Win32 Sirefef Virus AH & R

Solved
By Flick
Jul 10, 2012
Topic Status:
Not open for further replies.
  1. Hi There,

    Thank you so much for your endless support of all these people!!

    I'm having issues with this trojan and virus as well... I'm unable to boot in recovery, I'm running a Fujitsu Tablet PC Windows 7 Professional 32 bit.

    Microsoft Security Essentials, the Windows Firewall and Windows Defender have been disabled. I reintsalled MSE but the system seems to reboot when this is running and it is eventually disabled.

    My logs are in the next posts.
  2. Flick

    Flick Newcomer, in training Topic Starter

    Malwarebytes Anti-Malware 1.61.0.1400
    www.malwarebytes.org

    Database version: v2012.07.10.09

    Windows 7 Service Pack 1 x86 NTFS
    Internet Explorer 9.0.8112.16421
    felicity :: FELICITY-TABLET [administrator]

    11/07/2012 1:47:05 AM
    mbam-log-2012-07-11 (01-47-05).txt

    Scan type: Quick scan
    Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
    Scan options disabled: P2P
    Objects scanned: 272124
    Time elapsed: 16 minute(s), 9 second(s)

    Memory Processes Detected: 0
    (No malicious items detected)

    Memory Modules Detected: 0
    (No malicious items detected)

    Registry Keys Detected: 1
    HKCU\SOFTWARE\CLASSES\CLSID\{42AEDC87-2188-41FD-B9A3-0C966FEABEC1}\INPROCSERVER32 (Trojan.Zaccess) -> Quarantined and deleted successfully.

    Registry Values Detected: 1
    HKCU\SOFTWARE\CLASSES\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InprocServer32| (Trojan.Zaccess) -> Data: C:\Users\felicity\AppData\Local\{540b8e83-9192-4312-6da2-8409d0744685}\n. -> Quarantined and deleted successfully.

    Registry Data Items Detected: 0
    (No malicious items detected)

    Folders Detected: 0
    (No malicious items detected)

    Files Detected: 2
    C:\Windows\Installer\{540b8e83-9192-4312-6da2-8409d0744685}\n (Trojan.Dropper.PE4) -> Quarantined and deleted successfully.
    C:\Windows\Installer\{540b8e83-9192-4312-6da2-8409d0744685}\U\800000cb.@ (Rootkit.0Access) -> Quarantined and deleted successfully.

    (end)
  3. Flick

    Flick Newcomer, in training Topic Starter

    GMER 1.0.15.15641 - http://www.gmer.net
    Rootkit quick scan 2012-07-11 02:10:08
    Windows 6.1.7601 Service Pack 1 Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 FUJITSU_ rev.0000
    Running: sxt2dw2k.exe; Driver: C:\Users\felicity\AppData\Local\Temp\pwgiapoc.sys


    ---- Devices - GMER 1.0.15 ----

    Device Ntfs.sys (NT File System Driver/Microsoft Corporation)

    AttachedDevice cbfs3.sys

    Device fastfat.SYS (Fast FAT File System Driver/Microsoft Corporation)

    AttachedDevice fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
    AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 Wdf01000.sys (Kernel Mode Driver Framework Runtime/Microsoft Corporation)

    ---- EOF - GMER 1.0.15 ----
  4. Flick

    Flick Newcomer, in training Topic Starter

    .
    DDS (Ver_2011-08-26.01) - NTFSx86
    Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_32
    Run by felicity at 2:15:53 on 2012-07-11
    Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.2995.1724 [GMT 10:00]
    .
    AV: Microsoft Security Essentials *Disabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    SP: Microsoft Security Essentials *Disabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}
    .
    ============== Running Processes ===============
    .
    C:\windows\system32\wininit.exe
    C:\windows\system32\lsm.exe
    C:\windows\system32\svchost.exe -k DcomLaunch
    C:\Program Files\Fingerprint Sensor\AtService.exe
    C:\Program Files\Softex\OmniPass\OmniServ.exe
    C:\windows\system32\svchost.exe -k RPCSS
    C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\windows\system32\svchost.exe -k netsvcs
    C:\windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\WUDFHost.exe
    C:\windows\system32\svchost.exe -k NetworkService
    C:\windows\system32\WLANExt.exe
    C:\windows\system32\conhost.exe
    C:\windows\System32\spoolsv.exe
    C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Program Files\LSI SoftModem\agrsmsvc.exe
    C:\windows\system32\svchost.exe -k apphost
    C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\windows\system32\svchost.exe -k bthsvcs
    C:\windows\System32\svchost.exe -k LocalServiceNoNetwork
    C:\Program Files\Intel\WiFi\bin\EvtEng.exe
    C:\windows\SYSTEM32\WISPTIS.EXE
    C:\windows\system32\svchost.exe -k bthaudiosvc
    C:\Program Files\Jungle Disk Desktop\JungleDiskMonitor.exe
    C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    c:\Windows\system32\o2flash.exe
    c:\Program Files\Fujitsu\PSUtility\PSUService.exe
    C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
    c:\Program Files\CyberLink\Shared files\RichVideo.exe
    C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
    C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
    C:\windows\system32\svchost.exe -k imgsvc
    C:\windows\system32\Pen_Tablet.exe
    C:\Program Files\Fujitsu\updnavi\updnvsrv.exe
    C:\Program Files\CSR\Bluetooth Feature Pack 5.0\VFPRadioSupportService.exe
    C:\windows\system32\svchost.exe -k iissvcs
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
    C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\windows\system32\wbem\unsecapp.exe
    C:\windows\system32\wbem\wmiprvse.exe
    C:\windows\system32\wbem\wmiprvse.exe
    C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
    C:\Windows\system32\WUDFHost.exe
    C:\windows\system32\taskhost.exe
    C:\windows\system32\Dwm.exe
    C:\windows\Explorer.EXE
    C:\windows\SYSTEM32\WISPTIS.EXE
    C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
    C:\Program Files\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe
    C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe
    C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Windows\vsnp2uvc.exe
    C:\Windows\snuvcdsm.exe
    C:\Program Files\CSR\Bluetooth Feature Pack 5.0\CSRSkype.exe
    C:\Program Files\CSR\Bluetooth Feature Pack 5.0\ConMgr.exe
    C:\Program Files\Fingerprint Sensor\ATSwpNav.exe
    C:\Program Files\Fujitsu\FDM7\FdmDaemon.exe
    C:\Program Files\Fujitsu\PSUtility\TrayManager.exe
    C:\windows\system32\WTablet\Pen_TabletUser.exe
    C:\Program Files\Fujitsu\SSUtility\FJSSDMN.exe
    C:\Program Files\Fujitsu\BatteryAid2\BatteryDaemon.exe
    C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe
    C:\Program Files\Fujitsu\Utils\FjDspMon.exe
    C:\Program Files\Fujitsu\Utils\fjevents.exe
    C:\Program Files\Fujitsu\updnavi\updatenv.exe
    C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    C:\Program Files\Fujitsu\Utils\FjLidMon.exe
    C:\Program Files\Softex\OmniPass\scureapp.exe
    C:\Program Files\Fujitsu\Utils\FjMnuIco.exe
    C:\Program Files\CyberLink\YouCam\YouCamTray.exe
    C:\windows\system32\igfxext.exe
    C:\Windows\System32\igfxtray.exe
    C:\Windows\System32\hkcmd.exe
    C:\Windows\System32\igfxpers.exe
    C:\windows\system32\Pen_Tablet.exe
    C:\windows\system32\igfxsrvc.exe
    C:\Program Files\CSR\Bluetooth Feature Pack 5.0\CSRBthFtpServer.exe
    C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
    C:\Program Files\Microsoft IntelliPoint\ipoint.exe
    C:\Program Files\Common Files\Java\Java Update\jusched.exe
    C:\Program Files\Microsoft Security Client\msseces.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Microsoft IntelliType Pro\itype.exe
    C:\Program Files\Softex\OmniPass\opvapp.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\Skype\Phone\Skype.exe
    C:\Users\felicity\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
    C:\Program Files\Jungle Disk Desktop\JungleDiskMonitor.exe
    C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
    C:\Program Files\iPod\bin\iPodService.exe
    C:\windows\system32\SearchIndexer.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\windows\system32\SearchProtocolHost.exe
    C:\Program Files\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
    C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
    C:\windows\system32\svchost.exe -k SDRSVC
    C:\windows\system32\SearchFilterHost.exe
    C:\windows\System32\svchost.exe -k WerSvcGroup
    C:\windows\system32\DllHost.exe
    C:\windows\system32\DllHost.exe
    C:\windows\system32\conhost.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://google.com.au/
    uDefault_Page_URL = hxxp://hk.fujitsu.com/pc
    uURLSearchHooks: H - No File
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
    BHO: Virtual Storage Mount Notification: {5ff49fe8-b332-4cb9-b102-fb6951629e55} - c:\windows\system32\CbFsMntNtf3.dll
    BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\progra~1\micros~2\office14\GROOVEEX.DLL
    BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
    BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
    BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
    BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
    BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\progra~1\micros~2\office14\URLREDIR.DLL
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
    TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
    TB: {88C7F2AA-F93F-432C-8F0E-B7D85967A527} - No File
    uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
    uRun: [AdobeBridge]
    uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /minimized /regrun
    uRun: [SkyDrive] "c:\users\felicity\appdata\local\microsoft\skydrive\SkyDrive.exe" /background
    mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
    mRun: [IndicatorUtility] c:\program files\fujitsu\fujitsu hotkey utility\IndicatorUty.exe
    mRun: [LoadFUJ02E3] c:\program files\fujitsu\fuj02e3\FUJ02E3.exe
    mRun: [<NO NAME>]
    mRun: [FjStrtAp] c:\program files\fujitsu\utils\FjStrtAp.exe
    mRun: [RtHDVCpl] c:\program files\realtek\audio\hda\RtHDVCpl.exe -s
    mRun: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
    mRun: [snp2uvc] c:\windows\vsnp2uvc.exe
    mRun: [SNUVCDSM] c:\windows\snuvcdsm.exe
    mRun: [CSRSkype] c:\program files\csr\bluetooth feature pack 5.0\CSRSkype.exe
    mRun: [ConMgr] "c:\program files\csr\bluetooth feature pack 5.0\ConMgr.exe"
    mRun: [ATSwpNav] "c:\program files\fingerprint sensor\ATSwpNav" -run
    mRun: [IMSS] "c:\program files\intel\intel(r) management engine components\imss\PIconStartup.exe"
    mRun: [FDM7] c:\program files\fujitsu\fdm7\FdmDaemon.exe
    mRun: [PSUTility] c:\program files\fujitsu\psutility\TrayManager.exe
    mRun: [SSUtility] c:\program files\fujitsu\ssutility\FJSSDMN.exe
    mRun: [FJBATAID2] c:\program files\fujitsu\batteryaid2\BatteryDaemon.exe
    mRun: [RemoteControl8] "c:\program files\cyberlink\powerdvd8\PDVD8Serv.exe"
    mRun: [PDVD8LanguageShortcut] "c:\program files\cyberlink\powerdvd8\language\Language.exe"
    mRun: [UpdatePDRShortCut] "c:\program files\cyberlink\powerdirector\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\powerdirector" updatewithcreateonce "software\cyberlink\powerdirector\7.0"
    mRun: [FJUPDNV_Chitose] c:\program files\fujitsu\updnavi\updatenv.exe
    mRun: [OmniPass] c:\program files\softex\omnipass\scureapp.exe
    mRun: [UCam_Menu] "c:\program files\cyberlink\youcam\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\youcam" updatewithcreateonce "software\cyberlink\youcam\3.0"
    mRun: [YouCam Mirror Tray icon] "c:\program files\cyberlink\youcam\YouCamTray.exe" /s
    mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
    mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
    mRun: [Persistence] c:\windows\system32\igfxpers.exe
    mRun: [BCSSync] "c:\program files\microsoft office\office14\BCSSync.exe" /DelayServices
    mRun: [AdobeAAMUpdater-1.0] "c:\program files\common files\adobe\oobe\pdapp\uwa\UpdaterStartupUtility.exe"
    mRun: [CSRFTP] c:\program files\csr\bluetooth feature pack 5.0\CSRBthFtpServer.exe
    mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
    mRun: [EPSON Stylus CX3700 Series] c:\windows\system32\spool\drivers\w32x86\3\e_fatiacp.exe /f "c:\windows\temp\E_S9804.tmp" /EF "HKLM"
    mRun: [SwitchBoard] c:\program files\common files\adobe\switchboard\SwitchBoard.exe
    mRun: [AdobeCS5ServiceManager] "c:\program files\common files\adobe\cs5servicemanager\CS5ServiceManager.exe" -launchedbylogin
    mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe
    mRun: [EPSON Stylus CX3700 Series (Copy 1)] c:\windows\system32\spool\drivers\w32x86\3\e_fatiacp.exe /f "c:\windows\temp\E_SF50A.tmp" /EF "HKLM"
    mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
    mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
    mRun: [IntelliPoint] "c:\program files\microsoft intellipoint\ipoint.exe"
    mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
    mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
    mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
    mRun: [itype] "c:\program files\microsoft intellitype pro\itype.exe"
    mRun: [MobileConnect] %programfiles%\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe /silent
    StartupFolder: c:\users\felicity\appdata\roaming\micros~1\windows\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office14\ONENOTEM.EXE
    StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\jungle~1.lnk - c:\program files\jungle disk desktop\JungleDiskMonitor.exe
    mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
    mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
    mPolicies-system: SoftwareSASGeneration = 1 (0x1)
    IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office14\EXCEL.EXE/3000
    IE: Se&nd to OneNote - c:\progra~1\micros~2\office14\ONBttnIE.dll/105
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll
    IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll
    IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
    DPF: {82774781-8F4E-11D1-AB1C-0000F8773BF0} - hxxps://transfers.ds.microsoft.com/FTM/TransferSource/grTransferCtrl.cab
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab
    DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} - hxxps://secure.logmein.com/activex/RACtrl.cab
    TCP: DhcpNameServer = 192.168.1.1
    TCP: Interfaces\{5513EB5A-47E8-40A2-9C47-B06CB3980939} : DhcpNameServer = 10.188.66.103 10.176.66.71
    TCP: Interfaces\{95F4649F-D051-400E-A4BC-55EF53143291} : DhcpNameServer = 192.168.1.1
    TCP: Interfaces\{95F4649F-D051-400E-A4BC-55EF53143291}\07564627F6 : DhcpNameServer = 192.168.0.3
    TCP: Interfaces\{95F4649F-D051-400E-A4BC-55EF53143291}\14440223031303 : DhcpNameServer = 192.168.1.1
    TCP: Interfaces\{95F4649F-D051-400E-A4BC-55EF53143291}\3584140554 : DhcpNameServer = 192.168.1.1
    TCP: Interfaces\{95F4649F-D051-400E-A4BC-55EF53143291}\54C696475624163756 : DhcpNameServer = 192.168.0.2 192.168.0.12
    TCP: Interfaces\{95F4649F-D051-400E-A4BC-55EF53143291}\7496C626F637 : DhcpNameServer = 203.12.160.35 203.12.160.36
    TCP: Interfaces\{95F4649F-D051-400E-A4BC-55EF53143291}\77962756C6563737 : DhcpNameServer = 192.168.2.1
    TCP: Interfaces\{95F4649F-D051-400E-A4BC-55EF53143291}\E41607F6C656F6E6 : DhcpNameServer = 192.168.0.3
    TCP: Interfaces\{DA1C4C54-BFD0-41AF-89DB-D5638673C48C} : DhcpNameServer = 192.168.0.3
    Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL
    Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
    Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
    Notify: igfxcui - igfxdev.dll
    SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - c:\windows\system32\CbFsMntNtf3.dll
    STS: Virtual Storage Mount Notification: {5ff49fe8-b332-4cb9-b102-fb6951629e55} - c:\windows\system32\CbFsMntNtf3.dll
    SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~1\micros~2\office14\GROOVEEX.DLL
    Hosts: 192.168.0.3 METRIX01
    Hosts: 192.168.0.7 METRIX03
    Hosts: 192.168.0.8 METRIX08
    Hosts: 192.168.0.4 METRIXHOST01
    ================= FIREFOX ===================
    .
    FF - ProfilePath - c:\users\felicity\appdata\roaming\mozilla\firefox\profiles\a3mi51ou.default\
    FF - plugin: c:\progra~1\micros~2\office14\NPAUTHZ.DLL
    FF - plugin: c:\progra~1\micros~2\office14\NPSPWRAP.DLL
    FF - plugin: c:\program files\adobe\reader 9.0\reader\air\nppdf32.dll
    FF - plugin: c:\program files\google\update\1.3.21.111\npGoogleUpdate3.dll
    FF - plugin: c:\program files\java\jre6\bin\plugin2\npjp2.dll
    FF - plugin: c:\program files\microsoft silverlight\5.1.10411.0\npctrlui.dll
    FF - plugin: c:\program files\microsoft\web platform installer\NPWPIDetector.dll
    FF - plugin: c:\program files\virtual earth 3d\npVE3D.dll
    FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
    FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_2_202_233.dll
    FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_3_300_257.dll
    FF - plugin: c:\windows\system32\npdeployJava1.dll
    FF - plugin: c:\windows\system32\npmproxy.dll
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 FBIOSDRV;Fujitsu BIOS Driver;c:\windows\system32\drivers\FBIOSDRV.sys [2010-4-26 17008]
    R0 FJGSDisk;G-Sensor Application Filter Driver;c:\windows\system32\drivers\FJGSDisk.sys [2010-5-13 12776]
    R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2010-10-24 171064]
    R1 cbfs3;cbfs3;c:\windows\system32\drivers\cbfs3.sys [2011-11-23 273552]
    R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-14 48128]
    R2 ATService;AuthenTec Fingerprint Service;c:\program files\fingerprint sensor\AtService.exe [2009-8-1 1807608]
    R2 cvhsvc;Client Virtualization Handler;c:\program files\common files\microsoft shared\virtualization handler\CVHSVC.EXE [2012-1-4 822624]
    R2 HFGService;Handsfree Headset Service;c:\windows\system32\svchost.exe -k bthaudiosvc [2009-7-14 20992]
    R2 JungleDiskService;JungleDiskService;c:\program files\jungle disk desktop\JungleDiskMonitor.exe [2011-5-17 7343432]
    R2 PowerSavingUtilityService;PowerSavingUtilityService;c:\program files\fujitsu\psutility\PSUService.exe [2009-7-27 62824]
    R2 sftlist;Application Virtualization Client;c:\program files\microsoft application virtualization client\sftlist.exe [2011-10-1 508776]
    R2 Skype C2C Service;Skype C2C Service;c:\programdata\skype\toolbars\skype c2c service\c2c_service.exe [2012-6-19 3048136]
    R2 TabletServicePen;TabletServicePen;c:\windows\system32\Pen_Tablet.exe [2010-7-9 2792232]
    R2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files\intel\intel(r) management engine components\uns\UNS.exe [2010-5-13 2314240]
    R2 UpdateNaviInstallService;UpdateNaviInstallService;c:\program files\fujitsu\updnavi\updnvsrv.exe [2009-8-27 12800]
    R2 VFPRadioSupportService;Bluetooth Feature Support;c:\program files\csr\bluetooth feature pack 5.0\VFPRadioSupportService.exe [2009-8-21 111488]
    R2 VMCService;Vodafone Mobile Connect Service;c:\program files\vodafone\vodafone mobile connect\bin\VMCService.exe [2009-9-18 9216]
    R3 acpials;ALS Sensor Filter;c:\windows\system32\drivers\acpials.sys [2009-7-14 7680]
    R3 ATSwpWDF;AuthenTec TruePrint USB WDF Driver;c:\windows\system32\drivers\ATSwpWDF.sys [2009-8-1 659328]
    R3 e1kexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver K;c:\windows\system32\drivers\e1k6232.sys [2010-5-7 208552]
    R3 Fjbtndrv;Fujitsu Button Driver;c:\windows\system32\drivers\FjBtnDrv.sys [2010-5-7 18816]
    R3 FUJ02E3;Fujitsu FUJ02E3 Device Driver;c:\windows\system32\drivers\fuj02e3.sys [2010-4-26 5632]
    R3 Impcd;Impcd;c:\windows\system32\drivers\Impcd.sys [2010-5-13 125696]
    R3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\drivers\IntcDAud.sys [2009-12-18 209920]
    R3 NETw5s32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 32 Bit;c:\windows\system32\drivers\NETw5s32.sys [2009-9-16 6114816]
    R3 O2MDRDR;O2MDRDR;c:\windows\system32\drivers\o2media.sys [2009-5-13 48672]
    R3 O2SDRDR;O2SDRDR;c:\windows\system32\drivers\o2sd.sys [2009-7-3 44064]
    R3 Sftfs;Sftfs;c:\windows\system32\drivers\Sftfslh.sys [2011-10-1 579944]
    R3 Sftplay;Sftplay;c:\windows\system32\drivers\Sftplaylh.sys [2011-10-1 194408]
    R3 Sftredir;Sftredir;c:\windows\system32\drivers\Sftredirlh.sys [2011-10-1 21864]
    R3 Sftvol;Sftvol;c:\windows\system32\drivers\Sftvollh.sys [2011-10-1 19304]
    R3 sftvsa;Application Virtualization Service Agent;c:\program files\microsoft application virtualization client\sftvsa.exe [2011-10-1 219496]
    R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\drivers\vwifimp.sys [2009-7-14 14336]
    R3 WISDPen;Wacom Penabled MiniDriver;c:\windows\system32\drivers\wisdpen.sys [2010-7-9 36648]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-9-10 136176]
    S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-6-5 160944]
    S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888]
    S3 BthAudioHF;BthAudioHF Service;c:\windows\system32\drivers\BthAudioHF.sys [2009-12-21 43008]
    S3 BthAvrcp;Bluetooth AVRCP Profile;c:\windows\system32\drivers\BthAvrcp.sys [2009-8-21 28000]
    S3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\drivers\ewusbnet.sys [2009-7-23 112128]
    S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-9-10 136176]
    S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\microsoft office\office14\GROOVE.EXE [2011-6-12 31125880]
    S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\mozilla maintenance service\maintenanceservice.exe [2012-5-2 113120]
    S3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\drivers\netaapl.sys [2011-5-10 18432]
    S3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2011-4-27 74112]
    S3 NisSrv;Microsoft Network Inspection;c:\program files\microsoft security client\NisSrv.exe [2012-3-26 214952]
    S3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2010-1-9 4640000]
    S3 PCDSRVC{F819FCA4-67B3B36D-06020000}_0;PCDSRVC{F819FCA4-67B3B36D-06020000}_0 - PCDR Kernel Mode Service Helper Driver;c:\program files\fujitsu hardware diagnostics tool\pcdsrvc.pkms [2010-3-25 21360]
    S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2009-6-11 139776]
    S3 StorSvc;Storage Service;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 20992]
    S3 SwitchBoard;SwitchBoard;c:\program files\common files\adobe\switchboard\SwitchBoard.exe [2010-2-19 517096]
    S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-4-18 52224]
    S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2010-8-31 1343400]
    S3 WSDPrintDevice;WSD Print Support via UMB;c:\windows\system32\drivers\WSDPrint.sys [2009-7-14 17920]
    .
    =============== Created Last 30 ================
    .
    2012-07-10 12:41:06 -------- d-----w- c:\users\felicity\appdata\roaming\Malwarebytes
    2012-07-10 12:41:00 -------- d-----w- c:\programdata\Malwarebytes
    2012-07-10 12:40:59 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
    2012-07-10 12:40:59 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
    2012-07-10 10:52:18 -------- d-sh--w- c:\windows\system32\%APPDATA%
    2012-07-10 10:47:59 -------- d-----w- c:\programdata\B7E8586B002E144B5A2EBD38B4EB238B
    2012-07-09 13:06:24 6762896 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{4cd30f12-6779-4128-b45e-6757dafccaf7}\mpengine.dll
    2012-07-09 02:39:19 6762896 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll
    2012-07-04 01:39:45 713784 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{79d00157-6af0-464e-a96b-187c127200b0}\gapaengine.dll
    2012-07-03 06:07:54 -------- d-----w- c:\programdata\Vodafone
    2012-07-03 06:07:41 -------- d-----w- c:\program files\Vodafone
    2012-06-21 22:55:33 2422272 ----a-w- c:\windows\system32\wucltux.dll
    2012-06-21 22:55:10 88576 ----a-w- c:\windows\system32\wudriver.dll
    2012-06-21 22:54:50 33792 ----a-w- c:\windows\system32\wuapp.exe
    2012-06-21 22:54:50 171904 ----a-w- c:\windows\system32\wuwebv.dll
    2012-06-21 19:25:41 -------- d-----w- c:\users\felicity\appdata\local\{A3A95EF1-12B5-41BF-AB29-DDE0FAA574CA}
    2012-06-21 19:25:29 -------- d-----w- c:\users\felicity\appdata\local\{610649E7-9FD2-4E62-945D-3B5B28BD8FB0}
    2012-06-21 07:24:48 -------- d-----w- c:\users\felicity\appdata\local\{3F2C02A0-4976-4CBB-BA1A-F7DA30B0BE9E}
    2012-06-21 07:24:30 -------- d-----w- c:\users\felicity\appdata\local\{94CE7374-26AE-4783-AD37-37FFC588781B}
    2012-06-20 03:08:51 -------- d-----w- c:\users\felicity\appdata\local\Macromedia
    2012-06-19 11:56:40 770384 ----a-w- c:\program files\mozilla firefox\msvcr100.dll
    2012-06-19 11:56:40 421200 ----a-w- c:\program files\mozilla firefox\msvcp100.dll
    2012-06-19 07:35:14 4967624 ----a-w- c:\program files\mozilla firefox\extensions\{82af8dca-6de9-405d-bd5e-43525bdad38a}\components\SkypeFfComponent.dll
    2012-06-14 07:34:01 2382848 ----a-w- c:\windows\system32\mshtml.tlb
    2012-06-14 07:34:00 194560 ----a-w- c:\program files\internet explorer\ieproxy.dll
    2012-06-14 07:34:00 194048 ----a-w- c:\program files\internet explorer\IEShims.dll
    2012-06-14 07:34:00 140920 ----a-w- c:\program files\internet explorer\sqmapi.dll
    2012-06-14 00:45:06 183808 ----a-w- c:\windows\system32\drivers\rdpwd.sys
    2012-06-14 00:45:05 2342400 ----a-w- c:\windows\system32\msi.dll
    2012-06-14 00:45:02 2343936 ----a-w- c:\windows\system32\win32k.sys
    2012-06-14 00:45:00 8192 ----a-w- c:\windows\system32\rdrmemptylst.exe
    2012-06-14 00:45:00 58880 ----a-w- c:\windows\system32\rdpwsx.dll
    2012-06-14 00:45:00 129536 ----a-w- c:\windows\system32\rdpcorekmts.dll
    2012-06-14 00:44:59 164352 ----a-w- c:\windows\system32\profsvc.dll
    2012-06-14 00:44:54 1158656 ----a-w- c:\windows\system32\crypt32.dll
    2012-06-14 00:44:53 140288 ----a-w- c:\windows\system32\cryptsvc.dll
    2012-06-14 00:44:52 103936 ----a-w- c:\windows\system32\cryptnet.dll
    2012-06-13 06:39:20 713784 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{6ab526d4-abc0-4f42-b4f0-ebf4d60a0483}\gapaengine.dll
    .
    ==================== Find3M ====================
    .
    2012-07-10 10:49:26 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
    2012-07-10 10:49:25 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    2012-05-17 22:45:37 1800192 ----a-w- c:\windows\system32\jscript9.dll
    2012-05-17 22:35:47 1129472 ----a-w- c:\windows\system32\wininet.dll
    2012-05-17 22:35:39 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
    2012-05-17 22:29:45 142848 ----a-w- c:\windows\system32\ieUnatt.exe
    2012-05-01 00:34:20 476960 ----a-w- c:\windows\system32\npdeployJava1.dll
    2012-05-01 00:34:19 472864 ----a-w- c:\windows\system32\deployJava1.dll
    .
    ============= FINISH: 2:25:06.78 ===============
  5. Flick

    Flick Newcomer, in training Topic Starter

    .
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_2011-08-26.01)
    .
    Microsoft Windows 7 Professional
    Boot Device: \Device\HarddiskVolume2
    Install Date: 9/07/2010 8:50:43 AM
    System Uptime: 11/07/2012 2:06:11 AM (0 hours ago)
    .
    Motherboard: FUJITSU | | FJNB204
    Processor: Intel(R) Core(TM) i7 CPU M 620 @ 2.67GHz | Onboard | 1173/133mhz
    .
    ==== Disk Partitions =========================
    .
    C: is FIXED (NTFS) - 147 GiB total, 30.995 GiB free.
    D: is FIXED (NTFS) - 303 GiB total, 141.898 GiB free.
    E: is CDROM ()
    F: is Removable
    J: is Removable
    .
    ==== Disabled Device Manager Items =============
    .
    ==== System Restore Points ===================
    .
    RP762: 9/07/2012 5:11:28 PM - Scheduled Checkpoint
    RP763: 10/07/2012 9:09:29 PM - Removed Vodafone Mobile Connect Lite.
    RP764: 10/07/2012 11:18:43 PM - Removed Java(TM) 6 Update 32
    .
    ==== Installed Programs ======================
    .
    7-Zip 9.20
    Acrobat.com
    Adobe AIR
    Adobe Community Help
    Adobe Flash Player 11 Plugin
    Adobe Media Player
    Adobe Photoshop CS5
    Adobe Reader 9.4.5 MUI
    Apple Application Support
    Apple Mobile Device Support
    Apple Software Update
    Atheros Client Installation Program
    AuthenTec Fingerprint Software
    Battery Utility
    Bluetooth Feature Pack 5.0
    Bonjour
    Camtasia Studio 7
    CuteFTP 8 Lite
    CyberLink PowerDirector
    CyberLink PowerDVD 8
    CyberLink YouCam
    D3DX10
    DealBook 360
    Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
    Dropbox
    EPSON Printer Software
    FileZilla Client 3.5.3
    FJ Camera
    Flexsim 5.0.4
    Fujitsu Button Utilities
    Fujitsu Display Manager
    Fujitsu Hardware Diagnostics Tool
    Fujitsu Hotkey Utility
    Fujitsu MobilityCenter Extension Utility
    Fujitsu System Extension Utility
    Google Chrome
    Google Toolbar for Internet Explorer
    Google Update Helper
    iCloud
    IIS Search Engine Optimization Toolkit 1.0
    Inst5657
    Intel PROSet Wireless
    Intel(R) Graphics Media Accelerator Driver
    Intel(R) Management Engine Components
    Intel(R) PROSet/Wireless WiFi Software
    iTunes
    Java Auto Updater
    Java(TM) 6 Update 32
    Jungle Disk Desktop
    Junk Mail filter update
    LSI HDA Modem
    Malwarebytes Anti-Malware version 1.61.0.1400
    Microsoft .NET Framework 4 Client Profile
    Microsoft .NET Framework 4 Extended
    Microsoft Application Error Reporting
    Microsoft Expression Encoder 4 Screen Capture Codec
    Microsoft Expression Web 4
    Microsoft Expression Web 4 Service Pack 2
    Microsoft IntelliPoint 8.2
    Microsoft IntelliType Pro 8.2
    Microsoft Office 2010
    Microsoft Office 2010 Service Pack 1 (SP1)
    Microsoft Office Access MUI (English) 2010
    Microsoft Office Access Setup Metadata MUI (English) 2010
    Microsoft Office Click-to-Run 2010
    Microsoft Office Excel MUI (English) 2010
    Microsoft Office Groove MUI (English) 2010
    Microsoft Office InfoPath MUI (English) 2010
    Microsoft Office OneNote MUI (English) 2010
    Microsoft Office Outlook MUI (English) 2010
    Microsoft Office PowerPoint MUI (English) 2010
    Microsoft Office Professional Plus 2010
    Microsoft Office Proof (English) 2010
    Microsoft Office Proof (French) 2010
    Microsoft Office Proof (Spanish) 2010
    Microsoft Office Proofing (English) 2010
    Microsoft Office Publisher MUI (English) 2010
    Microsoft Office Shared MUI (English) 2010
    Microsoft Office Shared Setup Metadata MUI (English) 2010
    Microsoft Office Word MUI (English) 2010
    Microsoft Security Client
    Microsoft Security Essentials
    Microsoft Silverlight
    Microsoft SkyDrive
    Microsoft SQL Server 2005 Compact Edition [ENU]
    Microsoft SQL Server Database Publishing Wizard 1.1
    Microsoft SQL Server Management Objects Collection
    Microsoft SQL Server Management Studio Express
    Microsoft SQL Server Native Client
    Microsoft Touch Pack for Windows 7
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    Microsoft Visual Studio 6.0 Professional Edition
    Microsoft Web Platform Installer 3.0
    Microsoft Web Publishing Wizard 1.53
    Microsoft XNA Framework Redistributable 3.0
    Microsoft_VC80_ATL_x86
    Microsoft_VC80_CRT_x86
    Microsoft_VC80_MFC_x86
    Microsoft_VC80_MFCLOC_x86
    Microsoft_VC90_ATL_x86
    Microsoft_VC90_CRT_x86
    Microsoft_VC90_MFC_x86
    MobileMe Control Panel
    Mozilla Firefox 13.0.1 (x86 en-GB)
    Mozilla Maintenance Service
    MSVCRT
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    MySQL Workbench 5.2 CE
    O2Micro Flash Memory Card Windows Driver
    OmniPass 7.00.02
    OZ711 SCR Driver
    Paint.NET v3.5.5
    PDF Settings CS5
    Pen Tablet
    Power Saving Utility
    Prism Video File Converter
    QuickTime
    Realtek High Definition Audio Driver
    Roxio Central Audio
    Roxio Central Copy
    Roxio Central Core
    Roxio Central Data
    Roxio Central Tools
    Roxio Creator LJ
    Safari
    Security Panel
    Security Panel Application
    Security Panel Application for Supervisor
    Security Panel for Supervisor
    Security Update for CAPICOM (KB931906)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
    Security Update for Microsoft .NET Framework 4 Extended (KB2416472)
    Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
    Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
    Security Update for Microsoft Excel 2010 (KB2597166) 32-Bit Edition
    Security Update for Microsoft Office 2010 (KB2553091)
    Security Update for Microsoft Office 2010 (KB2553096)
    Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition
    Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition
    Security Update for Microsoft Office 2010 (KB2598039) 32-Bit Edition
    Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition
    Security Update for Microsoft SharePoint Workspace 2010 (KB2566445)
    Security Update for Microsoft Visio Viewer 2010 (KB2597981) 32-Bit Edition
    Shock Sensor Utility
    Skype Click to Call
    Skype™ 5.9
    Synaptics Pointing Device Driver
    Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
    Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
    Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
    Update for Microsoft .NET Framework 4 Extended (KB2468871)
    Update for Microsoft .NET Framework 4 Extended (KB2533523)
    Update for Microsoft .NET Framework 4 Extended (KB2600217)
    Update for Microsoft Office 2010 (KB2494150)
    Update for Microsoft Office 2010 (KB2553065)
    Update for Microsoft Office 2010 (KB2553092)
    Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2553385) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2566458)
    Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2597091) 32-Bit Edition
    Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
    Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition
    Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition
    Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
    Update Navi
    Virtual Earth 3D (Beta)
    Vodafone Mobile Connect Lite
    Watchtower Library 2009 - English
    Windows Driver Package - Fujitsu America, Inc. (FjBtnDrv) HIDClass (08/27/2009 4.2.0827.2009)
    Windows Live Communications Platform
    Windows Live Essentials
    Windows Live ID Sign-in Assistant
    Windows Live Installer
    Windows Live Mail
    Windows Live Messenger
    Windows Live MIME IFilter
    Windows Live Movie Maker
    Windows Live Photo Common
    Windows Live Photo Gallery
    Windows Live PIMT Platform
    Windows Live SOXE
    Windows Live SOXE Definitions
    Windows Live Sync
    Windows Live UX Platform
    Windows Live UX Platform Language Pack
    Windows Live Writer
    Windows Live Writer Resources
    Windows Media Player Firefox Plugin
    .
    ==== Event Viewer Messages From Past Week ========
    .
    9/07/2012 3:11:45 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {E367E1A1-E917-11D0-AF5F-00A02448799A} and APPID {9209B1A6-964A-11D0-9372-00A0C9034910} to the user IIS APPPOOL\DefaultAppPool SID (S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
    9/07/2012 3:11:45 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {0C0A3666-30C9-11D0-8F20-00805F2CD064} and APPID {9209B1A6-964A-11D0-9372-00A0C9034910} to the user IIS APPPOOL\DefaultAppPool SID (S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
    9/07/2012 12:18:09 PM, Error: Microsoft-Windows-RasSstp [1] - CoId={34E098BC-9114-4389-A129-BDB6F485F3CD}:The initial Secure Socket Tunneling Protocol request could not be successfully sent to the server. This can be due to network connectivity issues or certificate (trust) issues. The detailed error message is provided below. Correct the problem and try again. The requested name is valid, but no data of the requested type was found.
    9/07/2012 1:10:52 PM, Error: Schannel [36888] - The following fatal alert was generated: 10. The internal error state is 10.
    7/07/2012 3:14:53 PM, Error: Microsoft-Windows-RasSstp [1] - CoId={3AB50ACF-1140-455D-A590-0E213DCB22E5}:The initial Secure Socket Tunneling Protocol request could not be successfully sent to the server. This can be due to network connectivity issues or certificate (trust) issues. The detailed error message is provided below. Correct the problem and try again. An existing connection was forcibly closed by the remote host.
    6/07/2012 4:24:01 PM, Error: Microsoft-Windows-RasSstp [1] - CoId={F337F093-6411-4DD9-A3C1-6FD82DD13BE7}:The initial Secure Socket Tunneling Protocol request could not be successfully sent to the server. This can be due to network connectivity issues or certificate (trust) issues. The detailed error message is provided below. Correct the problem and try again. A certificate chain processed, but terminated in a root certificate which is not trusted by the trust provider.
    6/07/2012 3:41:18 AM, Error: Microsoft-Windows-RasSstp [1] - CoId={437764E6-8A77-4954-A5E9-ECE1E2F169E4}:The initial Secure Socket Tunneling Protocol request could not be successfully sent to the server. This can be due to network connectivity issues or certificate (trust) issues. The detailed error message is provided below. Correct the problem and try again. A certificate chain processed, but terminated in a root certificate which is not trusted by the trust provider.
    5/07/2012 10:48:19 AM, Error: Server [2505] - The server could not bind to the transport \Device\NetBT_Tcpip_{2F50F8B4-3F10-4AE4-842D-8865CFE59170} because another computer on the network has the same name. The server could not start.
    4/07/2012 11:27:40 PM, Error: Microsoft-Windows-RasSstp [1] - CoId={CD667FA2-CCDC-46FA-BFD2-CDD1E5515AD1}:The initial Secure Socket Tunneling Protocol request could not be successfully sent to the server. This can be due to network connectivity issues or certificate (trust) issues. The detailed error message is provided below. Correct the problem and try again. A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond.
    11/07/2012 2:10:35 AM, Error: Service Control Manager [7023] - The Function Discovery Resource Publication service terminated with the following error: %%-2147024891
    11/07/2012 2:10:35 AM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error: %%-2147024891
    11/07/2012 2:08:11 AM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} and APPID {344ED43D-D086-4961-86A6-1106F4ACAD9B} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
    11/07/2012 2:07:00 AM, Error: Service Control Manager [7003] - The IPsec Policy Agent service depends the following service: BFE. This service might not be installed.
    11/07/2012 2:07:00 AM, Error: Service Control Manager [7003] - The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed.
    11/07/2012 2:06:59 AM, Error: Service Control Manager [7023] - The Computer Browser service terminated with the following error: The specified service does not exist as an installed service.
    11/07/2012 12:57:27 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x00000050 (0xbad0b114, 0x00000000, 0x836246c4, 0x00000000). A dump was saved in: C:\windows\MEMORY.DMP. Report Id: 071112-38454-01.
    11/07/2012 1:27:43 AM, Error: Service Control Manager [7038] - The netprofm service was unable to log on as NT AUTHORITY\LocalService with the currently configured password due to the following error: The security account manager (SAM) or local security authority (LSA) server was in the wrong state to perform the security operation. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
    11/07/2012 1:27:43 AM, Error: Service Control Manager [7000] - The Network List Service service failed to start due to the following error: The service did not start due to a logon failure.
    11/07/2012 1:27:43 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1069" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}
    11/07/2012 1:23:48 AM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Virus:Win32/Sirefef.R&threatid=2147657890 Name: Virus:Win32/Sirefef.R ID: 2147657890 Severity: Severe Category: Virus Path: file:_C:\Windows\System32\services.exe;process:_pid:652 Detection Origin: Local machine Detection Type: Concrete Detection Source: System User: NT AUTHORITY\SYSTEM Process Name: C:\windows\system32\services.exe Action: Clean Action Status: To see how to finish removing malware and other potentially unwanted software, see the support article on the Microsoft Security website. Error Code: 0x800704ec Error description: This program is blocked by group policy. For more information, contact your system administrator. Signature Version: AV: 1.129.1344.0, AS: 1.129.1344.0, NIS: 11.159.0.0 Engine Version: AM: 1.1.8502.0, NIS: 2.0.8001.0
    11/07/2012 1:23:48 AM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Sirefef.AH&threatid=2147655284 Name: Trojan:Win32/Sirefef.AH ID: 2147655284 Severity: Severe Category: Trojan Path: containerfile:_C:\Windows\System32\services.exe;file:_C:\Windows\System32\services.exe->731;process:_pid:652 Detection Origin: Local machine Detection Type: Concrete Detection Source: System User: NT AUTHORITY\SYSTEM Process Name: C:\windows\system32\services.exe Action: Quarantine Action Status: No additional actions required Error Code: 0x800704ec Error description: This program is blocked by group policy. For more information, contact your system administrator. Signature Version: AV: 1.129.1344.0, AS: 1.129.1344.0, NIS: 11.159.0.0 Engine Version: AM: 1.1.8502.0, NIS: 2.0.8001.0
    11/07/2012 1:07:11 AM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Virus:Win32/Sirefef.R&threatid=2147657890 Name: Virus:Win32/Sirefef.R ID: 2147657890 Severity: Severe Category: Virus Path: file:_C:\Windows\System32\services.exe;process:_pid:600 Detection Origin: Local machine Detection Type: Concrete Detection Source: Real-Time Protection User: NT AUTHORITY\SYSTEM Process Name: C:\windows\system32\services.exe Action: Clean Action Status: To see how to finish removing malware and other potentially unwanted software, see the support article on the Microsoft Security website. Error Code: 0x800704ec Error description: This program is blocked by group policy. For more information, contact your system administrator. Signature Version: AV: 1.129.1344.0, AS: 1.129.1344.0, NIS: 11.159.0.0 Engine Version: AM: 1.1.8502.0, NIS: 2.0.8001.0
    11/07/2012 1:07:11 AM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Sirefef.AH&threatid=2147655284 Name: Trojan:Win32/Sirefef.AH ID: 2147655284 Severity: Severe Category: Trojan Path: containerfile:_C:\Windows\System32\services.exe;file:_C:\Windows\System32\services.exe->731;process:_pid:600 Detection Origin: Local machine Detection Type: Concrete Detection Source: System User: NT AUTHORITY\SYSTEM Process Name: C:\windows\system32\services.exe Action: Quarantine Action Status: No additional actions required Error Code: 0x800704ec Error description: This program is blocked by group policy. For more information, contact your system administrator. Signature Version: AV: 1.129.1344.0, AS: 1.129.1344.0, NIS: 11.159.0.0 Engine Version: AM: 1.1.8502.0, NIS: 2.0.8001.0
    11/07/2012 1:04:19 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x80070424 Error description: The specified service does not exist as an installed service.
    11/07/2012 1:03:27 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x80070424 Error description: The specified service does not exist as an installed service.
    10/07/2012 9:59:48 PM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Virus:Win32/Sirefef.R&threatid=2147657890 Name: Virus:Win32/Sirefef.R ID: 2147657890 Severity: Severe Category: Virus Path: file:_C:\windows\System32\services.exe;process:_pid:596 Detection Origin: Local machine Detection Type: Concrete Detection Source: System User: NT AUTHORITY\SYSTEM Process Name: C:\windows\system32\services.exe Action: Clean Action Status: To see how to finish removing malware and other potentially unwanted software, see the support article on the Microsoft Security website. Error Code: 0x800704ec Error description: This program is blocked by group policy. For more information, contact your system administrator. Signature Version: AV: 1.129.1344.0, AS: 1.129.1344.0, NIS: 11.159.0.0 Engine Version: AM: 1.1.8502.0, NIS: 2.0.8001.0
    10/07/2012 9:59:48 PM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Sirefef.AH&threatid=2147655284 Name: Trojan:Win32/Sirefef.AH ID: 2147655284 Severity: Severe Category: Trojan Path: containerfile:_C:\windows\System32\services.exe;file:_C:\windows\System32\services.exe->731;process:_pid:596 Detection Origin: Local machine Detection Type: Concrete Detection Source: System User: NT AUTHORITY\SYSTEM Process Name: C:\windows\system32\services.exe Action: Quarantine Action Status: No additional actions required Error Code: 0x800704ec Error description: This program is blocked by group policy. For more information, contact your system administrator. Signature Version: AV: 1.129.1344.0, AS: 1.129.1344.0, NIS: 11.159.0.0 Engine Version: AM: 1.1.8502.0, NIS: 2.0.8001.0
    10/07/2012 9:56:33 PM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Virus:Win32/Sirefef.R&threatid=2147657890 Name: Virus:Win32/Sirefef.R ID: 2147657890 Severity: Severe Category: Virus Path: file:_C:\windows\system32\services.exe;process:_pid:596 Detection Origin: Local machine Detection Type: Concrete Detection Source: System User: NT AUTHORITY\SYSTEM Process Name: C:\windows\system32\services.exe Action: Clean Action Status: To see how to finish removing malware and other potentially unwanted software, see the support article on the Microsoft Security website. Error Code: 0x800704ec Error description: This program is blocked by group policy. For more information, contact your system administrator. Signature Version: AV: 1.129.1344.0, AS: 1.129.1344.0, NIS: 11.159.0.0 Engine Version: AM: 1.1.8502.0, NIS: 2.0.8001.0
    10/07/2012 9:56:33 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1726" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}
    10/07/2012 9:51:49 PM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Virus:Win32/Sirefef.R&threatid=2147657890 Name: Virus:Win32/Sirefef.R ID: 2147657890 Severity: Severe Category: Virus Path: file:_C:\windows\System32\services.exe;process:_pid:612 Detection Origin: Local machine Detection Type: Concrete Detection Source: System User: NT AUTHORITY\SYSTEM Process Name: C:\windows\system32\services.exe Action: Clean Action Status: To see how to finish removing malware and other potentially unwanted software, see the support article on the Microsoft Security website. Error Code: 0x800704ec Error description: This program is blocked by group policy. For more information, contact your system administrator. Signature Version: AV: 1.129.1344.0, AS: 1.129.1344.0, NIS: 11.159.0.0 Engine Version: AM: 1.1.8502.0, NIS: 2.0.8001.0
    10/07/2012 9:51:49 PM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Sirefef.AH&threatid=2147655284 Name: Trojan:Win32/Sirefef.AH ID: 2147655284 Severity: Severe Category: Trojan Path: containerfile:_C:\windows\System32\services.exe;file:_C:\windows\System32\services.exe->731;process:_pid:612 Detection Origin: Local machine Detection Type: Concrete Detection Source: System User: NT AUTHORITY\SYSTEM Process Name: C:\windows\system32\services.exe Action: Quarantine Action Status: No additional actions required Error Code: 0x800704ec Error description: This program is blocked by group policy. For more information, contact your system administrator. Signature Version: AV: 1.129.1344.0, AS: 1.129.1344.0, NIS: 11.159.0.0 Engine Version: AM: 1.1.8502.0, NIS: 2.0.8001.0
    10/07/2012 9:47:53 PM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Virus:Win32/Sirefef.R&threatid=2147657890 Name: Virus:Win32/Sirefef.R ID: 2147657890 Severity: Severe Category: Virus Path: file:_C:\windows\System32\services.exe;process:_pid:608 Detection Origin: Local machine Detection Type: Concrete Detection Source: System User: NT AUTHORITY\SYSTEM Process Name: C:\windows\system32\services.exe Action: Clean Action Status: To see how to finish removing malware and other potentially unwanted software, see the support article on the Microsoft Security website. Error Code: 0x800704ec Error description: This program is blocked by group policy. For more information, contact your system administrator. Signature Version: AV: 1.129.1344.0, AS: 1.129.1344.0, NIS: 11.159.0.0 Engine Version: AM: 1.1.8502.0, NIS: 2.0.8001.0
    10/07/2012 9:47:53 PM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Sirefef.AH&threatid=2147655284 Name: Trojan:Win32/Sirefef.AH ID: 2147655284 Severity: Severe Category: Trojan Path: containerfile:_C:\windows\System32\services.exe;file:_C:\windows\System32\services.exe->731;process:_pid:608 Detection Origin: Local machine Detection Type: Concrete Detection Source: System User: NT AUTHORITY\SYSTEM Process Name: C:\windows\system32\services.exe Action: Quarantine Action Status: No additional actions required Error Code: 0x800704ec Error description: This program is blocked by group policy. For more information, contact your system administrator. Signature Version: AV: 1.129.1344.0, AS: 1.129.1344.0, NIS: 11.159.0.0 Engine Version: AM: 1.1.8502.0, NIS: 2.0.8001.0
    10/07/2012 9:42:44 PM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Virus:Win32/Sirefef.R&threatid=2147657890 Name: Virus:Win32/Sirefef.R ID: 2147657890 Severity: Severe Category: Virus Path: file:_C:\windows\System32\services.exe;process:_pid:608 Detection Origin: Local machine Detection Type: Concrete Detection Source: System User: NT AUTHORITY\SYSTEM Process Name: C:\windows\system32\services.exe Action: Clean Action Status: To see how to finish removing malware and other potentially unwanted software, see the support article on the Microsoft Security website. Error Code: 0x800704ec Error description: This program is blocked by group policy. For more information, contact your system administrator. Signature Version: AV: 1.129.1344.0, AS: 1.129.1344.0, NIS: 11.159.0.0 Engine Version: AM: 1.1.8502.0, NIS: 2.0.8001.0
    10/07/2012 9:42:44 PM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Sirefef.AH&threatid=2147655284 Name: Trojan:Win32/Sirefef.AH ID: 2147655284 Severity: Severe Category: Trojan Path: containerfile:_C:\windows\System32\services.exe;file:_C:\windows\System32\services.exe->731;process:_pid:608 Detection Origin: Local machine Detection Type: Concrete Detection Source: System User: NT AUTHORITY\SYSTEM Process Name: C:\windows\system32\services.exe Action: Quarantine Action Status: No additional actions required Error Code: 0x800704ec Error description: This program is blocked by group policy. For more information, contact your system administrator. Signature Version: AV: 1.129.1344.0, AS: 1.129.1344.0, NIS: 11.159.0.0 Engine Version: AM: 1.1.8502.0, NIS: 2.0.8001.0
    10/07/2012 9:37:35 PM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Virus:Win32/Sirefef.R&threatid=2147657890 Name: Virus:Win32/Sirefef.R ID: 2147657890 Severity: Severe Category: Virus Path: file:_C:\windows\System32\services.exe;process:_pid:604 Detection Origin: Local machine Detection Type: Concrete Detection Source: System User: NT AUTHORITY\SYSTEM Process Name: C:\windows\system32\services.exe Action: Clean Action Status: To see how to finish removing malware and other potentially unwanted software, see the support article on the Microsoft Security website. Error Code: 0x800704ec Error description: This program is blocked by group policy. For more information, contact your system administrator. Signature Version: AV: 1.129.1344.0, AS: 1.129.1344.0, NIS: 11.159.0.0 Engine Version: AM: 1.1.8502.0, NIS: 2.0.8001.0
    10/07/2012 9:37:35 PM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Sirefef.AH&threatid=2147655284 Name: Trojan:Win32/Sirefef.AH ID: 2147655284 Severity: Severe Category: Trojan Path: containerfile:_C:\windows\System32\services.exe;file:_C:\windows\System32\services.exe->731;process:_pid:604 Detection Origin: Local machine Detection Type: Concrete Detection Source: System User: NT AUTHORITY\SYSTEM Process Name: C:\windows\system32\services.exe Action: Quarantine Action Status: No additional actions required Error Code: 0x800704ec Error description: This program is blocked by group policy. For more information, contact your system administrator. Signature Version: AV: 1.129.1344.0, AS: 1.129.1344.0, NIS: 11.159.0.0 Engine Version: AM: 1.1.8502.0, NIS: 2.0.8001.0
    10/07/2012 9:33:54 PM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Virus:Win32/Sirefef.R&threatid=2147657890 Name: Virus:Win32/Sirefef.R ID: 2147657890 Severity: Severe Category: Virus Path: file:_C:\windows\System32\services.exe;process:_pid:600 Detection Origin: Local machine Detection Type: Concrete Detection Source: System User: NT AUTHORITY\SYSTEM Process Name: C:\windows\system32\services.exe Action: Clean Action Status: To see how to finish removing malware and other potentially unwanted software, see the support article on the Microsoft Security website. Error Code: 0x800704ec Error description: This program is blocked by group policy. For more information, contact your system administrator. Signature Version: AV: 1.129.1344.0, AS: 1.129.1344.0, NIS: 11.159.0.0 Engine Version: AM: 1.1.8502.0, NIS: 2.0.8001.0
    10/07/2012 9:33:54 PM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Sirefef.AH&threatid=2147655284 Name: Trojan:Win32/Sirefef.AH ID: 2147655284 Severity: Severe Category: Trojan Path: containerfile:_C:\windows\System32\services.exe;file:_C:\windows\System32\services.exe->731;process:_pid:600 Detection Origin: Local machine Detection Type: Concrete Detection Source: System User: NT AUTHORITY\SYSTEM Process Name: C:\windows\system32\services.exe Action: Quarantine Action Status: No additional actions required Error Code: 0x800704ec Error description: This program is blocked by group policy. For more information, contact your system administrator. Signature Version: AV: 1.129.1344.0, AS: 1.129.1344.0, NIS: 11.159.0.0 Engine Version: AM: 1.1.8502.0, NIS: 2.0.8001.0
    10/07/2012 9:30:27 PM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Virus:Win32/Sirefef.R&threatid=2147657890 Name: Virus:Win32/Sirefef.R ID: 2147657890 Severity: Severe Category: Virus Path: file:_C:\windows\System32\services.exe;process:_pid:608 Detection Origin: Local machine Detection Type: Concrete Detection Source: System User: NT AUTHORITY\SYSTEM Process Name: C:\windows\system32\services.exe Action: Clean Action Status: To see how to finish removing malware and other potentially unwanted software, see the support article on the Microsoft Security website. Error Code: 0x800704ec Error description: This program is blocked by group policy. For more information, contact your system administrator. Signature Version: AV: 1.129.1344.0, AS: 1.129.1344.0, NIS: 11.159.0.0 Engine Version: AM: 1.1.8502.0, NIS: 2.0.8001.0
    10/07/2012 9:30:27 PM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Sirefef.AH&threatid=2147655284 Name: Trojan:Win32/Sirefef.AH ID: 2147655284 Severity: Severe Category: Trojan Path: containerfile:_C:\windows\System32\services.exe;file:_C:\windows\System32\services.exe->731;process:_pid:608 Detection Origin: Local machine Detection Type: Concrete Detection Source: System User: NT AUTHORITY\SYSTEM Process Name: C:\windows\system32\services.exe Action: Quarantine Action Status: No additional actions required Error Code: 0x800704ec Error description: This program is blocked by group policy. For more information, contact your system administrator. Signature Version: AV: 1.129.1344.0, AS: 1.129.1344.0, NIS: 11.159.0.0 Engine Version: AM: 1.1.8502.0, NIS: 2.0.8001.0
    10/07/2012 9:24:03 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x80070424 Error description: The specified service does not exist as an installed service.
    10/07/2012 9:23:12 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x80070424 Error description: The specified service does not exist as an installed service.
    10/07/2012 9:03:07 PM, Error: Microsoft-Windows-WMPNSS-Service [14332] - Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80004005'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.
    10/07/2012 10:39:16 PM, Error: Service Control Manager [7034] - The Skype C2C Service service terminated unexpectedly. It has done this 1 time(s).
    10/07/2012 10:34:07 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x000000c2 (0x00000007, 0x0000109b, 0x00250023, 0x88be2ee0). A dump was saved in: C:\windows\MEMORY.DMP. Report Id: 071012-40341-01.
    10/07/2012 10:03:19 PM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Virus:Win32/Sirefef.R&threatid=2147657890 Name: Virus:Win32/Sirefef.R ID: 2147657890 Severity: Severe Category: Virus Path: file:_C:\windows\System32\services.exe;process:_pid:504 Detection Origin: Local machine Detection Type: Concrete Detection Source: System User: NT AUTHORITY\SYSTEM Process Name: C:\windows\system32\services.exe Action: Clean Action Status: To see how to finish removing malware and other potentially unwanted software, see the support article on the Microsoft Security website. Error Code: 0x800704ec Error description: This program is blocked by group policy. For more information, contact your system administrator. Signature Version: AV: 1.129.1344.0, AS: 1.129.1344.0, NIS: 0.0.0.0 Engine Version: AM: 1.1.8502.0, NIS: 0.0.0.0
    10/07/2012 10:03:19 PM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Sirefef.AH&threatid=2147655284 Name: Trojan:Win32/Sirefef.AH ID: 2147655284 Severity: Severe Category: Trojan Path: containerfile:_C:\windows\System32\services.exe;file:_C:\windows\System32\services.exe->731;process:_pid:504 Detection Origin: Local machine Detection Type: Concrete Detection Source: System User: NT AUTHORITY\SYSTEM Process Name: C:\windows\system32\services.exe Action: Quarantine Action Status: No additional actions required Error Code: 0x800704ec Error description: This program is blocked by group policy. For more information, contact your system administrator. Signature Version: AV: 1.129.1344.0, AS: 1.129.1344.0, NIS: 0.0.0.0 Engine Version: AM: 1.1.8502.0, NIS: 0.0.0.0
    10/07/2012 10:02:55 PM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start.
    10/07/2012 10:02:54 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
    10/07/2012 10:02:52 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
    10/07/2012 10:02:51 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
    10/07/2012 10:02:46 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
    10/07/2012 10:02:39 PM, Error: Microsoft-Windows-WLAN-AutoConfig [10000] - WLAN Extensibility Module has failed to start. Module Path: C:\windows\System32\IWMSSvc.dll Error Code: 21
    10/07/2012 10:02:22 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: cbfs3 discache MpFilter spldr Wanarpv6
    10/07/2012 10:02:19 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
    10/07/2012 10:02:19 PM, Error: Service Control Manager [7001] - The Client Virtualization Handler service depends on the Application Virtualization Client service which failed to start because of the following error: The dependency service or group failed to start.
    .
    ==== End Of File ===========================
  6. Jay Pfoutz

    Jay Pfoutz Malware Helper Posts: 4,286   +49

    Hello, and welcome to TechSpot.


    [​IMG] Please see here for the board rules and other FAQ.

    Please feel free to introduce yourself, after you follow the steps below to get started.

    Information
    • From this point on, please do not make any more changes to your computer; such as install/uninstall programs, use special fix tools, delete files, edit the registry, etc. - unless advised by a malware removal helper.
    • Please do not ask for help elsewhere (in this site or other sites). Doing so can result in system changes, which may not show up in the logs you post.
    • If you have already asked for help somewhere, please post the link to the topic you were helped.
    • We try our best to reply quickly, but for any reason we do not reply in two days, please reply to this topic with the word BUMP!
    • Lastly, keep in mind that we are volunteers, so you do not have to pay for malware removal. Persist in this topic until its close, and your computer is declared clean.

    Thanks for doing the preworking steps. I saw you can't get into recovery mode. Let's try OTL:

    Please download OTL to your Desktop. (If you already have it downloaded, then just follow the instructions below).
    • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
    • Under the Custom Scan box paste this in

      msconfig
      safebootminimal
      activex
      drivers32
      netsvcs
      CreateRestorePoint
      %AppData%\Roaming\Mozilla\Firefox\Profiles\*.default\extensions\ /s /md5
      %AppData%\Local\
      %systemroot%\system32\sysprep
      *.xpi /md5
      %systemroot%\Downloaded Program Files\
      HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
      hklm\software\clients\startmenuinternet|command /rs
      hklm\software\clients\startmenuinternet|command /64 /rs
      %systemroot%\system32\drivers\*.sys /lockedfiles
      %systemroot%\system32\drivers\*.sys /90
      %systemroot%\System32\config\*.sav
      %SYSTEMDRIVE%\*.exe /md5
      "%WinDir%\$NtUninstallKB*$." /30
      %systemdrive%\Program Files\Common Files\ComObjects\*.* /s
      %systemroot%\*. /mp /s
      %systemroot%\*. /rp /s
      %systemroot%\system32\*.dll /lockedfiles
      %systemroot%\Tasks\*.job /lockedfiles
      %USERPROFILE%\AppData\Local\Google\Chrome\User Data\*.* /s
      %USERPROFILE%\AppData\Local\ /s
      %systemroot%\Installer\ /s
      %systemroot%\system32\Cache\ /s
      %systemroot%\system32\config\systemprofile\Application Data /s
      %PROGRAMFILES%\*.
      %appdata%\*.*
      /md5start
      volsnap.sys
      services.exe
      userinit.exe
      afd.sys
      tcpip.sys
      netbt.sys
      ipsec.sys
      dnsrslvr.dll
      ipnathlp.dll
      netman.dll
      WMIsvc.dll
      srsvc.dll
      sr.sys
      wscsvc.dll
      wuauserv.dll
      qmgr.dll
      es.dll
      cryptsvc.dll
      svchost.exe
      rpcss.dll
      tdx.sys
      wininit.exe
      winlogon.exe
      atapi.sys
      explorer.exe
      /md5stop
    • Click the Run Scanbutton. Do not change any settings unless otherwise told to do so. The scan wont take long.
      • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
      • Please copy (Edit->Select All, Edit->Copy) and paste (Edit->Paste) the contents of these files, one at a time
    Note: in the event that OTL fails to run, please use alternate download links to try again:

    http://oldtimer.geekstogo.com/OTL.com
    http://oldtimer.geekstogo.com/OTL.scr
  7. Flick

    Flick Newcomer, in training Topic Starter

    Thanks heaps for your response!!!!
    ____________________________________________________
    OTL logfile created on: 11/07/2012 6:11:02 AM - Run 1
    OTL by OldTimer - Version 3.2.53.1 Folder = C:\Users\felicity\Desktop
    Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
    Internet Explorer (Version = 9.0.8112.16421)
    Locale: 00000C09 | Country: Australia | Language: ENA | Date Format: d/MM/yyyy

    2.93 Gb Total Physical Memory | 1.63 Gb Available Physical Memory | 55.73% Memory free
    5.85 Gb Paging File | 4.24 Gb Available in Paging File | 72.58% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
    Drive C: | 146.65 Gb Total Space | 31.00 Gb Free Space | 21.14% Space Free | Partition Type: NTFS
    Drive D: | 302.90 Gb Total Space | 142.00 Gb Free Space | 46.88% Space Free | Partition Type: NTFS
    Drive F: | 1.88 Gb Total Space | 1.88 Gb Free Space | 99.71% Space Free | Partition Type: FAT
    Drive J: | 500.00 Gb Total Space | 500.00 Gb Free Space | 100.00% Space Free | Partition Type: FAT32

    Computer Name: FELICITY-TABLET | User Name: felicity | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC - [2012/07/11 06:10:02 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\felicity\Desktop\OTL.exe
    PRC - [2012/06/19 17:32:30 | 003,048,136 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
    PRC - [2012/05/31 12:25:28 | 000,296,672 | ---- | M] (Microsoft Corporation) -- C:\Users\felicity\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
    PRC - [2012/03/26 17:08:12 | 000,931,200 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
    PRC - [2011/10/01 07:30:42 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
    PRC - [2011/10/01 07:30:36 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
    PRC - [2011/09/02 00:15:40 | 000,227,712 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
    PRC - [2011/06/24 14:22:20 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
    PRC - [2011/05/17 15:12:46 | 007,343,432 | ---- | M] (Jungle Disk, Inc.) -- C:\Program Files\Jungle Disk Desktop\JungleDiskMonitor.exe
    PRC - [2011/02/25 15:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
    PRC - [2010/11/20 22:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
    PRC - [2009/12/04 13:34:00 | 000,014,336 | ---- | M] (LSI Corporation) -- C:\Program Files\LSI SoftModem\agrsmsvc.exe
    PRC - [2009/10/27 20:52:14 | 000,128,360 | ---- | M] (FUJITSU LIMITED) -- C:\Program Files\Fujitsu\FDM7\FdmDaemon.exe
    PRC - [2009/10/16 20:41:46 | 000,107,880 | ---- | M] (FUJITSU LIMITED) -- C:\Program Files\Fujitsu\BatteryAid2\BatteryDaemon.exe
    PRC - [2009/10/10 14:06:50 | 000,047,976 | ---- | M] (FUJITSU LIMITED) -- C:\Program Files\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe
    PRC - [2009/10/02 21:18:14 | 000,167,008 | ---- | M] (CyberLink Corp.) -- C:\Program Files\CyberLink\YouCam\YouCamTray.exe
    PRC - [2009/10/01 20:40:28 | 000,143,360 | ---- | M] (FUJITSU LIMITED) -- C:\Program Files\Fujitsu\updnavi\updatenv.exe
    PRC - [2009/09/30 21:34:38 | 001,091,584 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
    PRC - [2009/09/30 21:34:22 | 002,314,240 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    PRC - [2009/09/30 21:33:08 | 000,262,144 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    PRC - [2009/09/22 08:55:12 | 000,858,384 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe
    PRC - [2009/09/22 08:31:36 | 000,473,360 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
    PRC - [2009/09/18 18:48:28 | 000,009,216 | ---- | M] (Vodafone) -- C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
    PRC - [2009/09/14 13:48:48 | 000,186,664 | ---- | M] (Wacom Technology, Corp.) -- C:\Windows\System32\WTablet\Pen_TabletUser.exe
    PRC - [2009/09/14 13:48:36 | 002,792,232 | ---- | M] (Wacom Technology, Corp.) -- C:\Windows\System32\Pen_Tablet.exe
    PRC - [2009/08/27 16:23:52 | 003,248,128 | ---- | M] () -- C:\Program Files\Softex\OmniPass\scureapp.exe
    PRC - [2009/08/27 15:30:12 | 000,040,960 | ---- | M] (Softex Inc.) -- C:\Program Files\Softex\OmniPass\OmniServ.exe
    PRC - [2009/08/27 15:21:10 | 000,073,728 | ---- | M] () -- C:\Program Files\Softex\OmniPass\opvapp.exe
    PRC - [2009/08/27 14:17:34 | 000,012,800 | ---- | M] (FUJITSU LIMITED) -- C:\Program Files\Fujitsu\updnavi\updnvsrv.exe
    PRC - [2009/08/21 08:41:42 | 000,111,488 | ---- | M] (CSR, plc) -- C:\Program Files\CSR\Bluetooth Feature Pack 5.0\VFPRadioSupportService.exe
    PRC - [2009/08/21 08:41:32 | 000,346,464 | ---- | M] (CSR, plc) -- C:\Program Files\CSR\Bluetooth Feature Pack 5.0\CSRSkype.exe
    PRC - [2009/08/21 08:41:28 | 000,331,632 | ---- | M] (CSR, plc) -- C:\Program Files\CSR\Bluetooth Feature Pack 5.0\CSRBthFtpServer.exe
    PRC - [2009/08/21 08:41:20 | 000,504,160 | ---- | M] (CSR, plc) -- C:\Program Files\CSR\Bluetooth Feature Pack 5.0\ConMgr.exe
    PRC - [2009/08/19 13:38:02 | 000,020,480 | ---- | M] (Fujitsu Computer Systems Corporation) -- C:\Program Files\Fujitsu\Utils\FjEvents.exe
    PRC - [2009/08/19 13:37:18 | 000,024,576 | ---- | M] (Fujitsu Computer Systems Corporation) -- C:\Program Files\Fujitsu\Utils\FjDspMon.exe
    PRC - [2009/08/13 08:06:00 | 000,662,016 | ---- | M] (Sonix) -- C:\Windows\vsnp2uvc.exe
    PRC - [2009/08/07 08:07:58 | 000,020,480 | ---- | M] (Fujitsu Computer Systems) -- C:\Program Files\Fujitsu\Utils\FjLidMon.exe
    PRC - [2009/08/01 16:11:24 | 000,128,248 | ---- | M] (AuthenTec, Inc.) -- C:\Program Files\Fingerprint Sensor\ATSwpNav.exe
    PRC - [2009/08/01 16:11:22 | 001,807,608 | ---- | M] (AuthenTec, Inc.) -- C:\Program Files\Fingerprint Sensor\AtService.exe
    PRC - [2009/07/27 20:50:32 | 000,144,744 | ---- | M] (FUJITSU LIMITED) -- C:\Program Files\Fujitsu\PSUtility\TrayManager.exe
    PRC - [2009/07/27 20:50:30 | 000,062,824 | ---- | M] (FUJITSU LIMITED) -- c:\Program Files\Fujitsu\PSUtility\PSUService.exe
    PRC - [2009/07/17 13:08:20 | 000,091,432 | ---- | M] (CyberLink Corp.) -- C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe
    PRC - [2009/06/17 13:19:32 | 000,036,712 | ---- | M] (FUJITSU LIMITED) -- C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe
    PRC - [2009/05/23 03:37:42 | 000,024,576 | ---- | M] () -- C:\Windows\snuvcdsm.exe
    PRC - [2008/06/12 13:47:00 | 000,057,344 | ---- | M] (Fujitsu Computer Systems Corporation) -- C:\Program Files\Fujitsu\Utils\fjmnuico.exe
    PRC - [2007/12/14 18:45:34 | 000,193,832 | ---- | M] (FUJITSU LIMITED) -- C:\Program Files\Fujitsu\SSUtility\FJSSDMN.exe
    PRC - [2007/02/12 17:43:00 | 000,065,536 | ---- | M] (O2Micro International) -- C:\Windows\System32\o2flash.exe


    ========== Modules (No Company Name) ==========

    MOD - [2012/06/18 22:49:31 | 012,436,480 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll
    MOD - [2012/06/18 22:49:20 | 001,591,808 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll
    MOD - [2012/05/10 03:39:37 | 005,452,800 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll
    MOD - [2012/05/10 03:39:31 | 000,971,264 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll
    MOD - [2012/05/10 03:39:30 | 007,967,232 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll
    MOD - [2012/05/10 03:39:10 | 011,492,864 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll
    MOD - [2012/01/08 23:41:12 | 000,093,696 | ---- | M] () -- C:\Program Files\FileZilla FTP Client\fzshellext.dll
    MOD - [2011/09/27 06:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
    MOD - [2011/09/27 06:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
    MOD - [2011/05/17 15:10:20 | 000,260,096 | ---- | M] () -- C:\Program Files\Jungle Disk Desktop\monitor_images.dll
    MOD - [2011/03/16 23:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
    MOD - [2010/10/20 14:45:26 | 008,801,120 | ---- | M] () -- C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
    MOD - [2009/08/27 16:23:52 | 003,248,128 | ---- | M] () -- C:\Program Files\Softex\OmniPass\scureapp.exe
    MOD - [2009/08/27 16:16:14 | 000,593,920 | ---- | M] () -- C:\Program Files\Softex\OmniPass\userdata.dll
    MOD - [2009/08/27 15:38:44 | 000,052,304 | ---- | M] () -- C:\Program Files\Softex\OmniPass\hdddrv.dll
    MOD - [2009/08/27 15:25:22 | 000,057,344 | ---- | M] () -- C:\Program Files\Softex\OmniPass\Cachedrv.dll
    MOD - [2009/08/27 15:19:58 | 000,061,440 | ---- | M] () -- C:\Program Files\Softex\OmniPass\scuredll.dll
    MOD - [2009/08/27 15:19:28 | 001,486,848 | ---- | M] () -- C:\Program Files\Softex\OmniPass\autheng.dll
    MOD - [2009/08/27 15:19:08 | 000,557,056 | ---- | M] () -- C:\Program Files\Softex\OmniPass\storeng.dll
    MOD - [2009/08/27 15:18:56 | 000,016,896 | ---- | M] () -- C:\Program Files\Softex\OmniPass\cryptodll.dll
    MOD - [2009/08/27 15:18:48 | 000,011,264 | ---- | M] () -- C:\Program Files\Softex\OmniPass\SSPLogon.dll
    MOD - [2009/08/27 15:18:44 | 000,057,344 | ---- | M] () -- C:\Program Files\Softex\OmniPass\RandomPass.dll
    MOD - [2009/05/23 03:37:42 | 000,024,576 | ---- | M] () -- C:\Windows\snuvcdsm.exe


    ========== Win32 Services (SafeList) ==========

    SRV - [2012/06/19 21:56:42 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
    SRV - [2012/06/19 17:32:30 | 003,048,136 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
    SRV - [2012/06/05 15:17:44 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
    SRV - [2012/03/26 17:03:40 | 000,214,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
    SRV - [2011/10/01 07:30:42 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
    SRV - [2011/10/01 07:30:36 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
    SRV - [2011/06/12 10:15:00 | 031,125,880 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
    SRV - [2011/05/17 15:12:46 | 007,343,432 | ---- | M] (Jungle Disk, Inc.) [Auto | Running] -- C:\Program Files\Jungle Disk Desktop\JungleDiskMonitor.exe -- (JungleDiskService)
    SRV - [2010/11/20 22:19:20 | 000,397,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\inetsrv\iisw3adm.dll -- (WAS)
    SRV - [2010/11/20 22:19:20 | 000,397,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\inetsrv\iisw3adm.dll -- (W3SVC)
    SRV - [2010/11/20 22:18:03 | 000,061,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\inetsrv\apphostsvc.dll -- (AppHostSvc)
    SRV - [2010/08/31 11:33:17 | 001,045,256 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
    SRV - [2010/08/31 11:29:51 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
    SRV - [2010/02/19 12:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
    SRV - [2009/12/21 12:14:46 | 000,413,696 | ---- | M] (CSR, plc) [Auto | Running] -- C:\Windows\System32\HFGService.dll -- (HFGService)
    SRV - [2009/12/04 13:34:00 | 000,014,336 | ---- | M] (LSI Corporation) [Auto | Running] -- C:\Program Files\LSI SoftModem\agrsmsvc.exe -- (AgereModemAudio)
    SRV - [2009/09/30 21:34:22 | 002,314,240 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)
    SRV - [2009/09/30 21:33:08 | 000,262,144 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)
    SRV - [2009/09/22 08:55:12 | 000,858,384 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng) Intel(R)
    SRV - [2009/09/22 08:31:36 | 000,473,360 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc) Intel(R)
    SRV - [2009/09/18 18:48:28 | 000,009,216 | ---- | M] (Vodafone) [Auto | Running] -- C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe -- (VMCService)
    SRV - [2009/09/14 13:48:36 | 002,792,232 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Windows\System32\Pen_Tablet.exe -- (TabletServicePen)
    SRV - [2009/08/27 15:30:12 | 000,040,960 | ---- | M] (Softex Inc.) [Auto | Running] -- C:\Program Files\Softex\OmniPass\OmniServ.exe -- (omniserv)
    SRV - [2009/08/27 14:17:34 | 000,012,800 | ---- | M] (FUJITSU LIMITED) [Auto | Running] -- C:\Program Files\Fujitsu\updnavi\updnvsrv.exe -- (UpdateNaviInstallService)
    SRV - [2009/08/21 08:41:42 | 000,111,488 | ---- | M] (CSR, plc) [Auto | Running] -- C:\Program Files\CSR\Bluetooth Feature Pack 5.0\VFPRadioSupportService.exe -- (VFPRadioSupportService)
    SRV - [2009/08/01 16:11:22 | 001,807,608 | ---- | M] (AuthenTec, Inc.) [Auto | Running] -- C:\Program Files\Fingerprint Sensor\AtService.exe -- (ATService)
    SRV - [2009/07/27 20:50:30 | 000,062,824 | ---- | M] (FUJITSU LIMITED) [Auto | Running] -- c:\Program Files\Fujitsu\PSUtility\PSUService.exe -- (PowerSavingUtilityService)
    SRV - [2009/07/14 11:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)
    SRV - [2009/07/14 11:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
    SRV - [2009/07/14 11:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
    SRV - [2007/02/12 17:43:00 | 000,065,536 | ---- | M] (O2Micro International) [Auto | Running] -- C:\Windows\System32\o2flash.exe -- (O2Flash)


    ========== Driver Services (SafeList) ==========

    DRV - File not found [Kernel | On_Demand | Unknown] -- C:\Users\felicity\AppData\Local\Temp\pwgiapoc.sys -- (pwgiapoc)
    DRV - File not found [Kernel | On_Demand | Unknown] -- C:\Users\felicity\AppData\Local\Temp\mbr.sys -- (mbr)
    DRV - [2012/03/20 20:44:12 | 000,074,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
    DRV - [2011/10/01 07:30:42 | 000,019,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Sftvollh.sys -- (Sftvol)
    DRV - [2011/10/01 07:30:40 | 000,021,864 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\Sftredirlh.sys -- (Sftredir)
    DRV - [2011/10/01 07:30:38 | 000,194,408 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Sftplaylh.sys -- (Sftplay)
    DRV - [2011/10/01 07:30:36 | 000,579,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Sftfslh.sys -- (Sftfs)
    DRV - [2011/05/18 08:09:04 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\dc3d.sys -- (dc3d) MS Hardware Device Detection Driver (USB)
    DRV - [2011/05/10 08:06:14 | 000,018,432 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\netaapl.sys -- (Netaapl)
    DRV - [2010/11/30 10:03:06 | 000,273,552 | ---- | M] (EldoS Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\cbfs3.sys -- (cbfs3)
    DRV - [2010/11/20 22:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
    DRV - [2010/11/20 22:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
    DRV - [2010/11/20 22:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
    DRV - [2010/11/20 20:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
    DRV - [2010/11/20 19:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
    DRV - [2010/11/20 19:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
    DRV - [2010/11/20 19:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
    DRV - [2010/05/13 03:45:43 | 000,012,776 | ---- | M] (FUJITSU LIMITED) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\FJGSDisk.sys -- (FJGSDisk)
    DRV - [2010/03/25 09:35:10 | 000,021,360 | ---- | M] (PC-Doctor, Inc.) [Kernel | On_Demand | Stopped] -- c:\Program Files\Fujitsu Hardware Diagnostics Tool\pcdsrvc.pkms -- (PCDSRVC{F819FCA4-67B3B36D-06020000}_0)
    DRV - [2009/12/21 12:14:44 | 000,043,008 | ---- | M] (CSR, plc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BthAudioHF.sys -- (BthAudioHF)
    DRV - [2009/12/18 00:00:00 | 000,209,920 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\IntcDAud.sys -- (IntcDAud) Intel(R)
    DRV - [2009/12/04 13:34:00 | 001,161,760 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
    DRV - [2009/10/26 14:39:04 | 000,125,696 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Impcd.sys -- (Impcd)
    DRV - [2009/09/23 19:09:56 | 000,208,552 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\e1k6232.sys -- (e1kexpress) Intel(R)
    DRV - [2009/09/21 18:29:22 | 000,014,120 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\wacomvhid.sys -- (wacomvhid)
    DRV - [2009/09/17 14:54:14 | 000,041,088 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HECI.sys -- (HECI) Intel(R)
    DRV - [2009/09/16 05:40:18 | 006,114,816 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw5s32.sys -- (NETw5s32) Intel(R)
    DRV - [2009/09/05 09:44:24 | 003,487,104 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
    DRV - [2009/08/27 18:09:54 | 000,018,816 | ---- | M] (Fujitsu America, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\FjBtnDrv.sys -- (Fjbtndrv)
    DRV - [2009/08/24 17:32:02 | 000,036,648 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\wisdpen.sys -- (WISDPen)
    DRV - [2009/08/21 08:41:24 | 000,028,000 | ---- | M] (CSR, plc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BthAvrcp.sys -- (BthAvrcp)
    DRV - [2009/08/01 17:10:26 | 000,659,328 | ---- | M] (AuthenTec, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ATSwpWDF.sys -- (ATSwpWDF)
    DRV - [2009/07/23 12:57:22 | 000,112,128 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbnet.sys -- (ewusbnet)
    DRV - [2009/07/23 12:57:22 | 000,102,912 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard)
    DRV - [2009/07/14 10:18:07 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WSDPrint.sys -- (WSDPrintDevice)
    DRV - [2009/07/14 09:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
    DRV - [2009/07/14 09:45:20 | 000,007,680 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\acpials.sys -- (acpials)
    DRV - [2009/07/14 09:12:52 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tpm.sys -- (TPM)
    DRV - [2009/07/14 08:02:46 | 001,096,704 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\athr.sys -- (athr)
    DRV - [2009/07/03 10:51:00 | 000,044,064 | ---- | M] (O2Micro) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\o2sd.sys -- (O2SDRDR)
    DRV - [2009/06/24 16:33:18 | 000,017,008 | ---- | M] (FUJITSU LIMITED) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\FBIOSDRV.sys -- (FBIOSDRV)
    DRV - [2009/05/16 02:28:00 | 000,102,560 | ---- | M] (O2Micro) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ozscr.sys -- (O2SCBUS)
    DRV - [2009/05/13 15:12:00 | 000,048,672 | ---- | M] (O2Micro ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\o2media.sys -- (O2MDRDR)
    DRV - [2007/02/16 13:12:36 | 000,011,312 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\wacommousefilter.sys -- (wacommousefilter)
    DRV - [2006/11/01 21:59:24 | 000,005,632 | ---- | M] (FUJITSU LIMITED) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\fuj02e3.sys -- (FUJ02E3)
    DRV - [2006/11/01 21:20:28 | 000,005,888 | ---- | M] (FUJITSU LIMITED) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\fuj02b1.sys -- (FUJ02B1)
    DRV - [2005/07/28 08:18:40 | 000,685,056 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\hardlock.sys -- (Hardlock)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========

    IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
    IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
    IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={sea...putEncoding}&oe={outputEncoding}&sourceid=ie7
    IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2790392

    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://hk.fujitsu.com/pc
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.com.au/
    IE - HKCU\..\URLSearchHook: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - No CLSID value found
    IE - HKCU\..\SearchScopes,DefaultScope = {9C7DDA60-0E41-435E-949D-DA109EBD1818}
    IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
    IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={sea...putEncoding}&oe={outputEncoding}&sourceid=ie7
    IE - HKCU\..\SearchScopes\{9C7DDA60-0E41-435E-949D-DA109EBD1818}: "URL" = http://www.google.com.au/search?q={...tIndex?}&startPage={startPage}&rlz=1I7SKPT_en
    IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2790392
    IE - HKCU\..\SearchScopes\{B9B78123-528B-4709-B6DD-AAFE4B1AB0DB}: "URL" = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
    IE - HKCU\..\SearchScopes\{D17DC837-53BF-4A40-BDE2-B84458D1567F}: "URL" = http://search.microsoft.com/results.aspx?mkt=en-US&setlang=en-US&q={searchTerms}
    IE - HKCU\..\SearchScopes\{DCECA4D4-0C72-436E-8102-114F4E5D6443}: "URL" = http://www.facebook.com/search/?src=os&q={searchTerms}
    IE - HKCU\..\SearchScopes\{F488FD25-2498-409C-AD48-E79D33B018E2}: "URL" = http://cnet.search.com/search?chkpt=astg.cnet.fd.search.cnet&q={searchTerms}&tag=srch
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    ========== FireFox ==========

    FF - user.js - File not found

    FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF32_11_3_300_257.dll ()
    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
    FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_32: C:\windows\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
    FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/VirtualEarth3D,version=4.0: C:\Program Files\Virtual Earth 3D\ [2010/05/13 03:59:49 | 000,000,000 | ---D | M]
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/wpi,version=1.4: C:\Program Files\Microsoft\Web Platform Installer\\npwpidetector.dll ()
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/06/19 21:56:46 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/11/14 11:05:28 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/06/19 21:56:46 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/11/14 11:05:28 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/06/19 21:56:46 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/11/14 11:05:28 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/06/19 21:56:46 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/11/14 11:05:28 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/06/19 21:56:46 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/11/14 11:05:28 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/06/19 21:56:46 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/11/14 11:05:28 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/06/19 21:56:46 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/11/14 11:05:28 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/06/19 21:56:46 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/11/14 11:05:28 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/06/19 21:56:46 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/11/14 11:05:28 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/06/19 21:56:46 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/11/14 11:05:28 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/06/19 21:56:46 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/11/14 11:05:28 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/06/19 21:56:46 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/11/14 11:05:28 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/06/19 21:56:46 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/11/14 11:05:28 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/06/19 21:56:46 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/11/14 11:05:28 | 000,000,000 | ---D | M]
    FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/06/19 21:56:46 | 000,000,000 | ---D | M]
    FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/11/14 11:05:28 | 000,000,000 | ---D | M]

    [2011/08/08 13:20:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\felicity\AppData\Roaming\Mozilla\Extensions
    [2012/05/24 18:32:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\felicity\AppData\Roaming\Mozilla\Firefox\Profiles\a3mi51ou.default\extensions
    [2012/05/24 18:32:07 | 000,000,000 | ---D | M] (Page Speed) -- C:\Users\felicity\AppData\Roaming\Mozilla\Firefox\Profiles\a3mi51ou.default\extensions\{e3f6c2cc-d8db-498c-af6c-499fb211db97}
    [2012/06/28 16:12:02 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
    [2012/06/28 16:14:01 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
    [2012/05/18 17:05:01 | 001,335,949 | ---- | M] () (No name found) -- C:\USERS\FELICITY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A3MI51OU.DEFAULT\EXTENSIONS\FIREBUG@SOFTWARE.JOEHEWITT.COM.XPI
    [2012/06/19 21:56:45 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
    [2012/06/19 21:56:36 | 000,001,525 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-en-GB.xml
    [2012/06/19 21:56:36 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
    [2012/06/19 21:56:36 | 000,000,935 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\chambers-en-GB.xml
    [2012/06/19 21:56:35 | 000,001,166 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-en-GB.xml
    [2012/06/19 21:56:35 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml
    [2012/06/19 21:56:35 | 000,001,121 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-en-GB.xml

    ========== Chrome ==========

    CHR - default_search_provider: Google (Enabled)
    CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:eek:riginalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
    CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
    CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\19.0.1084.56\gcswf32.dll
    CHR - plugin: Shockwave Flash (Enabled) = C:\windows\system32\Macromed\Flash\NPSWF32.dll
    CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
    CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
    CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
    CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
    CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
    CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
    CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
    CHR - plugin: Java Deployment Toolkit 6.0.210.7 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
    CHR - plugin: Java(TM) Platform SE 6 U21 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
    CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
    CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll
    CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
    CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL
    CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL
    CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
    CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\19.0.1084.56\ppGoogleNaClPluginChrome.dll
    CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\19.0.1084.56\pdf.dll
    CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll
    CHR - plugin: WPI Detector 1.4 (Enabled) = C:\Program Files\Microsoft\Web Platform Installer\\npwpidetector.dll
    CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
    CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
    CHR - plugin: Default Plug-in (Enabled) = default_plugin
  8. Flick

    Flick Newcomer, in training Topic Starter

    O1 HOSTS File: ([2011/12/30 15:03:19 | 000,000,608 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
    O1 - Hosts: 127.0.0.1 localhost
    O1 - Hosts: 127.0.0.1 activate.adobe.com
    O1 - Hosts: 127.0.0.1 practivate.adobe.com
    O1 - Hosts: 127.0.0.1 ereg.adobe.com
    O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com
    O1 - Hosts: 127.0.0.1 wip3.adobe.com
    O1 - Hosts: 127.0.0.1 3dns-3.adobe.com
    O1 - Hosts: 127.0.0.1 3dns-2.adobe.com
    O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com
    O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com
    O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com
    O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com
    O1 - Hosts: 127.0.0.1 activate-sea.adobe.com
    O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com
    O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com
    O1 - Hosts: 127.0.0.1 hl2rcv.adobe.com
    O1 - Hosts: 127.0.0.1 adobeereg.com
    O1 - Hosts: 192.168.0.3 METRIX01
    O1 - Hosts: 192.168.0.7 METRIX03
    O1 - Hosts: 192.168.0.8 METRIX08
    O1 - Hosts: 192.168.0.4 METRIXHOST01
    O2 - BHO: (Virtual Storage Mount Notification) - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\System32\CbFsMntNtf3.dll (EldoS Corporation)
    O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
    O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
    O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
    O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
    O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {88C7F2AA-F93F-432C-8F0E-B7D85967A527} - No CLSID value found.
    O4 - HKLM..\Run: [] File not found
    O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
    O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
    O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
    O4 - HKLM..\Run: [ATSwpNav] C:\Program Files\Fingerprint Sensor\ATSwpNav.exe (AuthenTec, Inc.)
    O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
    O4 - HKLM..\Run: [ConMgr] C:\Program Files\CSR\Bluetooth Feature Pack 5.0\ConMgr.exe (CSR, plc)
    O4 - HKLM..\Run: [CSRFTP] C:\Program Files\CSR\Bluetooth Feature Pack 5.0\CSRBthFtpServer.exe (CSR, plc)
    O4 - HKLM..\Run: [CSRSkype] C:\Program Files\CSR\Bluetooth Feature Pack 5.0\CSRSkype.exe (CSR, plc)
    O4 - HKLM..\Run: [EPSON Stylus CX3700 Series] C:\windows\System32\spool\DRIVERS\W32X86\3\E_FATIACP.EXE (SEIKO EPSON CORPORATION)
    O4 - HKLM..\Run: [EPSON Stylus CX3700 Series (Copy 1)] C:\windows\System32\spool\DRIVERS\W32X86\3\E_FATIACP.EXE (SEIKO EPSON CORPORATION)
    O4 - HKLM..\Run: [FDM7] c:\Program Files\Fujitsu\FDM7\FdmDaemon.exe (FUJITSU LIMITED)
    O4 - HKLM..\Run: [FJBATAID2] c:\Program Files\Fujitsu\BatteryAid2\BatteryDaemon.exe (FUJITSU LIMITED)
    O4 - HKLM..\Run: [FjStrtAp] c:\Program Files\Fujitsu\Utils\FjStrtAp.exe (Fujitsu Computer Systems Corp.)
    O4 - HKLM..\Run: [FJUPDNV_Chitose] C:\Program Files\Fujitsu\updnavi\updatenv.exe (FUJITSU LIMITED)
    O4 - HKLM..\Run: [IMSS] C:\Program Files\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe ()
    O4 - HKLM..\Run: [IndicatorUtility] C:\Program Files\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe (FUJITSU LIMITED)
    O4 - HKLM..\Run: [LoadFUJ02E3] C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe (FUJITSU LIMITED)
    O4 - HKLM..\Run: [MobileConnect] C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe (Vodafone)
    O4 - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
    O4 - HKLM..\Run: [OmniPass] C:\Program Files\Softex\OmniPass\scureapp.exe ()
    O4 - HKLM..\Run: [PDVD8LanguageShortcut] c:\Program Files\CyberLink\PowerDVD8\Language\Language.exe (CyberLink Corp.)
    O4 - HKLM..\Run: [PSUTility] c:\Program Files\Fujitsu\PSUtility\TrayManager.exe (FUJITSU LIMITED)
    O4 - HKLM..\Run: [RemoteControl8] c:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe (CyberLink Corp.)
    O4 - HKLM..\Run: [snp2uvc] C:\Windows\vsnp2uvc.exe (Sonix)
    O4 - HKLM..\Run: [SNUVCDSM] C:\Windows\snuvcdsm.exe ()
    O4 - HKLM..\Run: [SSUtility] c:\Program Files\Fujitsu\SSUtility\FJSSDMN.exe (FUJITSU LIMITED)
    O4 - HKLM..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
    O4 - HKLM..\Run: [UpdatePDRShortCut] c:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
    O4 - HKLM..\Run: [YouCam Mirror Tray icon] c:\Program Files\CyberLink\YouCam\YouCamTray.exe (CyberLink Corp.)
    O4 - HKCU..\Run: [AdobeBridge] File not found
    O4 - HKCU..\Run: [SkyDrive] C:\Users\felicity\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation)
    O4 - Startup: C:\Users\felicity\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
    O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
    O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
    O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
    O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
    O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
    O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
    O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
    O13 - gopher Prefix: missing
    O16 - DPF: {82774781-8F4E-11D1-AB1C-0000F8773BF0} https://transfers.ds.microsoft.com/FTM/TransferSource/grTransferCtrl.cab (DLC Class)
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab (Java Plug-in 1.6.0_32)
    O16 - DPF: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab (Java Plug-in 1.6.0_32)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab (Java Plug-in 1.6.0_32)
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
    O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} https://secure.logmein.com/activex/RACtrl.cab (Performance Viewer Activex Control)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5513EB5A-47E8-40A2-9C47-B06CB3980939}: DhcpNameServer = 10.188.66.103 10.176.66.71
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{95F4649F-D051-400E-A4BC-55EF53143291}: DhcpNameServer = 192.168.1.1
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DA1C4C54-BFD0-41AF-89DB-D5638673C48C}: DhcpNameServer = 192.168.0.3
    O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
    O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
    O21 - SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\System32\CbFsMntNtf3.dll (EldoS Corporation)
    O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    O22 - SharedTaskScheduler: {5FF49FE8-B332-4CB9-B102-FB6951629E55} - Virtual Storage Mount Notification - C:\Windows\System32\CbFsMntNtf3.dll (EldoS Corporation)
    O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2009/06/11 07:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
    O33 - MountPoints2\{96013fb8-bc1b-11e1-b766-002258c7044b}\Shell - "" = AutoRun
    O33 - MountPoints2\{96013fb8-bc1b-11e1-b766-002258c7044b}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
    O33 - MountPoints2\{96014045-bc1b-11e1-b766-002258c7044b}\Shell - "" = AutoRun
    O33 - MountPoints2\{96014045-bc1b-11e1-b766-002258c7044b}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
    O34 - HKLM BootExecute: (autocheck autochk *)
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37 - HKLM\...com [@ = comfile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*
    O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
    O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
    O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)


    SafeBootMin: Base - Driver Group
    SafeBootMin: Boot Bus Extender - Driver Group
    SafeBootMin: Boot file system - Driver Group
    SafeBootMin: File system - Driver Group
    SafeBootMin: Filter - Driver Group
    SafeBootMin: HelpSvc - Service
    SafeBootMin: MsMpSvc - Service
    SafeBootMin: NTDS - File not found
    SafeBootMin: PCI Configuration - Driver Group
    SafeBootMin: PNP Filter - Driver Group
    SafeBootMin: Primary disk - Driver Group
    SafeBootMin: sacsvr - Service
    SafeBootMin: SCSI Class - Driver Group
    SafeBootMin: System Bus Extender - Driver Group
    SafeBootMin: vmms - Service
    SafeBootMin: WinDefend - Service
    SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
    SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
    SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
    SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
    SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
    SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
    SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
    SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
    SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
    SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
    SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
    SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
    SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
    SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
    SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
    SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
    SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

    ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Microsoft VM
    ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
    ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /I:/UserInstall %SystemRoot%\system32\themeui.dll
    ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
    ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
    ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
    ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
    ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
    ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
    ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
    ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
    ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
    ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
    ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
    ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
    ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /I:U shell32.dll
    ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
    ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
    ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
    ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
    ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
    ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
    ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
    ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
    ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

    Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
    Drivers32: MSVideo8 - C:\windows\System32\vfwwdm32.dll (Microsoft Corporation)
    Drivers32: vidc.cvid - C:\windows\System32\iccvid.dll (Radius Inc.)
    Drivers32: vidc.tscc - C:\Windows\System32\tsccvid.dll (TechSmith Corporation)

    NetSvcs: FastUserSwitchingCompatibility - File not found
    NetSvcs: Ias - C:\windows\System32\ias.dll (Microsoft Corporation)
    NetSvcs: Nla - File not found
    NetSvcs: Ntmssvc - File not found
    NetSvcs: NWCWorkstation - File not found
    NetSvcs: Nwsapagent - File not found
    NetSvcs: Sharedaccess - File not found
    NetSvcs: SRService - File not found
    NetSvcs: WmdmPmSp - File not found
    NetSvcs: wuauserv - File not found
    NetSvcs: BITS - File not found
    NetSvcs: LogonHours - File not found
    NetSvcs: PCAudit - File not found
    NetSvcs: helpsvc - File not found
    NetSvcs: uploadmgr - File not found

    CREATERESTOREPOINT
    Restore point Set: OTL Restore Point

    ========== Files/Folders - Created Within 30 Days ==========

    [2012/07/11 06:09:41 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Users\felicity\Desktop\OTL.exe
    [2012/07/11 02:12:27 | 000,607,260 | R--- | C] (Swearware) -- C:\Users\felicity\Desktop\dds.scr
    [2012/07/11 02:07:13 | 000,000,000 | R--D | C] -- C:\Users\felicity\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 8
    [2012/07/10 22:41:06 | 000,000,000 | ---D | C] -- C:\Users\felicity\AppData\Roaming\Malwarebytes
    [2012/07/10 22:41:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
    [2012/07/10 22:41:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
    [2012/07/10 22:40:59 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbam.sys
    [2012/07/10 22:40:59 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
    [2012/07/10 20:52:18 | 000,000,000 | -HSD | C] -- C:\windows\System32\%APPDATA%
    [2012/07/10 20:47:59 | 000,000,000 | ---D | C] -- C:\ProgramData\B7E8586B002E144B5A2EBD38B4EB238B
    [2012/07/03 16:07:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vodafone
    [2012/07/03 16:07:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Vodafone
    [2012/07/03 16:07:42 | 000,000,000 | ---D | C] -- C:\ProgramData\FLEXnet
    [2012/07/03 16:07:41 | 000,000,000 | ---D | C] -- C:\Program Files\Vodafone
    [2012/06/30 20:21:55 | 000,000,000 | ---D | C] -- C:\Users\felicity\Desktop\Our Wedding
    [2012/06/27 14:19:30 | 000,000,000 | ---D | C] -- C:\Users\felicity\Desktop\Fonts
    [2012/06/22 08:55:34 | 000,045,080 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wups2.dll
    [2012/06/22 08:55:33 | 002,422,272 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wucltux.dll
    [2012/06/22 08:55:10 | 000,577,048 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wuapi.dll
    [2012/06/22 08:55:10 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wudriver.dll
    [2012/06/22 08:55:10 | 000,035,864 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wups.dll
    [2012/06/22 08:54:50 | 000,171,904 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wuwebv.dll
    [2012/06/22 08:54:50 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wuapp.exe
    [2012/06/22 05:25:41 | 000,000,000 | ---D | C] -- C:\Users\felicity\AppData\Local\{A3A95EF1-12B5-41BF-AB29-DDE0FAA574CA}
    [2012/06/22 05:25:29 | 000,000,000 | ---D | C] -- C:\Users\felicity\AppData\Local\{610649E7-9FD2-4E62-945D-3B5B28BD8FB0}
    [2012/06/21 17:24:48 | 000,000,000 | ---D | C] -- C:\Users\felicity\AppData\Local\{3F2C02A0-4976-4CBB-BA1A-F7DA30B0BE9E}
    [2012/06/21 17:24:30 | 000,000,000 | ---D | C] -- C:\Users\felicity\AppData\Local\{94CE7374-26AE-4783-AD37-37FFC588781B}
    [2012/06/20 13:08:51 | 000,000,000 | ---D | C] -- C:\Users\felicity\AppData\Local\Macromedia
    [2012/06/14 17:34:01 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mshtml.tlb
    [2012/06/14 17:33:59 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ieui.dll
    [2012/06/14 17:33:59 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ieUnatt.exe
    [2012/06/14 17:33:59 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\jsproxy.dll
    [2012/06/14 17:33:58 | 001,800,192 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\jscript9.dll
    [2012/06/14 17:33:58 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\url.dll
    [2012/06/14 17:33:57 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\inetcpl.cpl
    [2012/06/14 10:45:02 | 002,343,936 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\win32k.sys
    [2012/06/14 10:45:00 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\rdpcorekmts.dll
    [2012/06/14 10:45:00 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\rdpwsx.dll
    [2012/06/14 10:45:00 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\rdrmemptylst.exe

    ========== Files - Modified Within 30 Days ==========

    [2012/07/11 06:10:02 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\felicity\Desktop\OTL.exe
    [2012/07/11 06:08:19 | 000,000,890 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
    [2012/07/11 06:08:06 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
    [2012/07/11 02:14:15 | 000,017,856 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    [2012/07/11 02:14:15 | 000,017,856 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    [2012/07/11 02:12:58 | 000,713,574 | ---- | M] () -- C:\windows\System32\perfh009.dat
    [2012/07/11 02:12:58 | 000,138,790 | ---- | M] () -- C:\windows\System32\perfc009.dat
    [2012/07/11 02:12:33 | 000,607,260 | R--- | M] (Swearware) -- C:\Users\felicity\Desktop\dds.scr
    [2012/07/11 02:07:11 | 000,000,886 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
    [2012/07/11 02:06:59 | 008,405,015 | ---- | M] () -- C:\windows\TempFile
    [2012/07/11 02:06:23 | 2355,695,616 | -HS- | M] () -- C:\hiberfil.sys
    [2012/07/11 00:08:46 | 000,302,592 | ---- | M] () -- C:\Users\felicity\Desktop\sxt2dw2k.exe
    [2012/07/10 22:41:01 | 000,001,071 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    [2012/07/10 22:33:38 | 417,902,705 | ---- | M] () -- C:\windows\MEMORY.DMP
    [2012/07/10 20:58:30 | 000,655,360 | ---- | M] () -- C:\windows\System32\Ikeext.etl
    [2012/07/10 20:49:29 | 000,000,419 | ---- | M] () -- C:\windows\BRWMARK.INI
    [2012/07/10 20:49:26 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\System32\FlashPlayerApp.exe
    [2012/07/10 20:49:25 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\System32\FlashPlayerCPLApp.cpl
    [2012/07/10 13:42:40 | 000,001,266 | ---- | M] () -- C:\Users\felicity\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk
    [2012/07/09 14:58:21 | 000,001,456 | ---- | M] () -- C:\Users\felicity\AppData\Local\Adobe Save for Web 12.0 Prefs
    [2012/07/09 10:36:39 | 000,923,708 | ---- | M] () -- C:\Users\felicity\Desktop\AmericanTypewriter.ttc
    [2012/07/06 15:39:23 | 000,042,222 | ---- | M] () -- C:\Users\felicity\Desktop\metrix-operations.jpg
    [2012/07/06 13:30:24 | 000,381,870 | ---- | M] () -- C:\Users\felicity\Desktop\Lavender-Oil-Brochure.pdf
    [2012/07/03 16:16:25 | 003,816,280 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT
    [2012/07/02 11:37:51 | 000,000,600 | ---- | M] () -- C:\Users\felicity\AppData\Local\PUTTY.RND
    [2012/06/27 14:15:18 | 000,532,364 | ---- | M] () -- C:\Users\felicity\Desktop\AmericanTypewriter.dfont
    [2012/06/22 11:19:20 | 000,008,704 | ---- | M] () -- C:\Users\felicity\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2012/06/20 05:41:27 | 000,000,540 | ---- | M] () -- C:\windows\tasks\PCDoctorBackgroundMonitorTask.job
    [2012/06/14 17:30:25 | 002,158,136 | ---- | M] () -- C:\Users\felicity\Desktop\Optimized-Content-Marketing-Strategy-Guide.pdf

    ========== Files Created - No Company Name ==========

    [2012/07/11 02:07:52 | 000,302,592 | ---- | C] () -- C:\Users\felicity\Desktop\sxt2dw2k.exe
    [2012/07/11 02:07:21 | 000,018,944 | ---- | C] () -- C:\windows\Installer\{540b8e83-9192-4312-6da2-8409d0744685}\U\800000cb.@
    [2012/07/10 22:41:01 | 000,001,071 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    [2012/07/10 22:33:38 | 417,902,705 | ---- | C] () -- C:\windows\MEMORY.DMP
    [2012/07/10 22:03:49 | 000,013,312 | ---- | C] () -- C:\Users\felicity\AppData\Local\{540b8e83-9192-4312-6da2-8409d0744685}\U\80000000.@
    [2012/07/10 22:03:48 | 000,001,696 | ---- | C] () -- C:\Users\felicity\AppData\Local\{540b8e83-9192-4312-6da2-8409d0744685}\U\00000001.@
    [2012/07/10 20:48:55 | 000,013,312 | ---- | C] () -- C:\windows\Installer\{540b8e83-9192-4312-6da2-8409d0744685}\U\80000000.@
    [2012/07/10 20:48:54 | 000,001,696 | ---- | C] () -- C:\windows\Installer\{540b8e83-9192-4312-6da2-8409d0744685}\U\00000001.@
    [2012/07/09 10:36:39 | 000,923,708 | ---- | C] () -- C:\Users\felicity\Desktop\AmericanTypewriter.ttc
    [2012/07/06 15:39:17 | 000,042,222 | ---- | C] () -- C:\Users\felicity\Desktop\metrix-operations.jpg
    [2012/07/06 13:30:24 | 000,381,870 | ---- | C] () -- C:\Users\felicity\Desktop\Lavender-Oil-Brochure.pdf
    [2012/06/27 14:15:18 | 000,532,364 | ---- | C] () -- C:\Users\felicity\Desktop\AmericanTypewriter.dfont
    [2012/06/14 17:30:25 | 002,158,136 | ---- | C] () -- C:\Users\felicity\Desktop\Optimized-Content-Marketing-Strategy-Guide.pdf
    [2012/04/30 20:53:27 | 000,000,419 | ---- | C] () -- C:\windows\BRWMARK.INI
    [2012/03/28 15:50:49 | 000,000,132 | ---- | C] () -- C:\Users\felicity\AppData\Roaming\Adobe GIF Format CS5 Prefs
    [2012/03/05 16:51:12 | 000,000,132 | ---- | C] () -- C:\Users\felicity\AppData\Roaming\Adobe PNG Format CS5 Prefs
    [2012/01/12 11:10:54 | 000,002,048 | -HS- | C] () -- C:\windows\Installer\{540b8e83-9192-4312-6da2-8409d0744685}\@
    [2012/01/12 11:10:54 | 000,002,048 | -HS- | C] () -- C:\Users\felicity\AppData\Local\{540b8e83-9192-4312-6da2-8409d0744685}\@
    [2011/08/24 11:02:32 | 000,000,600 | ---- | C] () -- C:\Users\felicity\AppData\Roaming\PUTTY.RND
    [2011/06/06 15:44:05 | 000,008,704 | ---- | C] () -- C:\Users\felicity\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2011/05/24 12:47:00 | 000,003,540 | ---- | C] () -- C:\Users\felicity\AppData\Roaming\FjMenu1.XML
    [2011/05/19 16:27:41 | 000,004,096 | -H-- | C] () -- C:\Users\felicity\AppData\Local\keyfile3.drm
    [2011/04/18 20:10:17 | 000,066,048 | ---- | C] () -- C:\windows\System32\PrintBrmUi.exe
    [2011/01/09 14:46:27 | 000,009,379 | ---- | C] () -- C:\Users\felicity\AppData\Roaming\Comma Separated Values (Windows).EML
    [2010/10/12 11:35:46 | 000,000,126 | ---- | C] () -- C:\windows\mdm.ini
    [2010/10/12 11:35:20 | 000,000,535 | ---- | C] () -- C:\windows\ODBCINST.INI
    [2010/09/10 22:07:25 | 000,001,456 | ---- | C] () -- C:\Users\felicity\AppData\Local\Adobe Save for Web 12.0 Prefs
    [2010/09/10 17:11:20 | 000,000,056 | -H-- | C] () -- C:\windows\System32\ezsidmv.dat
    [2010/09/09 14:33:15 | 000,000,600 | ---- | C] () -- C:\Users\felicity\AppData\Local\PUTTY.RND
    [2010/07/16 10:49:29 | 000,000,476 | ---- | C] () -- C:\windows\ODBC.INI

    ========== Custom Scans ==========

    < %AppData%\Roaming\Mozilla\Firefox\Profiles\*.default\extensions\ /s /md5 >

    < %AppData%\Local\ >

    < %systemroot%\system32\sysprep >

    < *.xpi /md5 >

    < %systemroot%\Downloaded Program Files\ >

    < HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile >

    < hklm\software\clients\startmenuinternet|command /rs >
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2012/06/19 21:56:35 | 000,867,064 | ---- | M] (Mozilla Corporation)
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2012/06/19 21:56:35 | 000,867,064 | ---- | M] (Mozilla Corporation)
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2012/06/19 21:56:35 | 000,867,064 | ---- | M] (Mozilla Corporation)
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2012/06/19 21:56:43 | 000,913,888 | ---- | M] (Mozilla Corporation)
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2012/06/19 21:56:43 | 000,913,888 | ---- | M] (Mozilla Corporation)
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2012/06/19 21:56:43 | 000,913,888 | ---- | M] (Mozilla Corporation)
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --show-icons [2012/06/28 20:28:57 | 001,250,328 | ---- | M] (Google Inc.)
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --hide-icons [2012/06/28 20:28:57 | 001,250,328 | ---- | M] (Google Inc.)
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --make-default-browser [2012/06/28 20:28:57 | 001,250,328 | ---- | M] (Google Inc.)
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Program Files\Google\Chrome\Application\chrome.exe" [2012/06/28 20:28:57 | 001,250,328 | ---- | M] (Google Inc.)
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\System32\ie4uinit.exe" -show [2011/04/18 20:18:32 | 000,074,240 | ---- | M] (Microsoft Corporation)
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\System32\ie4uinit.exe" -reinstall [2011/04/18 20:18:32 | 000,074,240 | ---- | M] (Microsoft Corporation)
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\System32\ie4uinit.exe" -hide [2011/04/18 20:18:32 | 000,074,240 | ---- | M] (Microsoft Corporation)
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2012/05/18 09:21:54 | 000,748,664 | ---- | M] (Microsoft Corporation)
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2012/05/18 09:21:54 | 000,748,664 | ---- | M] (Microsoft Corporation)
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ReinstallCommand: "C:\Program Files\Safari\Safari.exe" /reinstall [2011/11/10 16:19:40 | 002,388,848 | ---- | M] (Apple Inc.)
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\HideIconsCommand: "C:\Program Files\Safari\Safari.exe" /hideicons [2011/11/10 16:19:40 | 002,388,848 | ---- | M] (Apple Inc.)
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ShowIconsCommand: "C:\Program Files\Safari\Safari.exe" /showicons [2011/11/10 16:19:40 | 002,388,848 | ---- | M] (Apple Inc.)
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\shell\open\command\\: "C:\Program Files\Safari\Safari.exe" [2011/11/10 16:19:40 | 002,388,848 | ---- | M] (Apple Inc.)

    < hklm\software\clients\startmenuinternet|command /64 /rs >
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2012/06/19 21:56:35 | 000,867,064 | ---- | M] (Mozilla Corporation)
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2012/06/19 21:56:35 | 000,867,064 | ---- | M] (Mozilla Corporation)
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2012/06/19 21:56:35 | 000,867,064 | ---- | M] (Mozilla Corporation)
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2012/06/19 21:56:43 | 000,913,888 | ---- | M] (Mozilla Corporation)
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2012/06/19 21:56:43 | 000,913,888 | ---- | M] (Mozilla Corporation)
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2012/06/19 21:56:43 | 000,913,888 | ---- | M] (Mozilla Corporation)
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --show-icons [2012/06/28 20:28:57 | 001,250,328 | ---- | M] (Google Inc.)
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --hide-icons [2012/06/28 20:28:57 | 001,250,328 | ---- | M] (Google Inc.)
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --make-default-browser [2012/06/28 20:28:57 | 001,250,328 | ---- | M] (Google Inc.)
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Program Files\Google\Chrome\Application\chrome.exe" [2012/06/28 20:28:57 | 001,250,328 | ---- | M] (Google Inc.)
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\System32\ie4uinit.exe" -show [2011/04/18 20:18:32 | 000,074,240 | ---- | M] (Microsoft Corporation)
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\System32\ie4uinit.exe" -reinstall [2011/04/18 20:18:32 | 000,074,240 | ---- | M] (Microsoft Corporation)
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\System32\ie4uinit.exe" -hide [2011/04/18 20:18:32 | 000,074,240 | ---- | M] (Microsoft Corporation)
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2012/05/18 09:21:54 | 000,748,664 | ---- | M] (Microsoft Corporation)
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2012/05/18 09:21:54 | 000,748,664 | ---- | M] (Microsoft Corporation)
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ReinstallCommand: "C:\Program Files\Safari\Safari.exe" /reinstall [2011/11/10 16:19:40 | 002,388,848 | ---- | M] (Apple Inc.)
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\HideIconsCommand: "C:\Program Files\Safari\Safari.exe" /hideicons [2011/11/10 16:19:40 | 002,388,848 | ---- | M] (Apple Inc.)
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ShowIconsCommand: "C:\Program Files\Safari\Safari.exe" /showicons [2011/11/10 16:19:40 | 002,388,848 | ---- | M] (Apple Inc.)
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\shell\open\command\\: "C:\Program Files\Safari\Safari.exe" [2011/11/10 16:19:40 | 002,388,848 | ---- | M] (Apple Inc.)
  9. Flick

    Flick Newcomer, in training Topic Starter

    < %systemroot%\system32\drivers\*.sys /lockedfiles >

    < %systemroot%\system32\drivers\*.sys /90 >
    [2012/04/28 13:17:07 | 000,183,808 | ---- | M] (Microsoft Corporation) -- C:\windows\system32\drivers\rdpwd.sys

    < %systemroot%\System32\config\*.sav >

    < %SYSTEMDRIVE%\*.exe /md5 >

    < "%WinDir%\$NtUninstallKB*$." /30 >

    < %systemdrive%\Program Files\Common Files\ComObjects\*.* /s >

    < %systemroot%\*. /mp /s >

    < %systemroot%\*. /rp /s >

    < %systemroot%\system32\*.dll /lockedfiles >

    < %systemroot%\Tasks\*.job /lockedfiles >

    < %USERPROFILE%\AppData\Local\Google\Chrome\User Data\*.* /s >
    [2012/06/22 21:55:25 | 000,201,355 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Certificate Revocation Lists
    [2012/06/22 21:59:51 | 000,000,004 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\chrome_shutdown_ms.txt
    [2011/03/15 12:41:04 | 000,000,000 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\First Run
    [2012/06/22 21:59:51 | 000,011,437 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Local State
    [2012/06/22 21:52:20 | 003,295,840 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Safe Browsing Bloom
    [2012/06/22 21:52:21 | 001,039,247 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Safe Browsing Bloom Filter 2
    [2012/06/22 21:49:29 | 000,006,144 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Safe Browsing Cookies
    [2012/06/22 21:49:29 | 000,001,544 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Safe Browsing Cookies-journal
    [2012/06/22 21:52:21 | 000,134,356 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Safe Browsing Csd Whitelist
    [2012/06/22 21:52:19 | 003,448,412 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Safe Browsing Download
    [2012/06/22 21:52:21 | 000,015,912 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Safe Browsing Download Whitelist
    [2012/06/22 21:59:51 | 000,360,448 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Archived History
    [2012/06/22 21:59:51 | 000,016,384 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Archived History-journal
    [2010/07/07 12:38:28 | 000,012,314 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Bookmarks
    [2010/07/07 12:38:28 | 000,012,314 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Bookmarks.bak
    [2012/06/22 21:49:53 | 000,051,200 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cookies
    [2012/06/22 21:49:53 | 000,014,960 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cookies-journal
    [2012/06/22 21:59:51 | 000,035,971 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Current Session
    [2012/06/22 21:59:51 | 000,009,033 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Current Tabs
    [2010/07/07 12:38:29 | 000,006,144 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Extension Cookies
    [2012/06/22 21:49:55 | 000,034,816 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Favicons
    [2012/06/22 21:49:55 | 000,010,792 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Favicons-journal
    [2012/06/22 21:49:20 | 000,150,798 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Google Profile.ico
    [2012/06/22 21:59:51 | 000,425,984 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\History
    [2012/06/22 21:49:55 | 000,520,192 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\History Index 2011-11
    [2012/06/22 21:49:55 | 000,016,384 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\History Index 2011-11-journal
    [2012/06/22 21:59:51 | 000,217,088 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\History Index 2012-01
    [2012/06/22 21:59:51 | 000,016,384 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\History Index 2012-01-journal
    [2012/06/22 21:59:51 | 000,036,864 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\History Index 2012-03
    [2012/06/22 21:59:51 | 000,016,384 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\History Index 2012-03-journal
    [2012/06/22 21:59:51 | 000,081,920 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\History Index 2012-06
    [2012/06/22 21:59:51 | 000,016,384 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\History Index 2012-06-journal
    [2012/06/22 21:59:51 | 000,005,254 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\History Provider Cache
    [2012/06/22 21:59:51 | 000,016,384 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\History-journal
    [2012/03/05 14:20:17 | 000,009,019 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Last Session
    [2012/03/05 14:20:17 | 000,008,205 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Last Tabs
    [2011/11/24 16:52:54 | 000,012,288 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Login Data
    [2012/06/22 21:49:43 | 000,030,720 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Network Action Predictor
    [2012/06/22 21:49:43 | 000,016,384 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Network Action Predictor-journal
    [2012/06/28 16:12:00 | 000,035,498 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Preferences
    [2012/06/22 21:50:19 | 000,000,180 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\README
    [2012/06/22 21:49:43 | 000,012,288 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Shortcuts
    [2012/06/22 21:49:43 | 000,012,824 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Shortcuts-journal
    [2012/06/22 21:49:36 | 000,069,632 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Top Sites
    [2012/06/22 21:49:36 | 000,016,384 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Top Sites-journal
    [2012/06/22 21:59:51 | 000,131,072 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Visited Links
    [2012/06/22 21:49:23 | 000,081,920 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Web Data
    [2012/06/22 21:49:23 | 000,012,848 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal
    [2012/06/22 21:59:51 | 000,155,648 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\data_0
    [2012/06/22 21:59:51 | 003,153,920 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\data_1
    [2012/06/22 21:59:51 | 003,153,920 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\data_2
    [2012/06/22 21:59:51 | 008,396,800 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\data_3
    [2010/07/07 12:39:51 | 000,025,086 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000001
    [2010/07/07 12:39:51 | 000,028,736 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000002
    [2010/07/07 12:39:51 | 000,016,429 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000003
    [2010/07/07 12:39:51 | 000,022,775 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000004
    [2010/07/07 12:39:54 | 000,146,444 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000005
    [2010/07/07 12:40:04 | 000,022,380 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000006
    [2010/07/07 12:40:05 | 000,017,193 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000007
    [2010/07/07 12:40:05 | 000,021,450 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000008
    [2010/07/07 12:40:05 | 000,102,009 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000009
    [2010/07/07 12:40:05 | 000,060,539 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00000a
    [2010/07/07 12:40:09 | 000,027,167 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00000b
    [2010/07/07 12:40:10 | 000,031,560 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00000c
    [2010/07/07 12:40:10 | 000,041,808 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00000d
    [2010/07/07 12:40:11 | 000,028,861 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00000e
    [2010/07/07 12:40:11 | 000,022,876 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00000f
    [2010/07/07 12:40:13 | 000,017,438 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000011
    [2010/07/07 13:09:24 | 000,026,781 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000012
    [2010/07/07 13:09:24 | 000,096,657 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000013
    [2010/07/07 13:09:24 | 000,072,174 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000014
    [2010/07/07 13:09:24 | 000,024,329 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000015
    [2010/07/07 13:09:25 | 000,024,329 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000016
    [2010/07/07 13:09:27 | 000,024,506 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000017
    [2010/07/07 13:09:27 | 000,021,510 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000018
    [2010/07/07 13:09:27 | 000,024,298 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000019
    [2010/07/07 13:09:27 | 000,022,966 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00001a
    [2010/07/07 13:09:27 | 000,071,142 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00001b
    [2010/07/07 13:09:27 | 000,022,095 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00001c
    [2010/07/07 13:09:27 | 000,024,077 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00001d
    [2010/07/07 13:09:27 | 000,021,151 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00001e
    [2010/07/07 13:09:27 | 000,019,288 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00001f
    [2010/07/07 13:09:27 | 000,024,364 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000020
    [2010/07/07 13:09:34 | 000,096,657 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000021
    [2010/07/07 13:09:34 | 000,072,174 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000022
    [2010/07/07 13:09:34 | 000,024,329 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000023
    [2010/07/07 13:09:47 | 000,548,874 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000024
    [2010/07/07 13:09:58 | 000,096,657 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000025
    [2010/07/07 13:09:58 | 000,020,583 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000026
    [2010/07/07 13:09:58 | 000,034,277 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000027
    [2010/07/07 13:10:12 | 000,028,756 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000028
    [2010/07/07 13:10:12 | 000,096,657 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000029
    [2010/07/07 13:10:20 | 000,019,357 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00002a
    [2010/07/07 13:10:30 | 000,065,365 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00002b
    [2010/07/07 13:10:40 | 000,032,257 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00002c
    [2010/07/07 13:10:50 | 000,114,780 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00002d
    [2010/07/07 13:11:00 | 000,027,604 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00002e
    [2010/07/07 13:13:20 | 000,018,810 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00002f
    [2010/07/07 13:13:20 | 000,022,149 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000030
    [2010/07/07 13:13:20 | 000,027,783 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000031
    [2010/07/07 13:35:49 | 000,028,950 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000032
    [2010/07/09 09:33:43 | 000,025,099 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000033
    [2010/07/09 09:34:00 | 000,102,445 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000034
    [2010/07/09 09:34:00 | 000,047,428 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000035
    [2010/07/09 09:34:00 | 000,029,611 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000036
    [2010/07/09 09:34:00 | 000,678,170 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000037
    [2010/07/09 09:34:09 | 000,038,542 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000038
    [2010/07/09 09:34:09 | 000,031,695 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000039
    [2010/07/09 09:34:09 | 000,018,524 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00003a
    [2010/07/09 09:34:09 | 000,025,146 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00003b
    [2010/07/09 09:34:10 | 000,019,055 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00003c
    [2010/07/09 09:34:10 | 000,016,526 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00003d
    [2010/07/09 09:34:11 | 000,027,419 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00003e
    [2010/07/09 09:35:37 | 000,058,746 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00003f
    [2010/07/09 09:35:37 | 000,064,129 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000040
    [2010/07/09 09:35:37 | 000,055,976 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000041
    [2010/07/09 09:35:38 | 000,049,038 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000042
    [2010/07/09 09:35:38 | 000,059,711 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000043
    [2010/07/09 09:35:38 | 000,062,527 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000044
    [2010/07/09 09:35:37 | 000,063,238 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000045
    [2010/07/09 09:35:38 | 000,054,953 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000046
    [2010/07/09 09:35:38 | 000,055,826 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000047
    [2010/07/09 09:35:38 | 000,020,665 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000048
    [2010/07/09 09:37:11 | 000,039,834 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000049
    [2010/07/09 09:37:31 | 000,021,160 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00004a
    [2010/07/09 09:37:31 | 000,016,534 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00004b
    [2010/07/09 09:37:31 | 000,020,206 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00004c
    [2010/07/09 09:37:33 | 000,031,312 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00004d
    [2010/07/09 09:37:43 | 000,020,462 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00004e
    [2010/07/09 09:38:08 | 000,019,763 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00004f
    [2010/07/09 09:38:09 | 000,046,142 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000050
    [2010/07/09 09:38:09 | 000,016,591 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000051
    [2010/07/09 09:38:11 | 000,093,009 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000052
    [2010/07/09 09:38:13 | 000,048,526 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000053
    [2010/07/09 09:38:13 | 000,030,092 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000054
    [2010/07/09 09:38:14 | 000,579,432 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000055
    [2010/07/09 09:38:18 | 000,053,083 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000056
    [2010/07/09 09:38:19 | 000,021,089 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000057
    [2010/07/09 09:40:17 | 000,023,586 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000058
    [2010/07/09 09:40:22 | 000,029,984 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000059
    [2010/07/09 09:41:05 | 000,028,762 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00005a
    [2010/07/09 09:41:10 | 000,020,469 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00005b
    [2010/07/09 09:41:14 | 000,040,262 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00005c
    [2010/07/09 09:41:14 | 000,089,949 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00005d
    [2010/07/09 09:41:15 | 000,020,038 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00005e
    [2010/07/09 09:41:17 | 000,020,517 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00005f
    [2010/07/09 09:41:18 | 000,018,280 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000060
    [2010/07/09 09:41:21 | 000,020,414 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000062
    [2010/07/09 09:41:21 | 000,079,402 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000063
    [2010/07/09 09:41:22 | 000,166,558 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000064
    [2010/07/09 09:41:23 | 000,025,071 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000065
    [2010/07/09 09:41:23 | 000,021,474 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000066
    [2010/07/09 09:41:23 | 000,034,372 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000067
    [2010/07/09 09:41:23 | 000,019,377 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000068
    [2010/07/09 09:41:23 | 000,027,538 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000069
    [2010/07/09 09:41:23 | 000,020,216 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00006a
    [2010/07/09 09:41:24 | 000,031,238 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00006b
    [2010/07/09 09:41:24 | 000,254,131 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00006c
    [2010/07/09 09:41:25 | 000,141,206 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00006d
    [2010/07/09 09:41:25 | 000,026,038 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00006e
    [2010/07/09 09:41:25 | 000,025,705 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00006f
    [2010/07/09 09:41:25 | 000,019,875 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000070
    [2010/07/09 09:41:25 | 000,024,603 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000071
    [2010/07/09 09:41:26 | 000,073,295 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000072
    [2010/07/09 09:41:26 | 000,031,180 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000073
    [2010/07/09 09:41:27 | 000,037,568 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000074
    [2010/07/09 09:41:28 | 000,052,173 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000075
    [2010/07/09 09:41:29 | 000,076,605 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000076
  10. Flick

    Flick Newcomer, in training Topic Starter

    [2011/03/15 12:41:18 | 000,026,348 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000077
    [2011/03/15 12:41:25 | 000,035,485 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000078
    [2011/03/15 12:41:25 | 000,048,971 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000079
    [2011/03/15 12:41:25 | 000,149,542 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00007a
    [2011/10/19 16:53:22 | 000,102,970 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00007b
    [2011/10/19 16:53:23 | 000,031,972 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00007c
    [2011/10/19 21:59:35 | 000,027,118 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00007d
    [2011/10/19 21:59:36 | 000,026,751 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00007e
    [2011/10/19 21:59:36 | 000,147,615 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00007f
    [2011/10/19 21:59:36 | 000,082,353 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000080
    [2011/10/19 21:59:36 | 000,101,241 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000081
    [2011/10/19 21:59:36 | 000,061,990 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000082
    [2011/10/19 21:59:36 | 000,082,915 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000083
    [2011/10/19 21:59:37 | 000,075,378 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000084
    [2011/10/19 21:59:37 | 000,084,216 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000086
    [2011/10/19 21:59:37 | 000,081,170 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000087
    [2011/10/19 21:59:37 | 000,125,195 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000088
    [2011/10/19 21:59:37 | 000,124,672 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000089
    [2011/10/19 21:59:37 | 000,092,662 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00008a
    [2011/10/19 21:59:37 | 000,066,865 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00008b
    [2011/10/19 21:59:37 | 000,080,688 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00008c
    [2011/10/19 21:59:37 | 000,115,186 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00008d
    [2011/10/19 21:59:37 | 000,056,330 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00008e
    [2011/10/19 21:59:37 | 000,085,382 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00008f
    [2011/10/19 21:59:37 | 000,075,184 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000090
    [2011/10/19 21:59:37 | 000,076,058 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000091
    [2011/10/19 21:59:37 | 000,071,671 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000092
    [2011/10/19 21:59:37 | 000,072,194 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000093
    [2011/10/19 21:59:37 | 000,129,179 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000094
    [2011/10/19 21:59:37 | 000,024,693 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000095
    [2011/10/19 21:59:37 | 000,113,166 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000096
    [2011/10/19 21:59:38 | 000,089,727 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000097
    [2011/10/19 21:59:38 | 000,165,186 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000098
    [2011/10/19 21:59:38 | 000,137,383 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000099
    [2011/10/19 21:59:38 | 000,069,440 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00009a
    [2011/10/19 21:59:38 | 000,122,776 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00009b
    [2011/10/19 21:59:38 | 000,074,221 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00009c
    [2011/10/19 21:59:38 | 000,099,679 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00009d
    [2011/10/19 21:59:38 | 000,118,126 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00009e
    [2011/10/19 21:59:38 | 000,109,356 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00009f
    [2011/10/19 21:59:38 | 000,099,705 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000a0
    [2011/10/19 21:59:38 | 000,140,052 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000a1
    [2011/10/19 21:59:38 | 000,018,941 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000a2
    [2011/10/19 21:59:38 | 000,098,279 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000a3
    [2011/10/19 21:59:38 | 000,128,796 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000a4
    [2011/10/19 21:59:39 | 000,095,114 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000a5
    [2011/10/19 21:59:39 | 000,023,047 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000a6
    [2011/10/19 21:59:39 | 000,089,860 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000a7
    [2011/10/19 21:59:39 | 000,055,124 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000a8
    [2011/10/19 21:59:39 | 000,083,355 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000a9
    [2011/10/19 21:59:39 | 000,121,127 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000aa
    [2011/10/19 21:59:39 | 000,141,603 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000ab
    [2011/10/19 21:59:39 | 000,075,952 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000ac
    [2011/10/19 21:59:39 | 000,091,914 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000ad
    [2011/10/19 21:59:39 | 000,089,288 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000ae
    [2011/10/19 21:59:39 | 000,092,433 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000af
    [2011/10/19 21:59:39 | 000,076,036 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000b0
    [2011/10/19 21:59:39 | 000,090,576 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000b1
    [2011/10/19 21:59:39 | 000,071,630 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000b2
    [2011/10/19 21:59:40 | 000,174,275 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000b3
    [2011/10/19 21:59:40 | 000,171,573 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000b4
    [2011/10/19 21:59:40 | 000,170,467 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000b5
    [2011/10/19 21:59:40 | 000,098,607 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000b6
    [2011/10/19 21:59:40 | 000,125,155 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000b7
    [2011/10/19 21:59:40 | 000,136,115 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000b8
    [2011/10/19 21:59:40 | 000,101,317 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000b9
    [2011/10/19 21:59:40 | 000,151,106 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000ba
    [2011/10/19 21:59:40 | 000,130,690 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000bb
    [2011/10/19 21:59:40 | 000,118,569 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000bc
    [2011/10/19 21:59:40 | 000,106,211 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000bd
    [2011/10/19 21:59:40 | 000,141,669 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000be
    [2011/10/19 21:59:40 | 000,094,409 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000bf
    [2011/10/19 21:59:41 | 000,103,166 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000c0
    [2011/10/19 21:59:41 | 000,089,412 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000c1
    [2011/10/19 21:59:41 | 000,103,189 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000c2
    [2011/10/19 21:59:41 | 000,098,686 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000c3
    [2011/10/19 21:59:41 | 000,143,446 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000c4
    [2011/10/19 21:59:41 | 000,132,838 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000c5
    [2011/10/19 21:59:41 | 000,155,601 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000c6
    [2011/10/19 21:59:41 | 000,119,614 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000c7
    [2011/10/19 21:59:41 | 000,116,308 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000c8
    [2011/10/19 21:59:41 | 000,102,125 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000c9
    [2011/10/19 21:59:41 | 000,108,878 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000ca
    [2011/10/19 21:59:41 | 000,157,202 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000cb
    [2011/10/19 21:59:41 | 000,102,467 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000cc
    [2011/10/19 21:59:42 | 000,146,337 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000cd
    [2011/10/19 21:59:42 | 000,072,096 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000ce
    [2011/10/19 21:59:42 | 000,102,997 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000cf
    [2011/10/19 21:59:42 | 000,120,642 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000d0
    [2011/10/19 21:59:42 | 000,105,616 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000d1
    [2011/10/19 21:59:42 | 000,171,512 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000d2
    [2011/10/19 21:59:42 | 000,115,285 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000d3
    [2011/10/19 21:59:42 | 000,105,273 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000d4
    [2011/10/19 21:59:42 | 000,107,870 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000d5
    [2011/10/19 21:59:42 | 000,125,062 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000d6
    [2011/10/19 21:59:42 | 000,116,073 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000d7
    [2011/10/19 21:59:42 | 000,018,175 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000d8
    [2011/10/19 21:59:42 | 000,024,029 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000d9
    [2011/10/19 21:59:42 | 000,018,958 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000da
    [2011/10/19 21:59:42 | 000,034,363 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000db
    [2011/10/19 21:59:42 | 000,017,289 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000dc
    [2011/10/19 21:59:42 | 000,017,316 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000dd
    [2011/10/19 21:59:43 | 000,018,540 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000de
    [2011/10/19 21:59:43 | 000,018,175 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000e0
    [2011/10/19 21:59:43 | 000,023,550 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000e1
    [2011/10/19 21:59:43 | 000,020,211 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000e2
    [2011/10/19 21:59:43 | 000,021,339 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000e3
    [2011/10/19 21:59:43 | 000,142,542 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000e4
    [2011/10/19 21:59:43 | 000,017,685 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000e5
    [2011/10/19 21:59:43 | 000,020,998 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000e6
    [2011/10/19 21:59:43 | 000,018,193 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000e7
    [2011/10/19 21:59:43 | 000,020,430 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000e8
    [2011/10/19 21:59:43 | 000,019,624 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000e9
    [2011/10/19 21:59:43 | 000,016,420 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000ea
    [2011/10/19 21:59:43 | 000,251,819 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000eb
    [2011/10/19 21:59:43 | 000,020,354 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000ec
    [2011/10/19 21:59:43 | 000,031,608 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000ed
    [2011/10/19 21:59:43 | 000,395,971 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000ee
    [2011/10/19 21:59:44 | 000,051,823 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000ef
    [2011/10/19 22:20:17 | 000,016,654 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000f0
    [2011/10/19 22:20:17 | 000,027,118 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000f1
    [2011/10/19 22:20:17 | 000,026,755 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000f3
    [2011/10/19 22:20:18 | 000,160,784 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000f4
    [2011/10/19 22:20:18 | 000,082,353 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000f5
    [2011/10/19 22:20:18 | 000,069,248 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000f6
    [2011/10/19 22:20:18 | 000,108,262 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000f7
    [2011/10/19 22:20:18 | 000,078,883 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000f8
    [2011/10/19 22:20:18 | 000,099,531 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000f9
    [2011/10/19 22:20:18 | 000,099,636 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000fa
    [2011/10/19 22:20:19 | 000,087,897 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000fb
    [2011/10/19 22:20:19 | 000,109,799 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000fc
    [2011/10/19 22:20:19 | 000,079,725 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000fd
    [2011/10/19 22:20:19 | 000,083,447 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000fe
    [2011/10/19 22:20:19 | 000,085,385 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000ff
    [2011/10/19 22:20:19 | 000,071,340 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000100
    [2011/10/19 22:20:19 | 000,256,776 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000101
    [2011/10/19 22:20:19 | 000,081,258 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000102
    [2011/10/19 22:20:19 | 000,073,340 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000103
    [2011/10/19 22:20:19 | 000,106,336 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000104
    [2011/10/19 22:20:19 | 000,108,714 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000105
    [2011/10/19 22:20:19 | 000,141,416 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000106
    [2011/10/19 22:20:19 | 000,112,501 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000107
    [2011/10/19 22:20:19 | 000,122,178 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000108
    [2011/10/19 22:20:20 | 000,162,862 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000109
    [2011/10/19 22:20:20 | 000,104,696 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00010a
    [2011/10/19 22:20:20 | 000,102,331 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00010b
    [2011/10/19 22:20:20 | 000,105,122 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00010c
    [2011/10/19 22:20:20 | 000,114,362 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00010d
    [2011/10/19 22:20:20 | 000,088,312 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00010e
    [2011/10/19 22:20:20 | 000,083,865 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00010f
    [2011/10/19 22:20:20 | 000,087,520 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000110
    [2011/10/19 22:20:20 | 000,085,680 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000111
    [2011/10/19 22:20:20 | 000,061,554 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000112
    [2011/10/19 22:20:20 | 000,130,227 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000113
    [2011/10/19 22:20:20 | 000,068,649 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000114
    [2011/10/19 22:20:20 | 000,090,355 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000115
    [2011/10/19 22:20:20 | 000,069,120 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000116
    [2011/10/19 22:20:20 | 000,089,686 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000117
    [2011/10/19 22:20:20 | 000,068,813 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000118
    [2011/10/19 22:20:20 | 000,091,918 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000119
    [2011/10/19 22:20:21 | 000,133,243 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00011a
    [2011/10/19 22:20:21 | 000,127,459 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00011b
    [2011/10/19 22:20:21 | 000,085,224 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00011c
    [2011/10/19 22:20:21 | 000,146,165 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00011d
    [2011/10/19 22:20:21 | 000,124,840 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00011e
    [2011/10/19 22:20:21 | 000,091,127 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00011f
    [2011/10/19 22:20:21 | 000,115,119 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000120
    [2011/10/19 22:20:21 | 000,183,397 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000121
    [2011/10/19 22:20:21 | 000,097,872 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000122
    [2011/10/19 22:20:21 | 000,073,659 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000123
    [2011/10/19 22:20:21 | 000,049,423 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000124
    [2011/10/19 22:20:21 | 000,081,838 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000125
    [2011/10/19 22:20:21 | 000,106,967 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000126
    [2011/10/19 22:20:21 | 000,120,040 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000127
    [2011/10/19 22:20:21 | 000,050,662 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000128
    [2011/10/19 22:20:21 | 000,133,003 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000129
    [2011/10/19 22:20:22 | 000,125,369 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00012a
    [2011/10/19 22:20:22 | 000,077,683 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00012b
    [2011/10/19 22:20:22 | 000,067,498 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00012c
    [2011/10/19 22:20:22 | 000,064,607 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00012d
    [2011/10/19 22:20:22 | 000,107,544 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00012e
    [2011/10/19 22:20:22 | 000,088,763 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00012f
    [2011/10/19 22:20:22 | 000,137,177 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000130
    [2011/10/19 22:20:22 | 000,135,012 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000131
    [2011/10/19 22:20:22 | 000,134,957 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000132
    [2011/10/19 22:20:22 | 000,136,890 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000133
    [2011/10/19 22:20:22 | 000,197,139 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000134
    [2011/10/19 22:20:22 | 000,110,788 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000135
    [2011/10/19 22:20:22 | 000,081,931 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000136
    [2011/10/19 22:20:23 | 000,121,397 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000137
    [2011/10/19 22:20:23 | 000,068,713 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000138
    [2011/10/19 22:20:23 | 000,069,235 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000139
    [2011/10/19 22:20:23 | 000,089,703 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00013a
    [2011/10/19 22:20:23 | 000,080,101 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00013b
    [2011/10/19 22:20:23 | 000,122,077 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00013c
    [2011/10/19 22:20:23 | 000,093,370 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00013d
    [2011/10/19 22:20:23 | 000,117,941 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00013e
    [2011/10/19 22:20:23 | 000,089,271 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00013f
    [2011/10/19 22:20:23 | 000,167,277 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000140
    [2011/10/19 22:20:23 | 000,132,139 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000141
    [2011/10/19 22:20:23 | 000,140,109 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000142
    [2011/10/19 22:20:23 | 000,166,382 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000143
    [2011/10/19 22:20:23 | 000,099,568 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000144
    [2011/10/19 22:20:23 | 000,133,754 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000145
    [2011/10/19 22:20:24 | 000,169,367 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000146
    [2011/10/19 22:20:24 | 000,146,176 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000147
    [2011/10/19 22:20:24 | 000,151,832 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000148
    [2011/10/19 22:20:24 | 000,149,019 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000149
    [2011/10/19 22:20:24 | 000,110,386 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00014a
    [2011/10/19 22:20:24 | 000,154,899 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00014b
    [2011/10/19 22:20:24 | 000,136,077 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00014c
    [2011/10/19 22:20:24 | 000,135,868 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00014d
    [2011/10/19 22:20:24 | 000,116,082 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00014e
    [2011/10/19 22:20:25 | 000,116,072 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00014f
    [2011/10/19 22:20:25 | 000,135,478 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000150
    [2011/10/19 22:20:25 | 000,157,610 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000151
    [2011/10/19 22:20:25 | 000,173,344 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000152
    [2011/10/19 22:20:25 | 000,131,031 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000153
    [2011/10/19 22:20:25 | 000,092,737 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000154
    [2011/10/19 22:20:25 | 000,064,517 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000155
    [2011/10/19 22:20:26 | 000,177,129 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000156
    [2011/10/19 22:20:26 | 000,104,573 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000157
    [2011/10/19 22:20:26 | 000,222,859 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000158
    [2011/10/19 22:20:26 | 000,229,823 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000159
    [2011/10/19 22:20:26 | 000,025,124 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00015b
    [2011/10/19 22:20:26 | 000,019,917 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00015c
    [2011/10/19 22:20:26 | 000,108,115 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00015e
    [2011/11/24 15:53:03 | 000,109,298 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00015f
    [2011/11/24 15:53:03 | 000,032,170 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000160
    [2011/11/24 16:52:01 | 000,038,798 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000175
    [2011/11/24 16:52:13 | 000,031,988 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000176
    [2011/11/24 16:52:14 | 000,028,313 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000177
    [2011/11/24 16:52:15 | 000,024,973 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000178
    [2011/11/24 16:52:22 | 000,016,994 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000179
    [2011/11/24 16:52:43 | 000,061,709 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00017a
    [2011/11/24 16:52:43 | 000,026,027 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00017b
    [2011/11/24 16:52:43 | 000,036,628 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00017c
    [2011/11/24 16:52:43 | 000,017,361 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00017d
    [2011/11/24 16:52:49 | 000,290,933 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00017e
    [2011/11/24 16:52:50 | 000,028,195 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00017f
    [2011/11/24 16:52:50 | 000,019,453 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000180
    [2011/11/24 16:52:50 | 000,080,958 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000181
    [2011/11/24 16:52:50 | 000,089,184 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000182
    [2011/11/24 16:52:50 | 000,017,629 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000183
    [2011/11/24 16:52:50 | 000,019,443 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000184
    [2011/11/24 16:52:51 | 000,057,388 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000185
    [2011/11/24 16:52:52 | 000,020,453 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000186
    [2011/11/24 16:52:52 | 000,017,097 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000187
    [2011/11/24 16:52:52 | 000,016,611 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000188
    [2011/11/24 16:52:52 | 000,024,973 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000189
    [2011/11/24 16:52:52 | 000,031,048 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00018a
    [2011/11/24 16:52:53 | 000,042,423 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00018b
    [2011/11/24 16:52:53 | 000,020,308 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00018c
    [2011/11/24 16:52:53 | 000,027,426 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00018d
    [2011/11/24 16:52:53 | 000,110,064 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00018e
    [2011/11/24 16:52:54 | 000,039,545 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00018f
    [2011/11/24 16:52:54 | 000,030,345 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000190
    [2011/11/24 16:52:55 | 000,032,064 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000191
    [2011/11/24 16:52:55 | 000,027,027 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000192
    [2011/11/24 16:52:55 | 000,051,555 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000193
    [2011/11/24 16:53:01 | 000,030,010 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000194
    [2011/11/24 16:53:02 | 000,537,280 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000195
    [2011/11/24 16:53:20 | 000,021,002 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000196
    [2011/11/24 16:53:21 | 000,027,426 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000197
    [2011/11/24 16:53:22 | 000,042,529 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000198
    [2011/11/24 16:53:22 | 000,043,271 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000199
    [2011/11/24 16:53:22 | 000,035,613 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00019a
    [2011/11/24 16:53:22 | 000,025,170 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00019b
    [2011/11/24 16:53:22 | 000,017,169 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00019c
    [2011/11/24 16:53:23 | 000,040,579 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00019d
    [2011/11/24 16:53:23 | 000,046,695 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00019e
    [2011/11/24 16:53:24 | 000,033,532 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00019f
    [2011/11/24 16:53:24 | 000,019,005 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001a0
    [2011/11/24 17:27:46 | 000,059,052 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001b8
    [2012/01/16 13:36:52 | 000,116,886 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001b9
    [2012/01/16 13:36:52 | 000,032,829 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001ba
    [2012/01/16 13:37:09 | 000,033,186 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001bb
    [2012/01/16 13:37:10 | 000,090,226 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001bc
    [2012/01/16 13:37:11 | 000,090,226 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001bd
    [2012/01/16 13:37:12 | 000,102,483 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001be
    [2012/01/16 13:37:14 | 000,816,526 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001c0
    [2012/01/16 13:37:14 | 000,041,804 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001c1
    [2012/01/16 13:37:16 | 000,019,232 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001c2
    [2012/01/16 13:37:16 | 000,033,759 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001c3
    [2012/01/16 13:37:17 | 000,082,353 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001c4
    [2012/01/16 13:37:17 | 000,049,514 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001c5
    [2012/01/16 13:37:17 | 000,111,538 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001c6
    [2012/01/16 13:37:18 | 000,017,935 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001c7
    [2012/01/16 13:37:18 | 000,018,674 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001c8
    [2012/01/16 13:37:18 | 000,032,151 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001c9
    [2012/01/16 13:37:19 | 000,119,521 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001ca
    [2012/01/16 13:37:19 | 000,065,362 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001cb
    [2012/01/16 13:37:19 | 000,020,459 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001cc
    [2012/01/16 13:37:19 | 000,044,551 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001cd
    [2012/01/16 13:37:19 | 000,028,518 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001ce
    [2012/01/16 13:47:09 | 000,037,767 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001cf
    [2012/01/16 13:47:09 | 000,017,432 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001d0
    [2012/01/16 13:47:10 | 000,093,889 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001d1
    [2012/01/16 13:47:10 | 000,043,139 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001d2
    [2012/01/16 13:47:10 | 000,016,395 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001d3
    [2012/01/16 13:47:10 | 000,016,705 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001d4
    [2012/01/16 13:47:10 | 000,023,618 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001d5
    [2012/01/16 13:47:10 | 000,033,133 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001d6
    [2012/01/16 13:47:10 | 000,023,433 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001d7
    [2012/01/16 13:47:10 | 000,026,599 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001d8
    [2012/01/16 13:47:10 | 000,030,207 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001d9
    [2012/01/16 14:52:47 | 000,043,139 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001da
    [2012/01/16 14:52:47 | 000,017,643 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001db
    [2012/01/16 14:52:47 | 000,017,282 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001dc
    [2012/01/16 14:53:44 | 000,025,174 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001de
    [2012/01/16 14:56:02 | 000,029,336 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001e2
    [2012/01/16 14:56:58 | 000,024,546 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001e3
    [2012/01/16 14:58:40 | 000,029,336 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001e4
    [2012/03/05 14:18:59 | 000,121,366 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001e6
    [2012/03/05 14:18:59 | 000,020,648 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001e7
    [2012/03/05 14:19:00 | 000,029,754 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001e8
    [2012/03/05 14:20:10 | 000,020,456 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001e9
    [2012/03/05 14:20:13 | 000,022,233 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001ea
    [2012/03/05 14:20:14 | 000,077,910 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001eb
    [2012/03/05 14:20:14 | 000,044,637 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001ec
    [2012/03/05 14:20:14 | 000,018,336 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001ed
    [2012/03/05 14:20:14 | 000,046,209 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001ee
    [2012/03/05 14:20:15 | 000,036,378 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001ef
    [2012/03/05 14:20:15 | 000,021,237 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001f0
    [2012/03/05 14:20:16 | 000,048,992 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001f1
    [2012/06/22 21:49:23 | 000,023,733 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001f2
    [2012/06/22 21:49:24 | 000,149,384 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001f3
    [2012/06/22 21:49:24 | 000,016,917 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001f4
    [2012/06/22 21:49:24 | 000,028,693 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001f5
    [2012/06/22 21:49:26 | 000,094,861 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001f6
    [2012/06/22 21:49:44 | 000,048,838 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001f7
    [2012/06/22 21:49:44 | 000,018,632 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001f8
    [2012/06/22 21:49:45 | 000,029,070 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001f9
    [2012/06/22 21:49:46 | 000,061,773 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001fa
    [2012/06/22 21:50:02 | 000,079,942 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001fb
    [2010/07/07 12:38:13 | 000,262,512 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\index
    [2010/07/07 13:36:25 | 000,017,408 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\localserver.db
    [2010/07/07 13:36:25 | 000,019,456 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\permissions.db
    [2011/03/15 12:41:07 | 000,000,000 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\User StyleSheets\Custom.css
  11. Flick

    Flick Newcomer, in training Topic Starter

    < %USERPROFILE%\AppData\Local\ /s >

    < %systemroot%\Installer\ /s >

    < %systemroot%\system32\Cache\ /s >

    < %systemroot%\system32\config\systemprofile\Application Data /s >

    < %PROGRAMFILES%\*. >
    [2011/01/13 10:20:56 | 000,000,000 | ---D | M] -- C:\Program Files\7-Zip
    [2012/07/11 19:38:32 | 000,000,000 | ---D | M] -- C:\Program Files\Adobe
    [2010/09/09 14:44:27 | 000,000,000 | ---D | M] -- C:\Program Files\Adobe Media Player
    [2011/06/28 12:58:08 | 000,000,000 | ---D | M] -- C:\Program Files\Apple Software Update
    [2010/05/13 03:37:32 | 000,000,000 | ---D | M] -- C:\Program Files\Atheros
    [2012/01/13 13:00:51 | 000,000,000 | ---D | M] -- C:\Program Files\Bonjour
    [2011/06/06 15:03:13 | 000,000,000 | ---D | M] -- C:\Program Files\CamStudio 2.6b
    [2010/05/13 03:36:04 | 000,000,000 | ---D | M] -- C:\Program Files\Cisco
    [2012/07/11 19:38:33 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files
    [2010/05/13 03:38:16 | 000,000,000 | ---D | M] -- C:\Program Files\CSR
    [2010/07/09 09:04:16 | 000,000,000 | ---D | M] -- C:\Program Files\CyberLink
    [2010/05/13 03:29:12 | 000,000,000 | ---D | M] -- C:\Program Files\DIFX
    [2011/08/05 17:39:09 | 000,000,000 | ---D | M] -- C:\Program Files\DVD Maker
    [2011/04/14 11:32:16 | 000,000,000 | ---D | M] -- C:\Program Files\epson
    [2012/01/09 11:33:33 | 000,000,000 | ---D | M] -- C:\Program Files\FileZilla FTP Client
    [2010/05/13 03:44:27 | 000,000,000 | ---D | M] -- C:\Program Files\Fingerprint Sensor
    [2010/08/31 11:33:16 | 000,000,000 | ---D | M] -- C:\Program Files\Flexsim5
    [2010/07/09 08:59:10 | 000,000,000 | ---D | M] -- C:\Program Files\Fujitsu
    [2010/05/13 03:51:19 | 000,000,000 | ---D | M] -- C:\Program Files\Fujitsu Hardware Diagnostics Tool
    [2010/09/10 17:55:40 | 000,000,000 | ---D | M] -- C:\Program Files\GlobalSCAPE
    [2011/03/11 16:49:50 | 000,000,000 | ---D | M] -- C:\Program Files\Google
    [2010/09/10 17:55:40 | 000,000,000 | -H-D | M] -- C:\Program Files\InstallShield Installation Information
    [2010/05/13 03:44:35 | 000,000,000 | ---D | M] -- C:\Program Files\Intel
    [2012/06/18 22:45:25 | 000,000,000 | ---D | M] -- C:\Program Files\Internet Explorer
    [2012/05/24 20:54:29 | 000,000,000 | ---D | M] -- C:\Program Files\iPod
    [2012/05/24 20:55:27 | 000,000,000 | ---D | M] -- C:\Program Files\iTunes
    [2012/07/11 19:38:33 | 000,000,000 | ---D | M] -- C:\Program Files\Java
    [2011/11/23 12:00:38 | 000,000,000 | ---D | M] -- C:\Program Files\Jungle Disk Desktop
    [2010/05/13 03:40:15 | 000,000,000 | ---D | M] -- C:\Program Files\LSI SoftModem
    [2012/07/10 22:41:03 | 000,000,000 | ---D | M] -- C:\Program Files\Malwarebytes' Anti-Malware
    [2011/10/19 16:45:35 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft
    [2010/09/09 11:30:49 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Analysis Services
    [2012/02/16 02:05:41 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Application Virtualization Client
    [2010/08/31 11:31:33 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft CAPICOM 2.1.0.2
    [2010/10/18 13:45:37 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Expression
    [2010/05/13 19:23:18 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Games
    [2012/01/19 16:14:56 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft IntelliPoint
    [2012/06/04 11:53:27 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft IntelliType Pro
    [2010/09/09 11:32:26 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Office
    [2012/07/11 19:39:12 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Security Client
    [2012/05/24 20:59:14 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Silverlight
    [2010/09/09 12:52:33 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft SQL Server
    [2010/09/09 11:32:25 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft SQL Server Compact Edition
    [2010/09/09 11:32:25 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Sync Framework
    [2010/09/09 11:32:44 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Synchronization Services
    [2010/05/13 04:00:33 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Touch Pack for Windows 7
    [2010/10/12 11:14:33 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Visual Studio
    [2010/09/09 11:31:17 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Visual Studio 8
    [2010/05/13 03:59:27 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft XNA
    [2010/09/10 10:32:08 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft.NET
    [2012/06/19 21:56:46 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox
    [2012/06/22 13:37:38 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Maintenance Service
    [2012/03/26 13:41:42 | 000,000,000 | ---D | M] -- C:\Program Files\MSBuild
    [2010/04/28 07:43:19 | 000,000,000 | ---D | M] -- C:\Program Files\MSXML 4.0
    [2010/11/16 15:22:45 | 000,000,000 | ---D | M] -- C:\Program Files\MySQL
    [2012/03/15 17:05:22 | 000,000,000 | ---D | M] -- C:\Program Files\NCH Software
    [2010/05/13 03:40:30 | 000,000,000 | ---D | M] -- C:\Program Files\O2Micro
    [2010/05/13 03:42:30 | 000,000,000 | ---D | M] -- C:\Program Files\O2Micro OZ711 SCR Driver
    [2010/10/21 15:56:49 | 000,000,000 | ---D | M] -- C:\Program Files\Paint.NET
    [2011/11/14 11:05:27 | 000,000,000 | ---D | M] -- C:\Program Files\QuickTime
    [2010/05/13 03:29:28 | 000,000,000 | ---D | M] -- C:\Program Files\Realtek
    [2009/07/14 14:52:30 | 000,000,000 | ---D | M] -- C:\Program Files\Reference Assemblies
    [2010/07/09 08:57:27 | 000,000,000 | ---D | M] -- C:\Program Files\Roxio
    [2011/12/05 11:58:56 | 000,000,000 | ---D | M] -- C:\Program Files\Safari
    [2012/06/28 16:12:02 | 000,000,000 | R--D | M] -- C:\Program Files\Skype
    [2010/07/09 08:58:11 | 000,000,000 | ---D | M] -- C:\Program Files\Softex
    [2010/07/09 09:48:14 | 000,000,000 | ---D | M] -- C:\Program Files\Stoutlab
    [2010/05/13 03:30:38 | 000,000,000 | ---D | M] -- C:\Program Files\Synaptics
    [2010/07/09 09:06:12 | 000,000,000 | ---D | M] -- C:\Program Files\Tablet
    [2011/06/06 15:11:44 | 000,000,000 | ---D | M] -- C:\Program Files\TechSmith
    [2010/05/13 03:29:48 | 000,000,000 | -H-D | M] -- C:\Program Files\Temp
    [2009/07/14 14:53:23 | 000,000,000 | -H-D | M] -- C:\Program Files\Uninstall Information
    [2010/05/13 03:59:49 | 000,000,000 | ---D | M] -- C:\Program Files\Virtual Earth 3D
    [2012/07/11 16:31:57 | 000,000,000 | ---D | M] -- C:\Program Files\Vodafone
    [2010/09/13 19:39:09 | 000,000,000 | ---D | M] -- C:\Program Files\Watchtower
    [2010/10/12 11:14:35 | 000,000,000 | ---D | M] -- C:\Program Files\Web Publish
    [2011/08/05 17:39:05 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Defender
    [2012/05/10 03:35:11 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Journal
    [2012/06/04 11:40:35 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Live
    [2011/08/05 17:39:09 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Mail
    [2011/08/05 17:39:09 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Player
    [2009/07/14 14:52:30 | 000,000,000 | ---D | M] -- C:\Program Files\Windows NT
    [2011/08/05 17:39:09 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Photo Viewer
    [2011/08/05 17:39:09 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Portable Devices
    [2011/08/05 17:39:09 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Sidebar

    < %appdata%\*.* >
    [2012/03/28 16:39:13 | 000,000,132 | ---- | M] () -- C:\Users\felicity\AppData\Roaming\Adobe GIF Format CS5 Prefs
    [2012/03/05 16:51:49 | 000,000,132 | ---- | M] () -- C:\Users\felicity\AppData\Roaming\Adobe PNG Format CS5 Prefs
    [2011/09/21 14:33:10 | 000,009,379 | ---- | M] () -- C:\Users\felicity\AppData\Roaming\Comma Separated Values (Windows).EML
    [2011/07/04 22:09:06 | 000,003,540 | ---- | M] () -- C:\Users\felicity\AppData\Roaming\FjMenu1.XML
    [2011/08/24 11:02:35 | 000,000,600 | ---- | M] () -- C:\Users\felicity\AppData\Roaming\PUTTY.RND

    < MD5 for: AFD.SYS >
    [2011/04/25 12:35:40 | 000,338,944 | ---- | M] (Microsoft Corporation) MD5=0DB7A48388D54D154EBEC120461A0FCD -- C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7600.16802_none_d81220b5bf827af7\afd.sys
    [2010/11/20 18:40:03 | 000,338,944 | ---- | M] (Microsoft Corporation) MD5=1151FD4FB0216CFED887BFDE29EBD516 -- C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.17514_none_d9efac7dbcaf385b\afd.sys
    [2011/04/25 12:18:03 | 000,338,944 | ---- | M] (Microsoft Corporation) MD5=9EBBBA55060F786F0FCAA3893BFA2806 -- C:\Windows\System32\drivers\afd.sys
    [2011/04/25 12:18:03 | 000,338,944 | ---- | M] (Microsoft Corporation) MD5=9EBBBA55060F786F0FCAA3893BFA2806 -- C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.17603_none_d9f97e05bca8003a\afd.sys
    [2011/04/25 12:27:23 | 000,338,944 | ---- | M] (Microsoft Corporation) MD5=C114AB7A1550D42EA1700FFD4179CF5A -- C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7600.20951_none_d864ad9ad8c98d1f\afd.sys
    [2011/04/25 13:24:09 | 000,338,944 | ---- | M] (Microsoft Corporation) MD5=C427F91A748CD342A2B3F9278D9FD6A5 -- C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.21712_none_da774a9ad5cea29e\afd.sys
    [2009/07/14 09:12:38 | 000,338,944 | ---- | M] (Microsoft Corporation) MD5=DDC040FDB01EF1712A6B13E52AFB104C -- C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7600.16385_none_d7be98b5bfc0b4c1\afd.sys

    < MD5 for: ATAPI.SYS >
    [2009/07/14 11:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
    [2009/07/14 11:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys
    [2009/07/14 11:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
    [2009/07/14 11:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys

    < MD5 for: CRYPTSVC.DLL >
    [2012/04/24 14:36:42 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=06E771AA596B8761107AB57E99F128D7 -- C:\Windows\System32\cryptsvc.dll
    [2012/04/24 14:36:42 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=06E771AA596B8761107AB57E99F128D7 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17827_none_77ff39f3f916c65f\cryptsvc.dll
    [2012/04/24 14:28:22 | 000,142,336 | ---- | M] (Microsoft Corporation) MD5=21993009E0CCB9B4FA195F14D3408626 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.21979_none_7854c7b7125b248c\cryptsvc.dll
    [2012/04/24 14:47:04 | 000,139,264 | ---- | M] (Microsoft Corporation) MD5=520A108A2657F4BCA7FCED9CA7D885DE -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.17008_none_762f534bfbdf7203\cryptsvc.dll
    [2009/07/14 11:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_75d5ef87fc22e35a\cryptsvc.dll
    [2010/11/20 22:18:24 | 000,136,192 | ---- | M] (Microsoft Corporation) MD5=A585BEBF7D054BD9618EDA0922D5484A -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_7807034ff91166f4\cryptsvc.dll
    [2012/04/24 14:33:53 | 000,141,312 | ---- | M] (Microsoft Corporation) MD5=F522279B4717E2BFF269C771FAC2B78E -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.21199_none_7658a1151545269d\cryptsvc.dll

    < MD5 for: DNSRSLVR.DLL >
    [2010/11/20 22:18:33 | 000,132,608 | ---- | M] (Microsoft Corporation) MD5=2FE30D71919C51131405797620E0A714 -- C:\Windows\winsxs\x86_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7601.17514_none_e3e9e6c8e09b7c76\dnsrslvr.dll
    [2011/03/03 15:38:01 | 000,132,608 | ---- | M] (Microsoft Corporation) MD5=33EF4861F19A0736B11314AAD9AE28D0 -- C:\Windows\System32\dnsrslvr.dll
    [2011/03/03 15:38:01 | 000,132,608 | ---- | M] (Microsoft Corporation) MD5=33EF4861F19A0736B11314AAD9AE28D0 -- C:\Windows\winsxs\x86_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7601.17570_none_e3a50618e0cfbec0\dnsrslvr.dll
    [2011/03/03 15:29:23 | 000,132,608 | ---- | M] (Microsoft Corporation) MD5=B15BE77A2BACF9C3177D27518AFE26A9 -- C:\Windows\winsxs\x86_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7600.16772_none_e1c0a9a6e3a78582\dnsrslvr.dll
    [2011/03/03 15:50:46 | 000,132,608 | ---- | M] (Microsoft Corporation) MD5=B3A0A4414D8EC1DD28018004CE8DCBEE -- C:\Windows\winsxs\x86_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7600.20914_none_e28d2873fc92ad7b\dnsrslvr.dll
    [2009/07/14 11:15:12 | 000,132,608 | ---- | M] (Microsoft Corporation) MD5=D0722E963D3C6145446874241401B209 -- C:\Windows\winsxs\x86_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7600.16385_none_e1b8d300e3acf8dc\dnsrslvr.dll
    [2011/03/03 15:12:25 | 000,132,608 | ---- | M] (Microsoft Corporation) MD5=F3501CA4E93BF218C71CF9DEECEE838F -- C:\Windows\winsxs\x86_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7601.21673_none_e431a3c1f9eaaa8f\dnsrslvr.dll

    < MD5 for: ES.DLL >
    [2010/08/18 11:57:16 | 000,203,320 | ---- | M] () MD5=59402EEA6FFC47B6DEA9857247A85742 -- C:\Users\felicity\AppData\Local\Google\Chrome\Application\5.0.375.127\Locales\es.dll
    [2012/06/28 20:27:57 | 000,008,216 | ---- | M] () MD5=8C4CBA187C451FAE0C9C1674B9C3AC39 -- C:\Program Files\Google\Chrome\Application\20.0.1132.47\Locales\es.dll
    [2012/06/07 18:13:44 | 000,008,216 | ---- | M] () MD5=99DE0F08708D5EB156CC2EFA41C1FF6E -- C:\Program Files\Google\Chrome\Application\19.0.1084.56\Locales\es.dll
    [2010/07/31 10:17:13 | 000,203,320 | ---- | M] () MD5=A576C96A2910F541FF935881CDE23864 -- C:\Users\felicity\AppData\Local\Google\Chrome\Application\5.0.375.126\Locales\es.dll
    [2009/07/14 11:15:19 | 000,271,360 | ---- | M] (Microsoft Corporation) MD5=F6916EFC29D9953D5D0DF06882AE8E16 -- C:\Windows\System32\es.dll
    [2009/07/14 11:15:19 | 000,271,360 | ---- | M] (Microsoft Corporation) MD5=F6916EFC29D9953D5D0DF06882AE8E16 -- C:\Windows\winsxs\x86_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.1.7600.16385_none_0cc3f540b311359a\es.dll

    < MD5 for: EXPLORER.EXE >
    [2010/04/26 20:49:39 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=00B0358734CAA32C39D181FE6916B178 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20542_none_523cdab8f40fe558\explorer.exe
    [2011/02/26 15:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
    [2009/07/14 11:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
    [2011/02/26 15:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_525b5180f3f95373\explorer.exe
    [2010/04/26 20:54:44 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe
    [2011/02/26 15:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_51a3a583dafd0cef\explorer.exe
    [2011/01/16 15:55:21 | 000,255,488 | ---- | M] () MD5=3C33B26F2F7FA61D882515F2D6078691 -- C:\Users\felicity\AppData\Local\Temp\RarSFX0\procs\explorer.exe
    [2010/11/20 22:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
    [2011/02/25 15:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\explorer.exe
    [2011/02/25 15:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe
    [2010/04/26 20:48:27 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe
    [2005/08/16 01:54:58 | 000,001,536 | ---- | M] () MD5=ABC6379205DE2618851C4FCBF72112EB -- C:\Users\felicity\AppData\Local\Temp\RarSFX0\h\explorer.exe
    [2010/04/26 20:48:27 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe
    [2010/04/26 20:54:44 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe
    [2010/04/26 20:49:39 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=FC89FACA0473641CB625EDA9277D0885 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16434_none_51c00e6ddae85c4b\explorer.exe

    < MD5 for: IPNATHLP.DLL >
    [2009/07/14 11:15:33 | 000,300,544 | ---- | M] (Microsoft Corporation) MD5=D1A079A0DE2EA524513B6930C24527A2 -- C:\Windows\System32\ipnathlp.dll
    [2009/07/14 11:15:33 | 000,300,544 | ---- | M] (Microsoft Corporation) MD5=D1A079A0DE2EA524513B6930C24527A2 -- C:\Windows\winsxs\x86_microsoft-windows-sharedaccess_31bf3856ad364e35_6.1.7600.16385_none_04a3b4c9aa9fddd8\ipnathlp.dll

    < MD5 for: NETBT.SYS >
    [2010/11/20 18:39:44 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=280122DDCF04B378EDD1AD54D71C1E54 -- C:\Windows\System32\drivers\netbt.sys
    [2010/11/20 18:39:44 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=280122DDCF04B378EDD1AD54D71C1E54 -- C:\Windows\winsxs\x86_microsoft-windows-netbt_31bf3856ad364e35_6.1.7601.17514_none_626c324d55864070\netbt.sys
    [2009/07/14 09:12:21 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=DD52A733BF4CA5AF84562A5E2F963B91 -- C:\Windows\winsxs\x86_microsoft-windows-netbt_31bf3856ad364e35_6.1.7600.16385_none_603b1e855897bcd6\netbt.sys

    < MD5 for: NETMAN.DLL >
    [2009/07/14 11:16:03 | 000,280,576 | ---- | M] (Microsoft Corporation) MD5=7CCCFCA7510684768DA22092D1FA4DB2 -- C:\Windows\System32\netman.dll
    [2009/07/14 11:16:03 | 000,280,576 | ---- | M] (Microsoft Corporation) MD5=7CCCFCA7510684768DA22092D1FA4DB2 -- C:\Windows\winsxs\x86_microsoft-windows-netman_31bf3856ad364e35_6.1.7600.16385_none_0f9371b9b32368a4\netman.dll

    < MD5 for: QMGR.DLL >
    [2009/07/14 11:16:12 | 000,589,312 | ---- | M] (Microsoft Corporation) MD5=53F476476F55A27F580661BDE09C4EC4 -- C:\Windows\winsxs\x86_microsoft-windows-bits-client_31bf3856ad364e35_6.1.7600.16385_none_23671b105ac5a0fd\qmgr.dll
    [2010/11/20 22:20:58 | 000,585,728 | ---- | M] (Microsoft Corporation) MD5=E585445D5021971FAE10393F0F1C3961 -- C:\Windows\System32\qmgr.dll
    [2010/11/20 22:20:58 | 000,585,728 | ---- | M] (Microsoft Corporation) MD5=E585445D5021971FAE10393F0F1C3961 -- C:\Windows\winsxs\x86_microsoft-windows-bits-client_31bf3856ad364e35_6.1.7601.17514_none_25982ed857b42497\qmgr.dll

    < MD5 for: RPCSS.DLL >
    [2010/11/20 22:21:03 | 000,376,832 | ---- | M] (Microsoft Corporation) MD5=7660F01D3B38ACA1747E397D21D790AF -- C:\Windows\System32\rpcss.dll
    [2010/11/20 22:21:03 | 000,376,832 | ---- | M] (Microsoft Corporation) MD5=7660F01D3B38ACA1747E397D21D790AF -- C:\Windows\winsxs\x86_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.1.7601.17514_none_6bd245e79c221747\rpcss.dll
    [2009/07/14 11:16:13 | 000,376,320 | ---- | M] (Microsoft Corporation) MD5=B82CD39E336973359D7C9BF911E8E84F -- C:\Windows\winsxs\x86_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.1.7600.16385_none_69a1321f9f3393ad\rpcss.dll

    < MD5 for: SERVICES.EXE >
    [2009/07/14 11:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\services.exe
    [2009/07/14 11:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=A302BBFF2A7278C0E239EE5D471D86A9 -- C:\Windows\System32\services.exe

    < MD5 for: SVCHOST.EXE >
    [2012/04/04 15:56:38 | 000,199,240 | ---- | M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
    [2009/07/14 11:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe
    [2009/07/14 11:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe

    < MD5 for: TCPIP.SYS >
    [2011/04/25 14:56:06 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=0158D5E9982E9D6A90DFC802F618E130 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_b347f075c77b9c9d\tcpip.sys
    [2011/06/21 15:34:23 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=04E4A7D53A7ACE02E8C55B17A498F631 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_b513df73c4b4f466\tcpip.sys
    [2011/09/30 02:02:44 | 001,301,872 | ---- | M] (Microsoft Corporation) MD5=22F7E7CBCA308DEE3428B097D4F8A61C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21060_none_b38e8546e0cbe4a1\tcpip.sys
    [2011/04/25 14:31:30 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=24326784DF8F3D5F5BBB9F878CE33C14 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_b52f4dc5c4a121e0\tcpip.sys
    [2009/07/14 11:19:10 | 001,285,712 | ---- | M] (Microsoft Corporation) MD5=2CC3D75488ABD3EC628BBB9A4FC84EFC -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_b2f46875c7b9d667\tcpip.sys
    [2010/11/20 22:30:12 | 001,290,112 | ---- | M] (Microsoft Corporation) MD5=37E8FA3779668837CA9E2C36D2415949 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_b5257c3dc4a85a01\tcpip.sys
    [2011/09/30 02:17:18 | 001,303,920 | ---- | M] (Microsoft Corporation) MD5=3C1C41E317710F74CEC1E7F0D5325993 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_b5a84e10ddca7566\tcpip.sys
    [2012/03/30 20:29:05 | 001,287,024 | ---- | M] (Microsoft Corporation) MD5=55E9965552741F3850CB22CBBA9671ED -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16986_none_b2f57423c7b8dea8\tcpip.sys
    [2011/09/30 01:43:37 | 001,285,488 | ---- | M] (Microsoft Corporation) MD5=56C198AC82EFA622DD93E9E43575F79C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16889_none_b2f8731bc7b62d86\tcpip.sys
    [2010/04/09 17:16:33 | 001,289,096 | ---- | M] (Microsoft Corporation) MD5=5D6A83E928F22AF5AC9868B162FFAD0D -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20687_none_b38009a0e0d5a32d\tcpip.sys
    [2010/04/09 17:24:54 | 001,285,000 | ---- | M] (Microsoft Corporation) MD5=63170B9EE1D0EF0032F0408605671D1A -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16569_none_b30e0d41c7a5fe2f\tcpip.sys
    [2011/09/30 02:03:04 | 001,290,608 | ---- | M] (Microsoft Corporation) MD5=65D10B191C59C5501A1263FC33F6894B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_b4d1ffa1c4e682b5\tcpip.sys
    [2011/04/25 16:31:09 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=6D4728CFF2724FF3A4654971D61D0F1C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_b5ad1a5addc7c444\tcpip.sys
    [2012/03/30 20:23:11 | 001,291,632 | ---- | M] (Microsoft Corporation) MD5=7FA2E0F8B072BD04B77B421480B6CC22 -- C:\Windows\System32\drivers\tcpip.sys
    [2012/03/30 20:23:11 | 001,291,632 | ---- | M] (Microsoft Corporation) MD5=7FA2E0F8B072BD04B77B421480B6CC22 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_b52e5147c4a202d7\tcpip.sys
    [2011/04/25 14:44:18 | 001,298,816 | ---- | M] (Microsoft Corporation) MD5=8861B9A06BA99C6E1D62D0C86DFAB86C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_b39a7d5ae0c2aec5\tcpip.sys
    [2012/03/30 19:04:23 | 001,306,480 | ---- | M] (Microsoft Corporation) MD5=88FCDB9923EFECA207B3CEBD24407126 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_b583df0adde66104\tcpip.sys
    [2011/06/21 15:30:45 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=93C444D118B184452132357C322124CD -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20992_none_b3703df4e0e237e0\tcpip.sys
    [2010/06/14 16:06:58 | 001,288,576 | ---- | M] (Microsoft Corporation) MD5=A39EA325C081AD27461F630C8E3E56E0 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_b3b219fae0b0af43\tcpip.sys
    [2010/06/14 16:12:30 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=BB7F39C31C4A4417FD318E7CD184E225 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_b33b1c29c7858b92\tcpip.sys
    [2011/06/21 15:39:53 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=C2DAAEB48F3A47C410B041A0D2382EE1 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16839_none_b32e82b7c78da1d1\tcpip.sys
    [2011/06/21 16:54:00 | 001,303,424 | ---- | M] (Microsoft Corporation) MD5=DEC4940487050AE13C60C86F40E07E75 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_b583db3edde666b6\tcpip.sys
    [2012/03/30 20:08:19 | 001,303,408 | ---- | M] (Microsoft Corporation) MD5=E47C2844A1605A44178F4281E4D58B3D -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21178_none_b38bb990e0ccc871\tcpip.sys

    < MD5 for: TDX.SYS >
    [2010/11/20 18:39:17 | 000,074,752 | ---- | M] (Microsoft Corporation) MD5=B459575348C20E8121D6039DA063C704 -- C:\Windows\System32\drivers\tdx.sys
    [2010/11/20 18:39:17 | 000,074,752 | ---- | M] (Microsoft Corporation) MD5=B459575348C20E8121D6039DA063C704 -- C:\Windows\winsxs\x86_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.1.7601.17514_none_ec4532373a57c1c2\tdx.sys
    [2009/07/14 09:12:11 | 000,074,240 | ---- | M] (Microsoft Corporation) MD5=CB39E896A2A83702D1737BFD402B3542 -- C:\Windows\winsxs\x86_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.1.7600.16385_none_ea141e6f3d693e28\tdx.sys

    < MD5 for: USERINIT.EXE >
    [2010/11/20 22:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe
    [2010/11/20 22:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
    [2009/07/14 11:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
    [2009/05/26 18:47:22 | 000,031,232 | ---- | M] (NirSoft) MD5=AC6094297CD882B8626466CDEB64F19F -- C:\Users\felicity\AppData\Local\Temp\RarSFX0\userinit.exe

    < MD5 for: VOLSNAP.SYS >
    [2009/07/14 11:19:10 | 000,245,328 | ---- | M] (Microsoft Corporation) MD5=58DF9D2481A56EDDE167E51B334D44FD -- C:\Windows\winsxs\x86_volume.inf_31bf3856ad364e35_6.1.7600.16385_none_158d0da45d68903e\volsnap.sys
    [2010/11/20 22:30:16 | 000,245,632 | ---- | M] (Microsoft Corporation) MD5=F497F67932C6FA693D7DE2780631CFE7 -- C:\Windows\System32\drivers\volsnap.sys
    [2010/11/20 22:30:16 | 000,245,632 | ---- | M] (Microsoft Corporation) MD5=F497F67932C6FA693D7DE2780631CFE7 -- C:\Windows\System32\DriverStore\FileRepository\volume.inf_x86_neutral_6dee0205881d1a1d\volsnap.sys
    [2010/11/20 22:30:16 | 000,245,632 | ---- | M] (Microsoft Corporation) MD5=F497F67932C6FA693D7DE2780631CFE7 -- C:\Windows\winsxs\x86_volume.inf_31bf3856ad364e35_6.1.7601.17514_none_17be216c5a5713d8\volsnap.sys

    < MD5 for: WININIT.EXE >
    [2009/07/14 11:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\System32\wininit.exe
    [2009/07/14 11:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe

    < MD5 for: WINLOGON.EXE >
    [2012/04/04 15:56:38 | 000,199,240 | ---- | M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
    [2010/04/26 20:54:44 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
    [2010/04/26 20:54:44 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
    [2010/11/20 22:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe
    [2010/11/20 22:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
    [2009/07/14 11:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe
    [2009/05/26 18:47:22 | 000,031,232 | ---- | M] (NirSoft) MD5=AC6094297CD882B8626466CDEB64F19F -- C:\Users\felicity\AppData\Local\Temp\RarSFX0\winlogon.exe

    < MD5 for: WMISVC.DLL >
    [2009/07/14 11:16:19 | 000,168,960 | ---- | M] (Microsoft Corporation) MD5=F62E510B6AD4C21EB9FE8668ED251826 -- C:\Windows\System32\wbem\WMIsvc.dll
    [2009/07/14 11:16:19 | 000,168,960 | ---- | M] (Microsoft Corporation) MD5=F62E510B6AD4C21EB9FE8668ED251826 -- C:\Windows\winsxs\x86_microsoft-windows-wmi-core-svc_31bf3856ad364e35_6.1.7600.16385_none_a08911f35844b3ff\WMIsvc.dll
    [2009/07/14 11:16:19 | 000,168,960 | ---- | M] (Microsoft Corporation) MD5=F62E510B6AD4C21EB9FE8668ED251826 -- C:\Windows\winsxs\x86_microsoft-windows-wmi-core-svc_31bf3856ad364e35_6.1.7601.17514_none_a2ba25bb55333799\WMIsvc.dll

    < MD5 for: WSCSVC.DLL >
    [2009/07/14 11:16:20 | 000,073,728 | ---- | M] (Microsoft Corporation) MD5=6F5D49EFE0E7164E03AE773A3FE25340 -- C:\Windows\System32\wscsvc.dll
    [2009/07/14 11:16:20 | 000,073,728 | ---- | M] (Microsoft Corporation) MD5=6F5D49EFE0E7164E03AE773A3FE25340 -- C:\Windows\winsxs\x86_microsoft-windows-securitycenter-core_31bf3856ad364e35_6.1.7600.16385_none_1a16b3d6136c6bb2\wscsvc.dll
    [2009/07/14 11:16:20 | 000,073,728 | ---- | M] (Microsoft Corporation) MD5=6F5D49EFE0E7164E03AE773A3FE25340 -- C:\Windows\winsxs\x86_microsoft-windows-securitycenter-core_31bf3856ad364e35_6.1.7601.17514_none_1c47c79e105aef4c\wscsvc.dll
    [2010/12/21 15:38:24 | 000,073,728 | ---- | M] (Microsoft Corporation) MD5=A661A76333057B383A06E65F0073222F -- C:\Windows\winsxs\x86_microsoft-windows-securitycenter-core_31bf3856ad364e35_6.1.7600.16723_none_1a559a62133d85fa\wscsvc.dll
    [2010/12/21 15:29:14 | 000,073,728 | ---- | M] (Microsoft Corporation) MD5=FC6DB3FF10A271A83A2CAFB340120FC4 -- C:\Windows\winsxs\x86_microsoft-windows-securitycenter-core_31bf3856ad364e35_6.1.7600.20862_none_1ab2f7332c7c7c31\wscsvc.dll

    ========== Hard Links - Junction Points - Mount Points - Symbolic Links ==========
    [C:\windows\System32\config\systemprofile\AppData\Local\Application Data] -> C:\windows\system32\config\systemprofile\AppData\Local -> Junction
    [C:\windows\System32\config\systemprofile\AppData\Local\History] -> C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History -> Junction
    [C:\windows\System32\config\systemprofile\AppData\Local\Temporary Internet Files] -> C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files -> Junction
    [C:\windows\System32\config\systemprofile\Application Data] -> C:\windows\system32\config\systemprofile\AppData\Roaming -> Junction
    [C:\windows\System32\config\systemprofile\Cookies] -> C:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies -> Junction
    [C:\windows\System32\config\systemprofile\Documents\My Music] -> C:\windows\system32\config\systemprofile\Music -> Junction
    [C:\windows\System32\config\systemprofile\Documents\My Pictures] -> C:\windows\system32\config\systemprofile\Pictures -> Junction
    [C:\windows\System32\config\systemprofile\Documents\My Videos] -> C:\windows\system32\config\systemprofile\Videos -> Junction
    [C:\windows\System32\config\systemprofile\Local Settings] -> C:\windows\system32\config\systemprofile\AppData\Local -> Junction
    [C:\windows\System32\config\systemprofile\My Documents] -> C:\windows\system32\config\systemprofile\Documents -> Junction
    [C:\windows\System32\config\systemprofile\NetHood] -> C:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Network Shortcuts -> Junction
    [C:\windows\System32\config\systemprofile\PrintHood] -> C:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Printer Shortcuts -> Junction
    [C:\windows\System32\config\systemprofile\Recent] -> C:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Recent -> Junction
    [C:\windows\System32\config\systemprofile\SendTo] -> C:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\SendTo -> Junction
    [C:\windows\System32\config\systemprofile\Start Menu] -> C:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu -> Junction
    [C:\windows\System32\config\systemprofile\Templates] -> C:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Templates -> Junction

    < End of report >
  12. Flick

    Flick Newcomer, in training Topic Starter

    OTL Extras logfile created on: 11/07/2012 6:11:02 AM - Run 1
    OTL by OldTimer - Version 3.2.53.1 Folder = C:\Users\felicity\Desktop
    Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
    Internet Explorer (Version = 9.0.8112.16421)
    Locale: 00000C09 | Country: Australia | Language: ENA | Date Format: d/MM/yyyy

    2.93 Gb Total Physical Memory | 1.63 Gb Available Physical Memory | 55.73% Memory free
    5.85 Gb Paging File | 4.24 Gb Available in Paging File | 72.58% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
    Drive C: | 146.65 Gb Total Space | 31.00 Gb Free Space | 21.14% Space Free | Partition Type: NTFS
    Drive D: | 302.90 Gb Total Space | 142.00 Gb Free Space | 46.88% Space Free | Partition Type: NTFS
    Drive F: | 1.88 Gb Total Space | 1.88 Gb Free Space | 99.71% Space Free | Partition Type: FAT
    Drive J: | 500.00 Gb Total Space | 500.00 Gb Free Space | 100.00% Space Free | Partition Type: FAT32

    Computer Name: FELICITY-TABLET | User Name: felicity | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Extra Registry (SafeList) ==========


    ========== File Associations ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .cpl [@ = cplfile] -- C:\windows\System32\control.exe (Microsoft Corporation)
    .hlp [@ = hlpfile] -- C:\windows\winhlp32.exe (Microsoft Corporation)
    .html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)

    [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
    .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

    ========== Shell Spawning ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- "%1" %*
    cmdfile [open] -- "%1" %*
    comfile [open] -- "%1" %*
    cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
    exefile [open] -- "%1" %*
    helpfile [open] -- Reg Error: Key error.
    hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
    htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
    htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
    http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
    https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
    inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
    piffile [open] -- "%1" %*
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
    Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [explore] -- Reg Error: Value error.
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

    ========== Security Center Settings ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "cval" = 0

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
    "VistaSp1" = Reg Error: Unknown registry data type -- File not found
    "AntiVirusOverride" = 0
    "AntiSpywareOverride" = 0
    "FirewallOverride" = 0

    ========== Firewall Settings ==========

    ========== Authorized Applications List ==========


    ========== Vista Active Open Ports Exception List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

    ========== Vista Active Application Exception List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

    ========== HKEY_LOCAL_MACHINE Uninstall List ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
    "{0294F00A-91AC-4FBF-BD14-0EE1583927AF}" = Battery Utility
    "{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
    "{0439D13F-C7CD-458A-90DE-44135CBD40B8}" = Bluetooth Feature Pack 5.0
    "{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
    "{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Central Data
    "{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
    "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
    "{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
    "{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
    "{0F842B77-56EA-4AAF-8295-81A022350B5E}" = Microsoft Security Client
    "{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
    "{17F82182-0E3D-4A14-8843-5ECBFAF4F12F}" = Security Panel Application for Supervisor
    "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
    "{191C41F6-4BA8-4D3D-BBC5-AAC8F3077E3F}" = Fujitsu MobilityCenter Extension Utility
    "{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
    "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    "{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Central Tools
    "{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
    "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
    "{207E8B60-07D2-4B7F-97FE-0DA448606861}" = Fujitsu Button Utilities
    "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
    "{23B8A91D-680B-462B-87AD-3D70F7341731}" = iTunes
    "{26A24AE4-039D-4CA4-87B4-2F83216032FF}" = Java(TM) 6 Update 32
    "{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros Client Installation Program
    "{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
    "{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
    "{2BDE2BF2-AD90-4191-B3C8-D0046CE54916}" = Fujitsu Display Manager
    "{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}" = CyberLink PowerDVD 8
    "{2D87E961-577B-492B-AD54-1368680FB9A7}" = Virtual Earth 3D (Beta)
    "{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
    "{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
    "{38766225-85FA-469B-A373-82BF1923A7E4}" = MySQL Workbench 5.2 CE
    "{3898934B-05AE-41CD-96BE-70DA9BFBCE1F}" = Microsoft XNA Framework Redistributable 3.0
    "{399C37FB-08AF-493B-BFED-20FBD85EDF7F}" = FJ Camera
    "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
    "{44193AE6-D871-473C-8D1F-D55FBCB45552}" = Inst5657
    "{45CA9B23-5EF8-43AA-9851-E9E062BF0147}" = Security Panel Application
    "{469ED3E8-D21E-40E8-B00F-63516D26FAE3}" = O2Micro Flash Memory Card Windows Driver
    "{47BC37A3-35C8-484A-8CBD-851914EB095E}" = Update Navi
    "{4837C529-3700-5555-95FC-70C653003160}" = Jungle Disk Desktop
    "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
    "{4ABB4D92-0682-4887-A0BC-CE5F920DDD23}" = Watchtower Library 2009 - English
    "{50A0893D-47D8-48E0-A7E8-44BCD7E4422E}" = Microsoft SQL Server Native Client
    "{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
    "{5C3EA21C-22C0-4A44-BE58-D8CBB2F2B6B2}" = OZ711 SCR Driver
    "{5F8D931D-B230-47F3-A9C0-0C8CA459A332}" = Microsoft Expression Web 4
    "{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
    "{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
    "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
    "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
    "{6B99AF03-2668-4572-BD3D-8C7A5D103065}" = AuthenTec Fingerprint Software
    "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
    "{7254349B-460B-488F-B4DB-A96100C5C48B}" = Power Saving Utility
    "{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Central Audio
    "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    "{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
    "{7972B5F5-344C-4424-BEFD-431F5BD2D079}" = Flexsim 5.0.4
    "{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
    "{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
    "{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
    "{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
    "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
    "{8C6EE0B4-650F-452E-B9C2-882A72227B19}" = Microsoft SQL Server Database Publishing Wizard 1.1
    "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
    "{8FF90DB8-6DED-44A3-B182-244FEC09012F}" = Microsoft Touch Pack for Windows 7
    "{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
    "{90140000-0015-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
    "{90140000-0016-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
    "{90140000-0018-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
    "{90140000-0019-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
    "{90140000-001A-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
    "{90140000-001B-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
    "{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
    "{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
    "{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.PROPLUSR_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
    "{90140000-002C-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{7CA93DF4-8902-449E-A42E-4C5923CFBDE3}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010
    "{90140000-0044-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-006D-0409-0000-0000000FF1CE}" = Microsoft Office Click-to-Run 2010
    "{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
    "{90140000-006E-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
    "{90140000-00A1-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
    "{90140000-00BA-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
    "{90140000-0115-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
    "{90140000-0117-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{91140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
    "{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{926BD0E8-24A3-41D2-AF9B-340F1A37ED12}" = MobileMe Control Panel
    "{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
    "{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
    "{942E5031-2BD6-4C1B-918C-C8A1CBAE7B8C}" = Microsoft IntelliPoint 8.2
    "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
    "{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
    "{96B51C0B-D3BE-4DF3-959C-28B22C10CFBB}" = Vodafone Mobile Connect Lite
    "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    "{9BD2DD45-8763-4F12-BDC6-958FCFEF0FCB}" = Microsoft IntelliType Pro 8.2
    "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    "{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
    "{A33E457B-5369-481F-8B53-71108AE2EB5B}" = Roxio Creator LJ
    "{A4512736-8D63-4298-9271-5329931FA46B}" = Microsoft SQL Server Management Studio Express
    "{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
    "{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
    "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
    "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
    "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
    "{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
    "{ABE8CE7E-01CC-4500-BAF5-FFC29EA108A1}" = Shock Sensor Utility
    "{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.4.5 MUI
    "{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
    "{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Central Copy
    "{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
    "{BA0CC975-682B-4678-A35C-05E607F36387}" = Fujitsu Hotkey Utility
    "{BC5929D3-9D88-4B35-8E37-CD1F2849292C}" = IIS Search Engine Optimization Toolkit 1.0
    "{BF127B80-CFD5-4379-9752-E8AF1A5D0141}" = Microsoft Expression Encoder 4 Screen Capture Codec
    "{C0E8FE43-C35B-451D-B35F-D4BD056D70E7}" = Camtasia Studio 7
    "{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant
    "{C6579A65-9CAE-4B31-8B6B-3306E0630A66}" = Apple Software Update
    "{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
    "{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
    "{CC4878C0-4A6A-49CD-AAA7-DD3FCB06CC84}" = Microsoft Web Platform Installer 3.0
    "{CCAFF072-4DDB-4846-963D-15F02A8E9472}" = Intel(R) PROSet/Wireless WiFi Software
    "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
    "{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
    "{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
    "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
    "{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
    "{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
    "{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
    "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
    "{E56B8E1D-8E90-46DC-AE55-EBA87ED69A5F}" = DealBook 360
    "{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
    "{E8A5B78F-4456-4511-AB3D-E7BFFB974A7A}" = Fujitsu System Extension Utility
    "{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support
    "{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Central Core
    "{ED5761A3-C109-4E0E-8241-19DB67E66BED}" = CuteFTP 8 Lite
    "{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.9
    "{EFC04D3F-A152-47E7-8517-EE0F6201AFEF}" = Apple Mobile Device Support
    "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
    "{F0E2B312-D7FD-4349-A9B6-E90B36DB1BD0}" = Paint.NET v3.5.5
    "{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Graphics Media Accelerator Driver
    "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
    "{F2AF3E5D-9697-485C-A5AC-E2B9468C446A}" = Safari
    "{F4E57F49-84B4-4CF2-B0A1-8CA1752BDF7E}" = OmniPass 7.00.02
    "{F5993FCC-DF5D-4879-B70D-AA1F379C5C6B}" = Microsoft Expression Web 4 Service Pack 2
    "{F90E143F-8EB2-4E41-BF4B-E00B046C33E5}" = Microsoft SQL Server Management Objects Collection
    "{FDB5E0F3-86EA-4379-8A2F-1BC2436543E9}" = iCloud
    "{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
    "{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR
    "{FE51662F-D8F6-43B5-99D9-D4894AF00F83}" = Roxio Creator LJ
    "7-Zip" = 7-Zip 9.20
    "Adobe AIR" = Adobe AIR
    "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
    "chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
    "com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
    "EPSON Printer and Utilities" = EPSON Printer Software
    "F02860D720F53C6FCD75A013226E3E82F54FAB68" = Windows Driver Package - Fujitsu America, Inc. (FjBtnDrv) HIDClass (08/27/2009 4.2.0827.2009)
    "FileZilla Client" = FileZilla Client 3.5.3
    "Google Chrome" = Google Chrome
    "InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
    "InstallShield_{0294F00A-91AC-4FBF-BD14-0EE1583927AF}" = Battery Utility
    "InstallShield_{17F82182-0E3D-4A14-8843-5ECBFAF4F12F}" = Security Panel for Supervisor
    "InstallShield_{191C41F6-4BA8-4D3D-BBC5-AAC8F3077E3F}" = Fujitsu MobilityCenter Extension Utility
    "InstallShield_{2BDE2BF2-AD90-4191-B3C8-D0046CE54916}" = Fujitsu Display Manager
    "InstallShield_{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}" = CyberLink PowerDVD 8
    "InstallShield_{45CA9B23-5EF8-43AA-9851-E9E062BF0147}" = Security Panel
    "InstallShield_{469ED3E8-D21E-40E8-B00F-63516D26FAE3}" = O2Micro Flash Memory Card Windows Driver
    "InstallShield_{5C3EA21C-22C0-4A44-BE58-D8CBB2F2B6B2}" = OZ711 SCR Driver
    "InstallShield_{7254349B-460B-488F-B4DB-A96100C5C48B}" = Power Saving Utility
    "InstallShield_{ABE8CE7E-01CC-4500-BAF5-FFC29EA108A1}" = Shock Sensor Utility
    "InstallShield_{BA0CC975-682B-4678-A35C-05E607F36387}" = Fujitsu Hotkey Utility
    "InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
    "InstallShield_{E8A5B78F-4456-4511-AB3D-E7BFFB974A7A}" = Fujitsu System Extension Utility
    "LSI Soft Modem" = LSI HDA Modem
    "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.61.0.1400
    "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
    "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
    "Microsoft IntelliPoint 8.2" = Microsoft IntelliPoint 8.2
    "Microsoft IntelliType Pro 8.2" = Microsoft IntelliType Pro 8.2
    "Microsoft Security Client" = Microsoft Security Essentials
    "Mozilla Firefox 13.0.1 (x86 en-GB)" = Mozilla Firefox 13.0.1 (x86 en-GB)
    "MozillaMaintenanceService" = Mozilla Maintenance Service
    "Office14.Click2Run" = Microsoft Office Click-to-Run 2010
    "Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
    "PC-Doctor for Windows" = Fujitsu Hardware Diagnostics Tool
    "Pen Tablet Driver" = Pen Tablet
    "Prism" = Prism Video File Converter
    "ProInst" = Intel PROSet Wireless
    "SynTPDeinstKey" = Synaptics Pointing Device Driver
    "Visual Studio 6.0 Professional Edition" = Microsoft Visual Studio 6.0 Professional Edition
    "Web_4.0.1303.0" = Microsoft Expression Web 4
    "WebPost" = Microsoft Web Publishing Wizard 1.53
    "WinLiveSuite" = Windows Live Essentials

    ========== HKEY_CURRENT_USER Uninstall List ==========

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "Dropbox" = Dropbox
    "InstallShield_{E56B8E1D-8E90-46DC-AE55-EBA87ED69A5F}" = DealBook 360
    "SkyDriveSetup.exe" = Microsoft SkyDrive

    ========== Last 20 Event Log Errors ==========

    [ Application Events ]
    Error - 10/07/2012 12:07:02 PM | Computer Name = felicity-TABLET | Source = TabletServicePen | ID = 0
    Description =

    Error - 10/07/2012 12:07:02 PM | Computer Name = felicity-TABLET | Source = TabletServicePen | ID = 0
    Description =

    Error - 10/07/2012 12:07:14 PM | Computer Name = felicity-TABLET | Source = TabletServicePen | ID = 0
    Description =

    Error - 10/07/2012 12:07:14 PM | Computer Name = felicity-TABLET | Source = TabletServicePen | ID = 0
    Description =

    Error - 10/07/2012 12:07:14 PM | Computer Name = felicity-TABLET | Source = TabletServicePen | ID = 0
    Description =

    Error - 10/07/2012 12:09:26 PM | Computer Name = felicity-TABLET | Source = Application Hang | ID = 1002
    Description = The program sxt2dw2k.exe version 1.0.15.15641 stopped interacting
    with Windows and was closed. To see if more information about the problem is available,
    check the problem history in the Action Center control panel. Process ID: 1a00 Start
    Time: 01cd5eb6350eba20 Termination Time: 16 Application Path: C:\Users\felicity\Desktop\sxt2dw2k.exe

    Report
    Id: 9b32153c-caa9-11e1-959b-002258c7044b

    Error - 10/07/2012 12:18:26 PM | Computer Name = felicity-TABLET | Source = Application Error | ID = 1000
    Description = Faulting application name: Skype.exe, version: 5.9.0.123, time stamp:
    0x4fce1530 Faulting module name: Skype.exe, version: 5.9.0.123, time stamp: 0x4fce1530
    Exception
    code: 0xc0000005 Fault offset: 0x001e5a37 Faulting process id: 0x118c Faulting application
    start time: 0x01cd5eb61290c69e Faulting application path: C:\Program Files\Skype\Phone\Skype.exe
    Faulting
    module path: C:\Program Files\Skype\Phone\Skype.exe Report Id: e013b8c4-caaa-11e1-959b-002258c7044b

    Error - 10/07/2012 4:08:01 PM | Computer Name = felicity-TABLET | Source = Bonjour Service | ID = 100
    Description = Task Scheduling Error: Continuously busy for more than a second

    Error - 10/07/2012 4:08:01 PM | Computer Name = felicity-TABLET | Source = Bonjour Service | ID = 100
    Description = Task Scheduling Error: m->NextScheduledEvent 13096627

    Error - 10/07/2012 4:08:01 PM | Computer Name = felicity-TABLET | Source = Bonjour Service | ID = 100
    Description = Task Scheduling Error: m->NextScheduledSPRetry 13096627

    [ System Events ]
    Error - 10/07/2012 12:06:59 PM | Computer Name = felicity-TABLET | Source = Service Control Manager | ID = 7023
    Description = The Computer Browser service terminated with the following error:
    %%1060

    Error - 10/07/2012 12:07:00 PM | Computer Name = felicity-TABLET | Source = Service Control Manager | ID = 7003
    Description = The IKE and AuthIP IPsec Keying Modules service depends the following
    service: BFE. This service might not be installed.

    Error - 10/07/2012 12:07:00 PM | Computer Name = felicity-TABLET | Source = Service Control Manager | ID = 7003
    Description = The IPsec Policy Agent service depends the following service: BFE.
    This service might not be installed.

    Error - 10/07/2012 12:08:11 PM | Computer Name = felicity-TABLET | Source = DCOM | ID = 10016
    Description =

    Error - 10/07/2012 12:10:35 PM | Computer Name = felicity-TABLET | Source = Service Control Manager | ID = 7023
    Description = The Function Discovery Resource Publication service terminated with
    the following error: %%-2147024891

    Error - 10/07/2012 12:10:35 PM | Computer Name = felicity-TABLET | Source = Service Control Manager | ID = 7001
    Description = The HomeGroup Provider service depends on the Function Discovery Resource
    Publication service which failed to start because of the following error: %%-2147024891

    Error - 10/07/2012 12:25:42 PM | Computer Name = felicity-TABLET | Source = Service Control Manager | ID = 7023
    Description = The Function Discovery Resource Publication service terminated with
    the following error: %%-2147024891

    Error - 10/07/2012 12:25:42 PM | Computer Name = felicity-TABLET | Source = Service Control Manager | ID = 7001
    Description = The HomeGroup Provider service depends on the Function Discovery Resource
    Publication service which failed to start because of the following error: %%-2147024891

    Error - 10/07/2012 4:08:37 PM | Computer Name = felicity-TABLET | Source = Service Control Manager | ID = 7001
    Description = The HomeGroup Provider service depends on the Function Discovery Resource
    Publication service which failed to start because of the following error: %%-2147024891

    Error - 10/07/2012 4:08:37 PM | Computer Name = felicity-TABLET | Source = Service Control Manager | ID = 7023
    Description = The Function Discovery Resource Publication service terminated with
    the following error: %%-2147024891


    < End of report >
  13. Flick

    Flick Newcomer, in training Topic Starter

    Please close this thread. Thank you so much for your help but I have reinstalled my computer completely as I didn't need anything on my hard drive.I'm following your final advice on what to do after you've been infected as well.

    Thanks again for this service.
     
  14. Jay Pfoutz

    Jay Pfoutz Malware Helper Posts: 4,286   +49

    Personal Tips on Preventing Malware

    See this page for more info about malware and prevention.

    Topic marked solved and closed! :)
Topic Status:
Not open for further replies.


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.