcgdkfndhakfknompkggombfjjjeno_0.localstorage
[2012/03/14 07:23:40 | 000,003,072 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_kbijjbopjcchmieelnldoceohfdbnjkk_0.localstorage
[2012/05/22 17:46:16 | 000,090,112 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_njhgeimnepehieioinbhmfpphfoocmng_0.localstorage
[2012/07/18 14:02:02 | 000,003,072 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_chrome.google.com_0.localstorage
[2012/07/18 14:02:02 | 000,003,608 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_chrome.google.com_0.localstorage-journal
[2012/01/18 17:30:02 | 000,017,408 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_mail.google.com_0.localstorage
[2012/07/18 16:23:56 | 000,003,072 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_plus.google.com_0.localstorage
[2012/07/18 16:23:56 | 000,003,608 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_plus.google.com_0.localstorage-journal
[2012/07/17 21:05:46 | 000,003,072 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_safecart.com_0.localstorage
[2012/07/17 21:05:46 | 000,003,608 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_safecart.com_0.localstorage-journal
[2012/07/18 14:45:11 | 000,111,616 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_wwf-fb.zyngawithfriends.com_0.localstorage
[2012/07/18 14:45:11 | 000,016,384 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_wwf-fb.zyngawithfriends.com_0.localstorage-journal
[2012/07/18 13:54:08 | 000,003,072 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_disqus.com_0.localstorage
[2012/07/18 13:54:08 | 000,003,608 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_disqus.com_0.localstorage-journal
[2012/07/12 19:03:26 | 000,003,072 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_forums.androidcentral.com_0.localstorage
[2012/07/12 19:03:26 | 000,003,608 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_forums.androidcentral.com_0.localstorage-journal
[2012/07/12 08:59:29 | 000,003,072 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_mediacdn.disqus.com_0.localstorage
[2012/07/12 08:59:29 | 000,003,608 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_mediacdn.disqus.com_0.localstorage-journal
[2012/07/18 16:26:36 | 000,114,688 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.techspot.com_0.localstorage
[2012/07/18 16:26:36 | 000,016,384 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.techspot.com_0.localstorage-journal
[2012/07/17 08:17:13 | 000,004,096 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.weather.com_0.localstorage
[2012/07/17 08:17:13 | 000,004,640 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.weather.com_0.localstorage-journal
[2012/07/17 17:37:06 | 000,003,072 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.youtube.com_0.localstorage
[2012/07/17 17:37:06 | 000,003,608 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.youtube.com_0.localstorage-journal
[2012/07/10 20:43:28 | 000,008,192 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Media Cache\data_0
[2012/07/10 20:45:53 | 000,270,336 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Media Cache\data_1
[2012/07/10 20:43:28 | 000,008,192 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Media Cache\data_2
[2012/07/10 20:43:28 | 000,008,192 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Media Cache\data_3
[2012/07/10 20:43:28 | 000,524,656 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Media Cache\index
[2010/09/24 16:32:46 | 000,017,408 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\localserver.db
[2010/09/24 16:32:46 | 000,019,456 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\permissions.db
[2012/07/18 16:26:35 | 005,481,472 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Sync Data\SyncData.sqlite3
[2012/07/18 16:26:35 | 000,016,384 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Sync Data\SyncData.sqlite3-journal
[2010/09/24 16:28:22 | 000,000,000 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\User StyleSheets\Custom.css
[2012/05/21 16:44:24 | 000,001,811 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\manifest.json
[2012/05/21 16:44:25 | 008,110,592 | ---- | M] () -- C:\Users\Tom\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll

< %USERPROFILE%\AppData\Local\ /s >

< %systemroot%\Installer\ /s >

< %systemroot%\system32\Cache\ /s >

< %systemroot%\system32\config\systemprofile\Application Data /s >

< %PROGRAMFILES%\*. >
[2012/05/01 22:04:53 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Adobe
[2012/07/18 10:57:39 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\American Auto-Matrix
[2012/05/01 22:38:02 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Apple Software Update
[2012/05/01 22:05:14 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\BackToTheBeach
[2012/05/01 22:38:02 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Bonjour
[2012/05/01 22:05:18 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Cisco Systems
[2012/05/01 22:05:20 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\CoffeeCup Software
[2012/07/18 10:59:45 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files
[2012/05/03 11:58:28 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\ERUNT
[2012/05/03 11:56:05 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\ESET
[2012/05/01 22:38:18 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\FileZilla FTP Client
[2011/04/16 19:34:54 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Full Tilt Poker
[2012/05/01 22:38:18 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Google
[2012/05/01 22:07:52 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Hewlett-Packard
[2012/05/01 22:38:19 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\HP
[2012/05/01 22:07:57 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\InstallShield Installation Information
[2012/05/01 22:38:20 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Intel
[2012/07/16 11:01:24 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Internet Explorer
[2012/05/01 22:07:59 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Intuit
[2012/05/01 22:38:20 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\iTunes
[2012/07/16 07:13:14 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Java
[2012/05/01 22:08:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Johnson Controls
[2012/05/01 22:08:45 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Juniper Networks
[2012/07/17 18:31:56 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012/06/06 15:44:37 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft
[2012/05/01 22:38:24 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Office
[2012/05/01 22:38:28 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft SDKs
[2012/05/01 22:38:28 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Security Client
[2012/06/06 07:44:58 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Silverlight
[2012/06/06 06:46:32 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft SQL Server
[2012/05/01 22:09:53 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
[2012/05/01 22:10:44 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Synchronization Services
[2012/05/01 22:38:32 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Visual Studio
[2012/05/01 22:38:32 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Visual Studio 8
[2012/05/01 22:38:32 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Visual Studio 9.0
[2012/05/01 22:38:32 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Works
[2012/05/01 22:38:32 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft.NET
[2012/05/01 22:38:33 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MSBuild
[2010/10/10 17:25:07 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MSXML 4.0
[2012/07/16 07:14:18 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Oracle
[2012/07/17 21:21:21 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\PokerStars
[2012/05/01 22:38:35 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\QuickTime
[2012/05/01 22:11:18 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Reference Assemblies
[2012/05/01 22:11:19 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Roblox
[2012/05/14 16:29:15 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Safari
[2009/07/14 00:57:06 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Uninstall Information
[2012/05/01 22:11:41 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\WebGear
[2012/05/01 22:11:44 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Defender
[2012/05/01 22:11:44 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Mail
[2012/05/01 22:11:44 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Media Player
[2012/05/01 22:11:44 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows NT
[2012/05/01 22:11:44 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Photo Viewer
[2011/10/05 08:41:52 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Portable Devices
[2012/05/01 22:40:15 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Sidebar
[2012/05/01 22:38:37 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\WinRAR

< %appdata%\*.* >
[2011/12/22 13:33:28 | 000,015,033 | ---- | M] () -- C:\Users\Tom\AppData\Roaming\CCTInstallLog.htm
[2010/11/10 18:48:09 | 000,037,839 | ---- | M] () -- C:\Users\Tom\AppData\Roaming\Comma Separated Values (Windows).ADR
[2012/01/08 13:37:55 | 000,023,826 | ---- | M] () -- C:\Users\Tom\AppData\Roaming\SCTInstallLog.htm

< MD5 for: AFD.SYS >
[2011/12/27 23:59:24 | 000,498,688 | ---- | M] (Microsoft Corporation) MD5=1C7857B62DE5994A75B054A9FD4C3825 -- C:\Windows\SysNative\drivers\afd.sys
[2011/12/27 23:59:24 | 000,498,688 | ---- | M] (Microsoft Corporation) MD5=1C7857B62DE5994A75B054A9FD4C3825 -- C:\Windows\system64\drivers\afd.sys
[2011/12/27 23:59:24 | 000,498,688 | ---- | M] (Microsoft Corporation) MD5=1C7857B62DE5994A75B054A9FD4C3825 -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.17752_none_35e10b89752ee0f5\afd.sys
[2011/12/28 00:01:36 | 000,498,176 | ---- | M] (Microsoft Corporation) MD5=36A14FD1A23F57046361733B792CA8DB -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.21887_none_364f3a028e605345\afd.sys
[2011/04/24 22:44:02 | 000,499,712 | ---- | M] (Microsoft Corporation) MD5=6EF20DDF3172E97D69F596FB90602F29 -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7600.16802_none_3430bc3977dfec2d\afd.sys
[2009/07/13 19:21:42 | 000,500,224 | ---- | M] (Microsoft Corporation) MD5=B9384E03479D2506BC924C16A3DB87BC -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7600.16385_none_33dd3439781e25f7\afd.sys
[2011/12/28 00:01:12 | 000,499,200 | ---- | M] (Microsoft Corporation) MD5=CCA39961E76B491DDF44B1E90FC8971D -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7600.21115_none_34b263fe91032456\afd.sys
[2010/11/20 05:23:34 | 000,499,712 | ---- | M] (Microsoft Corporation) MD5=D31DC7A16DEA4A9BAF179F3D6FBDB38C -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.17514_none_360e4801750ca991\afd.sys
[2011/04/24 22:34:03 | 000,499,200 | ---- | M] (Microsoft Corporation) MD5=D5B031C308A409A0A576BFF4CF083D30 -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.17603_none_3618198975057170\afd.sys
[2011/12/27 23:59:11 | 000,499,200 | ---- | M] (Microsoft Corporation) MD5=DB9D6C6B2CD95A9CA414D045B627422E -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7600.16937_none_34154fcd77f3bbda\afd.sys
[2011/04/24 23:09:35 | 000,499,200 | ---- | M] (Microsoft Corporation) MD5=F4AD06143EAC303F55D0E86C40802976 -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.21712_none_3695e61e8e2c13d4\afd.sys
[2011/04/24 22:44:27 | 000,499,712 | ---- | M] (Microsoft Corporation) MD5=FBFF8B7C9D116229E9208A0D1CAEB49B -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7600.20951_none_3483491e9126fe55\afd.sys

< MD5 for: ATAPI.SYS >
[2009/07/13 21:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\ERDNT\cache64\atapi.sys
[2009/07/13 21:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009/07/13 21:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009/07/13 21:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\system64\drivers\atapi.sys
[2009/07/13 21:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\system64\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009/07/13 21:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009/07/13 21:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys

< MD5 for: CRYPTSVC.DLL >
[2012/04/24 00:36:42 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=06E771AA596B8761107AB57E99F128D7 -- C:\Windows\SysWOW64\cryptsvc.dll
[2012/04/24 00:36:42 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=06E771AA596B8761107AB57E99F128D7 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17827_none_77ff39f3f916c65f\cryptsvc.dll
[2010/11/20 09:25:59 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=15597883FBE9B056F276ADA3AD87D9AF -- C:\Windows\ERDNT\cache64\cryptsvc.dll
[2010/11/20 09:25:59 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=15597883FBE9B056F276ADA3AD87D9AF -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_d4259ed3b16ed82a\cryptsvc.dll
[2012/04/24 00:28:22 | 000,142,336 | ---- | M] (Microsoft Corporation) MD5=21993009E0CCB9B4FA195F14D3408626 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.21979_none_7854c7b7125b248c\cryptsvc.dll
[2012/04/24 01:37:37 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=4F5414602E2544A4554D95517948B705 -- C:\Windows\SysNative\cryptsvc.dll
[2012/04/24 01:37:37 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=4F5414602E2544A4554D95517948B705 -- C:\Windows\system64\cryptsvc.dll
[2012/04/24 01:37:37 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=4F5414602E2544A4554D95517948B705 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17827_none_d41dd577b1743795\cryptsvc.dll
[2012/04/24 00:47:04 | 000,139,264 | ---- | M] (Microsoft Corporation) MD5=520A108A2657F4BCA7FCED9CA7D885DE -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.17008_none_762f534bfbdf7203\cryptsvc.dll
[2009/07/13 21:40:24 | 000,175,104 | ---- | M] (Microsoft Corporation) MD5=8C57411B66282C01533CB776F98AD384 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_d1f48b0bb4805490\cryptsvc.dll
[2009/07/13 21:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_75d5ef87fc22e35a\cryptsvc.dll
[2010/11/20 08:18:24 | 000,136,192 | ---- | M] (Microsoft Corporation) MD5=A585BEBF7D054BD9618EDA0922D5484A -- C:\Windows\ERDNT\cache86\cryptsvc.dll
[2010/11/20 08:18:24 | 000,136,192 | ---- | M] (Microsoft Corporation) MD5=A585BEBF7D054BD9618EDA0922D5484A -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_7807034ff91166f4\cryptsvc.dll
[2012/04/24 01:22:32 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=B7337E9C9E5936355BB700AA33E0936E -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.21979_none_d473633acab895c2\cryptsvc.dll
[2012/04/24 01:36:46 | 000,183,808 | ---- | M] (Microsoft Corporation) MD5=CE8BF1423AEE47DA5275FBC8AD3BD642 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.21199_none_d2773c98cda297d3\cryptsvc.dll
[2012/04/24 01:59:45 | 000,182,272 | ---- | M] (Microsoft Corporation) MD5=F02786B66375292E58C8777082D4396D -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.17008_none_d24deecfb43ce339\cryptsvc.dll
[2012/04/24 00:33:53 | 000,141,312 | ---- | M] (Microsoft Corporation) MD5=F522279B4717E2BFF269C771FAC2B78E -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.21199_none_7658a1151545269d\cryptsvc.dll

< MD5 for: DNSRSLVR.DLL >
[2011/03/03 02:24:16 | 000,183,296 | ---- | M] (Microsoft Corporation) MD5=16835866AAA693C7D7FCEBA8FFF706E4 -- C:\Windows\SysNative\dnsrslvr.dll
[2011/03/03 02:24:16 | 000,183,296 | ---- | M] (Microsoft Corporation) MD5=16835866AAA693C7D7FCEBA8FFF706E4 -- C:\Windows\system64\dnsrslvr.dll
[2011/03/03 02:24:16 | 000,183,296 | ---- | M] (Microsoft Corporation) MD5=16835866AAA693C7D7FCEBA8FFF706E4 -- C:\Windows\winsxs\amd64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7601.17570_none_3fc3a19c992d2ff6\dnsrslvr.dll
[2009/07/13 21:40:32 | 000,182,272 | ---- | M] (Microsoft Corporation) MD5=676108C4E3AA6F6B34633748BD0BEBD9 -- C:\Windows\winsxs\amd64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7600.16385_none_3dd76e849c0a6a12\dnsrslvr.dll
[2011/03/03 02:17:10 | 000,182,272 | ---- | M] (Microsoft Corporation) MD5=85CF424C74A1D5EC33533E1DBFF9920A -- C:\Windows\winsxs\amd64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7600.16772_none_3ddf452a9c04f6b8\dnsrslvr.dll
[2011/03/03 02:12:55 | 000,183,296 | ---- | M] (Microsoft Corporation) MD5=B2205BAEAE4C178ABEB1B149751FC2B9 -- C:\Windows\winsxs\amd64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7601.21673_none_40503f45b2481bc5\dnsrslvr.dll
[2010/11/20 09:26:07 | 000,183,296 | ---- | M] (Microsoft Corporation) MD5=CD55F5355D8F55D44C9F4ED875705BD6 -- C:\Windows\winsxs\amd64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7601.17514_none_4008824c98f8edac\dnsrslvr.dll
[2011/03/03 02:23:37 | 000,182,272 | ---- | M] (Microsoft Corporation) MD5=D8065FA366D28746EE3D75F08ED6B2FE -- C:\Windows\winsxs\amd64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7600.20914_none_3eabc3f7b4f01eb1\dnsrslvr.dll

*****continued*******

 

[Tom Clindaniel]

**********OTL continued********

< MD5 for: ES.DLL >
[2009/07/13 21:40:50 | 000,402,944 | ---- | M] (Microsoft Corporation) MD5=4166F82BE4D24938977DD1746BE9B8A0 -- C:\Windows\ERDNT\cache64\es.dll
[2009/07/13 21:40:50 | 000,402,944 | ---- | M] (Microsoft Corporation) MD5=4166F82BE4D24938977DD1746BE9B8A0 -- C:\Windows\SysNative\es.dll
[2009/07/13 21:40:50 | 000,402,944 | ---- | M] (Microsoft Corporation) MD5=4166F82BE4D24938977DD1746BE9B8A0 -- C:\Windows\system64\es.dll
[2009/07/13 21:40:50 | 000,402,944 | ---- | M] (Microsoft Corporation) MD5=4166F82BE4D24938977DD1746BE9B8A0 -- C:\Windows\winsxs\amd64_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.1.7600.16385_none_68e290c46b6ea6d0\es.dll
[2012/06/28 06:27:57 | 000,008,216 | ---- | M] () MD5=8C4CBA187C451FAE0C9C1674B9C3AC39 -- C:\Program Files (x86)\Google\Chrome\Application\20.0.1132.47\Locales\es.dll
[2012/07/10 00:07:57 | 000,008,216 | ---- | M] () MD5=D088A143E3692E65FCEECBEAF6B66E08 -- C:\Program Files (x86)\Google\Chrome\Application\20.0.1132.57\Locales\es.dll
[2009/07/13 21:15:19 | 000,271,360 | ---- | M] (Microsoft Corporation) MD5=F6916EFC29D9953D5D0DF06882AE8E16 -- C:\Windows\ERDNT\cache86\es.dll
[2009/07/13 21:15:19 | 000,271,360 | ---- | M] (Microsoft Corporation) MD5=F6916EFC29D9953D5D0DF06882AE8E16 -- C:\Windows\SysWOW64\es.dll
[2009/07/13 21:15:19 | 000,271,360 | ---- | M] (Microsoft Corporation) MD5=F6916EFC29D9953D5D0DF06882AE8E16 -- C:\Windows\winsxs\wow64_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.1.7600.16385_none_73373b169fcf68cb\es.dll

< MD5 for: EXPLORER.EXE >
[2009/07/13 21:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2009/10/31 01:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2010/11/20 08:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\SysWOW64\explorer.exe
[2010/11/20 08:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2009/08/03 02:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2009/10/31 02:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009/08/03 01:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010/11/20 09:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\ERDNT\cache86\explorer.exe
[2010/11/20 09:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\explorer.exe
[2010/11/20 09:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009/10/31 02:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009/08/03 01:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009/07/13 21:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009/10/31 02:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2009/08/03 02:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe

< MD5 for: IPNATHLP.DLL >
[2009/07/13 21:41:10 | 000,359,424 | ---- | M] (Microsoft Corporation) MD5=B95F6501A2F8B2E78C697FEC401970CE -- C:\Windows\SysNative\ipnathlp.dll
[2009/07/13 21:41:10 | 000,359,424 | ---- | M] (Microsoft Corporation) MD5=B95F6501A2F8B2E78C697FEC401970CE -- C:\Windows\system64\ipnathlp.dll
[2009/07/13 21:41:10 | 000,359,424 | ---- | M] (Microsoft Corporation) MD5=B95F6501A2F8B2E78C697FEC401970CE -- C:\Windows\winsxs\amd64_microsoft-windows-sharedaccess_31bf3856ad364e35_6.1.7600.16385_none_60c2504d62fd4f0e\ipnathlp.dll

< MD5 for: NETBT.SYS >
[2010/11/20 05:23:20 | 000,261,632 | ---- | M] (Microsoft Corporation) MD5=09594D1089C523423B32A4229263F068 -- C:\Windows\SysNative\drivers\netbt.sys
[2010/11/20 05:23:20 | 000,261,632 | ---- | M] (Microsoft Corporation) MD5=09594D1089C523423B32A4229263F068 -- C:\Windows\system64\drivers\netbt.sys
[2010/11/20 05:23:20 | 000,261,632 | ---- | M] (Microsoft Corporation) MD5=09594D1089C523423B32A4229263F068 -- C:\Windows\winsxs\amd64_microsoft-windows-netbt_31bf3856ad364e35_6.1.7601.17514_none_be8acdd10de3b1a6\netbt.sys
[2009/07/13 19:21:29 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=9162B273A44AB9DCE5B44362731D062A -- C:\Windows\winsxs\amd64_microsoft-windows-netbt_31bf3856ad364e35_6.1.7600.16385_none_bc59ba0910f52e0c\netbt.sys

< MD5 for: NETMAN.DLL >
[2009/07/13 21:41:52 | 000,360,448 | ---- | M] (Microsoft Corporation) MD5=847D3AE376C0817161A14A82C8922A9E -- C:\Windows\ERDNT\cache64\netman.dll
[2009/07/13 21:41:52 | 000,360,448 | ---- | M] (Microsoft Corporation) MD5=847D3AE376C0817161A14A82C8922A9E -- C:\Windows\SysNative\netman.dll
[2009/07/13 21:41:52 | 000,360,448 | ---- | M] (Microsoft Corporation) MD5=847D3AE376C0817161A14A82C8922A9E -- C:\Windows\system64\netman.dll
[2009/07/13 21:41:52 | 000,360,448 | ---- | M] (Microsoft Corporation) MD5=847D3AE376C0817161A14A82C8922A9E -- C:\Windows\winsxs\amd64_microsoft-windows-netman_31bf3856ad364e35_6.1.7600.16385_none_6bb20d3d6b80d9da\netman.dll

< MD5 for: QMGR.DLL >
[2010/11/20 09:27:23 | 000,849,920 | ---- | M] (Microsoft Corporation) MD5=1EA7969E3271CBC59E1730697DC74682 -- C:\Windows\ERDNT\cache64\qmgr.dll
[2010/11/20 09:27:23 | 000,849,920 | ---- | M] (Microsoft Corporation) MD5=1EA7969E3271CBC59E1730697DC74682 -- C:\Windows\SysNative\qmgr.dll
[2010/11/20 09:27:23 | 000,849,920 | ---- | M] (Microsoft Corporation) MD5=1EA7969E3271CBC59E1730697DC74682 -- C:\Windows\system64\qmgr.dll
[2010/11/20 09:27:23 | 000,849,920 | ---- | M] (Microsoft Corporation) MD5=1EA7969E3271CBC59E1730697DC74682 -- C:\Windows\winsxs\amd64_microsoft-windows-bits-client_31bf3856ad364e35_6.1.7601.17514_none_81b6ca5c101195cd\qmgr.dll
[2009/07/13 21:41:53 | 000,848,384 | ---- | M] (Microsoft Corporation) MD5=7F0C323FE3DA28AA4AA1BDA3F575707F -- C:\Windows\winsxs\amd64_microsoft-windows-bits-client_31bf3856ad364e35_6.1.7600.16385_none_7f85b69413231233\qmgr.dll

< MD5 for: RPCSS.DLL >
[2010/11/20 09:27:24 | 000,512,000 | ---- | M] (Microsoft Corporation) MD5=5C627D1B1138676C0A7AB2C2C190D123 -- C:\Windows\ERDNT\cache64\rpcss.dll
[2010/11/20 09:27:24 | 000,512,000 | ---- | M] (Microsoft Corporation) MD5=5C627D1B1138676C0A7AB2C2C190D123 -- C:\Windows\SysNative\rpcss.dll
[2010/11/20 09:27:24 | 000,512,000 | ---- | M] (Microsoft Corporation) MD5=5C627D1B1138676C0A7AB2C2C190D123 -- C:\Windows\system64\rpcss.dll
[2010/11/20 09:27:24 | 000,512,000 | ---- | M] (Microsoft Corporation) MD5=5C627D1B1138676C0A7AB2C2C190D123 -- C:\Windows\winsxs\amd64_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.1.7601.17514_none_c7f0e16b547f887d\rpcss.dll
[2009/07/13 21:41:53 | 000,509,440 | ---- | M] (Microsoft Corporation) MD5=7266972E86890E2B30C0C322E906B027 -- C:\Windows\winsxs\amd64_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.1.7600.16385_none_c5bfcda3579104e3\rpcss.dll

< MD5 for: SERVICES.EXE >
[2009/07/13 21:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\ERDNT\cache64\services.exe
[2009/07/13 21:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\SysNative\services.exe
[2009/07/13 21:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\system64\services.exe
[2009/07/13 21:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe

< MD5 for: SVCHOST.EXE >
[2009/07/13 21:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\ERDNT\cache86\svchost.exe
[2009/07/13 21:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009/07/13 21:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2012/07/03 13:46:42 | 000,217,672 | ---- | M] () MD5=8A7F34F0BBD076EC3815680A7309114F -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2009/07/13 21:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\ERDNT\cache64\svchost.exe
[2009/07/13 21:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009/07/13 21:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\system64\svchost.exe
[2009/07/13 21:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2011/04/25 01:28:24 | 001,893,248 | ---- | M] (Microsoft Corporation) MD5=1F748D5439B65E0BEBD92F65048F030D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_0fb918de99201ffb\tcpip.sys
[2011/09/29 13:41:37 | 001,912,176 | ---- | M] (Microsoft Corporation) MD5=3810F06A4D74A7D62641EE73D6B3C660 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_11c6e9949627e69c\tcpip.sys
[2010/11/20 09:33:57 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2011/06/21 02:16:55 | 001,888,128 | ---- | M] (Microsoft Corporation) MD5=5279D4DD69C7C71524B8E7A5746D15CC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20992_none_0f8ed978993fa916\tcpip.sys
[2010/06/14 02:39:16 | 001,889,152 | ---- | M] (Microsoft Corporation) MD5=542C6767C68C9D6AAACA59436B0D15C2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_0fd0b57e990e2079\tcpip.sys
[2012/03/30 06:19:17 | 001,877,872 | ---- | M] (Microsoft Corporation) MD5=5EFD096DEF47F8B88EF591DA92143440 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21178_none_0faa5514992a39a7\tcpip.sys
[2011/04/25 01:32:22 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=61DC720BB065D607D5823F13D2A64321 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_0f668bf97fd90dd3\tcpip.sys
[2012/03/30 07:09:53 | 001,895,280 | ---- | M] (Microsoft Corporation) MD5=624C5B3AA4C99B3184BB922D9ECE3FF0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16986_none_0f140fa780164fde\tcpip.sys
[2012/03/30 06:26:36 | 001,901,424 | ---- | M] (Microsoft Corporation) MD5=885B202006EE17AE99B9FBCEC9AF88C9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_11a27a8e9643d23a\tcpip.sys
[2010/06/14 02:37:36 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=90A2D722CF64D911879D6C4A4F802A4D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_0f59b7ad7fe2fcc8\tcpip.sys
[2009/07/13 21:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys
[2011/04/25 01:33:51 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=92CE29D95AC9DD2D0EE9061D551BA250 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_114de9497cfe9316\tcpip.sys
[2011/06/21 02:20:30 | 001,914,752 | ---- | M] (Microsoft Corporation) MD5=A0EB71E0DC047C7CC95CD6AB4036296E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_11a276c29643d7ec\tcpip.sys
[2011/09/29 12:17:51 | 001,886,064 | ---- | M] (Microsoft Corporation) MD5=AC3E29880DB5659532A1AA3439304A43 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21060_none_0fad20ca992955d7\tcpip.sys
[2012/03/30 07:35:47 | 001,918,320 | ---- | M] (Microsoft Corporation) MD5=ACB82BDA8F46C84F465C1AFA517DC4B9 -- C:\Windows\SysNative\drivers\tcpip.sys
[2012/03/30 07:35:47 | 001,918,320 | ---- | M] (Microsoft Corporation) MD5=ACB82BDA8F46C84F465C1AFA517DC4B9 -- C:\Windows\system64\drivers\tcpip.sys
[2012/03/30 07:35:47 | 001,918,320 | ---- | M] (Microsoft Corporation) MD5=ACB82BDA8F46C84F465C1AFA517DC4B9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_114ceccb7cff740d\tcpip.sys
[2011/04/25 02:16:34 | 001,927,552 | ---- | M] (Microsoft Corporation) MD5=B77977AEB2FF159D01DB08A309989C5F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_11cbb5de9625357a\tcpip.sys
[2011/06/21 02:27:14 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=B9D87C7707F058AC652A398CD28DE14B -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16839_none_0f4d1e3b7feb1307\tcpip.sys
[2011/06/21 02:34:00 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=F0E98C00A09FDF791525829A1D14240F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_11327af77d12659c\tcpip.sys
[2011/09/29 12:24:44 | 001,897,328 | ---- | M] (Microsoft Corporation) MD5=F18F56EFC0BFB9C87BA01C37B27F4DA5 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16889_none_0f170e9f80139ebc\tcpip.sys
[2011/09/29 12:29:28 | 001,923,952 | ---- | M] (Microsoft Corporation) MD5=FC62769E7BFF2896035AEED399108162 -- C:\Windows\ERDNT\cache64\tcpip.sys
[2011/09/29 12:29:28 | 001,923,952 | ---- | M] (Microsoft Corporation) MD5=FC62769E7BFF2896035AEED399108162 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_10f09b257d43f3eb\tcpip.sys

< MD5 for: TDX.SYS >
[2009/07/13 19:21:15 | 000,099,840 | ---- | M] (Microsoft Corporation) MD5=079125C4B17B01FCAEEBCE0BCB290C0F -- C:\Windows\winsxs\amd64_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.1.7600.16385_none_4632b9f2f5c6af5e\tdx.sys
[2010/11/20 05:21:56 | 000,119,296 | ---- | M] (Microsoft Corporation) MD5=DDAD5A7AB24D8B65F8D724F5C20FD806 -- C:\Windows\ERDNT\cache64\tdx.sys
[2010/11/20 05:21:56 | 000,119,296 | ---- | M] (Microsoft Corporation) MD5=DDAD5A7AB24D8B65F8D724F5C20FD806 -- C:\Windows\SysNative\drivers\tdx.sys
[2010/11/20 05:21:56 | 000,119,296 | ---- | M] (Microsoft Corporation) MD5=DDAD5A7AB24D8B65F8D724F5C20FD806 -- C:\Windows\system64\drivers\tdx.sys
[2010/11/20 05:21:56 | 000,119,296 | ---- | M] (Microsoft Corporation) MD5=DDAD5A7AB24D8B65F8D724F5C20FD806 -- C:\Windows\winsxs\amd64_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.1.7601.17514_none_4863cdbaf2b532f8\tdx.sys

< MD5 for: USERINIT.EXE >
[2010/11/20 08:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\ERDNT\cache86\userinit.exe
[2010/11/20 08:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010/11/20 08:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009/07/13 21:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009/07/13 21:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010/11/20 09:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\ERDNT\cache64\userinit.exe
[2010/11/20 09:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010/11/20 09:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\system64\userinit.exe
[2010/11/20 09:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: VOLSNAP.SYS >
[2010/11/20 09:34:02 | 000,295,808 | ---- | M] (Microsoft Corporation) MD5=0D08D2F3B3FF84E433346669B5E0F639 -- C:\Windows\SysNative\drivers\volsnap.sys
[2010/11/20 09:34:02 | 000,295,808 | ---- | M] (Microsoft Corporation) MD5=0D08D2F3B3FF84E433346669B5E0F639 -- C:\Windows\SysNative\DriverStore\FileRepository\volume.inf_amd64_neutral_df8bea40ac96ca21\volsnap.sys
[2010/11/20 09:34:02 | 000,295,808 | ---- | M] (Microsoft Corporation) MD5=0D08D2F3B3FF84E433346669B5E0F639 -- C:\Windows\system64\drivers\volsnap.sys
[2010/11/20 09:34:02 | 000,295,808 | ---- | M] (Microsoft Corporation) MD5=0D08D2F3B3FF84E433346669B5E0F639 -- C:\Windows\system64\DriverStore\FileRepository\volume.inf_amd64_neutral_df8bea40ac96ca21\volsnap.sys
[2010/11/20 09:34:02 | 000,295,808 | ---- | M] (Microsoft Corporation) MD5=0D08D2F3B3FF84E433346669B5E0F639 -- C:\Windows\winsxs\amd64_volume.inf_31bf3856ad364e35_6.1.7601.17514_none_73dcbcf012b4850e\volsnap.sys
[2009/07/13 21:45:55 | 000,294,992 | ---- | M] (Microsoft Corporation) MD5=58F82EED8CA24B461441F9C3E4F0BF5C -- C:\Windows\winsxs\amd64_volume.inf_31bf3856ad364e35_6.1.7600.16385_none_71aba92815c60174\volsnap.sys

< MD5 for: WININIT.EXE >
[2009/07/13 21:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\ERDNT\cache64\wininit.exe
[2009/07/13 21:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\SysNative\wininit.exe
[2009/07/13 21:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\system64\wininit.exe
[2009/07/13 21:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe
[2009/07/13 21:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\ERDNT\cache86\wininit.exe
[2009/07/13 21:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe
[2009/07/13 21:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe

< MD5 for: WINLOGON.EXE >
[2010/11/20 09:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\ERDNT\cache64\winlogon.exe
[2010/11/20 09:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010/11/20 09:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\system64\winlogon.exe
[2010/11/20 09:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009/07/13 21:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2012/07/03 13:46:42 | 000,217,672 | ---- | M] () MD5=8A7F34F0BBD076EC3815680A7309114F -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2009/10/28 03:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009/10/28 02:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

< MD5 for: WMISVC.DLL >
[2009/07/13 21:41:56 | 000,242,688 | ---- | M] (Microsoft Corporation) MD5=19B07E7E8915D701225DA41CB3877306 -- C:\Windows\SysNative\wbem\WMIsvc.dll
[2009/07/13 21:41:56 | 000,242,688 | ---- | M] (Microsoft Corporation) MD5=19B07E7E8915D701225DA41CB3877306 -- C:\Windows\system64\wbem\WMIsvc.dll
[2009/07/13 21:41:56 | 000,242,688 | ---- | M] (Microsoft Corporation) MD5=19B07E7E8915D701225DA41CB3877306 -- C:\Windows\winsxs\amd64_microsoft-windows-wmi-core-svc_31bf3856ad364e35_6.1.7600.16385_none_fca7ad7710a22535\WMIsvc.dll
[2009/07/13 21:41:56 | 000,242,688 | ---- | M] (Microsoft Corporation) MD5=19B07E7E8915D701225DA41CB3877306 -- C:\Windows\winsxs\amd64_microsoft-windows-wmi-core-svc_31bf3856ad364e35_6.1.7601.17514_none_fed8c13f0d90a8cf\WMIsvc.dll

< MD5 for: WSCSVC.DLL >
[2009/07/13 21:41:58 | 000,097,280 | ---- | M] (Microsoft Corporation) MD5=E8B1FE6669397D1772D8196DF0E57A9E -- C:\Windows\SysNative\wscsvc.dll
[2009/07/13 21:41:58 | 000,097,280 | ---- | M] (Microsoft Corporation) MD5=E8B1FE6669397D1772D8196DF0E57A9E -- C:\Windows\system64\wscsvc.dll
[2009/07/13 21:41:58 | 000,097,280 | ---- | M] (Microsoft Corporation) MD5=E8B1FE6669397D1772D8196DF0E57A9E -- C:\Windows\winsxs\amd64_microsoft-windows-securitycenter-core_31bf3856ad364e35_6.1.7600.16385_none_76354f59cbc9dce8\wscsvc.dll
[2009/07/13 21:41:58 | 000,097,280 | ---- | M] (Microsoft Corporation) MD5=E8B1FE6669397D1772D8196DF0E57A9E -- C:\Windows\winsxs\amd64_microsoft-windows-securitycenter-core_31bf3856ad364e35_6.1.7601.17514_none_78666321c8b86082\wscsvc.dll

========== Hard Links - Junction Points - Mount Points - Symbolic Links ==========
[C:\Windows\system64] -> \systemroot\system32 -> Mount Point

< End of report >

 

[Tom Clindaniel]

********EXTRAS LOG*************
OTL Extras logfile created on: 7/18/2012 4:26:39 PM - Run 1
OTL by OldTimer - Version 3.2.54.0 Folder = C:\Users\Tom\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.96 Gb Total Physical Memory | 1.15 Gb Available Physical Memory | 58.60% Memory free
4.89 Gb Paging File | 3.28 Gb Available in Paging File | 67.02% Paging File free
Paging file location(s): C:\pagefile.sys 3004 3004 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 148.95 Gb Total Space | 87.32 Gb Free Space | 58.63% Space Free | Partition Type: NTFS
Drive J: | 500.00 Gb Total Space | 500.00 Gb Free Space | 100.00% Space Free | Partition Type: FAT32
Drive K: | 500.00 Gb Total Space | 500.00 Gb Free Space | 100.00% Space Free | Partition Type: FAT32
Drive L: | 500.00 Gb Total Space | 500.00 Gb Free Space | 100.00% Space Free | Partition Type: FAT32

Computer Name: TOM-LAPTOP | User Name: Tom | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl[@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\SysWow64\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %*
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\SysWow64\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %*
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{06E87C80-B670-48E1-926B-954DBA3B762F}" = rport=1723 | protocol=6 | dir=out | app=system |
"{149DBD5C-BC1B-4DB8-B9B2-24596B3F1F20}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{1B8E1F94-1C66-4771-8099-C725BE446549}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{20B333E9-298C-4D01-B7B8-ECAC26295CDA}" = rport=139 | protocol=6 | dir=out | app=system |
"{2F9C8925-5361-430B-80B5-F1222BAE5F46}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{375870F7-4A15-4B7A-81C1-B71D7F0D03A7}" = rport=1701 | protocol=17 | dir=out | app=system |
"{3A40B488-B42F-423A-B083-5B2039D72FFB}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{40EC6C59-B942-4C79-8D03-DBD54873706C}" = rport=137 | protocol=17 | dir=out | app=system |
"{53D4F9B7-9F85-4534-A912-0B584A290B83}" = lport=445 | protocol=6 | dir=in | app=system |
"{579C40BA-C14C-486B-A637-14E34B744AFD}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{639A7876-95CF-406A-9B22-9234377BC3AC}" = lport=138 | protocol=17 | dir=in | app=system |
"{67861B7E-8DFD-416E-808D-C43CAB3FF2B0}" = lport=80 | protocol=6 | dir=in | app=system |
"{6A010516-87C7-4463-BB5E-C331222E59A7}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{6AAE534F-E0FF-4279-8F80-0CF88DE927E5}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{8DE1DDAB-0BAB-412D-B0D0-CC630FB2B160}" = rport=445 | protocol=6 | dir=out | app=system |
"{97174042-5028-490E-9E67-F1DA3DB113C8}" = lport=1701 | protocol=17 | dir=in | app=system |
"{A4771E5D-0E6D-4B55-B01B-C21F69660F1D}" = rport=138 | protocol=17 | dir=out | app=system |
"{CEF74AC6-A53B-47B4-B369-FC68E3DC5C66}" = lport=25 | protocol=6 | dir=in | name=smtp port 25 |
"{D45EDD42-4829-425D-A5F6-301A6F568E50}" = lport=137 | protocol=17 | dir=in | app=system |
"{E8D91CDD-8A5D-4E58-AC4F-013815FBA906}" = lport=1723 | protocol=6 | dir=in | app=system |
"{F4FFF5F9-4851-4352-B6F2-B7338D3F3212}" = lport=5353 | protocol=6 | dir=in | name=adobe csi cs4 |
"{FB6F53AF-C541-4C77-9A37-4EF12D31F766}" = lport=5985 | protocol=6 | dir=in | app=system |
"{FE215F55-8D90-4995-A3EF-6995FADD6879}" = lport=139 | protocol=6 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0D099817-D855-45D4-ACED-9CDDEFC7B823}" = protocol=6 | dir=in | app=c:\program files\hp\hp officejet 7500 e910\bin\devicesetup.exe |
"{0E7F1FF3-CCDA-4B03-9A6F-59EA1A83692C}" = protocol=47 | dir=out | app=system |
"{1BAFC111-F596-47FD-8424-338C0C90A764}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\adobe\cs4servicemanager\cs4servicemanager.exe |
"{1DF8F444-471D-4C16-BADC-ABCEA37F154C}" = protocol=47 | dir=in | app=system |
"{1E50F053-3BB5-42F6-AEB2-278718BC2978}" = protocol=17 | dir=in | app=c:\windows\system32\lxdncoms.exe |
"{237B36BC-71D1-4D99-9D45-A6736E3C1F82}" = protocol=6 | dir=in | app=c:\users\tom\appdata\local\google\google talk plugin\googletalkplugin.exe |
"{28ADEDE1-A4D5-42D8-9B05-BF7C283C4059}" = protocol=6 | dir=in | app=c:\windows\system32\svchost.exe |
"{28ADEDE1-A4D5-42D8-9B05-BF7C283C4060}" = protocol=6 | dir=out | app=c:\windows\system32\svchost.exe |
"{2E2A96AB-7483-478E-802B-4B6D44B35F72}" = protocol=17 | dir=in | app=c:\program files\hp\hp officejet 7500 e910\bin\devicesetup.exe |
"{3AC46548-3222-4AE6-AD94-E639818D03CF}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{433D864E-F76F-4927-9DA9-40BB3D2CACB8}" = protocol=17 | dir=in | app=c:\windows\system32\mstsc.exe |
"{44C0F955-9DB5-4A50-A8BC-C0536B05867F}" = protocol=17 | dir=in | app=c:\program files\hp\hp officejet 7500 e910\bin\hpnetworkcommunicator.exe |
"{4CC9EE09-BC83-41A9-8DCE-ACB3A9FF6695}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{53A48A3A-209B-4ADF-AD39-832AC82BE066}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{55CB75C5-E43D-49C1-AB9C-CA7CA75A6845}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\adobe\cs4servicemanager\cs4servicemanager.exe |
"{5B931B54-C2EE-49CE-9CBE-82D02AB5CB82}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{5D4E6A69-16D1-4964-8B3F-A0D01589C43D}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{5E7B5D50-4BDE-4C25-885F-BF4E1402C497}" = protocol=6 | dir=in | app=c:\windows\system32\lxdncoms.exe |
"{5EB69F5E-79A8-4A48-947F-28D982F3EB80}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{6056A8A3-FB4E-49D4-BD8B-CBDC6A1C4218}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{707788D3-E99D-4E7E-8522-F029A0547B78}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{71AF26F6-53A5-4882-812A-EF9FB43DF169}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{91D4A9E9-1BF7-4467-B5BE-019142CD8B59}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{92CFD722-A2E5-41DB-9EE7-583879C100CC}" = protocol=6 | dir=in | app=c:\windows\system32\mstsc.exe |
"{96EC1538-F995-417C-A4EE-1E0FE59CFC4D}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{A35BB4EB-2FEE-481F-8D60-72AEB5057C64}" = protocol=17 | dir=in | app=c:\users\tom\appdata\local\google\google talk plugin\googletalkplugin.exe |
"{A6331C02-440E-4CD2-9B31-B0B8B4820626}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{B0B1597F-F9FA-46F6-8CCE-F1666775B972}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{B77D72CA-363F-4B64-857C-098A749B816B}" = protocol=6 | dir=in | app=c:\program files\hp\hp officejet 7500 e910\bin\hpnetworkcommunicator.exe |
"{BE4C1832-5F9E-497B-8F13-C2D7BC87FEBF}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{C8F7F55D-CFDC-4584-B775-98E7253D2C8A}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{CD9B0A82-1A84-4615-A1BF-175BCC00FC17}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{E12F0AA1-E464-43CD-8A7E-3AABC733F4D3}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{E2C738F7-5634-4C16-8256-403AEAC9B188}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{EFF495D3-D8F5-4DDF-8CFB-68A8600572EC}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F681AB2C-1560-4236-B57A-B4C0B7D5DD73}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"TCP Query User{0D1A298C-D6E1-4A37-96D8-04105C4CE817}C:\program files (x86)\american auto-matrix\nbpro\nbpro.exe" = protocol=6 | dir=in | app=c:\program files (x86)\american auto-matrix\nbpro\nbpro.exe |
"TCP Query User{1352FEB8-FCC4-4909-A15E-BF253906F0BA}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"TCP Query User{2FEF622C-92C0-4209-8CF1-31019651D336}C:\users\tom\appdata\roaming\macromedia\flash player\" = protocol=6 | dir=in | app=c:\users\tom\appdata\roaming\macromedia\flash player\ |
"TCP Query User{7F525234-0144-4F8F-AED7-1070DCAFCDC8}C:\program files\hp\hp officejet 7500 e910\bin\hpnetworkcommunicator.exe" = protocol=6 | dir=in | app=c:\program files\hp\hp officejet 7500 e910\bin\hpnetworkcommunicator.exe |
"UDP Query User{4A0BFD0C-2002-4302-8F66-F4CD036681E1}C:\program files\hp\hp officejet 7500 e910\bin\hpnetworkcommunicator.exe" = protocol=17 | dir=in | app=c:\program files\hp\hp officejet 7500 e910\bin\hpnetworkcommunicator.exe |
"UDP Query User{68FB67E6-D4D9-4750-8112-4C8B6B6F2D65}C:\program files (x86)\american auto-matrix\nbpro\nbpro.exe" = protocol=17 | dir=in | app=c:\program files (x86)\american auto-matrix\nbpro\nbpro.exe |
"UDP Query User{8C72DD1C-E33D-4B4E-BADB-18FC08599779}C:\users\tom\appdata\roaming\macromedia\flash player\" = protocol=17 | dir=in | app=c:\users\tom\appdata\roaming\macromedia\flash player\ |
"UDP Query User{C7BC1086-4A15-462D-80DA-97E99272A6A5}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{26A24AE4-039D-4CA4-87B4-2F86417004FF}" = Java(TM) 7 Update 4 (64-bit)
"{288D79EE-A2D1-42AF-9597-B0ADCC23A8ED}" = Microsoft SQL Server VSS Writer
"{362A3FDF-B12E-436A-9097-1B795A9FFCC5}" = Microsoft SQL Server 2008 R2 Native Client
"{37D728D2-C49C-42EE-83B1-9A5931A6540E}" = HP Officejet 7500 E910 Product Improvement Study
"{41BC9E31-0D39-462E-8E4C-767B21A3B1C3}" = MobileMe Control Panel
"{467D5E81-8349-4892-9E81-C3674ED8E451}" = Cisco Systems VPN Client 5.0.07.0290
"{4837C529-BBBC-47E3-95FC-70C69C003160}" = Jungle Disk Workgroup
"{563F041C-DFDB-437B-A1E8-E141E0906076}" = Microsoft IntelliPoint 8.0
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8B485965-8EFE-464A-842F-CF8F18C3DFD7}" = iCloud
"{8DAA31EB-6830-4006-A99F-4DF8AB24714F}" = Adobe CSI CS4 x64
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{951291D4-36CA-41F0-9696-8670797005A9}" = HP Officejet 7500 E910 Basic Device Software
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
"{9D046B26-7978-47CD-91E6-AC3C1DFBC3D0}" = Microsoft Security Client
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Dell Touchpad
"{B8AD779A-82DA-4365-A7D0-AD3DCFC55CFF}" = Apple Mobile Device Support
"{CF8FFD12-602B-422D-AF1D-511B411E7632}" = iTunes
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft Security Client" = Microsoft Security Essentials

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{020617D7-2F72-4D02-BF59-A5CBC1761177}" = SQL Server 2008 R2 Management Studio
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{121475F5-2598-4574-8801-8F6B3D6A99BB}" = SQL Server 2008 R2 Management Studio
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{24DC9885-E759-4BD2-8A20-D4AC509A7FDE}" = HP Officejet 7500 E910 Help
"{26A24AE4-039D-4CA4-87B4-2F83216016F0}" = Java(TM) 6 Update 16
"{26A24AE4-039D-4CA4-87B4-2F83217004FF}" = Java(TM) 7 Update 5
"{2B818257-E6C7-4841-8C29-C5C9A982BCE5}" = RICOH Media Driver ver.2.07.01.01
"{30C8AA56-4088-426F-91D1-0EDFD3A25678}" = Adobe Dreamweaver CS4
"{373B1718-8CC5-4567-8EE2-9033AD08A680}" = Roblox
"{388E4B09-3E71-4649-8921-F44A3A2954A7}" = Microsoft Visual Studio 2005 Tools for Office Runtime
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3A9FC03D-C685-4831-94CF-4EDFD3749497}" = Microsoft SQL Server Compact 3.5 SP2 ENU
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4C9D82EB-9001-4E59-8F64-0BEEE5F4A30A}" = SQL Server 2008 R2 Database Engine Shared
"{4ECF4BDC-8387-329A-ABE9-CF5798F84BB2}" = Microsoft Visual Studio Tools for Applications 2.0 - ENU
"{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies
"{52232EF4-CC12-4C21-ABCF-ADB79618302D}" = Adobe Soundbooth CS4 Codecs
"{561968FD-56A1-49FD-9ED0-F55482C7C5BC}" = Adobe Media Encoder CS4 Exporter
"{58721EC3-8D4E-4B79-BC51-1054E2DDCD10}" = SQL Server 2008 R2 Database Engine Services
"{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5C83x/84x Media Driver Ver.3.53.02
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{61D6891E-E822-4448-9F9A-0AAAAEB6AF6C}" = Adobe Creative Suite 4 Master Collection
"{66D31A57-0446-3886-AEFF-201E1E7C4854}" = Google Talk Plugin
"{67A9747A-E1F5-4E9A-81CC-12B5D5B81B6E}" = Adobe After Effects CS4 Third Party Content
"{68A35043-C55A-4237-88C9-37EE1C63ED71}" = Microsoft Visual J# 2.0 Redistributable Package
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{76866BE3-B2C7-40BB-B267-927792AED0C3}" = Microsoft SQL Server 2008 R2 Setup (English)
"{787D1A33-A97B-4245-87C0-7174609A540C}" = HP Update
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{7C8EAD2B-A954-4F73-AAFC-C3EC60D49ADA}" = Microsoft SQL Server 2008 R2 RsFx Driver
"{7CFAEC66-BA0E-4076-AAA5-2BE29153E6DF}" = Microsoft XML Parser
"{8186FF34-D389-4B7E-9A2F-C197585BCFBD}" = Adobe Media Encoder CS4 Importer
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0409-1000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0116-0409-1000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{93998800-1608-403F-9A51-420A77D23C25}" = Sql Server Customer Experience Improvement Program
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-1033-F400-7760-000000000004}" = Adobe Acrobat 9 Pro - English, Français, Deutsch
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.1)
"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B5153233-9AEE-4CD4-9D2C-4FAAC870DBE2}" = SQL Server 2008 R2 Database Engine Services
"{B95B1BA9-F887-4B3C-8D3A-CCD4C4675120}" = Microsoft Default Manager
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{BF9BF038-FE03-429D-9B26-2FA0FD756052}" = Microsoft SQL Server Browser
"{C1C79CBF-2DA1-44DC-BDEE-2387F5197BA1}" = Customer License Upgrade Utility
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C6579A65-9CAE-4B31-8B6B-3306E0630A66}" = Apple Software Update
"{C779648B-410E-4BBA-B75B-5815BCEFE71D}" = Safari
"{C8A47C0C-B2FF-4EB1-8180-2C39996AD22D}" = Web Studio 5.0
"{C938BE91-3BB5-4B84-9EF6-88F0505D0038}" = Adobe Premiere Pro CS4 Third Party Content
"{CA6BCA2F-EDEB-408F-850B-31404BE16A61}" = I.R.I.S. OCR
"{CACEA8C8-3D38-4F51-953D-1E6FC3346FEF}" = SQL Server 2008 R2 Common Files
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CD25CD4F-737E-44D7-8146-9A32295E662D}" = Metasys CCT 5.1.0.4400
"{D21BC5B2-CBAC-48FA-A701-B5A63C1CA7B8}" = Microsoft SQL Server 2008 R2 Policies
"{D441BD04-E548-4F8E-97A4-1B66135BAAA8}" = Microsoft SQL Server 2008 Setup Support Files
"{DDFD8348-058C-4F4B-85E5-6D740D4AB3FE}" = Microsoft SQL Server Compact 3.5 SP2 Query Tools ENU
"{DEE43217-9B84-4204-AE98-27BAA14EFF5C}" = GO Contact Sync
"{E8EE9410-8AC4-4F43-A626-DDECA75C79F3}" = Adobe Setup
"{EA50F6E4-8542-4B2B-B344-D080D5DA0EB1}" = BlackBerry Device Software Updater
"{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support
"{F021CC0C-21C3-4038-AA4A-6E3CBC669CE8}" = SQL Server 2008 R2 Database Engine Shared
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{FB0C267C-8B4F-4867-8161-A6A3B66D42C1}" = Marketsplash Shortcuts
"{FB2A5FCC-B81B-48C2-A009-7804694D83E9}" = Adobe Encore CS4 Codecs
"{FC835376-FF3B-4CAA-83E0-2148B3FB7C98}" = SQL Server 2008 R2 Common Files
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Adobe_b2d6abde968e6f277ddbfd501383e02" = Adobe Creative Suite 4 Master Collection
"CoffeeCup Free DHTML Menu Builder" = CoffeeCup Free DHTML Menu Builder
"ENTERPRISE" = Microsoft Office Enterprise 2007
"ESET Online Scanner" = ESET Online Scanner v3
"FileZilla Client" = FileZilla Client 3.5.0
"Google Calendar Sync" = Google Calendar Sync
"Google Chrome" = Google Chrome
"Intuit SiteBuilder" = Intuit SiteBuilder
"Juniper Network Connect 6.5.0" = Juniper Networks Network Connect 6.5.0
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.62.0.1300
"Metasys CCT" = Metasys CCT 5.1.0.4400
"Microsoft Report Viewer Redistributable 2008 (KB971119)" = Microsoft Report Viewer Redistributable 2008 SP1
"Microsoft SQL Server 10" = Microsoft SQL Server 2008 R2
"Microsoft SQL Server 2008 R2" = Microsoft SQL Server 2008 R2
"Microsoft Visual J# 2.0 Redistributable Package" = Microsoft Visual J# 2.0 Redistributable Package
"Microsoft Visual Studio 2005 Tools for Office Runtime" = Microsoft Visual Studio 2005 Tools for Office Runtime
"PokerStars" = PokerStars
"Web Studio 5.0" = Web Studio 5.0
"WinRAR archiver" = WinRAR 4.00 (32-bit)

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Juniper_Setup_Client" = Juniper Networks Setup Client
"Neoteris_Host_Checker" = Juniper Networks Host Checker
"UnityWebPlayer" = Unity Web Player

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 7/17/2012 4:23:26 PM | Computer Name = Tom-Laptop | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 1046

Error - 7/17/2012 4:23:26 PM | Computer Name = Tom-Laptop | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 1046

Error - 7/17/2012 4:23:27 PM | Computer Name = Tom-Laptop | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 7/17/2012 4:23:27 PM | Computer Name = Tom-Laptop | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 2699

Error - 7/17/2012 4:23:27 PM | Computer Name = Tom-Laptop | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 2699

Error - 7/17/2012 4:23:28 PM | Computer Name = Tom-Laptop | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 7/17/2012 4:23:28 PM | Computer Name = Tom-Laptop | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 3760

Error - 7/17/2012 4:23:28 PM | Computer Name = Tom-Laptop | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 3760

Error - 7/18/2012 8:10:19 AM | Computer Name = Tom-Laptop | Source = SideBySide | ID = 16842832
Description = Activation context generation failed for "C:\Users\Tom\Downloads\esetsmartinstaller_enu.exe".Error
in manifest or policy file "" on line . A component version required by the application
conflicts with another component version already active. Conflicting components
are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error - 7/18/2012 12:11:10 PM | Computer Name = Tom-Laptop | Source = SideBySide | ID = 16842832
Description = Activation context generation failed for "c:\program files (x86)\ESET\eset
online scanner\ESETSmartInstaller.exe".Error in manifest or policy file "" on line
. A component version required by the application conflicts with another component
version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

[ OSession Events ]
Error - 1/3/2011 8:04:10 PM | Computer Name = Tom-Laptop | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6423.1000, Microsoft Office Version: 12.0.6425.1000. This session lasted 0
seconds with 0 seconds of active time. This session ended with a crash.

Error - 1/16/2011 2:57:56 PM | Computer Name = Tom-Laptop | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6423.1000, Microsoft Office Version: 12.0.6425.1000. This session lasted 18
seconds with 0 seconds of active time. This session ended with a crash.

Error - 6/16/2011 7:56:08 PM | Computer Name = Tom-Laptop | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6550.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 184
seconds with 180 seconds of active time. This session ended with a crash.

Error - 9/21/2011 11:44:43 AM | Computer Name = Tom-Laptop | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6550.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 8
seconds with 0 seconds of active time. This session ended with a crash.

Error - 12/5/2011 8:55:05 PM | Computer Name = Tom-Laptop | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6562.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 3
seconds with 0 seconds of active time. This session ended with a crash.

Error - 12/11/2011 6:08:45 PM | Computer Name = Tom-Laptop | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6562.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 3
seconds with 0 seconds of active time. This session ended with a crash.

Error - 12/20/2011 8:35:16 AM | Computer Name = Tom-Laptop | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6562.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 2
seconds with 0 seconds of active time. This session ended with a crash.

Error - 12/23/2011 11:47:43 PM | Computer Name = Tom-Laptop | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6562.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 3
seconds with 0 seconds of active time. This session ended with a crash.

Error - 12/26/2011 10:46:08 AM | Computer Name = Tom-Laptop | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6562.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 3
seconds with 0 seconds of active time. This session ended with a crash.

Error - 12/30/2011 10:50:17 AM | Computer Name = Tom-Laptop | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6562.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 3
seconds with 0 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 7/18/2012 10:41:32 AM | Computer Name = Tom-Laptop | Source = Microsoft-Windows-Kernel-Processor-Power | ID = 35
Description = Performance power management features on processor 0 in group 0 are
disabled due to a firmware problem. Check with the computer manufacturer for updated
firmware.

Error - 7/18/2012 10:42:06 AM | Computer Name = Tom-Laptop | Source = Service Control Manager | ID = 7023
Description = The Windows Defender service terminated with the following error:
%%126

Error - 7/18/2012 10:46:15 AM | Computer Name = Tom-Laptop | Source = Microsoft Antimalware | ID = 1119
Description = %%860 has encountered a critical error when taking action on malware
or other potentially unwanted software. For more information please see the following:
http://go.microsoft.com/fwlink/?lin...Downloader:Win32/Hoicfh.A&threatid=2147645627

Name:
TrojanDownloader:Win32/Hoicfh.A ID: 2147645627 Severity: Severe Category: Trojan Downloader

Path:
containerfile:_C:\Users\Tom\AppData\Local\Temp\IXP000.TMP\compressed.exe;file:_C:\Users\Tom\AppData\Local\Temp\IXP000.TMP\compressed.exe->(UPX)

Detection
Origin: %%845 Detection Type: %%822 Detection Source: %%818 User: NT AUTHORITY\SYSTEM

Process
Name: C:\msr5.exe Action: %%809 Action Status: No additional actions required Error
Code: 0x80070002 Error description: The system cannot find the file specified. Signature
Version: AV: 1.131.132.0, AS: 1.131.132.0, NIS: 11.159.0.0 Engine Version: AM: 1.1.8601.0,
NIS: 2.0.8001.0

Error - 7/18/2012 11:02:55 AM | Computer Name = Tom-Laptop | Source = Microsoft-Windows-Kernel-Processor-Power | ID = 35
Description = Performance power management features on processor 0 in group 0 are
disabled due to a firmware problem. Check with the computer manufacturer for updated
firmware.

Error - 7/18/2012 11:03:11 AM | Computer Name = Tom-Laptop | Source = Service Control Manager | ID = 7000
Description = The Sentinel64 service failed to start due to the following error:
%%20

Error - 7/18/2012 11:03:32 AM | Computer Name = Tom-Laptop | Source = Service Control Manager | ID = 7023
Description = The Windows Defender service terminated with the following error:
%%126

Error - 7/18/2012 11:18:08 AM | Computer Name = Tom-Laptop | Source = Microsoft-Windows-Kernel-Processor-Power | ID = 35
Description = Performance power management features on processor 0 in group 0 are
disabled due to a firmware problem. Check with the computer manufacturer for updated
firmware.

Error - 7/18/2012 11:18:19 AM | Computer Name = Tom-Laptop | Source = Service Control Manager | ID = 7000
Description = The Sentinel64 service failed to start due to the following error:
%%20

Error - 7/18/2012 11:18:34 AM | Computer Name = Tom-Laptop | Source = Service Control Manager | ID = 7023
Description = The Windows Defender service terminated with the following error:
%%126

Error - 7/18/2012 3:18:18 PM | Computer Name = Tom-Laptop | Source = Tcpip | ID = 4199
Description = The system detected an address conflict for IP address 0.0.0.0 with
the system having network hardware address 64-20-0C-1B-E9-D3. Network operations
on this system may be disrupted as a result.


< End of report >

 

[Jay Pfoutz]

[2012/07/18 11:22:10 | 000,000,000 | ---- | C] () -- C:\msr5.exe
This file is empty, and should not be a threat to your computer at all. Don't worry about its detection right now.

I'm sick to death of software companies who think their customers come last. These products are characteristic of software programs that are rogue. They're not necessarily rogue overall, but have tendencies that cross the line:

• SpeedyPC Software
• SpyHunter
• DriverCure

Please consider removing these programs from your computer. Let me know if done. We can find much better and safer products that will actually protect your computer AND prevent malware.

Also, remove these old versions of Java to prevent vulnerabilities:

• Java 6 Update 16
• Java 7 Update 4

ESET Online Scan

Please run a free online scan with the ESET Online Scanner

• Tick the box next to YES, I accept the Terms of Use
• Click Start
• When asked, allow the ActiveX control to install
• Click Start
• Make sure that the options Remove found threats and the option Scan unwanted applications is checked
• Click Scan (This scan can take several hours, so please be patient)
• Once the scan is completed, you may close the window
• Use Notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt
• Copy and paste that log as a reply to this topic

Security Check

Download Security Check by screen317 from SpywareInfoforum.org or Changelog.fr.

• Save it to your Desktop.
• Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
• A Notepad document should open automatically called checkup.txt; please post the contents of that document.

 

[Tom Clindaniel]

DragonMasterJay,
I agree with you about companies touting their wares with the only measure of their success is how many copies they sell, not how many happy customers they have !

Your comment about removing the three programs is really kind of weird as I have already removed them. After your comment, I went back into Control Panel, Program Features and they are not listed anywhere. I wonder how they are still flagged as installed? I did remove the Java versions you asked me to.

Thanks again for your help !!!!

*****ESET LOG*********

ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=ba2c98329cec714ebcaf49420aa379ee
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2012-05-02 01:26:50
# local_time=2012-05-02 09:26:50 (-0500, Eastern Daylight Time)
# country="United States"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776574 66 94 0 87499130 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=323191
# found=11
# cleaned=0
# scan_time=9530
C:\Users\Tom\AppData\Local\Temp\jar_cache1893619820743594189.tmpJava/TrojanDownloader.Agent.NCA trojan (unable to clean)00000000000000000000000000000000I
C:\Users\Tom\AppData\Local\Temp\jar_cache441114741555314326.tmpJava/TrojanDownloader.Agent.NCA trojan (unable to clean)00000000000000000000000000000000I
C:\Users\Tom\AppData\Local\Temp\jar_cache4806386780422399114.tmpJava/TrojanDownloader.Agent.NCA trojan (unable to clean)00000000000000000000000000000000I
C:\Users\Tom\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\26\596ddf9a-2c35afc4a variant of Java/Exploit.Agent.NBE trojan (unable to clean)00000000000000000000000000000000I
C:\Windows\assembly\temp\U\80000000.@Win64/Sirefef.W trojan (unable to clean)00000000000000000000000000000000I
C:\Windows\assembly\temp\U\80000032.$a variant of Win32/Sirefef.EU trojan (unable to clean)00000000000000000000000000000000I
C:\Windows\assembly\temp\U\80000032.@a variant of Win32/Sirefef.EU trojan (unable to clean)00000000000000000000000000000000I
C:\Windows\assembly\temp\U\80000064.$Win64/Sirefef.AC trojan (unable to clean)00000000000000000000000000000000I
C:\Windows\assembly\temp\U\80000064.@Win64/Sirefef.AC trojan (unable to clean)00000000000000000000000000000000I
C:\Windows\system64\emu10k.dllWin64/Sirefef.W trojan (unable to clean)00000000000000000000000000000000I
${Memory}a variant of Win32/Sirefef.DN trojan00000000000000000000000000000000I
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=ba2c98329cec714ebcaf49420aa379ee
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2012-05-02 04:09:33
# local_time=2012-05-02 12:09:33 (-0500, Eastern Daylight Time)
# country="United States"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776574 66 94 0 87508822 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=323942
# found=11
# cleaned=10
# scan_time=9600
C:\Users\Tom\AppData\Local\Temp\jar_cache1893619820743594189.tmpJava/TrojanDownloader.Agent.NCA trojan (deleted - quarantined)00000000000000000000000000000000C
C:\Users\Tom\AppData\Local\Temp\jar_cache441114741555314326.tmpJava/TrojanDownloader.Agent.NCA trojan (deleted - quarantined)00000000000000000000000000000000C
C:\Users\Tom\AppData\Local\Temp\jar_cache4806386780422399114.tmpJava/TrojanDownloader.Agent.NCA trojan (deleted - quarantined)00000000000000000000000000000000C
C:\Users\Tom\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\26\596ddf9a-2c35afc4a variant of Java/Exploit.Agent.NBE trojan (deleted - quarantined)00000000000000000000000000000000C
C:\Windows\assembly\temp\U\80000000.@Win64/Sirefef.W trojan (cleaned by deleting - quarantined)00000000000000000000000000000000C
C:\Windows\assembly\temp\U\80000032.$a variant of Win32/Sirefef.EU trojan (cleaned by deleting - quarantined)00000000000000000000000000000000C
C:\Windows\assembly\temp\U\80000032.@a variant of Win32/Sirefef.EU trojan (cleaned by deleting - quarantined)00000000000000000000000000000000C
C:\Windows\assembly\temp\U\80000064.$Win64/Sirefef.AC trojan (cleaned by deleting - quarantined)00000000000000000000000000000000C
C:\Windows\assembly\temp\U\80000064.@Win64/Sirefef.AC trojan (cleaned by deleting - quarantined)00000000000000000000000000000000C
C:\Windows\system64\emu10k.dllWin64/Sirefef.W trojan (cleaned by deleting (after the next restart) - quarantined)00000000000000000000000000000000C
${Memory}a variant of Win32/Sirefef.DN trojan00000000000000000000000000000000I
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=2fb802577aede443b3ee45f226bb94e5
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-05-04 04:05:43
# local_time=2012-05-04 12:05:43 (-0500, Eastern Daylight Time)
# country="United States"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776574 100 94 0 87684614 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=212405
# found=6
# cleaned=0
# scan_time=6379
C:\FRST\Quarantine\80000032.$a variant of Win32/Sirefef.EU trojan (unable to clean)00000000000000000000000000000000I
C:\FRST\Quarantine\80000032.@a variant of Win32/Sirefef.EU trojan (unable to clean)00000000000000000000000000000000I
C:\FRST\Quarantine\80000064.$Win64/Sirefef.AC trojan (unable to clean)00000000000000000000000000000000I
C:\FRST\Quarantine\80000064.@Win64/Sirefef.AC trojan (unable to clean)00000000000000000000000000000000I
C:\FRST\Quarantine\consrv.dllWin64/Sirefef.G trojan (unable to clean)00000000000000000000000000000000I
C:\FRST\Quarantine\emu10k.dllWin64/Sirefef.W trojan (unable to clean)00000000000000000000000000000000I
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=2fb802577aede443b3ee45f226bb94e5
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-07-19 11:01:46
# local_time=2012-07-19 07:01:46 (-0500, Eastern Daylight Time)
# country="United States"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776574 100 94 5429539 94277810 0 0
# compatibility_mode=8192 67108863 100 0 5752195 5752195 0 0
# scanned=195650
# found=5
# cleaned=4
# scan_time=4546
C:\msr5.exea variant of Win32/Agent.PAP trojan (deleted - quarantined)00000000000000000000000000000000C
C:\Users\Tom\AppData\Roaming\csrssr.exea variant of Win32/Agent.PAP trojan (cleaned by deleting - quarantined)00000000000000000000000000000000C
C:\Windows\System32\{71.74.95.131}\4d8d0f4a variant of Win32/Agent.PAP trojan (cleaned by deleting (after the next restart) - quarantined)00000000000000000000000000000000C
C:\Windows\system64\lsassr.exea variant of Win32/Agent.TDZ trojan (cleaned by deleting - quarantined)00000000000000000000000000000000C
${Memory}a variant of Win32/Agent.PAP trojan00000000000000000000000000000000I
************CHECKUP LOG********
Results of screen317's Security Check version 0.99.43
Windows 7 Service Pack 1 x64 (UAC is disabled!)
Internet Explorer 8 Out of date!
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Disabled!
Microsoft Security Essentials
(On Access scanning disabled!)
`````````Anti-malware/Other Utilities Check:`````````
Malwarebytes Anti-Malware version 1.62.0.1300
JavaFX 2.1.1
Java(TM) 7 Update 5
Adobe Reader X (10.1.1)
Google Chrome 20.0.1132.47
Google Chrome 20.0.1132.57
````````Process Check: objlist.exe by Laurent````````
Microsoft Security Essentials MSMpEng.exe
Microsoft Security Essentials msseces.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 1%
````````````````````End of Log``````````````````````
*************DONE*************

 

[Jay Pfoutz]

Hi! Good thing they're gone!

Clean up System Restore

Now, to get you off to a clean start, we will be creating a new Restore Point, then clearing the old ones to make sure you do not get reinfected, in case you need to "restore back."

To manually create a new Restore Point

• Go to Control Panel and select System and Maintenance
• Select System
• On the left select Advance System Settings and accept the warning if you get one
• Select System Protection Tab
• Select Create at the bottom
• Type in a name I.e. Clean
• Select Create

Now we can purge the infected ones

• Go back to the System and Maintenance page
• Select Performance Information and Tools
• On the left select Open Disk Cleanup
• Select Files from all users and accept the warning if you get one
• In the drop down box select your main drive I.e. C
• For a few moments the system will make some calculations:
  
  
• Select the More Options tab
  
  
• In the System Restore and Shadow Backups select Clean up
  
  
• Select Delete on the pop up
• Select OK
• Select Delete

Run OTC to remove our tools

To remove all of the tools we used and the files and folders they created, please do the following:
Please download OTC.exe by OldTimer:

• Save it to your Desktop.
• Double click OTC.exe.
• Click the CleanUp! button.
• If you are prompted to Reboot during the cleanup, select Yes.
• The tool will delete itself once it finishes.

Note: If any tool, file or folder (belonging to the program we have used) hasn't been deleted, please delete it manually.

Purge old temporary files

Please download TFC by OldTimer to your desktop

• Please double-click TFC.exe to run it. (Note: If you are running on Vista, right-click on the file and choose Run As Administrator).
• It will close all programs when run, so make sure you have saved all your work before you begin.
• Click the Start
  button to begin the process. Depending on how often you clean temp
  files, execution time should be anywhere from a few seconds to a minute
  or two. Let it run uninterrupted to completion.
• Once it's finished it should reboot your machine. If it does not, please manually reboot the machine yourself to ensure a complete clean.

Personal Tips on Preventing Malware

See this page for more info about malware and prevention.

Any other questions before I mark this topic solved?

 

[Tom Clindaniel]

Hey DMJ (I abbreviated obviously),
I am not sure that the virus is indeed gone as I believe your comment eludes to.When I go into MSE and go to History, it still shows many occurrences of not only the Hoicfh.A virus, but now I am also showing RDPOpen.B hits from this morning. I also am still getting an annoying pop up window that reads "Error creating process.. <C:\Users\Tom\AppData\Local\Temp\IXP001.TMP\compressed.exe>... Reason:Access is Denied."

Every time this pops up, MSE also shows a popup that it is cleaning a threat and no action is required.

So before I do any of the above steps, I just wanted to make sure that we are indeed virus free. Pardon me if I have missed something or if my ignorance of viruses and tools to combat them has gotten in the way of progress !!

Thanks again for your help,
Tom

 

[Jay Pfoutz]

Go ahead with another ESET scan and let's see where that takes us. MSE will probably need uninstalled and reinstalled. Normally, it acts like this if it is using too many heuristics (predictions). Which is a sign of an invalid or old copy of MSE.

 

[Tom Clindaniel]

Here are the results from ESET... sorry it took so long !!!

ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=ba2c98329cec714ebcaf49420aa379ee
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2012-05-02 01:26:50
# local_time=2012-05-02 09:26:50 (-0500, Eastern Daylight Time)
# country="United States"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776574 66 94 0 87499130 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=323191
# found=11
# cleaned=0
# scan_time=9530
C:\Users\Tom\AppData\Local\Temp\jar_cache1893619820743594189.tmpJava/TrojanDownloader.Agent.NCA trojan (unable to clean)00000000000000000000000000000000I
C:\Users\Tom\AppData\Local\Temp\jar_cache441114741555314326.tmpJava/TrojanDownloader.Agent.NCA trojan (unable to clean)00000000000000000000000000000000I
C:\Users\Tom\AppData\Local\Temp\jar_cache4806386780422399114.tmpJava/TrojanDownloader.Agent.NCA trojan (unable to clean)00000000000000000000000000000000I
C:\Users\Tom\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\26\596ddf9a-2c35afc4a variant of Java/Exploit.Agent.NBE trojan (unable to clean)00000000000000000000000000000000I
C:\Windows\assembly\temp\U\80000000.@Win64/Sirefef.W trojan (unable to clean)00000000000000000000000000000000I
C:\Windows\assembly\temp\U\80000032.$a variant of Win32/Sirefef.EU trojan (unable to clean)00000000000000000000000000000000I
C:\Windows\assembly\temp\U\80000032.@a variant of Win32/Sirefef.EU trojan (unable to clean)00000000000000000000000000000000I
C:\Windows\assembly\temp\U\80000064.$Win64/Sirefef.AC trojan (unable to clean)00000000000000000000000000000000I
C:\Windows\assembly\temp\U\80000064.@Win64/Sirefef.AC trojan (unable to clean)00000000000000000000000000000000I
C:\Windows\system64\emu10k.dllWin64/Sirefef.W trojan (unable to clean)00000000000000000000000000000000I
${Memory}a variant of Win32/Sirefef.DN trojan00000000000000000000000000000000I
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=ba2c98329cec714ebcaf49420aa379ee
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2012-05-02 04:09:33
# local_time=2012-05-02 12:09:33 (-0500, Eastern Daylight Time)
# country="United States"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776574 66 94 0 87508822 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=323942
# found=11
# cleaned=10
# scan_time=9600
C:\Users\Tom\AppData\Local\Temp\jar_cache1893619820743594189.tmpJava/TrojanDownloader.Agent.NCA trojan (deleted - quarantined)00000000000000000000000000000000C
C:\Users\Tom\AppData\Local\Temp\jar_cache441114741555314326.tmpJava/TrojanDownloader.Agent.NCA trojan (deleted - quarantined)00000000000000000000000000000000C
C:\Users\Tom\AppData\Local\Temp\jar_cache4806386780422399114.tmpJava/TrojanDownloader.Agent.NCA trojan (deleted - quarantined)00000000000000000000000000000000C
C:\Users\Tom\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\26\596ddf9a-2c35afc4a variant of Java/Exploit.Agent.NBE trojan (deleted - quarantined)00000000000000000000000000000000C
C:\Windows\assembly\temp\U\80000000.@Win64/Sirefef.W trojan (cleaned by deleting - quarantined)00000000000000000000000000000000C
C:\Windows\assembly\temp\U\80000032.$a variant of Win32/Sirefef.EU trojan (cleaned by deleting - quarantined)00000000000000000000000000000000C
C:\Windows\assembly\temp\U\80000032.@a variant of Win32/Sirefef.EU trojan (cleaned by deleting - quarantined)00000000000000000000000000000000C
C:\Windows\assembly\temp\U\80000064.$Win64/Sirefef.AC trojan (cleaned by deleting - quarantined)00000000000000000000000000000000C
C:\Windows\assembly\temp\U\80000064.@Win64/Sirefef.AC trojan (cleaned by deleting - quarantined)00000000000000000000000000000000C
C:\Windows\system64\emu10k.dllWin64/Sirefef.W trojan (cleaned by deleting (after the next restart) - quarantined)00000000000000000000000000000000C
${Memory}a variant of Win32/Sirefef.DN trojan00000000000000000000000000000000I
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=2fb802577aede443b3ee45f226bb94e5
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-05-04 04:05:43
# local_time=2012-05-04 12:05:43 (-0500, Eastern Daylight Time)
# country="United States"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776574 100 94 0 87684614 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=212405
# found=6
# cleaned=0
# scan_time=6379
C:\FRST\Quarantine\80000032.$a variant of Win32/Sirefef.EU trojan (unable to clean)00000000000000000000000000000000I
C:\FRST\Quarantine\80000032.@a variant of Win32/Sirefef.EU trojan (unable to clean)00000000000000000000000000000000I
C:\FRST\Quarantine\80000064.$Win64/Sirefef.AC trojan (unable to clean)00000000000000000000000000000000I
C:\FRST\Quarantine\80000064.@Win64/Sirefef.AC trojan (unable to clean)00000000000000000000000000000000I
C:\FRST\Quarantine\consrv.dllWin64/Sirefef.G trojan (unable to clean)00000000000000000000000000000000I
C:\FRST\Quarantine\emu10k.dllWin64/Sirefef.W trojan (unable to clean)00000000000000000000000000000000I
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=2fb802577aede443b3ee45f226bb94e5
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-07-19 11:01:46
# local_time=2012-07-19 07:01:46 (-0500, Eastern Daylight Time)
# country="United States"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776574 100 94 5429539 94277810 0 0
# compatibility_mode=8192 67108863 100 0 5752195 5752195 0 0
# scanned=195650
# found=5
# cleaned=4
# scan_time=4546
C:\msr5.exea variant of Win32/Agent.PAP trojan (deleted - quarantined)00000000000000000000000000000000C
C:\Users\Tom\AppData\Roaming\csrssr.exea variant of Win32/Agent.PAP trojan (cleaned by deleting - quarantined)00000000000000000000000000000000C
C:\Windows\System32\{71.74.95.131}\4d8d0f4a variant of Win32/Agent.PAP trojan (cleaned by deleting (after the next restart) - quarantined)00000000000000000000000000000000C
C:\Windows\system64\lsassr.exea variant of Win32/Agent.TDZ trojan (cleaned by deleting - quarantined)00000000000000000000000000000000C
${Memory}a variant of Win32/Agent.PAP trojan00000000000000000000000000000000I
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=2fb802577aede443b3ee45f226bb94e5
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-07-22 02:23:35
# local_time=2012-07-22 10:23:35 (-0500, Eastern Daylight Time)
# country="United States"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776574 100 94 5657279 94505550 0 0
# compatibility_mode=8192 67108863 100 0 5979935 5979935 0 0
# scanned=199903
# found=1
# cleaned=1
# scan_time=4914
C:\msr5.exea variant of Win32/Agent.PAP trojan (deleted - quarantined)00000000000000000000000000000000C

 

[Jay Pfoutz]

• Download RogueKiller and save it on your desktop.
• Quit all programs
• Start RogueKiller.exe.
• Wait until Prescan has finished ...
• Click on Scan

• Wait for the end of the scan.
• The report has been created on the desktop.
• Click on the Delete button.

• The report has been created on the desktop.

• Next click on the ShortcutsFix
  
  
  
• The report has been created on the desktop.

Please post:

All RKreport.txt text files located on your desktop.

 

[Tom Clindaniel]

Here are the requested logs... .. sorry for the delay. My job appears to be getting in the way !! LOL !!

*****ASWMBR LOG*****
aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-07-24 16:49:44
-----------------------------
16:49:44.762 OS Version: Windows x64 6.1.7601 Service Pack 1
16:49:44.763 Number of processors: 1 586 0x170A
16:49:44.765 ComputerName: TOM-LAPTOP UserName: Tom
16:49:47.150 Initialize success
16:53:20.591 AVAST engine defs: 12072401
16:54:10.542 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
16:54:10.545 Disk 0 Vendor: WDC_WD1600BEVT-75A23T0 01.01A01 Size: 152627MB BusType: 11
16:54:10.555 Disk 0 MBR read successfully
16:54:10.558 Disk 0 MBR scan
16:54:10.564 Disk 0 Windows 7 default MBR code
16:54:10.571 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
16:54:10.585 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 152525 MB offset 206848
16:54:10.604 Disk 0 scanning C:\Windows\system32\drivers
16:54:23.236 Service scanning
16:55:01.957 Modules scanning
16:55:01.966 Disk 0 trace - called modules:
16:55:01.988 ntoskrnl.exe CLASSPNP.SYS disk.sys >>UNKNOWN [0xfffffa80021652c0]<<sppx.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
16:55:01.993 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80027e5060]
16:55:02.000 3 CLASSPNP.SYS[fffff8800180143f] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8002615060]
16:55:02.006 \Driver\atapi[0xfffffa800221b640] -> IRP_MJ_CREATE -> 0xfffffa80021652c0
16:55:02.872 AVAST engine scan C:\Windows
16:55:05.253 AVAST engine scan C:\Windows\system32
16:59:09.714 AVAST engine scan C:\Windows\system32\drivers
16:59:26.645 AVAST engine scan C:\Users\Tom
17:01:51.717 File: C:\Users\Tom\AppData\Local\Temp\Ins4C6A.tmp.exe **INFECTED** Win32ownloader-PPV [Trj]
17:02:22.718 File: C:\Users\Tom\AppData\Roaming\22.exe **INFECTED** Win32:Malware-gen
17:04:30.650 File: C:\Users\Tom\AppData\Roaming\onereal-4m.com **INFECTED** Win32ownloader-PPV [Trj]
17:06:52.182 AVAST engine scan C:\ProgramData
17:08:49.853 Scan finished successfully
17:29:47.494 Disk 0 MBR has been saved successfully to "C:\Users\Tom\Desktop\MBR.dat"
17:29:47.500 The log file has been saved successfully to "C:\Users\Tom\Desktop\aswMBR.txt"

*****ROGUEKILLER******
RogueKiller V7.6.4 [07/17/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: https://www.techspot.com/downloads/5562-roguekiller.html
Blog: http://tigzyrk.blogspot.com

Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User: Tom [Admin rights]
Mode: Scan -- Date: 07/24/2012 17:30:47

¤¤¤ Bad processes: 0 ¤¤¤

¤¤¤ Registry Entries: 8 ¤¤¤
[SUSP PATH] HKCU\[...]\RunOnce : AdobeFlash (C:\Users\Tom\AppData\Roaming\lasasr.exe) -> FOUND
[SUSP PATH] HKUS\S-1-5-21-1582047655-2410839964-2795636096-1001[...]\RunOnce : AdobeFlash (C:\Users\Tom\AppData\Roaming\lasasr.exe) -> FOUND
[SUSP PATH] HKCU\[...]\RunServices : Windows RPC Host Service (C:\Users\Tom\AppData\Roaming\csrssr.exe) -> FOUND
[SUSP PATH] HKUS\S-1-5-21-1582047655-2410839964-2795636096-1001[...]\RunServices : Windows RPC Host Service (C:\Users\Tom\AppData\Roaming\csrssr.exe) -> FOUND
[HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND
[HJ] HKLM\[...]\System : EnableLUA (0) -> FOUND
[HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver: [NOT LOADED] ¤¤¤

¤¤¤ Infection : ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
127.0.0.1 localhost


¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: WDC WD1600BEVT-75A23T0 ATA Device +++++
--- User ---
[MBR] 29fdfa556d13eb95d2083272401a4ed7
[BSP] e7a4d88e39462edee4d9ce59ade9badd : Windows 7 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 152525 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[1].txt >>
RKreport[1].txt


*****ROGUEKILLER*****
RogueKiller V7.6.4 [07/17/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: https://www.techspot.com/downloads/5562-roguekiller.html
Blog: http://tigzyrk.blogspot.com

Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User: Tom [Admin rights]
Mode: Remove -- Date: 07/24/2012 17:34:51

¤¤¤ Bad processes: 0 ¤¤¤

¤¤¤ Registry Entries: 6 ¤¤¤
[SUSP PATH] HKCU\[...]\RunOnce : AdobeFlash (C:\Users\Tom\AppData\Roaming\lasasr.exe) -> DELETED
[SUSP PATH] HKCU\[...]\RunServices : Windows RPC Host Service (C:\Users\Tom\AppData\Roaming\csrssr.exe) -> DELETED
[HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> REPLACED (2)
[HJ] HKLM\[...]\System : EnableLUA (0) -> REPLACED (1)
[HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver: [NOT LOADED] ¤¤¤

¤¤¤ Infection : ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
127.0.0.1 localhost


¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: WDC WD1600BEVT-75A23T0 ATA Device +++++
--- User ---
[MBR] 29fdfa556d13eb95d2083272401a4ed7
[BSP] e7a4d88e39462edee4d9ce59ade9badd : Windows 7 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 152525 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[2].txt >>
RKreport[1].txt ; RKreport[2].txt

*****ROGUEKILLER*****

 

[Tom Clindaniel]

I guess the last did not take... sorry

*****ROGUEKILLER*****
RogueKiller V7.6.4 [07/17/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: https://www.techspot.com/downloads/5562-roguekiller.html
Blog: http://tigzyrk.blogspot.com

Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User: Tom [Admin rights]
Mode: Shortcuts HJfix -- Date: 07/24/2012 17:45:47

¤¤¤ Bad processes: 0 ¤¤¤

¤¤¤ Driver: [NOT LOADED] ¤¤¤

¤¤¤ File attributes restored: ¤¤¤
Desktop: Success 1 / Fail 0
Quick launch: Success 0 / Fail 0
Programs: Success 2 / Fail 0
Start menu: Success 0 / Fail 0
User folder: Success 107 / Fail 0
My documents: Success 4 / Fail 0
My favorites: Success 0 / Fail 0
My pictures: Success 0 / Fail 0
My music: Success 68 / Fail 0
My videos: Success 0 / Fail 0
Local drives: Success 247 / Fail 0
Backup: [NOT FOUND]

Drives:
[C:] \Device\HarddiskVolume2 -- 0x3 --> Restored
[D:] \Device\CdRom0 -- 0x5 --> Skipped
[J:] \Device\{A5E1065D-0AD1-48ED-8457-A80B2D9B6FE2}#2 -- 0x2 --> Restored
[K:] \Device\{A5E1065D-0AD1-48ED-8457-A80B2D9B6FE2}#0 -- 0x2 --> Restored
[L:] \Device\{A5E1065D-0AD1-48ED-8457-A80B2D9B6FE2}#1 -- 0x2 --> Restored

¤¤¤ Infection : ¤¤¤

Finished : << RKreport[3].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt

 

[Jay Pfoutz]

ComboFix

Please download ComboFix

by sUBs
From BleepingComputer.com

Please save the file to your Desktop, but rename it first to svchost.exe

Important information about ComboFix

Before the download:

• Please copy and paste these instructions to Notepad and save to your Desktop, or print them - for easier access.
• It is important to rename ComboFix before the download.
• Please do not rename ComboFix to other names, but only the one indicated.

After the download:

• Close any open browsers.
• Very Important: Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results". Please visit here if you don't know how.
• WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
• Please do not attempt to re-connect your machine back to the Internet until ComboFix has completely finished.
• If there is no Internet connection after running ComboFix, then restart your computer to restore back your connection.

Running ComboFix:

• Double click on svchost.exe & follow the prompts.
• It will attempt to install the Recovery Console:

• When ComboFix finishes, it will produce a report for you.
• Please post the "C:\Combo-Fix.txt" in your next reply.

Troubleshooting ComboFix

Safe Mode:

If you still cannot get ComboFix to run, try booting into Safe Mode, and run it there.

(To boot into Safe Mode, tap F8 after BIOS, and just before the Windows
logo appears. A list of options will appear, select "Safe Mode.")

Re-downloading:

If this doesn't work either, try the same method (above method), but try to download it again, except name
ComboFix.exe to iexplore.exe, explorer.exe, or winlogon.exe.

Malware is known for blocking all "user" processes, except for its whitelist of system important processes such as iexplore.exe, explorer.exe, winlogon.exe.

 

[Tom Clindaniel]

Ran ComboFix fine... results below

****COMBOFIX LOG********
ComboFix 12-07-26.01 - Tom 07/25/2012 8:26.3.1 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.2003.1057 [GMT -4:00]
Running from: c:\users\Tom\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}
SP: Microsoft Security Essentials *Disabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\Ins4C6A.tmp
C:\InsECE.tmp
C:\InsF749.tmp
c:\users\Tom\AppData\Roaming\22.exe
c:\users\Tom\AppData\Roaming\lasasr.exe
c:\users\Tom\AppData\Roaming\onereal-4m.com
c:\users\Tom\AppData\Roaming\svchbs-0m.com
c:\users\Tom\AppData\Roaming\xfliv-2m.com
c:\users\Tom\AppData\Roaming\xSqLssAlWkqS.exe
c:\users\Tom\dds.scr
.
Infected copy of c:\windows\SysWow64\userinit.exe was found and disinfected
Restored copy from - c:\windows\ERDNT\cache86\userinit.exe
.
.
((((((((((((((((((((((((( Files Created from 2012-06-25 to 2012-07-25 )))))))))))))))))))))))))))))))
.
.
2012-07-25 12:38 . 2012-07-25 12:3869000----a-w-c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{EF1FFB37-883F-495B-AFA8-67CC0FCB764C}\offreg.dll
2012-07-25 12:37 . 2012-07-25 12:37--------d-----w-c:\users\Public\AppData\Local\temp
2012-07-25 12:37 . 2012-07-25 12:37--------d-----w-c:\users\DefaultAppPool\AppData\Local\temp
2012-07-25 12:37 . 2012-07-25 12:37--------d-----w-c:\users\Default\AppData\Local\temp
2012-07-25 12:37 . 2012-07-25 12:37--------d-----w-c:\users\Classic .NET AppPool\AppData\Local\temp
2012-07-25 12:10 . 2012-06-29 10:049133488----a-w-c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{EF1FFB37-883F-495B-AFA8-67CC0FCB764C}\mpengine.dll
2012-07-25 12:02 . 2012-06-29 10:049133488----a-w-c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-07-23 19:27 . 2012-07-23 19:27--------d-----w-c:\programdata\boost_interprocess
2012-07-23 10:52 . 2012-07-23 10:52--------d-----w-c:\programdata\B282
2012-07-23 10:51 . 2012-07-23 10:52--------d-----w-c:\users\Tom\AppData\Local\BearShare
2012-07-23 10:49 . 2012-07-23 10:49--------d-----w-c:\users\Tom\AppData\Local\Ilivid Player
2012-07-23 10:47 . 2012-07-23 10:49--------d-----w-c:\program files (x86)\iLivid
2012-07-23 10:46 . 2012-07-23 10:51--------d-----w-c:\program files (x86)\BearShare Applications
2012-07-23 10:46 . 2012-07-23 10:48--------d-----w-c:\programdata\BearShare
2012-07-23 10:45 . 2012-07-23 10:46--------d-----w-c:\program files (x86)\Searchqu Toolbar
2012-07-23 10:44 . 2012-07-23 10:52--------dc----w-c:\programdata\{6F1B3060-90C7-4F21-AFFB-07B6150C73EA}
2012-07-23 10:43 . 2012-07-23 10:43--------d-----w-c:\users\Tom\AppData\Local\PackageAware
2012-07-18 12:15 . 2012-07-18 12:15--------d-----w-c:\program files\Enigma Software Group
2012-07-18 12:13 . 2012-07-18 14:48--------d-----w-c:\windows\F896D02690164122B9BD957FF092FFE9.TMP
2012-07-18 12:13 . 2012-07-18 12:13--------d-----w-c:\program files (x86)\Common Files\Wise Installation Wizard
2012-07-18 01:46 . 2012-07-25 12:39--------d-----w-c:\users\Tom\AppData\Local\Temp
2012-07-18 01:10 . 2012-07-18 01:48--------d-----w-c:\users\Tom\AppData\Local\LogMeIn Rescue Applet
2012-07-18 00:40 . 2012-07-18 00:40--------d-----w-c:\users\Tom\AppData\Roaming\SpeedyPC Software
2012-07-18 00:40 . 2012-07-18 00:40--------d-----w-c:\users\Tom\AppData\Roaming\DriverCure
2012-07-18 00:40 . 2012-07-18 14:59--------d-----w-c:\programdata\SpeedyPC Software
2012-07-16 14:28 . 2012-06-12 03:083148800----a-w-c:\windows\system32\win32k.sys
2012-07-16 13:37 . 2012-06-09 05:4314172672----a-w-c:\windows\system32\shell32.dll
2012-07-16 13:37 . 2012-04-28 03:55210944----a-w-c:\windows\system32\drivers\rdpwd.sys
2012-07-16 13:35 . 2012-04-20 05:42451072----a-w-c:\program files\Internet Explorer\ieproxy.dll
2012-07-16 13:34 . 2012-06-02 04:40225280----a-w-c:\windows\SysWow64\schannel.dll
2012-07-16 13:34 . 2012-06-02 05:4895600----a-w-c:\windows\system32\drivers\ksecdd.sys
2012-07-16 13:34 . 2012-06-02 04:4022016----a-w-c:\windows\SysWow64\secur32.dll
2012-07-16 13:34 . 2012-06-02 04:3496768----a-w-c:\windows\SysWow64\sspicli.dll
2012-07-16 13:32 . 2012-04-26 05:4177312----a-w-c:\windows\system32\rdpwsx.dll
2012-07-16 13:32 . 2012-04-26 05:41149504----a-w-c:\windows\system32\rdpcorekmts.dll
2012-07-16 13:32 . 2012-04-26 05:349216----a-w-c:\windows\system32\rdrmemptylst.exe
2012-07-16 13:32 . 2012-04-24 05:371462272----a-w-c:\windows\system32\crypt32.dll
2012-07-16 13:32 . 2012-04-24 04:361158656----a-w-c:\windows\SysWow64\crypt32.dll
2012-07-16 13:32 . 2012-04-24 05:37184320----a-w-c:\windows\system32\cryptsvc.dll
2012-07-16 13:32 . 2012-04-24 05:37140288----a-w-c:\windows\system32\cryptnet.dll
2012-07-16 13:32 . 2012-04-24 04:36140288----a-w-c:\windows\SysWow64\cryptsvc.dll
2012-07-16 13:32 . 2012-04-24 04:36103936----a-w-c:\windows\SysWow64\cryptnet.dll
2012-07-16 11:14 . 2012-07-16 11:14--------d-----w-c:\program files (x86)\Oracle
2012-07-12 12:26 . 2012-07-12 12:269226440----a-w-c:\windows\SysWow64\FlashPlayerInstaller.exe
2012-07-04 19:06 . 2012-07-23 19:30--------d--h--w-c:\windows\SysWow64\{71.74.95.131}
2012-07-04 16:56 . 2012-05-03 12:38927800------w-c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{1ACA8E6C-DD25-4663-BBFF-C5297E44762B}\gapaengine.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-07-12 12:27 . 2012-05-05 11:2570344----a-w-c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-07-12 12:27 . 2012-05-05 11:25426184----a-w-c:\windows\SysWow64\FlashPlayerApp.exe
2012-07-06 02:06 . 2012-05-09 10:38772544----a-w-c:\windows\SysWow64\npDeployJava1.dll
2012-07-06 02:06 . 2011-07-20 14:11687544----a-w-c:\windows\SysWow64\deployJava1.dll
2012-07-03 17:46 . 2010-12-12 13:3024904----a-w-c:\windows\system32\drivers\mbam.sys
2012-07-03 07:19 . 2010-09-22 23:1659701280----a-w-c:\windows\system32\MRT.exe
2012-06-02 22:19 . 2012-06-19 10:1138424----a-w-c:\windows\system32\wups.dll
2012-06-02 22:19 . 2012-06-19 10:122428952----a-w-c:\windows\system32\wuaueng.dll
2012-06-02 22:19 . 2012-06-19 10:1257880----a-w-c:\windows\system32\wuauclt.exe
2012-06-02 22:19 . 2012-06-19 10:1244056----a-w-c:\windows\system32\wups2.dll
2012-06-02 22:19 . 2012-06-19 10:11701976----a-w-c:\windows\system32\wuapi.dll
2012-06-02 22:15 . 2012-06-19 10:122622464----a-w-c:\windows\system32\wucltux.dll
2012-06-02 22:15 . 2012-06-19 10:1199840----a-w-c:\windows\system32\wudriver.dll
2012-06-02 19:19 . 2012-06-19 10:11186752----a-w-c:\windows\system32\wuwebv.dll
2012-06-02 19:15 . 2012-06-19 10:1136864----a-w-c:\windows\system32\wuapp.exe
2012-05-31 16:25 . 2010-09-22 22:48279656------w-c:\windows\system32\MpSigStub.exe
2012-05-07 09:33 . 2012-05-07 09:3369000----a-w-c:\programdata\Microsoft\Windows Defender\Definition Updates\{2D5AB106-6E8F-4C25-9CF6-CF69C4B17EB7}\offreg.dll
2012-05-05 11:45 . 2012-05-05 11:45839112----a-w-c:\windows\system32\deployJava1.dll
2012-05-05 11:45 . 2012-05-05 11:45955848----a-w-c:\windows\system32\npDeployJava1.dll
2012-05-03 12:38 . 2012-06-13 17:35927800------w-c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}]
2011-12-27 10:0787480----a-w-c:\progra~2\BEARSH~1\MediaBar\Datamngr\ToolBar\wincorebsdtx.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}"= "c:\progra~2\BEARSH~1\MediaBar\Datamngr\ToolBar\wincorebsdtx.dll" [2011-12-27 87480]
.
[HKEY_CLASSES_ROOT\clsid\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\EldosIconOverlay]
@="{5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC}"
[HKEY_CLASSES_ROOT\CLSID\{5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC}]
2010-11-30 15:03155416----a-w-c:\windows\SysWOW64\CbFsMntNtf3.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MobileDocuments"="c:\program files (x86)\Common Files\Apple\Internet Services\ubd.exe" [2012-02-23 59240]
"null-4d8d0ec"="c:\windows\Sun\Java\bin\javaw.exe" [2012-05-05 189384]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"4d8d0ec"="c:\windows\Sun\Java\bin\javaw.exe" [2012-05-05 189384]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Intuit SyncManager"="c:\program files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe" [2010-10-19 1439496]
"HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2010-03-12 49208]
"Microsoft Default Manager"="c:\program files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2009-11-11 288088]
"AdobeCS4ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]
"Adobe Acrobat Speed Launcher"="c:\program files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" [2008-06-12 37232]
"Acrobat Assistant 8.0"="c:\program files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" [2008-06-12 640376]
"AppleSyncNotifier"="c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-11-02 59240]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-21 59240]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~2\SEARCH~1\Datamngr\datamngr.dll c:\progra~2\SEARCH~1\Datamngr\IEBHO.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security PackagesREG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
Internet Explorer Update ServiceREG_SZ c:\users\Tom\AppData\Roaming\csrssr.exe
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-01-16 136176]
R2 Sentinel64;Sentinel64;c:\windows\System32\Drivers\Sentinel64.sys [2008-07-11 145448]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-12 250056]
R3 esgiguard;esgiguard;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-01-16 136176]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2012-03-21 98688]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe [2012-03-26 291696]
R3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys [2010-07-21 45456]
R3 SNTUSB64;SafeNet USB SuperPro/UltraPro/HardwareKey;c:\windows\system32\DRIVERS\SNTUSB64.SYS [2008-07-11 58664]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-02-15 52736]
R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys [2008-05-06 14464]
R3 WSDPrintDevice;WSD Print Support via UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 23040]
R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2010-04-03 44896]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-09-22 834544]
S1 cbfs3;cbfs3;c:\windows\system32\drivers\cbfs3.sys [2010-11-30 321424]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
S2 JungleDiskWorkgroupService;JungleDiskWorkgroupService;c:\program files\Jungle Disk Workgroup\JungleDiskWorkgroup.exe [2011-05-17 9769800]
S2 lxdn_device;lxdn_device;c:\windows\system32\lxdncoms.exe [2007-11-28 1039872]
S3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
S3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
S3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
iissvcsREG_MULTI_SZ w3svc was
apphostREG_MULTI_SZ apphostsvc
.
Contents of the 'Scheduled Tasks' folder
.
2012-07-25 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-05 12:27]
.
2012-07-25 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-01-16 22:07]
.
2012-07-25 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-01-16 22:07]
.
2012-07-24 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1582047655-2410839964-2795636096-1001Core.job
- c:\users\Tom\AppData\Local\Google\Update\GoogleUpdate.exe [2010-09-24 20:27]
.
2012-07-25 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1582047655-2410839964-2795636096-1001UA.job
- c:\users\Tom\AppData\Local\Google\Update\GoogleUpdate.exe [2010-09-24 20:27]
.
2012-07-18 c:\windows\Tasks\Web Studio 5.0 Updates.job
- c:\windows\Installer\Web Studio 5.0 Updates for All Users.lnk [2011-03-07 00:49]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{9D717F81-9148-4f12-8568-69135F087DB0}]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\EldosIconOverlay]
@="{5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC}"
[HKEY_CLASSES_ROOT\CLSID\{5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC}]
2010-11-30 15:03188696----a-w-c:\windows\System32\CbFsMntNtf3.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\JungleDiskWorkgroup1_Complete]
@="{78061A12-1E91-4446-8B65-8ED2FF328D4A}"
[HKEY_CLASSES_ROOT\CLSID\{78061A12-1E91-4446-8B65-8ED2FF328D4A}]
2011-05-17 20:151089024----a-w-c:\program files\Jungle Disk Workgroup\monitor_shellext.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\JungleDiskWorkgroup2_InProgress]
@="{700AD13D-E86F-41C9-9A8F-39B4C438806F}"
[HKEY_CLASSES_ROOT\CLSID\{700AD13D-E86F-41C9-9A8F-39B4C438806F}]
2011-05-17 20:151089024----a-w-c:\program files\Jungle Disk Workgroup\monitor_shellext.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\JungleDiskWorkgroup3_Conflicted]
@="{48C7A606-0F84-4DC8-8AFD-A157BDF18A08}"
[HKEY_CLASSES_ROOT\CLSID\{48C7A606-0F84-4DC8-8AFD-A157BDF18A08}]
2011-05-17 20:151089024----a-w-c:\program files\Jungle Disk Workgroup\monitor_shellext.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="c:\program files\DellTPad\Apoint.exe" [2010-02-17 375808]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-07-29 161304]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-07-29 386584]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-07-29 415256]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2010-07-21 2327952]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-03-26 1271168]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x1
"AppInit_DLLs"=c:\progra~2\SEARCH~1\Datamngr\x64\datamngr.dll c:\progra~2\SEARCH~1\Datamngr\x64\IEBHO.dll
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.searchnu.com/406
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: Append Link Target to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 10.0.0.1
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-10 - (no file)
Wow6432Node-HKCU-Run-RESTART_STICKY_NOTES - c:\windows\System32\StikyNot.exe
Toolbar-10 - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
AddRemove-Intuit SiteBuilder - c:\program files (x86)\Intuit\SiteBuilder\hkuninst.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_265_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_265_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B9A09F18-45AB-4F09-A117-A4ADDA8FA8C8}]
@Denied: (A) (Everyone)
"Solution"="{36eb6792-3a29-43b3-8cd0-f67d266fb426}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane\0]
"Key"="ActionsPane"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\8.0\\ActionsPane.xsd"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Cisco Systems\VPN Client\cvpnd.exe
c:\program files (x86)\Juniper Networks\Common Files\dsNcService.exe
c:\program files (x86)\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\sqlservr.exe
.
**************************************************************************
.
Completion time: 2012-07-25 08:50:29 - machine was rebooted
ComboFix-quarantined-files.txt 2012-07-25 12:50
.
Pre-Run: 96,177,868,800 bytes free
Post-Run: 96,460,648,448 bytes free
.
- - End Of File - - 5378048F6884A648D8E482F573CA62E2

 

[Jay Pfoutz]

ComboFix Script

• Close any open browsers.
• Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
• Open notepad and copy/paste the text in the codebox below into it:
  

  killall::
  
  Registry::
  [-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{9D717F81-9148-4f12-8568-69135F087DB0}]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
  "AppInit_DLLs"=-
  
  [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
  "Internet Explorer Update Service"=-
  
  Folder::
  c:\progra~2\SEARCH~1
  c:\program files (x86)\Searchqu Toolbar
  c:\programdata\{6F1B3060-90C7-4F21-AFFB-07B6150C73EA}
  c:\users\Tom\AppData\Local\PackageAware
  c:\program files\Enigma Software Group
  c:\windows\F896D02690164122B9BD957FF092FFE9.TMP
  c:\users\Tom\AppData\Roaming\SpeedyPC Software
  c:\users\Tom\AppData\Roaming\DriverCure
  c:\programdata\B282
  c:\users\Tom\AppData\Local\BearShare
  c:\users\Tom\AppData\Local\Ilivid Player
  c:\program files (x86)\iLivid
  c:\program files (x86)\BearShare Applications
  c:\programdata\BearShare
  
  DDS::
  uStart Page = hxxp://www.searchnu.com/406
  
  Reboot::

• Save this as CFScript.txt, in the same location as ComboFix.exe
  
  
  
  
  
• Referring to the picture above, drag CFScript into ComboFix.exe
• When finished, it shall produce a log for you at C:\ComboFix.txt
• Please post the contents of the log in your next reply.

 

[Tom Clindaniel]

Here ya go.... had to break it up over several messages though...

ComboFix 12-07-26.03 - Tom 07/25/2012 15:25:54.4.1 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.2003.1018 [GMT -4:00]
Running from: c:\users\Tom\Desktop\ComboFix.exe
Command switches used :: c:\users\Tom\Desktop\CFScript.txt
AV: Microsoft Security Essentials *Disabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}
SP: Microsoft Security Essentials *Disabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\progra~2\SEARCH~1
c:\progra~2\SEARCH~1\Datamngr\BrowserConnection.dll
c:\progra~2\SEARCH~1\Datamngr\datamngr.dll
c:\progra~2\SEARCH~1\Datamngr\datamngrUI.exe
c:\progra~2\SEARCH~1\Datamngr\DnsBHO.dll
c:\progra~2\SEARCH~1\Datamngr\IEBHO.dll
c:\progra~2\SEARCH~1\Datamngr\installhelper.dll
c:\progra~2\SEARCH~1\Datamngr\ToolBar\as_guid.dat
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\content\bandoocode.js
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\content\data\search\engines.xml
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\content\data\search\search.xsl
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\content\lib\about.xml
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\content\lib\bandoocode.js
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\content\lib\dtxpanel.xul
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\content\lib\dtxpaneltransparent.xul
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\content\lib\dtxpanelwin.xul
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\content\lib\dtxprefwin.xul
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\content\lib\dtxtransparentwin.xul
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\content\lib\dtxwin.xul
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\content\lib\emailnotifierproviders.xml
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\content\lib\external.js
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\content\lib\neterror.xhtml
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\content\lib\vmncode.js
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\content\lib\wmpstreamer.html
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\content\modules\datastore.jsm
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\content\modules\nsDragAndDrop.js
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\content\neterror.xhtml
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\content\partner.coupons.xml
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\content\preferences.xml
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\content\radiobeta.js
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\content\template.xml
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\content\toolbar.htm
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\content\toolbar.xul
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\content\vmncode.js
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\content\vmnrsswin.xml
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\babylon_logo.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\bandoo.css
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\bluelite.gif
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\bluesky.gif
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\btn-search-over.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\btn-search.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\btn-settings-over.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\btn-settings.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\btn-widgets-over.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\btn-widgets.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\btn_settings.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\ca.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\dictionary.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\divider.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\downloadcom.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\dtxlogo.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\ebay.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\email.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\email_on.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\facebook.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\games.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\graphred0.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\graphred0_5.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\graphred1.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\graphred1_5.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\graphred2.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\graphred2_5.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\graphred3.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\graphred3_5.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\graphred4.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\graphred4_5.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\graphred5.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\graphredna.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\grey.gif
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\ico-shield.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\icon_amazon.gif
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\icon_games.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\icon_radio_png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\icon_seperator_png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\icon_twitter.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\icon_youtube.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\images.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\imesh.css
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\add.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\aol.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\arrow-dn.gif
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\arrow-right-disabled.gif
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\arrow-right.gif
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\arrow-up.gif
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\bg-btn-divider.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\bg-btn-end.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\bg-btn-mdl.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\bg-btn-mdl_ff.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\bg-btn-start.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\bg-btnover-divider.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\bg-btnover-end.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\bg-btnover-mdl.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\bg-btnover-mdl_ff.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\bg-btnover-start.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\blank.gif
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\btn-widgets-over.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\btn-widgets.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\btn_slider.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\btnback-down-vista.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\btnback-vista.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\btnleft-down-vista.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\btnleft-vista.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\btnright-down-vista.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\btnright-vista.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\button-splitter-down-vista.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\button-splitter-vista.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\checkmark.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\chevron.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\collapse.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\comcast.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\dtx.css
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\edit-back-hot.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\edit-back.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\expand.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\found.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\gmail.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\highlight.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\highlight_blue.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\highlight_cyan.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\highlight_lime.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\highlight_magenta.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\highlight_yellow.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\hotmail.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\ico-check.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\imap.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\lastsearch-thumb-back.gif
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\loadingMid.gif
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\lock.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\logo-separator.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\mailcom.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\menu_bg-basic.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\menu_separator_bar.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\menu_separator_white.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\menuitem-splitter.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\menuitemback-down-vista.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\menuitemback-vista.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\menuitemleft-down-vista.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\menuitemleft-vista.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\menuitemright-down-vista.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\menuitemright-vista.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\modify.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\move.gif
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\movetarget.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\panels\css\panels.css
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\panels\css\popupAbout.css
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\panels\css\popupGames.css
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\panels\css\popupRSS.css
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\panels\css\popupWidgets.css
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\panels\default\css\dialog.css
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\bg.gif
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\btn-search.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\btn-wide-close-over.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\btn-wide-close.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\default.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\tab-off-l.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\tab-off-r.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\tab-on-l.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\tab-on-r.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\transparent.gif
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\ttlbar-left.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\ttlbar-mdl.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\ttlbar-right.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\win-btm-left.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\win-btm-mdl.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\win-btm-right-resize.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\win-btm-right.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\win-left.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\win-right.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\panels\default\main.html
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\panels\default\scripts\defscript.js
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\panels\footer.htm
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\panels\gamecategory.xsl
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\panels\gameData.js
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\panels\gameList.xsl
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\panels\games.xsl
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\panels\gametype.xsl
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\arrow-dn.gif
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\arrow-sml-drop.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\arrow-sml.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\arrow-up.gif
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\arrowr-bluew5.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\bg-aboutbox.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\bg-btnover.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\bg-pnl520x390.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-addtoolbar-left-over.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-addtoolbar-left.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-addtoolbar-right.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-back.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-close-grey.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-close-greyover.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-drag.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-mdl-over.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-mdl.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-moredetails.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-next-over.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-next.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-play-left-over.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-play-left.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-previous-over.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-previous.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-right-over.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-search-pnlbtm-over.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-search-pnlbtm.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-try-left-over.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-try-left.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\bullet-orange.gif
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\gamethumb-on.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\gamethumb2-over.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\ico-calendar.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\ico-dollar.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\ico-download.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\ico-joystick24.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\ico-news24.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\ico-play.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\ico-tags.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\icon-Add.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\icon-download.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\icon-Info.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\icon-play.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\icon-shop.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\menul-bgon.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\menul-bgover.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\panel-botm-noscroll.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\scroll-bg-206.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\scroll-bg.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\scroll-topwin.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\scrollb-disable.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\scrollb-down.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\scrollb-over.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\scrollb.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\scrollt-disable.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\scrollt-down.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\scrollt-over.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\scrollt.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\searchbox-pnlbtm.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\star_x_grey.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\star_x_orange.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\TRUSTe_about.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\view-detailed-on.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\view-detailed-over.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\view-thumb-on.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\view-thumb-over.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\widgets-square-16px.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\widgets-square-24px.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\widgets.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\panels\initHTML.html
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\panels\popupGames.html
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\panels\popupHTML.html
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\panels\popupRSS.html
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\panels\popupWidgets.html
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\panels\scroll.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\pop.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\radio.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\radio\css\manager.css
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\radio\css\slider.css
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\radio\images\bg-pnl.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\radio\images\btn-close-grey.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\radio\images\btn-close-greyover.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\radio\images\collapsed_button.gif
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\radio\images\expanded_button.gif
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\radio\images\ico-playstation-down.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\radio\images\ico-playstation-over.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\radio\images\ico-playstation.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\radio\images\ico-radio.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\radio\images\music-note.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-btn-pause-on.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-btn-pause.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-btn-play-on.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-btn-play.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-eq-bg.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-eq-buffer.gif
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-eq-busy.gif
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-eq-off.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-eq-on.gif
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-eq-warning.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-options-design-on.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-options-design.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-options-on.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-options.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-volume-0.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-volume-1.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-volume-2.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-volume-3.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-volume-mute.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\radio\images\scrollbar-handle.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\radio\images\scrollbar-track.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\radio\images\slider.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\radio\images\slideron.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\radio\images\track.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\radio\managerpanel.html
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\radio\volumeslider.html
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\radiobeta-buffering.gif
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\radiobeta-connecting.gif
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\radiobeta-playing.gif
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\radiobeta-stopped.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\radiobeta.ico
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\reload.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\remove.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\rename.gif
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\resize-box.gif
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\rss.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\rsschannelback.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\RSSLogo.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\rsstabdivider.gif
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\scroll-left.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\scroll-right.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\search-go.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\search.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\text-ellipsis.xml
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\throbber.gif
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\toolbarsplitter.gif
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\transparent_1px.gif
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\uwa\border_02.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\uwa\border_03.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\uwa\border_04.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\uwa\border_06.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\uwa\border_07.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\uwa\border_08.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\uwa\border_09.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\uwa\border_10.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\uwa\border_11.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\uwa\border_12.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\uwa\border_13.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\uwa\border_14.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\uwa\border_15.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\uwa\border_16.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\uwa\border_18.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\uwa\border_19.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\uwa\border_20.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\uwa\border_21.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\uwa\btn-close-grey.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\uwa\btn-close-greyover.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\uwa\close-hot.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\uwa\close-normal.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\uwa\loadingMid.gif
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\uwa\proxy.html
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\uwa\template.html
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\uwa\template.xml
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\uwa\templateFF.html
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\uwa\throbber.gif
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\icons\cond999.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\icons\icons.xml
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\icons\na-s.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\icons\na-t.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\icons\na.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\add.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\arrowr-bluew5.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\bg-pnl.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\bg-pnl520x350.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\bg-pnl520x350blue-whitebg.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\bg-pnl520x350blue.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\box-check.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\box-uncheck.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btn-close-grey.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btn-close-greyover.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btn-delete.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btn-search-pnlbtm-over.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btn-search-pnlbtm.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btnarrow-next-off.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btnarrow-next.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btnarrow-previous-off.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btnarrow-previous.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\ico-check.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\ico-hotandhumid-s.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\ico-hotandhumid.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\options-weather.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\over-blue.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\over-orange.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\powered-by-weatherbug.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\powered-by-weatherbug2.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\radio-checked.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\radio-unchecked.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\searchbox-pnlbtm.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\weather-contour.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\popupWeather.css
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\popupWeather.html
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lib\yahoo.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\lichen.gif
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\logo-about.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\logo-over.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\logo-separator.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\logo.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\mail.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\maps.bmp
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\menuseparatorback.gif
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\modify-save.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\modify.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\modifyhot.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\music.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\news.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\options\options-main.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\options\options-search.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\options\options-weather.gif
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\options\options-weather.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\options\options-widgets.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\orange.gif
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\pixsy.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\protect-id.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\radiobeta-buffering.gif
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\radiobeta-connecting.gif
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\radiobeta-playing.gif
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\radiobeta-stopped.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\radiobeta.ico
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\relatedlinks.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\rss-collapse.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\rss-delete.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\rss-expand.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\rss-feed.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\rss-folder-remove.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\rss-folder-rename.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\rss-folder.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\rss-found.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\rss-reload.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\rss-subscribe.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\rss.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\rssback.gif
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\rsstopback.gif
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\search-over.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\search.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\search_button_over_png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\search_button_png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\searchbar\searchbar-background-left.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\searchbar\searchbar-background-middle.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\searchbar\searchbar-background-right.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\settings.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\shopping.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\siteinfo.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\skin-bluelite.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\skin-bluesky.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\skin-grey.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\skin-lichen.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\skin-orange.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\skin-yellow.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\skin.xml
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\technorati.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\throbber.gif
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\toolbarsplitter.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\translate.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\video.bmp
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\vmn.css
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\vmn.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\weather.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\web.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\widgets-square-16px.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\wikipedia.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\yahoosearch.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\yellow.gif
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\youtube.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\chrome\skin\zoom.png
c:\progra~2\SEARCH~1\Datamngr\ToolBar\components\windowmediator.js
c:\progra~2\SEARCH~1\Datamngr\ToolBar\dtUser.exe
c:\progra~2\SEARCH~1\Datamngr\ToolBar\manifest.xml
c:\progra~2\SEARCH~1\Datamngr\ToolBar\searchquband.dll
c:\progra~2\SEARCH~1\Datamngr\ToolBar\searchqudtx.dll
c:\progra~2\SEARCH~1\Datamngr\ToolBar\uninstall.exe
c:\progra~2\SEARCH~1\Datamngr\x64\BrowserConnection.dll
c:\progra~2\SEARCH~1\Datamngr\x64\datamngr.dll
c:\progra~2\SEARCH~1\Datamngr\x64\datamngrUI.exe
c:\progra~2\SEARCH~1\Datamngr\x64\DnsBHO.dll
c:\progra~2\SEARCH~1\Datamngr\x64\IEBHO.dll
c:\progra~2\SEARCH~1\sysid.ini
c:\progra~2\SEARCH~1\uninstall.exe
c:\program files (x86)\BearShare Applications
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\as_guid.dat
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\content\data\search\engines.xml
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\content\data\search\search.xsl
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\content\imeshcode.js
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\content\lib\about.xml
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\content\lib\dtxpanel.xul
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\content\lib\dtxpaneltransparent.xul
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\content\lib\dtxpanelwin.xul
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\content\lib\dtxprefwin.xul
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\content\lib\dtxtransparentwin.xul
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\content\lib\dtxwin.xul
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\content\lib\emailnotifierproviders.xml
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\content\lib\external.js
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\content\lib\imeshcode.js
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\content\lib\neterror.xhtml
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\content\lib\rsspreview.html
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\content\lib\rsswin.xml
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\content\lib\rsswin.xsl
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\content\lib\vmncode.js
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\content\lib\wmpstreamer.html
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\content\modules\datastore.jsm
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\content\modules\nsDragAndDrop.js
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\content\neterror.xhtml
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\content\partner.coupons.xml
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\content\preferences.xml
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\content\radiobeta.js
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\content\template.xml
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\content\toolbar.htm
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\content\toolbar.xul
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\content\vmncode.js
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\content\vmnrsswin.xml
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\content\widgets\com.djboxservice.dj.DJBox\tb_icon.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\content\widgets\com.djboxservice.dj.DJBox\tb_iconFF.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\content\widgets\com.djboxservice.dj.DJBox\tb_iconPressed.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\content\widgets\com.djboxservice.dj.DJBox\tb_iconPressedFF.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\content\widgets\com.djboxservice.dj.DJBox\tb_pref_icon.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\content\widgets\com.djboxservice.dj.DJBox\thumbs\tb_thumb_icon.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\content\widgets\com.djboxservice.dj.DJBox\widget.js
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\content\widgets\com.djboxservice.dj.DJBox\widget.jsw
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\content\widgets\com.djboxservice.dj.DJBox\widget.xml

 

[Tom Clindaniel]

****** continued ********

c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\about_logo.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\babylon_logo.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\bluelite.gif
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\bluesky.gif
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\bs_logo_over_png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\bs_logo_png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\btn-search-over.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\btn-search.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\btn-settings-over.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\btn-settings.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\btn-widgets-over.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\btn-widgets.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\btn_settings.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\ca.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\dictionary.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\divider.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\downloadcom.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\dtxlogo.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\ebay.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\ebay_png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\email.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\email_on.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\email_png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\facebook.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\games.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\go_idle.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\go_rollover.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\graphred0.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\graphred0_5.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\graphred1.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\graphred1_5.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\graphred2.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\graphred2_5.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\graphred3.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\graphred3_5.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\graphred4.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\graphred4_5.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\graphred5.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\graphredna.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\grey.gif
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\ico-shield.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\icon_amazon.gif
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\icon_amazon.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\icon_games.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\icon_seperator_png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\icon_twitter.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\icon_youtube.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\images.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\imesh.css
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\add.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\aol.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\arrow-dn.gif
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\arrow-right-disabled.gif
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\arrow-right.gif
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\arrow-up.gif
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\bg-btn-divider.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\bg-btn-end.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\bg-btn-mdl.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\bg-btn-mdl_ff.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\bg-btn-start.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\bg-btnover-divider.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\bg-btnover-end.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\bg-btnover-mdl.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\bg-btnover-mdl_ff.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\bg-btnover-start.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\blank.gif
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\btn-widgets-over.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\btn-widgets.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\btn_slider.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\btnback-down-vista.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\btnback-vista.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\btnleft-down-vista.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\btnleft-vista.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\btnright-down-vista.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\btnright-vista.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\button-splitter-down-vista.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\button-splitter-vista.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\checkmark.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\chevron.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\collapse.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\comcast.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\dtx.css
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\edit-back-hot.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\edit-back.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\expand.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\found.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\gmail.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\highlight.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\highlight_blue.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\highlight_cyan.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\highlight_lime.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\highlight_magenta.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\highlight_yellow.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\hotmail.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\ico-check.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\imap.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\lastsearch-thumb-back.gif
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\loadingMid.gif
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\lock.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\logo-separator.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\mailcom.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\menu_bg-basic.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\menu_separator_bar.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\menu_separator_white.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\menuitem-splitter.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\menuitemback-down-vista.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\menuitemback-vista.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\menuitemleft-down-vista.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\menuitemleft-vista.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\menuitemright-down-vista.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\menuitemright-vista.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\modify.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\move.gif
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\movetarget.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\css\panels.css
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\css\popupAbout.css
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\css\popupGames.css
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\css\popupRSS.css
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\css\popupWidgets.css
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\default\css\dialog.css
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\bg.gif
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\btn-search.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\btn-wide-close-over.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\btn-wide-close.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\default.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\tab-off-l.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\tab-off-r.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\tab-on-l.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\tab-on-r.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\transparent.gif
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\ttlbar-left.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\ttlbar-mdl.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\ttlbar-right.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\win-btm-left.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\win-btm-mdl.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\win-btm-right-resize.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\win-btm-right.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\win-left.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\win-right.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\default\main.html
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\default\scripts\defscript.js
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\footer.htm
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\gamecategory.xsl
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\gameData.js
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\gameList.xsl
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\games.xsl
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\gametype.xsl
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\images\arrow-dn.gif
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\images\arrow-sml-drop.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\images\arrow-sml.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\images\arrow-up.gif
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\images\arrowr-bluew5.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\images\bg-aboutbox.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\images\bg-btnover.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\images\bg-pnl520x390.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-addtoolbar-left-over.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-addtoolbar-left.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-addtoolbar-right.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-back.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-close-grey.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-close-greyover.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-drag.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-mdl-over.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-mdl.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-moredetails.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-next-over.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-next.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-play-left-over.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-play-left.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-previous-over.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-previous.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-right-over.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-search-pnlbtm-over.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-search-pnlbtm.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-try-left-over.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-try-left.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\images\bullet-orange.gif
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\images\gamethumb-on.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\images\gamethumb2-over.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\images\ico-calendar.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\images\ico-dollar.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\images\ico-download.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\images\ico-joystick24.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\images\ico-news24.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\images\ico-play.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\images\ico-tags.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\images\icon-Add.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\images\icon-download.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\images\icon-Info.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\images\icon-play.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\images\icon-shop.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\images\menul-bgon.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\images\menul-bgover.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\images\panel-botm-noscroll.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\images\scroll-bg-206.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\images\scroll-bg.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\images\scroll-topwin.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\images\scrollb-disable.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\images\scrollb-down.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\images\scrollb-over.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\images\scrollb.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\images\scrollt-disable.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\images\scrollt-down.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\images\scrollt-over.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\images\scrollt.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\images\searchbox-pnlbtm.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\images\star_x_grey.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\images\star_x_orange.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\images\TRUSTe_about.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\images\view-detailed-on.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\images\view-detailed-over.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\images\view-thumb-on.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\images\view-thumb-over.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\images\widgets-square-16px.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\images\widgets-square-24px.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\images\widgets.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\initHTML.html
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\popupGames.html
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\popupHTML.html
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\popupRSS.html
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\popupWidgets.html
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\scroll.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\pop.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\radio.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\radio\css\manager.css
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\radio\css\slider.css
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\radio\images\bg-pnl.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\radio\images\btn-close-grey.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\radio\images\btn-close-greyover.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\radio\images\collapsed_button.gif
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\radio\images\expanded_button.gif
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\radio\images\ico-playstation-down.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\radio\images\ico-playstation-over.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\radio\images\ico-playstation.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\radio\images\ico-radio.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\radio\images\music-note.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-btn-pause-on.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-btn-pause.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-btn-play-on.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-btn-play.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-eq-bg.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-eq-buffer.gif
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-eq-busy.gif
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-eq-off.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-eq-on.gif
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-eq-warning.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-options-design-on.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-options-design.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-options-on.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-options.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-volume-0.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-volume-1.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-volume-2.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-volume-3.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-volume-mute.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\radio\images\scrollbar-handle.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\radio\images\scrollbar-track.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\radio\images\slider.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\radio\images\slideron.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\radio\images\track.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\radio\managerpanel.html
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\radio\volumeslider.html
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\radiobeta-buffering.gif
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\radiobeta-connecting.gif
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\radiobeta-playing.gif
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\radiobeta-stopped.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\radiobeta.ico
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\reload.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\remove.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\rename.gif
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\resize-box.gif
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\rss.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\rsschannelback.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\RSSLogo.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\rsstabdivider.gif
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\scroll-left.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\scroll-right.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\search-go.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\search.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\text-ellipsis.xml
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\throbber.gif
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\toolbarsplitter.gif
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\transparent_1px.gif
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_02.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_03.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_04.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_06.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_07.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_08.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_09.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_10.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_11.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_12.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_13.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_14.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_15.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_16.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_18.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_19.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_20.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_21.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\uwa\btn-close-grey.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\uwa\btn-close-greyover.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\uwa\close-hot.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\uwa\close-normal.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\uwa\loadingMid.gif
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\uwa\proxy.html
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\uwa\template.html
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\uwa\template.xml
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\uwa\templateFF.html
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\uwa\throbber.gif
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\icons\cond999.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\icons\icons.xml
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\icons\na-s.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\icons\na-t.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\icons\na.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\add.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\arrowr-bluew5.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\bg-pnl.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\bg-pnl520x350.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\bg-pnl520x350blue-whitebg.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\bg-pnl520x350blue.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\box-check.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\box-uncheck.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btn-close-grey.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btn-close-greyover.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btn-delete.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btn-search-pnlbtm-over.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btn-search-pnlbtm.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btnarrow-next-off.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btnarrow-next.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btnarrow-previous-off.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btnarrow-previous.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\ico-check.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\ico-hotandhumid-s.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\ico-hotandhumid.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\options-weather.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\over-blue.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\over-orange.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\powered-by-weatherbug.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\powered-by-weatherbug2.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\radio-checked.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\radio-unchecked.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\searchbox-pnlbtm.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\weather-contour.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\popupWeather.css
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\popupWeather.html
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\yahoo.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lichen.gif
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\logo-about.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\logo-over.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\logo-separator.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\logo.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\logo_about_png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\logo_over_png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\logo_over_t_png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\logo_png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\logo_t_png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\mail.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\maps.bmp
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\menuseparatorback.gif
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\modify-save.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\modify.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\modifyhot.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\music.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\news.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\options\options-main.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\options\options-search.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\options\options-weather.gif
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\options\options-weather.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\options\options-widgets.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\orange.gif
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\pixsy.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\protect-id.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\radiobeta-buffering.gif
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\radiobeta-connecting.gif
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\radiobeta-playing.gif
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\radiobeta-stopped.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\radiobeta.ico
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\relatedlinks.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\rss-collapse.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\rss-delete.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\rss-expand.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\rss-feed.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\rss-folder-remove.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\rss-folder-rename.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\rss-folder.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\rss-found.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\rss-reload.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\rss-subscribe.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\rss.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\rssback.gif
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\rsstopback.gif
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\search-over.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\search.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\search_button_over_png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\search_button_png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\searchbar\searchbar-background-left.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\searchbar\searchbar-background-middle.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\searchbar\searchbar-background-right.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\settings.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\shopping.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\siteinfo.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\skin-bluelite.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\skin-bluesky.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\skin-grey.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\skin-lichen.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\skin-orange.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\skin-yellow.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\skin.xml
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\technorati.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\throbber.gif
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\toolbarsplitter.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\translate.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\TRUSTe_about.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\video.bmp
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\vmn.css
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\vmn.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\weather.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\web.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\widgets-square-16px.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\wikipedia.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\wincore_icon20.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\yahoosearch.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\yellow.gif
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\youtube.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\zoom.png
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\components\windowmediator.js
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\dtUser.exe
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\manifest.xml
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\uninstall.exe
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\wincorebsband.dll
c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\wincorebsdtx.dll
c:\program files (x86)\BearShare Applications\MediaBar\sysid.ini
c:\program files (x86)\BearShare Applications\MediaBar\uninstall.exe