Solved Win32 Sirefef Virus AH & R

[Flick]

Hi There,

Thank you so much for your endless support of all these people!!

I'm having issues with this trojan and virus as well... I'm unable to boot in recovery, I'm running a Fujitsu Tablet PC Windows 7 Professional 32 bit.

Microsoft Security Essentials, the Windows Firewall and Windows Defender have been disabled. I reintsalled MSE but the system seems to reboot when this is running and it is eventually disabled.

My logs are in the next posts.

 

[Flick]

Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Database version: v2012.07.10.09

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
felicity :: FELICITY-TABLET [administrator]

11/07/2012 1:47:05 AM
mbam-log-2012-07-11 (01-47-05).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 272124
Time elapsed: 16 minute(s), 9 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 1
HKCU\SOFTWARE\CLASSES\CLSID\{42AEDC87-2188-41FD-B9A3-0C966FEABEC1}\INPROCSERVER32 (Trojan.Zaccess) -> Quarantined and deleted successfully.

Registry Values Detected: 1
HKCU\SOFTWARE\CLASSES\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InprocServer32| (Trojan.Zaccess) -> Data: C:\Users\felicity\AppData\Local\{540b8e83-9192-4312-6da2-8409d0744685}\n. -> Quarantined and deleted successfully.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 2
C:\Windows\Installer\{540b8e83-9192-4312-6da2-8409d0744685}\n (Trojan.Dropper.PE4) -> Quarantined and deleted successfully.
C:\Windows\Installer\{540b8e83-9192-4312-6da2-8409d0744685}\U\800000cb.@ (Rootkit.0Access) -> Quarantined and deleted successfully.

(end)

 

[Flick]

GMER 1.0.15.15641 - http://www.gmer.net
Rootkit quick scan 2012-07-11 02:10:08
Windows 6.1.7601 Service Pack 1 Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 FUJITSU_ rev.0000
Running: sxt2dw2k.exe; Driver: C:\Users\felicity\AppData\Local\Temp\pwgiapoc.sys


---- Devices - GMER 1.0.15 ----

Device Ntfs.sys (NT File System Driver/Microsoft Corporation)

AttachedDevice cbfs3.sys

Device fastfat.SYS (Fast FAT File System Driver/Microsoft Corporation)

AttachedDevice fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 Wdf01000.sys (Kernel Mode Driver Framework Runtime/Microsoft Corporation)

---- EOF - GMER 1.0.15 ----

 

[Flick]

.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_32
Run by felicity at 2:15:53 on 2012-07-11
Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.2995.1724 [GMT 10:00]
.
AV: Microsoft Security Essentials *Disabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Microsoft Security Essentials *Disabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}
.
============== Running Processes ===============
.
C:\windows\system32\wininit.exe
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\Program Files\Fingerprint Sensor\AtService.exe
C:\Program Files\Softex\OmniPass\OmniServ.exe
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\Windows\system32\WUDFHost.exe
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\WLANExt.exe
C:\windows\system32\conhost.exe
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\LSI SoftModem\agrsmsvc.exe
C:\windows\system32\svchost.exe -k apphost
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\windows\system32\svchost.exe -k bthsvcs
C:\windows\System32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\windows\SYSTEM32\WISPTIS.EXE
C:\windows\system32\svchost.exe -k bthaudiosvc
C:\Program Files\Jungle Disk Desktop\JungleDiskMonitor.exe
C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\Windows\system32\o2flash.exe
c:\Program Files\Fujitsu\PSUtility\PSUService.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
c:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\windows\system32\svchost.exe -k imgsvc
C:\windows\system32\Pen_Tablet.exe
C:\Program Files\Fujitsu\updnavi\updnvsrv.exe
C:\Program Files\CSR\Bluetooth Feature Pack 5.0\VFPRadioSupportService.exe
C:\windows\system32\svchost.exe -k iissvcs
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\windows\system32\wbem\unsecapp.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Windows\system32\WUDFHost.exe
C:\windows\system32\taskhost.exe
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\windows\SYSTEM32\WISPTIS.EXE
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
C:\Program Files\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe
C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\vsnp2uvc.exe
C:\Windows\snuvcdsm.exe
C:\Program Files\CSR\Bluetooth Feature Pack 5.0\CSRSkype.exe
C:\Program Files\CSR\Bluetooth Feature Pack 5.0\ConMgr.exe
C:\Program Files\Fingerprint Sensor\ATSwpNav.exe
C:\Program Files\Fujitsu\FDM7\FdmDaemon.exe
C:\Program Files\Fujitsu\PSUtility\TrayManager.exe
C:\windows\system32\WTablet\Pen_TabletUser.exe
C:\Program Files\Fujitsu\SSUtility\FJSSDMN.exe
C:\Program Files\Fujitsu\BatteryAid2\BatteryDaemon.exe
C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe
C:\Program Files\Fujitsu\Utils\FjDspMon.exe
C:\Program Files\Fujitsu\Utils\fjevents.exe
C:\Program Files\Fujitsu\updnavi\updatenv.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Fujitsu\Utils\FjLidMon.exe
C:\Program Files\Softex\OmniPass\scureapp.exe
C:\Program Files\Fujitsu\Utils\FjMnuIco.exe
C:\Program Files\CyberLink\YouCam\YouCamTray.exe
C:\windows\system32\igfxext.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\windows\system32\Pen_Tablet.exe
C:\windows\system32\igfxsrvc.exe
C:\Program Files\CSR\Bluetooth Feature Pack 5.0\CSRBthFtpServer.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\Program Files\Softex\OmniPass\opvapp.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Users\felicity\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
C:\Program Files\Jungle Disk Desktop\JungleDiskMonitor.exe
C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
C:\Program Files\iPod\bin\iPodService.exe
C:\windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\windows\system32\SearchProtocolHost.exe
C:\Program Files\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
C:\windows\system32\svchost.exe -k SDRSVC
C:\windows\system32\SearchFilterHost.exe
C:\windows\System32\svchost.exe -k WerSvcGroup
C:\windows\system32\DllHost.exe
C:\windows\system32\DllHost.exe
C:\windows\system32\conhost.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://google.com.au/
uDefault_Page_URL = hxxp://hk.fujitsu.com/pc
uURLSearchHooks: H - No File
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Virtual Storage Mount Notification: {5ff49fe8-b332-4cb9-b102-fb6951629e55} - c:\windows\system32\CbFsMntNtf3.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\progra~1\micros~2\office14\GROOVEEX.DLL
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\progra~1\micros~2\office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: {88C7F2AA-F93F-432C-8F0E-B7D85967A527} - No File
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [AdobeBridge]
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /minimized /regrun
uRun: [SkyDrive] "c:\users\felicity\appdata\local\microsoft\skydrive\SkyDrive.exe" /background
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [IndicatorUtility] c:\program files\fujitsu\fujitsu hotkey utility\IndicatorUty.exe
mRun: [LoadFUJ02E3] c:\program files\fujitsu\fuj02e3\FUJ02E3.exe
mRun: [<NO NAME>]
mRun: [FjStrtAp] c:\program files\fujitsu\utils\FjStrtAp.exe
mRun: [RtHDVCpl] c:\program files\realtek\audio\hda\RtHDVCpl.exe -s
mRun: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
mRun: [snp2uvc] c:\windows\vsnp2uvc.exe
mRun: [SNUVCDSM] c:\windows\snuvcdsm.exe
mRun: [CSRSkype] c:\program files\csr\bluetooth feature pack 5.0\CSRSkype.exe
mRun: [ConMgr] "c:\program files\csr\bluetooth feature pack 5.0\ConMgr.exe"
mRun: [ATSwpNav] "c:\program files\fingerprint sensor\ATSwpNav" -run
mRun: [IMSS] "c:\program files\intel\intel(r) management engine components\imss\PIconStartup.exe"
mRun: [FDM7] c:\program files\fujitsu\fdm7\FdmDaemon.exe
mRun: [PSUTility] c:\program files\fujitsu\psutility\TrayManager.exe
mRun: [SSUtility] c:\program files\fujitsu\ssutility\FJSSDMN.exe
mRun: [FJBATAID2] c:\program files\fujitsu\batteryaid2\BatteryDaemon.exe
mRun: [RemoteControl8] "c:\program files\cyberlink\powerdvd8\PDVD8Serv.exe"
mRun: [PDVD8LanguageShortcut] "c:\program files\cyberlink\powerdvd8\language\Language.exe"
mRun: [UpdatePDRShortCut] "c:\program files\cyberlink\powerdirector\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\powerdirector" updatewithcreateonce "software\cyberlink\powerdirector\7.0"
mRun: [FJUPDNV_Chitose] c:\program files\fujitsu\updnavi\updatenv.exe
mRun: [OmniPass] c:\program files\softex\omnipass\scureapp.exe
mRun: [UCam_Menu] "c:\program files\cyberlink\youcam\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\youcam" updatewithcreateonce "software\cyberlink\youcam\3.0"
mRun: [YouCam Mirror Tray icon] "c:\program files\cyberlink\youcam\YouCamTray.exe" /s
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [BCSSync] "c:\program files\microsoft office\office14\BCSSync.exe" /DelayServices
mRun: [AdobeAAMUpdater-1.0] "c:\program files\common files\adobe\oobe\pdapp\uwa\UpdaterStartupUtility.exe"
mRun: [CSRFTP] c:\program files\csr\bluetooth feature pack 5.0\CSRBthFtpServer.exe
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [EPSON Stylus CX3700 Series] c:\windows\system32\spool\drivers\w32x86\3\e_fatiacp.exe /f "c:\windows\temp\E_S9804.tmp" /EF "HKLM"
mRun: [SwitchBoard] c:\program files\common files\adobe\switchboard\SwitchBoard.exe
mRun: [AdobeCS5ServiceManager] "c:\program files\common files\adobe\cs5servicemanager\CS5ServiceManager.exe" -launchedbylogin
mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe
mRun: [EPSON Stylus CX3700 Series (Copy 1)] c:\windows\system32\spool\drivers\w32x86\3\e_fatiacp.exe /f "c:\windows\temp\E_SF50A.tmp" /EF "HKLM"
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [IntelliPoint] "c:\program files\microsoft intellipoint\ipoint.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [itype] "c:\program files\microsoft intellitype pro\itype.exe"
mRun: [MobileConnect] %programfiles%\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe /silent
StartupFolder: c:\users\felicity\appdata\roaming\micros~1\windows\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office14\ONENOTEM.EXE
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\jungle~1.lnk - c:\program files\jungle disk desktop\JungleDiskMonitor.exe
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: SoftwareSASGeneration = 1 (0x1)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\micros~2\office14\ONBttnIE.dll/105
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
DPF: {82774781-8F4E-11D1-AB1C-0000F8773BF0} - hxxps://transfers.ds.microsoft.com/FTM/TransferSource/grTransferCtrl.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} - hxxps://secure.logmein.com/activex/RACtrl.cab
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{5513EB5A-47E8-40A2-9C47-B06CB3980939} : DhcpNameServer = 10.188.66.103 10.176.66.71
TCP: Interfaces\{95F4649F-D051-400E-A4BC-55EF53143291} : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{95F4649F-D051-400E-A4BC-55EF53143291}\07564627F6 : DhcpNameServer = 192.168.0.3
TCP: Interfaces\{95F4649F-D051-400E-A4BC-55EF53143291}\14440223031303 : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{95F4649F-D051-400E-A4BC-55EF53143291}\3584140554 : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{95F4649F-D051-400E-A4BC-55EF53143291}\54C696475624163756 : DhcpNameServer = 192.168.0.2 192.168.0.12
TCP: Interfaces\{95F4649F-D051-400E-A4BC-55EF53143291}\7496C626F637 : DhcpNameServer = 203.12.160.35 203.12.160.36
TCP: Interfaces\{95F4649F-D051-400E-A4BC-55EF53143291}\77962756C6563737 : DhcpNameServer = 192.168.2.1
TCP: Interfaces\{95F4649F-D051-400E-A4BC-55EF53143291}\E41607F6C656F6E6 : DhcpNameServer = 192.168.0.3
TCP: Interfaces\{DA1C4C54-BFD0-41AF-89DB-D5638673C48C} : DhcpNameServer = 192.168.0.3
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
Notify: igfxcui - igfxdev.dll
SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - c:\windows\system32\CbFsMntNtf3.dll
STS: Virtual Storage Mount Notification: {5ff49fe8-b332-4cb9-b102-fb6951629e55} - c:\windows\system32\CbFsMntNtf3.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~1\micros~2\office14\GROOVEEX.DLL
Hosts: 192.168.0.3 METRIX01
Hosts: 192.168.0.7 METRIX03
Hosts: 192.168.0.8 METRIX08
Hosts: 192.168.0.4 METRIXHOST01
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\felicity\appdata\roaming\mozilla\firefox\profiles\a3mi51ou.default\
FF - plugin: c:\progra~1\micros~2\office14\NPAUTHZ.DLL
FF - plugin: c:\progra~1\micros~2\office14\NPSPWRAP.DLL
FF - plugin: c:\program files\adobe\reader 9.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\google\update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre6\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: c:\program files\microsoft\web platform installer\NPWPIDetector.dll
FF - plugin: c:\program files\virtual earth 3d\npVE3D.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_2_202_233.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_3_300_257.dll
FF - plugin: c:\windows\system32\npdeployJava1.dll
FF - plugin: c:\windows\system32\npmproxy.dll
.
============= SERVICES / DRIVERS ===============
.
R0 FBIOSDRV;Fujitsu BIOS Driver;c:\windows\system32\drivers\FBIOSDRV.sys [2010-4-26 17008]
R0 FJGSDisk;G-Sensor Application Filter Driver;c:\windows\system32\drivers\FJGSDisk.sys [2010-5-13 12776]
R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2010-10-24 171064]
R1 cbfs3;cbfs3;c:\windows\system32\drivers\cbfs3.sys [2011-11-23 273552]
R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-14 48128]
R2 ATService;AuthenTec Fingerprint Service;c:\program files\fingerprint sensor\AtService.exe [2009-8-1 1807608]
R2 cvhsvc;Client Virtualization Handler;c:\program files\common files\microsoft shared\virtualization handler\CVHSVC.EXE [2012-1-4 822624]
R2 HFGService;Handsfree Headset Service;c:\windows\system32\svchost.exe -k bthaudiosvc [2009-7-14 20992]
R2 JungleDiskService;JungleDiskService;c:\program files\jungle disk desktop\JungleDiskMonitor.exe [2011-5-17 7343432]
R2 PowerSavingUtilityService;PowerSavingUtilityService;c:\program files\fujitsu\psutility\PSUService.exe [2009-7-27 62824]
R2 sftlist;Application Virtualization Client;c:\program files\microsoft application virtualization client\sftlist.exe [2011-10-1 508776]
R2 Skype C2C Service;Skype C2C Service;c:\programdata\skype\toolbars\skype c2c service\c2c_service.exe [2012-6-19 3048136]
R2 TabletServicePen;TabletServicePen;c:\windows\system32\Pen_Tablet.exe [2010-7-9 2792232]
R2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files\intel\intel(r) management engine components\uns\UNS.exe [2010-5-13 2314240]
R2 UpdateNaviInstallService;UpdateNaviInstallService;c:\program files\fujitsu\updnavi\updnvsrv.exe [2009-8-27 12800]
R2 VFPRadioSupportService;Bluetooth Feature Support;c:\program files\csr\bluetooth feature pack 5.0\VFPRadioSupportService.exe [2009-8-21 111488]
R2 VMCService;Vodafone Mobile Connect Service;c:\program files\vodafone\vodafone mobile connect\bin\VMCService.exe [2009-9-18 9216]
R3 acpials;ALS Sensor Filter;c:\windows\system32\drivers\acpials.sys [2009-7-14 7680]
R3 ATSwpWDF;AuthenTec TruePrint USB WDF Driver;c:\windows\system32\drivers\ATSwpWDF.sys [2009-8-1 659328]
R3 e1kexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver K;c:\windows\system32\drivers\e1k6232.sys [2010-5-7 208552]
R3 Fjbtndrv;Fujitsu Button Driver;c:\windows\system32\drivers\FjBtnDrv.sys [2010-5-7 18816]
R3 FUJ02E3;Fujitsu FUJ02E3 Device Driver;c:\windows\system32\drivers\fuj02e3.sys [2010-4-26 5632]
R3 Impcd;Impcd;c:\windows\system32\drivers\Impcd.sys [2010-5-13 125696]
R3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\drivers\IntcDAud.sys [2009-12-18 209920]
R3 NETw5s32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 32 Bit;c:\windows\system32\drivers\NETw5s32.sys [2009-9-16 6114816]
R3 O2MDRDR;O2MDRDR;c:\windows\system32\drivers\o2media.sys [2009-5-13 48672]
R3 O2SDRDR;O2SDRDR;c:\windows\system32\drivers\o2sd.sys [2009-7-3 44064]
R3 Sftfs;Sftfs;c:\windows\system32\drivers\Sftfslh.sys [2011-10-1 579944]
R3 Sftplay;Sftplay;c:\windows\system32\drivers\Sftplaylh.sys [2011-10-1 194408]
R3 Sftredir;Sftredir;c:\windows\system32\drivers\Sftredirlh.sys [2011-10-1 21864]
R3 Sftvol;Sftvol;c:\windows\system32\drivers\Sftvollh.sys [2011-10-1 19304]
R3 sftvsa;Application Virtualization Service Agent;c:\program files\microsoft application virtualization client\sftvsa.exe [2011-10-1 219496]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\drivers\vwifimp.sys [2009-7-14 14336]
R3 WISDPen;Wacom Penabled MiniDriver;c:\windows\system32\drivers\wisdpen.sys [2010-7-9 36648]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-9-10 136176]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-6-5 160944]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888]
S3 BthAudioHF;BthAudioHF Service;c:\windows\system32\drivers\BthAudioHF.sys [2009-12-21 43008]
S3 BthAvrcp;Bluetooth AVRCP Profile;c:\windows\system32\drivers\BthAvrcp.sys [2009-8-21 28000]
S3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\drivers\ewusbnet.sys [2009-7-23 112128]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-9-10 136176]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\microsoft office\office14\GROOVE.EXE [2011-6-12 31125880]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\mozilla maintenance service\maintenanceservice.exe [2012-5-2 113120]
S3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\drivers\netaapl.sys [2011-5-10 18432]
S3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2011-4-27 74112]
S3 NisSrv;Microsoft Network Inspection;c:\program files\microsoft security client\NisSrv.exe [2012-3-26 214952]
S3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2010-1-9 4640000]
S3 PCDSRVC{F819FCA4-67B3B36D-06020000}_0;PCDSRVC{F819FCA4-67B3B36D-06020000}_0 - PCDR Kernel Mode Service Helper Driver;c:\program files\fujitsu hardware diagnostics tool\pcdsrvc.pkms [2010-3-25 21360]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2009-6-11 139776]
S3 StorSvc;Storage Service;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 20992]
S3 SwitchBoard;SwitchBoard;c:\program files\common files\adobe\switchboard\SwitchBoard.exe [2010-2-19 517096]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-4-18 52224]
S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2010-8-31 1343400]
S3 WSDPrintDevice;WSD Print Support via UMB;c:\windows\system32\drivers\WSDPrint.sys [2009-7-14 17920]
.
=============== Created Last 30 ================
.
2012-07-10 12:41:06 -------- d-----w- c:\users\felicity\appdata\roaming\Malwarebytes
2012-07-10 12:41:00 -------- d-----w- c:\programdata\Malwarebytes
2012-07-10 12:40:59 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-07-10 12:40:59 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-07-10 10:52:18 -------- d-sh--w- c:\windows\system32\%APPDATA%
2012-07-10 10:47:59 -------- d-----w- c:\programdata\B7E8586B002E144B5A2EBD38B4EB238B
2012-07-09 13:06:24 6762896 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{4cd30f12-6779-4128-b45e-6757dafccaf7}\mpengine.dll
2012-07-09 02:39:19 6762896 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll
2012-07-04 01:39:45 713784 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{79d00157-6af0-464e-a96b-187c127200b0}\gapaengine.dll
2012-07-03 06:07:54 -------- d-----w- c:\programdata\Vodafone
2012-07-03 06:07:41 -------- d-----w- c:\program files\Vodafone
2012-06-21 22:55:33 2422272 ----a-w- c:\windows\system32\wucltux.dll
2012-06-21 22:55:10 88576 ----a-w- c:\windows\system32\wudriver.dll
2012-06-21 22:54:50 33792 ----a-w- c:\windows\system32\wuapp.exe
2012-06-21 22:54:50 171904 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-21 19:25:41 -------- d-----w- c:\users\felicity\appdata\local\{A3A95EF1-12B5-41BF-AB29-DDE0FAA574CA}
2012-06-21 19:25:29 -------- d-----w- c:\users\felicity\appdata\local\{610649E7-9FD2-4E62-945D-3B5B28BD8FB0}
2012-06-21 07:24:48 -------- d-----w- c:\users\felicity\appdata\local\{3F2C02A0-4976-4CBB-BA1A-F7DA30B0BE9E}
2012-06-21 07:24:30 -------- d-----w- c:\users\felicity\appdata\local\{94CE7374-26AE-4783-AD37-37FFC588781B}
2012-06-20 03:08:51 -------- d-----w- c:\users\felicity\appdata\local\Macromedia
2012-06-19 11:56:40 770384 ----a-w- c:\program files\mozilla firefox\msvcr100.dll
2012-06-19 11:56:40 421200 ----a-w- c:\program files\mozilla firefox\msvcp100.dll
2012-06-19 07:35:14 4967624 ----a-w- c:\program files\mozilla firefox\extensions\{82af8dca-6de9-405d-bd5e-43525bdad38a}\components\SkypeFfComponent.dll
2012-06-14 07:34:01 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-06-14 07:34:00 194560 ----a-w- c:\program files\internet explorer\ieproxy.dll
2012-06-14 07:34:00 194048 ----a-w- c:\program files\internet explorer\IEShims.dll
2012-06-14 07:34:00 140920 ----a-w- c:\program files\internet explorer\sqmapi.dll
2012-06-14 00:45:06 183808 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-06-14 00:45:05 2342400 ----a-w- c:\windows\system32\msi.dll
2012-06-14 00:45:02 2343936 ----a-w- c:\windows\system32\win32k.sys
2012-06-14 00:45:00 8192 ----a-w- c:\windows\system32\rdrmemptylst.exe
2012-06-14 00:45:00 58880 ----a-w- c:\windows\system32\rdpwsx.dll
2012-06-14 00:45:00 129536 ----a-w- c:\windows\system32\rdpcorekmts.dll
2012-06-14 00:44:59 164352 ----a-w- c:\windows\system32\profsvc.dll
2012-06-14 00:44:54 1158656 ----a-w- c:\windows\system32\crypt32.dll
2012-06-14 00:44:53 140288 ----a-w- c:\windows\system32\cryptsvc.dll
2012-06-14 00:44:52 103936 ----a-w- c:\windows\system32\cryptnet.dll
2012-06-13 06:39:20 713784 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{6ab526d4-abc0-4f42-b4f0-ebf4d60a0483}\gapaengine.dll
.
==================== Find3M ====================
.
2012-07-10 10:49:26 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-07-10 10:49:25 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-05-17 22:45:37 1800192 ----a-w- c:\windows\system32\jscript9.dll
2012-05-17 22:35:47 1129472 ----a-w- c:\windows\system32\wininet.dll
2012-05-17 22:35:39 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2012-05-17 22:29:45 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2012-05-01 00:34:20 476960 ----a-w- c:\windows\system32\npdeployJava1.dll
2012-05-01 00:34:19 472864 ----a-w- c:\windows\system32\deployJava1.dll
.
============= FINISH: 2:25:06.78 ===============

 

[Flick]

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Professional
Boot Device: \Device\HarddiskVolume2
Install Date: 9/07/2010 8:50:43 AM
System Uptime: 11/07/2012 2:06:11 AM (0 hours ago)
.
Motherboard: FUJITSU | | FJNB204
Processor: Intel(R) Core(TM) i7 CPU M 620 @ 2.67GHz | Onboard | 1173/133mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 147 GiB total, 30.995 GiB free.
D: is FIXED (NTFS) - 303 GiB total, 141.898 GiB free.
E: is CDROM ()
F: is Removable
J: is Removable
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP762: 9/07/2012 5:11:28 PM - Scheduled Checkpoint
RP763: 10/07/2012 9:09:29 PM - Removed Vodafone Mobile Connect Lite.
RP764: 10/07/2012 11:18:43 PM - Removed Java(TM) 6 Update 32
.
==== Installed Programs ======================
.
7-Zip 9.20
Acrobat.com
Adobe AIR
Adobe Community Help
Adobe Flash Player 11 Plugin
Adobe Media Player
Adobe Photoshop CS5
Adobe Reader 9.4.5 MUI
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Atheros Client Installation Program
AuthenTec Fingerprint Software
Battery Utility
Bluetooth Feature Pack 5.0
Bonjour
Camtasia Studio 7
CuteFTP 8 Lite
CyberLink PowerDirector
CyberLink PowerDVD 8
CyberLink YouCam
D3DX10
DealBook 360
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Dropbox
EPSON Printer Software
FileZilla Client 3.5.3
FJ Camera
Flexsim 5.0.4
Fujitsu Button Utilities
Fujitsu Display Manager
Fujitsu Hardware Diagnostics Tool
Fujitsu Hotkey Utility
Fujitsu MobilityCenter Extension Utility
Fujitsu System Extension Utility
Google Chrome
Google Toolbar for Internet Explorer
Google Update Helper
iCloud
IIS Search Engine Optimization Toolkit 1.0
Inst5657
Intel PROSet Wireless
Intel(R) Graphics Media Accelerator Driver
Intel(R) Management Engine Components
Intel(R) PROSet/Wireless WiFi Software
iTunes
Java Auto Updater
Java(TM) 6 Update 32
Jungle Disk Desktop
Junk Mail filter update
LSI HDA Modem
Malwarebytes Anti-Malware version 1.61.0.1400
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Application Error Reporting
Microsoft Expression Encoder 4 Screen Capture Codec
Microsoft Expression Web 4
Microsoft Expression Web 4 Service Pack 2
Microsoft IntelliPoint 8.2
Microsoft IntelliType Pro 8.2
Microsoft Office 2010
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Click-to-Run 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Groove MUI (English) 2010
Microsoft Office InfoPath MUI (English) 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Professional Plus 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Word MUI (English) 2010
Microsoft Security Client
Microsoft Security Essentials
Microsoft Silverlight
Microsoft SkyDrive
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft SQL Server Database Publishing Wizard 1.1
Microsoft SQL Server Management Objects Collection
Microsoft SQL Server Management Studio Express
Microsoft SQL Server Native Client
Microsoft Touch Pack for Windows 7
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual Studio 6.0 Professional Edition
Microsoft Web Platform Installer 3.0
Microsoft Web Publishing Wizard 1.53
Microsoft XNA Framework Redistributable 3.0
Microsoft_VC80_ATL_x86
Microsoft_VC80_CRT_x86
Microsoft_VC80_MFC_x86
Microsoft_VC80_MFCLOC_x86
Microsoft_VC90_ATL_x86
Microsoft_VC90_CRT_x86
Microsoft_VC90_MFC_x86
MobileMe Control Panel
Mozilla Firefox 13.0.1 (x86 en-GB)
Mozilla Maintenance Service
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MySQL Workbench 5.2 CE
O2Micro Flash Memory Card Windows Driver
OmniPass 7.00.02
OZ711 SCR Driver
Paint.NET v3.5.5
PDF Settings CS5
Pen Tablet
Power Saving Utility
Prism Video File Converter
QuickTime
Realtek High Definition Audio Driver
Roxio Central Audio
Roxio Central Copy
Roxio Central Core
Roxio Central Data
Roxio Central Tools
Roxio Creator LJ
Safari
Security Panel
Security Panel Application
Security Panel Application for Supervisor
Security Panel for Supervisor
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Extended (KB2416472)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft Excel 2010 (KB2597166) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553091)
Security Update for Microsoft Office 2010 (KB2553096)
Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2598039) 32-Bit Edition
Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition
Security Update for Microsoft SharePoint Workspace 2010 (KB2566445)
Security Update for Microsoft Visio Viewer 2010 (KB2597981) 32-Bit Edition
Shock Sensor Utility
Skype Click to Call
Skype™ 5.9
Synaptics Pointing Device Driver
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553385) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597091) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update Navi
Virtual Earth 3D (Beta)
Vodafone Mobile Connect Lite
Watchtower Library 2009 - English
Windows Driver Package - Fujitsu America, Inc. (FjBtnDrv) HIDClass (08/27/2009 4.2.0827.2009)
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Mail
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live Sync
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Windows Media Player Firefox Plugin
.
==== Event Viewer Messages From Past Week ========
.
9/07/2012 3:11:45 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {E367E1A1-E917-11D0-AF5F-00A02448799A} and APPID {9209B1A6-964A-11D0-9372-00A0C9034910} to the user IIS APPPOOL\DefaultAppPool SID (S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
9/07/2012 3:11:45 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {0C0A3666-30C9-11D0-8F20-00805F2CD064} and APPID {9209B1A6-964A-11D0-9372-00A0C9034910} to the user IIS APPPOOL\DefaultAppPool SID (S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
9/07/2012 12:18:09 PM, Error: Microsoft-Windows-RasSstp [1] - CoId={34E098BC-9114-4389-A129-BDB6F485F3CD}:The initial Secure Socket Tunneling Protocol request could not be successfully sent to the server. This can be due to network connectivity issues or certificate (trust) issues. The detailed error message is provided below. Correct the problem and try again. The requested name is valid, but no data of the requested type was found.
9/07/2012 1:10:52 PM, Error: Schannel [36888] - The following fatal alert was generated: 10. The internal error state is 10.
7/07/2012 3:14:53 PM, Error: Microsoft-Windows-RasSstp [1] - CoId={3AB50ACF-1140-455D-A590-0E213DCB22E5}:The initial Secure Socket Tunneling Protocol request could not be successfully sent to the server. This can be due to network connectivity issues or certificate (trust) issues. The detailed error message is provided below. Correct the problem and try again. An existing connection was forcibly closed by the remote host.
6/07/2012 4:24:01 PM, Error: Microsoft-Windows-RasSstp [1] - CoId={F337F093-6411-4DD9-A3C1-6FD82DD13BE7}:The initial Secure Socket Tunneling Protocol request could not be successfully sent to the server. This can be due to network connectivity issues or certificate (trust) issues. The detailed error message is provided below. Correct the problem and try again. A certificate chain processed, but terminated in a root certificate which is not trusted by the trust provider.
6/07/2012 3:41:18 AM, Error: Microsoft-Windows-RasSstp [1] - CoId={437764E6-8A77-4954-A5E9-ECE1E2F169E4}:The initial Secure Socket Tunneling Protocol request could not be successfully sent to the server. This can be due to network connectivity issues or certificate (trust) issues. The detailed error message is provided below. Correct the problem and try again. A certificate chain processed, but terminated in a root certificate which is not trusted by the trust provider.
5/07/2012 10:48:19 AM, Error: Server [2505] - The server could not bind to the transport \Device\NetBT_Tcpip_{2F50F8B4-3F10-4AE4-842D-8865CFE59170} because another computer on the network has the same name. The server could not start.
4/07/2012 11:27:40 PM, Error: Microsoft-Windows-RasSstp [1] - CoId={CD667FA2-CCDC-46FA-BFD2-CDD1E5515AD1}:The initial Secure Socket Tunneling Protocol request could not be successfully sent to the server. This can be due to network connectivity issues or certificate (trust) issues. The detailed error message is provided below. Correct the problem and try again. A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond.
11/07/2012 2:10:35 AM, Error: Service Control Manager [7023] - The Function Discovery Resource Publication service terminated with the following error: %%-2147024891
11/07/2012 2:10:35 AM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error: %%-2147024891
11/07/2012 2:08:11 AM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} and APPID {344ED43D-D086-4961-86A6-1106F4ACAD9B} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
11/07/2012 2:07:00 AM, Error: Service Control Manager [7003] - The IPsec Policy Agent service depends the following service: BFE. This service might not be installed.
11/07/2012 2:07:00 AM, Error: Service Control Manager [7003] - The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed.
11/07/2012 2:06:59 AM, Error: Service Control Manager [7023] - The Computer Browser service terminated with the following error: The specified service does not exist as an installed service.
11/07/2012 12:57:27 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x00000050 (0xbad0b114, 0x00000000, 0x836246c4, 0x00000000). A dump was saved in: C:\windows\MEMORY.DMP. Report Id: 071112-38454-01.
11/07/2012 1:27:43 AM, Error: Service Control Manager [7038] - The netprofm service was unable to log on as NT AUTHORITY\LocalService with the currently configured password due to the following error: The security account manager (SAM) or local security authority (LSA) server was in the wrong state to perform the security operation. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
11/07/2012 1:27:43 AM, Error: Service Control Manager [7000] - The Network List Service service failed to start due to the following error: The service did not start due to a logon failure.
11/07/2012 1:27:43 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1069" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}
11/07/2012 1:23:48 AM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Virus:Win32/Sirefef.R&threatid=2147657890 Name: Virus:Win32/Sirefef.R ID: 2147657890 Severity: Severe Category: Virus Path: file:_C:\Windows\System32\services.exe;process:_pid:652 Detection Origin: Local machine Detection Type: Concrete Detection Source: System User: NT AUTHORITY\SYSTEM Process Name: C:\windows\system32\services.exe Action: Clean Action Status: To see how to finish removing malware and other potentially unwanted software, see the support article on the Microsoft Security website. Error Code: 0x800704ec Error description: This program is blocked by group policy. For more information, contact your system administrator. Signature Version: AV: 1.129.1344.0, AS: 1.129.1344.0, NIS: 11.159.0.0 Engine Version: AM: 1.1.8502.0, NIS: 2.0.8001.0
11/07/2012 1:23:48 AM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Sirefef.AH&threatid=2147655284 Name: Trojan:Win32/Sirefef.AH ID: 2147655284 Severity: Severe Category: Trojan Path: containerfile:_C:\Windows\System32\services.exe;file:_C:\Windows\System32\services.exe->731;process:_pid:652 Detection Origin: Local machine Detection Type: Concrete Detection Source: System User: NT AUTHORITY\SYSTEM Process Name: C:\windows\system32\services.exe Action: Quarantine Action Status: No additional actions required Error Code: 0x800704ec Error description: This program is blocked by group policy. For more information, contact your system administrator. Signature Version: AV: 1.129.1344.0, AS: 1.129.1344.0, NIS: 11.159.0.0 Engine Version: AM: 1.1.8502.0, NIS: 2.0.8001.0
11/07/2012 1:07:11 AM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Virus:Win32/Sirefef.R&threatid=2147657890 Name: Virus:Win32/Sirefef.R ID: 2147657890 Severity: Severe Category: Virus Path: file:_C:\Windows\System32\services.exe;process:_pid:600 Detection Origin: Local machine Detection Type: Concrete Detection Source: Real-Time Protection User: NT AUTHORITY\SYSTEM Process Name: C:\windows\system32\services.exe Action: Clean Action Status: To see how to finish removing malware and other potentially unwanted software, see the support article on the Microsoft Security website. Error Code: 0x800704ec Error description: This program is blocked by group policy. For more information, contact your system administrator. Signature Version: AV: 1.129.1344.0, AS: 1.129.1344.0, NIS: 11.159.0.0 Engine Version: AM: 1.1.8502.0, NIS: 2.0.8001.0
11/07/2012 1:07:11 AM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Sirefef.AH&threatid=2147655284 Name: Trojan:Win32/Sirefef.AH ID: 2147655284 Severity: Severe Category: Trojan Path: containerfile:_C:\Windows\System32\services.exe;file:_C:\Windows\System32\services.exe->731;process:_pid:600 Detection Origin: Local machine Detection Type: Concrete Detection Source: System User: NT AUTHORITY\SYSTEM Process Name: C:\windows\system32\services.exe Action: Quarantine Action Status: No additional actions required Error Code: 0x800704ec Error description: This program is blocked by group policy. For more information, contact your system administrator. Signature Version: AV: 1.129.1344.0, AS: 1.129.1344.0, NIS: 11.159.0.0 Engine Version: AM: 1.1.8502.0, NIS: 2.0.8001.0
11/07/2012 1:04:19 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x80070424 Error description: The specified service does not exist as an installed service.
11/07/2012 1:03:27 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x80070424 Error description: The specified service does not exist as an installed service.
10/07/2012 9:59:48 PM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Virus:Win32/Sirefef.R&threatid=2147657890 Name: Virus:Win32/Sirefef.R ID: 2147657890 Severity: Severe Category: Virus Path: file:_C:\windows\System32\services.exe;process:_pid:596 Detection Origin: Local machine Detection Type: Concrete Detection Source: System User: NT AUTHORITY\SYSTEM Process Name: C:\windows\system32\services.exe Action: Clean Action Status: To see how to finish removing malware and other potentially unwanted software, see the support article on the Microsoft Security website. Error Code: 0x800704ec Error description: This program is blocked by group policy. For more information, contact your system administrator. Signature Version: AV: 1.129.1344.0, AS: 1.129.1344.0, NIS: 11.159.0.0 Engine Version: AM: 1.1.8502.0, NIS: 2.0.8001.0
10/07/2012 9:59:48 PM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Sirefef.AH&threatid=2147655284 Name: Trojan:Win32/Sirefef.AH ID: 2147655284 Severity: Severe Category: Trojan Path: containerfile:_C:\windows\System32\services.exe;file:_C:\windows\System32\services.exe->731;process:_pid:596 Detection Origin: Local machine Detection Type: Concrete Detection Source: System User: NT AUTHORITY\SYSTEM Process Name: C:\windows\system32\services.exe Action: Quarantine Action Status: No additional actions required Error Code: 0x800704ec Error description: This program is blocked by group policy. For more information, contact your system administrator. Signature Version: AV: 1.129.1344.0, AS: 1.129.1344.0, NIS: 11.159.0.0 Engine Version: AM: 1.1.8502.0, NIS: 2.0.8001.0
10/07/2012 9:56:33 PM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Virus:Win32/Sirefef.R&threatid=2147657890 Name: Virus:Win32/Sirefef.R ID: 2147657890 Severity: Severe Category: Virus Path: file:_C:\windows\system32\services.exe;process:_pid:596 Detection Origin: Local machine Detection Type: Concrete Detection Source: System User: NT AUTHORITY\SYSTEM Process Name: C:\windows\system32\services.exe Action: Clean Action Status: To see how to finish removing malware and other potentially unwanted software, see the support article on the Microsoft Security website. Error Code: 0x800704ec Error description: This program is blocked by group policy. For more information, contact your system administrator. Signature Version: AV: 1.129.1344.0, AS: 1.129.1344.0, NIS: 11.159.0.0 Engine Version: AM: 1.1.8502.0, NIS: 2.0.8001.0
10/07/2012 9:56:33 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1726" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}
10/07/2012 9:51:49 PM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Virus:Win32/Sirefef.R&threatid=2147657890 Name: Virus:Win32/Sirefef.R ID: 2147657890 Severity: Severe Category: Virus Path: file:_C:\windows\System32\services.exe;process:_pid:612 Detection Origin: Local machine Detection Type: Concrete Detection Source: System User: NT AUTHORITY\SYSTEM Process Name: C:\windows\system32\services.exe Action: Clean Action Status: To see how to finish removing malware and other potentially unwanted software, see the support article on the Microsoft Security website. Error Code: 0x800704ec Error description: This program is blocked by group policy. For more information, contact your system administrator. Signature Version: AV: 1.129.1344.0, AS: 1.129.1344.0, NIS: 11.159.0.0 Engine Version: AM: 1.1.8502.0, NIS: 2.0.8001.0
10/07/2012 9:51:49 PM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Sirefef.AH&threatid=2147655284 Name: Trojan:Win32/Sirefef.AH ID: 2147655284 Severity: Severe Category: Trojan Path: containerfile:_C:\windows\System32\services.exe;file:_C:\windows\System32\services.exe->731;process:_pid:612 Detection Origin: Local machine Detection Type: Concrete Detection Source: System User: NT AUTHORITY\SYSTEM Process Name: C:\windows\system32\services.exe Action: Quarantine Action Status: No additional actions required Error Code: 0x800704ec Error description: This program is blocked by group policy. For more information, contact your system administrator. Signature Version: AV: 1.129.1344.0, AS: 1.129.1344.0, NIS: 11.159.0.0 Engine Version: AM: 1.1.8502.0, NIS: 2.0.8001.0
10/07/2012 9:47:53 PM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Virus:Win32/Sirefef.R&threatid=2147657890 Name: Virus:Win32/Sirefef.R ID: 2147657890 Severity: Severe Category: Virus Path: file:_C:\windows\System32\services.exe;process:_pid:608 Detection Origin: Local machine Detection Type: Concrete Detection Source: System User: NT AUTHORITY\SYSTEM Process Name: C:\windows\system32\services.exe Action: Clean Action Status: To see how to finish removing malware and other potentially unwanted software, see the support article on the Microsoft Security website. Error Code: 0x800704ec Error description: This program is blocked by group policy. For more information, contact your system administrator. Signature Version: AV: 1.129.1344.0, AS: 1.129.1344.0, NIS: 11.159.0.0 Engine Version: AM: 1.1.8502.0, NIS: 2.0.8001.0
10/07/2012 9:47:53 PM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Sirefef.AH&threatid=2147655284 Name: Trojan:Win32/Sirefef.AH ID: 2147655284 Severity: Severe Category: Trojan Path: containerfile:_C:\windows\System32\services.exe;file:_C:\windows\System32\services.exe->731;process:_pid:608 Detection Origin: Local machine Detection Type: Concrete Detection Source: System User: NT AUTHORITY\SYSTEM Process Name: C:\windows\system32\services.exe Action: Quarantine Action Status: No additional actions required Error Code: 0x800704ec Error description: This program is blocked by group policy. For more information, contact your system administrator. Signature Version: AV: 1.129.1344.0, AS: 1.129.1344.0, NIS: 11.159.0.0 Engine Version: AM: 1.1.8502.0, NIS: 2.0.8001.0
10/07/2012 9:42:44 PM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Virus:Win32/Sirefef.R&threatid=2147657890 Name: Virus:Win32/Sirefef.R ID: 2147657890 Severity: Severe Category: Virus Path: file:_C:\windows\System32\services.exe;process:_pid:608 Detection Origin: Local machine Detection Type: Concrete Detection Source: System User: NT AUTHORITY\SYSTEM Process Name: C:\windows\system32\services.exe Action: Clean Action Status: To see how to finish removing malware and other potentially unwanted software, see the support article on the Microsoft Security website. Error Code: 0x800704ec Error description: This program is blocked by group policy. For more information, contact your system administrator. Signature Version: AV: 1.129.1344.0, AS: 1.129.1344.0, NIS: 11.159.0.0 Engine Version: AM: 1.1.8502.0, NIS: 2.0.8001.0
10/07/2012 9:42:44 PM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Sirefef.AH&threatid=2147655284 Name: Trojan:Win32/Sirefef.AH ID: 2147655284 Severity: Severe Category: Trojan Path: containerfile:_C:\windows\System32\services.exe;file:_C:\windows\System32\services.exe->731;process:_pid:608 Detection Origin: Local machine Detection Type: Concrete Detection Source: System User: NT AUTHORITY\SYSTEM Process Name: C:\windows\system32\services.exe Action: Quarantine Action Status: No additional actions required Error Code: 0x800704ec Error description: This program is blocked by group policy. For more information, contact your system administrator. Signature Version: AV: 1.129.1344.0, AS: 1.129.1344.0, NIS: 11.159.0.0 Engine Version: AM: 1.1.8502.0, NIS: 2.0.8001.0
10/07/2012 9:37:35 PM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Virus:Win32/Sirefef.R&threatid=2147657890 Name: Virus:Win32/Sirefef.R ID: 2147657890 Severity: Severe Category: Virus Path: file:_C:\windows\System32\services.exe;process:_pid:604 Detection Origin: Local machine Detection Type: Concrete Detection Source: System User: NT AUTHORITY\SYSTEM Process Name: C:\windows\system32\services.exe Action: Clean Action Status: To see how to finish removing malware and other potentially unwanted software, see the support article on the Microsoft Security website. Error Code: 0x800704ec Error description: This program is blocked by group policy. For more information, contact your system administrator. Signature Version: AV: 1.129.1344.0, AS: 1.129.1344.0, NIS: 11.159.0.0 Engine Version: AM: 1.1.8502.0, NIS: 2.0.8001.0
10/07/2012 9:37:35 PM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Sirefef.AH&threatid=2147655284 Name: Trojan:Win32/Sirefef.AH ID: 2147655284 Severity: Severe Category: Trojan Path: containerfile:_C:\windows\System32\services.exe;file:_C:\windows\System32\services.exe->731;process:_pid:604 Detection Origin: Local machine Detection Type: Concrete Detection Source: System User: NT AUTHORITY\SYSTEM Process Name: C:\windows\system32\services.exe Action: Quarantine Action Status: No additional actions required Error Code: 0x800704ec Error description: This program is blocked by group policy. For more information, contact your system administrator. Signature Version: AV: 1.129.1344.0, AS: 1.129.1344.0, NIS: 11.159.0.0 Engine Version: AM: 1.1.8502.0, NIS: 2.0.8001.0
10/07/2012 9:33:54 PM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Virus:Win32/Sirefef.R&threatid=2147657890 Name: Virus:Win32/Sirefef.R ID: 2147657890 Severity: Severe Category: Virus Path: file:_C:\windows\System32\services.exe;process:_pid:600 Detection Origin: Local machine Detection Type: Concrete Detection Source: System User: NT AUTHORITY\SYSTEM Process Name: C:\windows\system32\services.exe Action: Clean Action Status: To see how to finish removing malware and other potentially unwanted software, see the support article on the Microsoft Security website. Error Code: 0x800704ec Error description: This program is blocked by group policy. For more information, contact your system administrator. Signature Version: AV: 1.129.1344.0, AS: 1.129.1344.0, NIS: 11.159.0.0 Engine Version: AM: 1.1.8502.0, NIS: 2.0.8001.0
10/07/2012 9:33:54 PM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Sirefef.AH&threatid=2147655284 Name: Trojan:Win32/Sirefef.AH ID: 2147655284 Severity: Severe Category: Trojan Path: containerfile:_C:\windows\System32\services.exe;file:_C:\windows\System32\services.exe->731;process:_pid:600 Detection Origin: Local machine Detection Type: Concrete Detection Source: System User: NT AUTHORITY\SYSTEM Process Name: C:\windows\system32\services.exe Action: Quarantine Action Status: No additional actions required Error Code: 0x800704ec Error description: This program is blocked by group policy. For more information, contact your system administrator. Signature Version: AV: 1.129.1344.0, AS: 1.129.1344.0, NIS: 11.159.0.0 Engine Version: AM: 1.1.8502.0, NIS: 2.0.8001.0
10/07/2012 9:30:27 PM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Virus:Win32/Sirefef.R&threatid=2147657890 Name: Virus:Win32/Sirefef.R ID: 2147657890 Severity: Severe Category: Virus Path: file:_C:\windows\System32\services.exe;process:_pid:608 Detection Origin: Local machine Detection Type: Concrete Detection Source: System User: NT AUTHORITY\SYSTEM Process Name: C:\windows\system32\services.exe Action: Clean Action Status: To see how to finish removing malware and other potentially unwanted software, see the support article on the Microsoft Security website. Error Code: 0x800704ec Error description: This program is blocked by group policy. For more information, contact your system administrator. Signature Version: AV: 1.129.1344.0, AS: 1.129.1344.0, NIS: 11.159.0.0 Engine Version: AM: 1.1.8502.0, NIS: 2.0.8001.0
10/07/2012 9:30:27 PM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Sirefef.AH&threatid=2147655284 Name: Trojan:Win32/Sirefef.AH ID: 2147655284 Severity: Severe Category: Trojan Path: containerfile:_C:\windows\System32\services.exe;file:_C:\windows\System32\services.exe->731;process:_pid:608 Detection Origin: Local machine Detection Type: Concrete Detection Source: System User: NT AUTHORITY\SYSTEM Process Name: C:\windows\system32\services.exe Action: Quarantine Action Status: No additional actions required Error Code: 0x800704ec Error description: This program is blocked by group policy. For more information, contact your system administrator. Signature Version: AV: 1.129.1344.0, AS: 1.129.1344.0, NIS: 11.159.0.0 Engine Version: AM: 1.1.8502.0, NIS: 2.0.8001.0
10/07/2012 9:24:03 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x80070424 Error description: The specified service does not exist as an installed service.
10/07/2012 9:23:12 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x80070424 Error description: The specified service does not exist as an installed service.
10/07/2012 9:03:07 PM, Error: Microsoft-Windows-WMPNSS-Service [14332] - Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80004005'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.
10/07/2012 10:39:16 PM, Error: Service Control Manager [7034] - The Skype C2C Service service terminated unexpectedly. It has done this 1 time(s).
10/07/2012 10:34:07 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x000000c2 (0x00000007, 0x0000109b, 0x00250023, 0x88be2ee0). A dump was saved in: C:\windows\MEMORY.DMP. Report Id: 071012-40341-01.
10/07/2012 10:03:19 PM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Virus:Win32/Sirefef.R&threatid=2147657890 Name: Virus:Win32/Sirefef.R ID: 2147657890 Severity: Severe Category: Virus Path: file:_C:\windows\System32\services.exe;process:_pid:504 Detection Origin: Local machine Detection Type: Concrete Detection Source: System User: NT AUTHORITY\SYSTEM Process Name: C:\windows\system32\services.exe Action: Clean Action Status: To see how to finish removing malware and other potentially unwanted software, see the support article on the Microsoft Security website. Error Code: 0x800704ec Error description: This program is blocked by group policy. For more information, contact your system administrator. Signature Version: AV: 1.129.1344.0, AS: 1.129.1344.0, NIS: 0.0.0.0 Engine Version: AM: 1.1.8502.0, NIS: 0.0.0.0
10/07/2012 10:03:19 PM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Sirefef.AH&threatid=2147655284 Name: Trojan:Win32/Sirefef.AH ID: 2147655284 Severity: Severe Category: Trojan Path: containerfile:_C:\windows\System32\services.exe;file:_C:\windows\System32\services.exe->731;process:_pid:504 Detection Origin: Local machine Detection Type: Concrete Detection Source: System User: NT AUTHORITY\SYSTEM Process Name: C:\windows\system32\services.exe Action: Quarantine Action Status: No additional actions required Error Code: 0x800704ec Error description: This program is blocked by group policy. For more information, contact your system administrator. Signature Version: AV: 1.129.1344.0, AS: 1.129.1344.0, NIS: 0.0.0.0 Engine Version: AM: 1.1.8502.0, NIS: 0.0.0.0
10/07/2012 10:02:55 PM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start.
10/07/2012 10:02:54 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
10/07/2012 10:02:52 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
10/07/2012 10:02:51 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
10/07/2012 10:02:46 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
10/07/2012 10:02:39 PM, Error: Microsoft-Windows-WLAN-AutoConfig [10000] - WLAN Extensibility Module has failed to start. Module Path: C:\windows\System32\IWMSSvc.dll Error Code: 21
10/07/2012 10:02:22 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: cbfs3 discache MpFilter spldr Wanarpv6
10/07/2012 10:02:19 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
10/07/2012 10:02:19 PM, Error: Service Control Manager [7001] - The Client Virtualization Handler service depends on the Application Virtualization Client service which failed to start because of the following error: The dependency service or group failed to start.
.
==== End Of File ===========================

 

[Jay Pfoutz]

Hello, and welcome to TechSpot.

Please see here for the board rules and other FAQ.

Please feel free to introduce yourself, after you follow the steps below to get started.

Information

• From this point on, please do not make any more changes to your computer; such as install/uninstall programs, use special fix tools, delete files, edit the registry, etc. - unless advised by a malware removal helper.
• Please do not ask for help elsewhere (in this site or other sites). Doing so can result in system changes, which may not show up in the logs you post.
• If you have already asked for help somewhere, please post the link to the topic you were helped.
• We try our best to reply quickly, but for any reason we do not reply in two days, please reply to this topic with the word BUMP!
• Lastly, keep in mind that we are volunteers, so you do not have to pay for malware removal. Persist in this topic until its close, and your computer is declared clean.

Thanks for doing the preworking steps. I saw you can't get into recovery mode. Let's try OTL:

Please download OTL to your Desktop. (If you already have it downloaded, then just follow the instructions below).

• Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
• Under the Custom Scan box paste this in
  
  msconfig
  safebootminimal
  activex
  drivers32
  netsvcs
  CreateRestorePoint
  %AppData%\Roaming\Mozilla\Firefox\Profiles\*.default\extensions\ /s /md5
  %AppData%\Local\
  %systemroot%\system32\sysprep
  *.xpi /md5
  %systemroot%\Downloaded Program Files\
  HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
  hklm\software\clients\startmenuinternet|command /rs
  hklm\software\clients\startmenuinternet|command /64 /rs
  %systemroot%\system32\drivers\*.sys /lockedfiles
  %systemroot%\system32\drivers\*.sys /90
  %systemroot%\System32\config\*.sav
  %SYSTEMDRIVE%\*.exe /md5
  "%WinDir%\$NtUninstallKB*$." /30
  %systemdrive%\Program Files\Common Files\ComObjects\*.* /s
  %systemroot%\*. /mp /s
  %systemroot%\*. /rp /s
  %systemroot%\system32\*.dll /lockedfiles
  %systemroot%\Tasks\*.job /lockedfiles
  %USERPROFILE%\AppData\Local\Google\Chrome\User Data\*.* /s
  %USERPROFILE%\AppData\Local\ /s
  %systemroot%\Installer\ /s
  %systemroot%\system32\Cache\ /s
  %systemroot%\system32\config\systemprofile\Application Data /s
  %PROGRAMFILES%\*.
  %appdata%\*.*
  /md5start
  volsnap.sys
  services.exe
  userinit.exe
  afd.sys
  tcpip.sys
  netbt.sys
  ipsec.sys
  dnsrslvr.dll
  ipnathlp.dll
  netman.dll
  WMIsvc.dll
  srsvc.dll
  sr.sys
  wscsvc.dll
  wuauserv.dll
  qmgr.dll
  es.dll
  cryptsvc.dll
  svchost.exe
  rpcss.dll
  tdx.sys
  wininit.exe
  winlogon.exe
  atapi.sys
  explorer.exe
  /md5stop
• Click the Run Scanbutton. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) and paste (Edit->Paste) the contents of these files, one at a time

Note: in the event that OTL fails to run, please use alternate download links to try again:

http://oldtimer.geekstogo.com/OTL.com
http://oldtimer.geekstogo.com/OTL.scr

 

[Flick]

Thanks heaps for your response!!!!
____________________________________________________
OTL logfile created on: 11/07/2012 6:11:02 AM - Run 1
OTL by OldTimer - Version 3.2.53.1 Folder = C:\Users\felicity\Desktop
Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000C09 | Country: Australia | Language: ENA | Date Format: d/MM/yyyy

2.93 Gb Total Physical Memory | 1.63 Gb Available Physical Memory | 55.73% Memory free
5.85 Gb Paging File | 4.24 Gb Available in Paging File | 72.58% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 146.65 Gb Total Space | 31.00 Gb Free Space | 21.14% Space Free | Partition Type: NTFS
Drive D: | 302.90 Gb Total Space | 142.00 Gb Free Space | 46.88% Space Free | Partition Type: NTFS
Drive F: | 1.88 Gb Total Space | 1.88 Gb Free Space | 99.71% Space Free | Partition Type: FAT
Drive J: | 500.00 Gb Total Space | 500.00 Gb Free Space | 100.00% Space Free | Partition Type: FAT32

Computer Name: FELICITY-TABLET | User Name: felicity | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/07/11 06:10:02 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\felicity\Desktop\OTL.exe
PRC - [2012/06/19 17:32:30 | 003,048,136 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2012/05/31 12:25:28 | 000,296,672 | ---- | M] (Microsoft Corporation) -- C:\Users\felicity\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
PRC - [2012/03/26 17:08:12 | 000,931,200 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2011/10/01 07:30:42 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2011/10/01 07:30:36 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2011/09/02 00:15:40 | 000,227,712 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
PRC - [2011/06/24 14:22:20 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2011/05/17 15:12:46 | 007,343,432 | ---- | M] (Jungle Disk, Inc.) -- C:\Program Files\Jungle Disk Desktop\JungleDiskMonitor.exe
PRC - [2011/02/25 15:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010/11/20 22:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009/12/04 13:34:00 | 000,014,336 | ---- | M] (LSI Corporation) -- C:\Program Files\LSI SoftModem\agrsmsvc.exe
PRC - [2009/10/27 20:52:14 | 000,128,360 | ---- | M] (FUJITSU LIMITED) -- C:\Program Files\Fujitsu\FDM7\FdmDaemon.exe
PRC - [2009/10/16 20:41:46 | 000,107,880 | ---- | M] (FUJITSU LIMITED) -- C:\Program Files\Fujitsu\BatteryAid2\BatteryDaemon.exe
PRC - [2009/10/10 14:06:50 | 000,047,976 | ---- | M] (FUJITSU LIMITED) -- C:\Program Files\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe
PRC - [2009/10/02 21:18:14 | 000,167,008 | ---- | M] (CyberLink Corp.) -- C:\Program Files\CyberLink\YouCam\YouCamTray.exe
PRC - [2009/10/01 20:40:28 | 000,143,360 | ---- | M] (FUJITSU LIMITED) -- C:\Program Files\Fujitsu\updnavi\updatenv.exe
PRC - [2009/09/30 21:34:38 | 001,091,584 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
PRC - [2009/09/30 21:34:22 | 002,314,240 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2009/09/30 21:33:08 | 000,262,144 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2009/09/22 08:55:12 | 000,858,384 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe
PRC - [2009/09/22 08:31:36 | 000,473,360 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
PRC - [2009/09/18 18:48:28 | 000,009,216 | ---- | M] (Vodafone) -- C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
PRC - [2009/09/14 13:48:48 | 000,186,664 | ---- | M] (Wacom Technology, Corp.) -- C:\Windows\System32\WTablet\Pen_TabletUser.exe
PRC - [2009/09/14 13:48:36 | 002,792,232 | ---- | M] (Wacom Technology, Corp.) -- C:\Windows\System32\Pen_Tablet.exe
PRC - [2009/08/27 16:23:52 | 003,248,128 | ---- | M] () -- C:\Program Files\Softex\OmniPass\scureapp.exe
PRC - [2009/08/27 15:30:12 | 000,040,960 | ---- | M] (Softex Inc.) -- C:\Program Files\Softex\OmniPass\OmniServ.exe
PRC - [2009/08/27 15:21:10 | 000,073,728 | ---- | M] () -- C:\Program Files\Softex\OmniPass\opvapp.exe
PRC - [2009/08/27 14:17:34 | 000,012,800 | ---- | M] (FUJITSU LIMITED) -- C:\Program Files\Fujitsu\updnavi\updnvsrv.exe
PRC - [2009/08/21 08:41:42 | 000,111,488 | ---- | M] (CSR, plc) -- C:\Program Files\CSR\Bluetooth Feature Pack 5.0\VFPRadioSupportService.exe
PRC - [2009/08/21 08:41:32 | 000,346,464 | ---- | M] (CSR, plc) -- C:\Program Files\CSR\Bluetooth Feature Pack 5.0\CSRSkype.exe
PRC - [2009/08/21 08:41:28 | 000,331,632 | ---- | M] (CSR, plc) -- C:\Program Files\CSR\Bluetooth Feature Pack 5.0\CSRBthFtpServer.exe
PRC - [2009/08/21 08:41:20 | 000,504,160 | ---- | M] (CSR, plc) -- C:\Program Files\CSR\Bluetooth Feature Pack 5.0\ConMgr.exe
PRC - [2009/08/19 13:38:02 | 000,020,480 | ---- | M] (Fujitsu Computer Systems Corporation) -- C:\Program Files\Fujitsu\Utils\FjEvents.exe
PRC - [2009/08/19 13:37:18 | 000,024,576 | ---- | M] (Fujitsu Computer Systems Corporation) -- C:\Program Files\Fujitsu\Utils\FjDspMon.exe
PRC - [2009/08/13 08:06:00 | 000,662,016 | ---- | M] (Sonix) -- C:\Windows\vsnp2uvc.exe
PRC - [2009/08/07 08:07:58 | 000,020,480 | ---- | M] (Fujitsu Computer Systems) -- C:\Program Files\Fujitsu\Utils\FjLidMon.exe
PRC - [2009/08/01 16:11:24 | 000,128,248 | ---- | M] (AuthenTec, Inc.) -- C:\Program Files\Fingerprint Sensor\ATSwpNav.exe
PRC - [2009/08/01 16:11:22 | 001,807,608 | ---- | M] (AuthenTec, Inc.) -- C:\Program Files\Fingerprint Sensor\AtService.exe
PRC - [2009/07/27 20:50:32 | 000,144,744 | ---- | M] (FUJITSU LIMITED) -- C:\Program Files\Fujitsu\PSUtility\TrayManager.exe
PRC - [2009/07/27 20:50:30 | 000,062,824 | ---- | M] (FUJITSU LIMITED) -- c:\Program Files\Fujitsu\PSUtility\PSUService.exe
PRC - [2009/07/17 13:08:20 | 000,091,432 | ---- | M] (CyberLink Corp.) -- C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe
PRC - [2009/06/17 13:19:32 | 000,036,712 | ---- | M] (FUJITSU LIMITED) -- C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe
PRC - [2009/05/23 03:37:42 | 000,024,576 | ---- | M] () -- C:\Windows\snuvcdsm.exe
PRC - [2008/06/12 13:47:00 | 000,057,344 | ---- | M] (Fujitsu Computer Systems Corporation) -- C:\Program Files\Fujitsu\Utils\fjmnuico.exe
PRC - [2007/12/14 18:45:34 | 000,193,832 | ---- | M] (FUJITSU LIMITED) -- C:\Program Files\Fujitsu\SSUtility\FJSSDMN.exe
PRC - [2007/02/12 17:43:00 | 000,065,536 | ---- | M] (O2Micro International) -- C:\Windows\System32\o2flash.exe


========== Modules (No Company Name) ==========

MOD - [2012/06/18 22:49:31 | 012,436,480 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll
MOD - [2012/06/18 22:49:20 | 001,591,808 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll
MOD - [2012/05/10 03:39:37 | 005,452,800 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll
MOD - [2012/05/10 03:39:31 | 000,971,264 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll
MOD - [2012/05/10 03:39:30 | 007,967,232 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll
MOD - [2012/05/10 03:39:10 | 011,492,864 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll
MOD - [2012/01/08 23:41:12 | 000,093,696 | ---- | M] () -- C:\Program Files\FileZilla FTP Client\fzshellext.dll
MOD - [2011/09/27 06:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/09/27 06:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/05/17 15:10:20 | 000,260,096 | ---- | M] () -- C:\Program Files\Jungle Disk Desktop\monitor_images.dll
MOD - [2011/03/16 23:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2010/10/20 14:45:26 | 008,801,120 | ---- | M] () -- C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
MOD - [2009/08/27 16:23:52 | 003,248,128 | ---- | M] () -- C:\Program Files\Softex\OmniPass\scureapp.exe
MOD - [2009/08/27 16:16:14 | 000,593,920 | ---- | M] () -- C:\Program Files\Softex\OmniPass\userdata.dll
MOD - [2009/08/27 15:38:44 | 000,052,304 | ---- | M] () -- C:\Program Files\Softex\OmniPass\hdddrv.dll
MOD - [2009/08/27 15:25:22 | 000,057,344 | ---- | M] () -- C:\Program Files\Softex\OmniPass\Cachedrv.dll
MOD - [2009/08/27 15:19:58 | 000,061,440 | ---- | M] () -- C:\Program Files\Softex\OmniPass\scuredll.dll
MOD - [2009/08/27 15:19:28 | 001,486,848 | ---- | M] () -- C:\Program Files\Softex\OmniPass\autheng.dll
MOD - [2009/08/27 15:19:08 | 000,557,056 | ---- | M] () -- C:\Program Files\Softex\OmniPass\storeng.dll
MOD - [2009/08/27 15:18:56 | 000,016,896 | ---- | M] () -- C:\Program Files\Softex\OmniPass\cryptodll.dll
MOD - [2009/08/27 15:18:48 | 000,011,264 | ---- | M] () -- C:\Program Files\Softex\OmniPass\SSPLogon.dll
MOD - [2009/08/27 15:18:44 | 000,057,344 | ---- | M] () -- C:\Program Files\Softex\OmniPass\RandomPass.dll
MOD - [2009/05/23 03:37:42 | 000,024,576 | ---- | M] () -- C:\Windows\snuvcdsm.exe


========== Win32 Services (SafeList) ==========

SRV - [2012/06/19 21:56:42 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/06/19 17:32:30 | 003,048,136 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012/06/05 15:17:44 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/03/26 17:03:40 | 000,214,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV - [2011/10/01 07:30:42 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2011/10/01 07:30:36 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2011/06/12 10:15:00 | 031,125,880 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2011/05/17 15:12:46 | 007,343,432 | ---- | M] (Jungle Disk, Inc.) [Auto | Running] -- C:\Program Files\Jungle Disk Desktop\JungleDiskMonitor.exe -- (JungleDiskService)
SRV - [2010/11/20 22:19:20 | 000,397,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\inetsrv\iisw3adm.dll -- (WAS)
SRV - [2010/11/20 22:19:20 | 000,397,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\inetsrv\iisw3adm.dll -- (W3SVC)
SRV - [2010/11/20 22:18:03 | 000,061,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\inetsrv\apphostsvc.dll -- (AppHostSvc)
SRV - [2010/08/31 11:33:17 | 001,045,256 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010/08/31 11:29:51 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2010/02/19 12:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/12/21 12:14:46 | 000,413,696 | ---- | M] (CSR, plc) [Auto | Running] -- C:\Windows\System32\HFGService.dll -- (HFGService)
SRV - [2009/12/04 13:34:00 | 000,014,336 | ---- | M] (LSI Corporation) [Auto | Running] -- C:\Program Files\LSI SoftModem\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2009/09/30 21:34:22 | 002,314,240 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)
SRV - [2009/09/30 21:33:08 | 000,262,144 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)
SRV - [2009/09/22 08:55:12 | 000,858,384 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng) Intel(R)
SRV - [2009/09/22 08:31:36 | 000,473,360 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc) Intel(R)
SRV - [2009/09/18 18:48:28 | 000,009,216 | ---- | M] (Vodafone) [Auto | Running] -- C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe -- (VMCService)
SRV - [2009/09/14 13:48:36 | 002,792,232 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Windows\System32\Pen_Tablet.exe -- (TabletServicePen)
SRV - [2009/08/27 15:30:12 | 000,040,960 | ---- | M] (Softex Inc.) [Auto | Running] -- C:\Program Files\Softex\OmniPass\OmniServ.exe -- (omniserv)
SRV - [2009/08/27 14:17:34 | 000,012,800 | ---- | M] (FUJITSU LIMITED) [Auto | Running] -- C:\Program Files\Fujitsu\updnavi\updnvsrv.exe -- (UpdateNaviInstallService)
SRV - [2009/08/21 08:41:42 | 000,111,488 | ---- | M] (CSR, plc) [Auto | Running] -- C:\Program Files\CSR\Bluetooth Feature Pack 5.0\VFPRadioSupportService.exe -- (VFPRadioSupportService)
SRV - [2009/08/01 16:11:22 | 001,807,608 | ---- | M] (AuthenTec, Inc.) [Auto | Running] -- C:\Program Files\Fingerprint Sensor\AtService.exe -- (ATService)
SRV - [2009/07/27 20:50:30 | 000,062,824 | ---- | M] (FUJITSU LIMITED) [Auto | Running] -- c:\Program Files\Fujitsu\PSUtility\PSUService.exe -- (PowerSavingUtilityService)
SRV - [2009/07/14 11:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)
SRV - [2009/07/14 11:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/14 11:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2007/02/12 17:43:00 | 000,065,536 | ---- | M] (O2Micro International) [Auto | Running] -- C:\Windows\System32\o2flash.exe -- (O2Flash)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Unknown] -- C:\Users\felicity\AppData\Local\Temp\pwgiapoc.sys -- (pwgiapoc)
DRV - File not found [Kernel | On_Demand | Unknown] -- C:\Users\felicity\AppData\Local\Temp\mbr.sys -- (mbr)
DRV - [2012/03/20 20:44:12 | 000,074,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2011/10/01 07:30:42 | 000,019,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Sftvollh.sys -- (Sftvol)
DRV - [2011/10/01 07:30:40 | 000,021,864 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\Sftredirlh.sys -- (Sftredir)
DRV - [2011/10/01 07:30:38 | 000,194,408 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Sftplaylh.sys -- (Sftplay)
DRV - [2011/10/01 07:30:36 | 000,579,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Sftfslh.sys -- (Sftfs)
DRV - [2011/05/18 08:09:04 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\dc3d.sys -- (dc3d) MS Hardware Device Detection Driver (USB)
DRV - [2011/05/10 08:06:14 | 000,018,432 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\netaapl.sys -- (Netaapl)
DRV - [2010/11/30 10:03:06 | 000,273,552 | ---- | M] (EldoS Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\cbfs3.sys -- (cbfs3)
DRV - [2010/11/20 22:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010/11/20 22:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010/11/20 22:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010/11/20 20:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 19:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/11/20 19:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010/11/20 19:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010/05/13 03:45:43 | 000,012,776 | ---- | M] (FUJITSU LIMITED) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\FJGSDisk.sys -- (FJGSDisk)
DRV - [2010/03/25 09:35:10 | 000,021,360 | ---- | M] (PC-Doctor, Inc.) [Kernel | On_Demand | Stopped] -- c:\Program Files\Fujitsu Hardware Diagnostics Tool\pcdsrvc.pkms -- (PCDSRVC{F819FCA4-67B3B36D-06020000}_0)
DRV - [2009/12/21 12:14:44 | 000,043,008 | ---- | M] (CSR, plc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BthAudioHF.sys -- (BthAudioHF)
DRV - [2009/12/18 00:00:00 | 000,209,920 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\IntcDAud.sys -- (IntcDAud) Intel(R)
DRV - [2009/12/04 13:34:00 | 001,161,760 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2009/10/26 14:39:04 | 000,125,696 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Impcd.sys -- (Impcd)
DRV - [2009/09/23 19:09:56 | 000,208,552 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\e1k6232.sys -- (e1kexpress) Intel(R)
DRV - [2009/09/21 18:29:22 | 000,014,120 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\wacomvhid.sys -- (wacomvhid)
DRV - [2009/09/17 14:54:14 | 000,041,088 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HECI.sys -- (HECI) Intel(R)
DRV - [2009/09/16 05:40:18 | 006,114,816 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw5s32.sys -- (NETw5s32) Intel(R)
DRV - [2009/09/05 09:44:24 | 003,487,104 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
DRV - [2009/08/27 18:09:54 | 000,018,816 | ---- | M] (Fujitsu America, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\FjBtnDrv.sys -- (Fjbtndrv)
DRV - [2009/08/24 17:32:02 | 000,036,648 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\wisdpen.sys -- (WISDPen)
DRV - [2009/08/21 08:41:24 | 000,028,000 | ---- | M] (CSR, plc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BthAvrcp.sys -- (BthAvrcp)
DRV - [2009/08/01 17:10:26 | 000,659,328 | ---- | M] (AuthenTec, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ATSwpWDF.sys -- (ATSwpWDF)
DRV - [2009/07/23 12:57:22 | 000,112,128 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbnet.sys -- (ewusbnet)
DRV - [2009/07/23 12:57:22 | 000,102,912 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2009/07/14 10:18:07 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV - [2009/07/14 09:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009/07/14 09:45:20 | 000,007,680 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\acpials.sys -- (acpials)
DRV - [2009/07/14 09:12:52 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tpm.sys -- (TPM)
DRV - [2009/07/14 08:02:46 | 001,096,704 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2009/07/03 10:51:00 | 000,044,064 | ---- | M] (O2Micro) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\o2sd.sys -- (O2SDRDR)
DRV - [2009/06/24 16:33:18 | 000,017,008 | ---- | M] (FUJITSU LIMITED) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\FBIOSDRV.sys -- (FBIOSDRV)
DRV - [2009/05/16 02:28:00 | 000,102,560 | ---- | M] (O2Micro) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ozscr.sys -- (O2SCBUS)
DRV - [2009/05/13 15:12:00 | 000,048,672 | ---- | M] (O2Micro ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\o2media.sys -- (O2MDRDR)
DRV - [2007/02/16 13:12:36 | 000,011,312 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\wacommousefilter.sys -- (wacommousefilter)
DRV - [2006/11/01 21:59:24 | 000,005,632 | ---- | M] (FUJITSU LIMITED) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\fuj02e3.sys -- (FUJ02E3)
DRV - [2006/11/01 21:20:28 | 000,005,888 | ---- | M] (FUJITSU LIMITED) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\fuj02b1.sys -- (FUJ02B1)
DRV - [2005/07/28 08:18:40 | 000,685,056 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\hardlock.sys -- (Hardlock)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={sea...putEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2790392

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://hk.fujitsu.com/pc
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.com.au/
IE - HKCU\..\URLSearchHook: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {9C7DDA60-0E41-435E-949D-DA109EBD1818}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={sea...putEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKCU\..\SearchScopes\{9C7DDA60-0E41-435E-949D-DA109EBD1818}: "URL" = http://www.google.com.au/search?q={...tIndex?}&startPage={startPage}&rlz=1I7SKPT_en
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2790392
IE - HKCU\..\SearchScopes\{B9B78123-528B-4709-B6DD-AAFE4B1AB0DB}: "URL" = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
IE - HKCU\..\SearchScopes\{D17DC837-53BF-4A40-BDE2-B84458D1567F}: "URL" = http://search.microsoft.com/results.aspx?mkt=en-US&setlang=en-US&q={searchTerms}
IE - HKCU\..\SearchScopes\{DCECA4D4-0C72-436E-8102-114F4E5D6443}: "URL" = http://www.facebook.com/search/?src=os&q={searchTerms}
IE - HKCU\..\SearchScopes\{F488FD25-2498-409C-AD48-E79D33B018E2}: "URL" = http://cnet.search.com/search?chkpt=astg.cnet.fd.search.cnet&q={searchTerms}&tag=srch
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF32_11_3_300_257.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_32: C:\windows\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/VirtualEarth3D,version=4.0: C:\Program Files\Virtual Earth 3D\ [2010/05/13 03:59:49 | 000,000,000 | ---D | M]
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/wpi,version=1.4: C:\Program Files\Microsoft\Web Platform Installer\\npwpidetector.dll ()
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/06/19 21:56:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/11/14 11:05:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/06/19 21:56:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/11/14 11:05:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/06/19 21:56:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/11/14 11:05:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/06/19 21:56:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/11/14 11:05:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/06/19 21:56:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/11/14 11:05:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/06/19 21:56:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/11/14 11:05:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/06/19 21:56:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/11/14 11:05:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/06/19 21:56:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/11/14 11:05:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/06/19 21:56:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/11/14 11:05:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/06/19 21:56:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/11/14 11:05:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/06/19 21:56:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/11/14 11:05:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/06/19 21:56:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/11/14 11:05:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/06/19 21:56:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/11/14 11:05:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/06/19 21:56:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/11/14 11:05:28 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/06/19 21:56:46 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/11/14 11:05:28 | 000,000,000 | ---D | M]

[2011/08/08 13:20:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\felicity\AppData\Roaming\Mozilla\Extensions
[2012/05/24 18:32:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\felicity\AppData\Roaming\Mozilla\Firefox\Profiles\a3mi51ou.default\extensions
[2012/05/24 18:32:07 | 000,000,000 | ---D | M] (Page Speed) -- C:\Users\felicity\AppData\Roaming\Mozilla\Firefox\Profiles\a3mi51ou.default\extensions\{e3f6c2cc-d8db-498c-af6c-499fb211db97}
[2012/06/28 16:12:02 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/06/28 16:14:01 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012/05/18 17:05:01 | 001,335,949 | ---- | M] () (No name found) -- C:\USERS\FELICITY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A3MI51OU.DEFAULT\EXTENSIONS\FIREBUG@SOFTWARE.JOEHEWITT.COM.XPI
[2012/06/19 21:56:45 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012/06/19 21:56:36 | 000,001,525 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-en-GB.xml
[2012/06/19 21:56:36 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/06/19 21:56:36 | 000,000,935 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\chambers-en-GB.xml
[2012/06/19 21:56:35 | 000,001,166 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-en-GB.xml
[2012/06/19 21:56:35 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml
[2012/06/19 21:56:35 | 000,001,121 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-en-GB.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{googleriginalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\19.0.1084.56\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Java Deployment Toolkit 6.0.210.7 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U21 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\19.0.1084.56\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\19.0.1084.56\pdf.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll
CHR - plugin: WPI Detector 1.4 (Enabled) = C:\Program Files\Microsoft\Web Platform Installer\\npwpidetector.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin

 

[Flick]

O1 HOSTS File: ([2011/12/30 15:03:19 | 000,000,608 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 practivate.adobe.com
O1 - Hosts: 127.0.0.1 ereg.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com
O1 - Hosts: 127.0.0.1 wip3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com
O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com
O1 - Hosts: 127.0.0.1 activate-sea.adobe.com
O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com
O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com
O1 - Hosts: 127.0.0.1 hl2rcv.adobe.com
O1 - Hosts: 127.0.0.1 adobeereg.com
O1 - Hosts: 192.168.0.3 METRIX01
O1 - Hosts: 192.168.0.7 METRIX03
O1 - Hosts: 192.168.0.8 METRIX08
O1 - Hosts: 192.168.0.4 METRIXHOST01
O2 - BHO: (Virtual Storage Mount Notification) - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\System32\CbFsMntNtf3.dll (EldoS Corporation)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {88C7F2AA-F93F-432C-8F0E-B7D85967A527} - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ATSwpNav] C:\Program Files\Fingerprint Sensor\ATSwpNav.exe (AuthenTec, Inc.)
O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [ConMgr] C:\Program Files\CSR\Bluetooth Feature Pack 5.0\ConMgr.exe (CSR, plc)
O4 - HKLM..\Run: [CSRFTP] C:\Program Files\CSR\Bluetooth Feature Pack 5.0\CSRBthFtpServer.exe (CSR, plc)
O4 - HKLM..\Run: [CSRSkype] C:\Program Files\CSR\Bluetooth Feature Pack 5.0\CSRSkype.exe (CSR, plc)
O4 - HKLM..\Run: [EPSON Stylus CX3700 Series] C:\windows\System32\spool\DRIVERS\W32X86\3\E_FATIACP.EXE (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [EPSON Stylus CX3700 Series (Copy 1)] C:\windows\System32\spool\DRIVERS\W32X86\3\E_FATIACP.EXE (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [FDM7] c:\Program Files\Fujitsu\FDM7\FdmDaemon.exe (FUJITSU LIMITED)
O4 - HKLM..\Run: [FJBATAID2] c:\Program Files\Fujitsu\BatteryAid2\BatteryDaemon.exe (FUJITSU LIMITED)
O4 - HKLM..\Run: [FjStrtAp] c:\Program Files\Fujitsu\Utils\FjStrtAp.exe (Fujitsu Computer Systems Corp.)
O4 - HKLM..\Run: [FJUPDNV_Chitose] C:\Program Files\Fujitsu\updnavi\updatenv.exe (FUJITSU LIMITED)
O4 - HKLM..\Run: [IMSS] C:\Program Files\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe ()
O4 - HKLM..\Run: [IndicatorUtility] C:\Program Files\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe (FUJITSU LIMITED)
O4 - HKLM..\Run: [LoadFUJ02E3] C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe (FUJITSU LIMITED)
O4 - HKLM..\Run: [MobileConnect] C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe (Vodafone)
O4 - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [OmniPass] C:\Program Files\Softex\OmniPass\scureapp.exe ()
O4 - HKLM..\Run: [PDVD8LanguageShortcut] c:\Program Files\CyberLink\PowerDVD8\Language\Language.exe (CyberLink Corp.)
O4 - HKLM..\Run: [PSUTility] c:\Program Files\Fujitsu\PSUtility\TrayManager.exe (FUJITSU LIMITED)
O4 - HKLM..\Run: [RemoteControl8] c:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [snp2uvc] C:\Windows\vsnp2uvc.exe (Sonix)
O4 - HKLM..\Run: [SNUVCDSM] C:\Windows\snuvcdsm.exe ()
O4 - HKLM..\Run: [SSUtility] c:\Program Files\Fujitsu\SSUtility\FJSSDMN.exe (FUJITSU LIMITED)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [UpdatePDRShortCut] c:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [YouCam Mirror Tray icon] c:\Program Files\CyberLink\YouCam\YouCamTray.exe (CyberLink Corp.)
O4 - HKCU..\Run: [AdobeBridge] File not found
O4 - HKCU..\Run: [SkyDrive] C:\Users\felicity\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation)
O4 - Startup: C:\Users\felicity\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {82774781-8F4E-11D1-AB1C-0000F8773BF0} https://transfers.ds.microsoft.com/FTM/TransferSource/grTransferCtrl.cab (DLC Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab (Java Plug-in 1.6.0_32)
O16 - DPF: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab (Java Plug-in 1.6.0_32)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab (Java Plug-in 1.6.0_32)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} https://secure.logmein.com/activex/RACtrl.cab (Performance Viewer Activex Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5513EB5A-47E8-40A2-9C47-B06CB3980939}: DhcpNameServer = 10.188.66.103 10.176.66.71
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{95F4649F-D051-400E-A4BC-55EF53143291}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DA1C4C54-BFD0-41AF-89DB-D5638673C48C}: DhcpNameServer = 192.168.0.3
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\System32\CbFsMntNtf3.dll (EldoS Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O22 - SharedTaskScheduler: {5FF49FE8-B332-4CB9-B102-FB6951629E55} - Virtual Storage Mount Notification - C:\Windows\System32\CbFsMntNtf3.dll (EldoS Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/11 07:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{96013fb8-bc1b-11e1-b766-002258c7044b}\Shell - "" = AutoRun
O33 - MountPoints2\{96013fb8-bc1b-11e1-b766-002258c7044b}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{96014045-bc1b-11e1-b766-002258c7044b}\Shell - "" = AutoRun
O33 - MountPoints2\{96014045-bc1b-11e1-b766-002258c7044b}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)


SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: MsMpSvc - Service
SafeBootMin: NTDS - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: WinDefend - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Microsoft VM
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /I:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /I:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.tscc - C:\Windows\System32\tsccvid.dll (TechSmith Corporation)

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: Sharedaccess - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: wuauserv - File not found
NetSvcs: BITS - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2012/07/11 06:09:41 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Users\felicity\Desktop\OTL.exe
[2012/07/11 02:12:27 | 000,607,260 | R--- | C] (Swearware) -- C:\Users\felicity\Desktop\dds.scr
[2012/07/11 02:07:13 | 000,000,000 | R--D | C] -- C:\Users\felicity\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 8
[2012/07/10 22:41:06 | 000,000,000 | ---D | C] -- C:\Users\felicity\AppData\Roaming\Malwarebytes
[2012/07/10 22:41:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/07/10 22:41:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/07/10 22:40:59 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbam.sys
[2012/07/10 22:40:59 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012/07/10 20:52:18 | 000,000,000 | -HSD | C] -- C:\windows\System32\%APPDATA%
[2012/07/10 20:47:59 | 000,000,000 | ---D | C] -- C:\ProgramData\B7E8586B002E144B5A2EBD38B4EB238B
[2012/07/03 16:07:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vodafone
[2012/07/03 16:07:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Vodafone
[2012/07/03 16:07:42 | 000,000,000 | ---D | C] -- C:\ProgramData\FLEXnet
[2012/07/03 16:07:41 | 000,000,000 | ---D | C] -- C:\Program Files\Vodafone
[2012/06/30 20:21:55 | 000,000,000 | ---D | C] -- C:\Users\felicity\Desktop\Our Wedding
[2012/06/27 14:19:30 | 000,000,000 | ---D | C] -- C:\Users\felicity\Desktop\Fonts
[2012/06/22 08:55:34 | 000,045,080 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wups2.dll
[2012/06/22 08:55:33 | 002,422,272 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wucltux.dll
[2012/06/22 08:55:10 | 000,577,048 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wuapi.dll
[2012/06/22 08:55:10 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wudriver.dll
[2012/06/22 08:55:10 | 000,035,864 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wups.dll
[2012/06/22 08:54:50 | 000,171,904 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wuwebv.dll
[2012/06/22 08:54:50 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wuapp.exe
[2012/06/22 05:25:41 | 000,000,000 | ---D | C] -- C:\Users\felicity\AppData\Local\{A3A95EF1-12B5-41BF-AB29-DDE0FAA574CA}
[2012/06/22 05:25:29 | 000,000,000 | ---D | C] -- C:\Users\felicity\AppData\Local\{610649E7-9FD2-4E62-945D-3B5B28BD8FB0}
[2012/06/21 17:24:48 | 000,000,000 | ---D | C] -- C:\Users\felicity\AppData\Local\{3F2C02A0-4976-4CBB-BA1A-F7DA30B0BE9E}
[2012/06/21 17:24:30 | 000,000,000 | ---D | C] -- C:\Users\felicity\AppData\Local\{94CE7374-26AE-4783-AD37-37FFC588781B}
[2012/06/20 13:08:51 | 000,000,000 | ---D | C] -- C:\Users\felicity\AppData\Local\Macromedia
[2012/06/14 17:34:01 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mshtml.tlb
[2012/06/14 17:33:59 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ieui.dll
[2012/06/14 17:33:59 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ieUnatt.exe
[2012/06/14 17:33:59 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\jsproxy.dll
[2012/06/14 17:33:58 | 001,800,192 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\jscript9.dll
[2012/06/14 17:33:58 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\url.dll
[2012/06/14 17:33:57 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\inetcpl.cpl
[2012/06/14 10:45:02 | 002,343,936 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\win32k.sys
[2012/06/14 10:45:00 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\rdpcorekmts.dll
[2012/06/14 10:45:00 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\rdpwsx.dll
[2012/06/14 10:45:00 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\rdrmemptylst.exe

========== Files - Modified Within 30 Days ==========

[2012/07/11 06:10:02 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\felicity\Desktop\OTL.exe
[2012/07/11 06:08:19 | 000,000,890 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/07/11 06:08:06 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2012/07/11 02:14:15 | 000,017,856 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/07/11 02:14:15 | 000,017,856 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/07/11 02:12:58 | 000,713,574 | ---- | M] () -- C:\windows\System32\perfh009.dat
[2012/07/11 02:12:58 | 000,138,790 | ---- | M] () -- C:\windows\System32\perfc009.dat
[2012/07/11 02:12:33 | 000,607,260 | R--- | M] (Swearware) -- C:\Users\felicity\Desktop\dds.scr
[2012/07/11 02:07:11 | 000,000,886 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/07/11 02:06:59 | 008,405,015 | ---- | M] () -- C:\windows\TempFile
[2012/07/11 02:06:23 | 2355,695,616 | -HS- | M] () -- C:\hiberfil.sys
[2012/07/11 00:08:46 | 000,302,592 | ---- | M] () -- C:\Users\felicity\Desktop\sxt2dw2k.exe
[2012/07/10 22:41:01 | 000,001,071 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/07/10 22:33:38 | 417,902,705 | ---- | M] () -- C:\windows\MEMORY.DMP
[2012/07/10 20:58:30 | 000,655,360 | ---- | M] () -- C:\windows\System32\Ikeext.etl
[2012/07/10 20:49:29 | 000,000,419 | ---- | M] () -- C:\windows\BRWMARK.INI
[2012/07/10 20:49:26 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\System32\FlashPlayerApp.exe
[2012/07/10 20:49:25 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\System32\FlashPlayerCPLApp.cpl
[2012/07/10 13:42:40 | 000,001,266 | ---- | M] () -- C:\Users\felicity\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk
[2012/07/09 14:58:21 | 000,001,456 | ---- | M] () -- C:\Users\felicity\AppData\Local\Adobe Save for Web 12.0 Prefs
[2012/07/09 10:36:39 | 000,923,708 | ---- | M] () -- C:\Users\felicity\Desktop\AmericanTypewriter.ttc
[2012/07/06 15:39:23 | 000,042,222 | ---- | M] () -- C:\Users\felicity\Desktop\metrix-operations.jpg
[2012/07/06 13:30:24 | 000,381,870 | ---- | M] () -- C:\Users\felicity\Desktop\Lavender-Oil-Brochure.pdf
[2012/07/03 16:16:25 | 003,816,280 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT
[2012/07/02 11:37:51 | 000,000,600 | ---- | M] () -- C:\Users\felicity\AppData\Local\PUTTY.RND
[2012/06/27 14:15:18 | 000,532,364 | ---- | M] () -- C:\Users\felicity\Desktop\AmericanTypewriter.dfont
[2012/06/22 11:19:20 | 000,008,704 | ---- | M] () -- C:\Users\felicity\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/06/20 05:41:27 | 000,000,540 | ---- | M] () -- C:\windows\tasks\PCDoctorBackgroundMonitorTask.job
[2012/06/14 17:30:25 | 002,158,136 | ---- | M] () -- C:\Users\felicity\Desktop\Optimized-Content-Marketing-Strategy-Guide.pdf

========== Files Created - No Company Name ==========

[2012/07/11 02:07:52 | 000,302,592 | ---- | C] () -- C:\Users\felicity\Desktop\sxt2dw2k.exe
[2012/07/11 02:07:21 | 000,018,944 | ---- | C] () -- C:\windows\Installer\{540b8e83-9192-4312-6da2-8409d0744685}\U\800000cb.@
[2012/07/10 22:41:01 | 000,001,071 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/07/10 22:33:38 | 417,902,705 | ---- | C] () -- C:\windows\MEMORY.DMP
[2012/07/10 22:03:49 | 000,013,312 | ---- | C] () -- C:\Users\felicity\AppData\Local\{540b8e83-9192-4312-6da2-8409d0744685}\U\80000000.@
[2012/07/10 22:03:48 | 000,001,696 | ---- | C] () -- C:\Users\felicity\AppData\Local\{540b8e83-9192-4312-6da2-8409d0744685}\U\00000001.@
[2012/07/10 20:48:55 | 000,013,312 | ---- | C] () -- C:\windows\Installer\{540b8e83-9192-4312-6da2-8409d0744685}\U\80000000.@
[2012/07/10 20:48:54 | 000,001,696 | ---- | C] () -- C:\windows\Installer\{540b8e83-9192-4312-6da2-8409d0744685}\U\00000001.@
[2012/07/09 10:36:39 | 000,923,708 | ---- | C] () -- C:\Users\felicity\Desktop\AmericanTypewriter.ttc
[2012/07/06 15:39:17 | 000,042,222 | ---- | C] () -- C:\Users\felicity\Desktop\metrix-operations.jpg
[2012/07/06 13:30:24 | 000,381,870 | ---- | C] () -- C:\Users\felicity\Desktop\Lavender-Oil-Brochure.pdf
[2012/06/27 14:15:18 | 000,532,364 | ---- | C] () -- C:\Users\felicity\Desktop\AmericanTypewriter.dfont
[2012/06/14 17:30:25 | 002,158,136 | ---- | C] () -- C:\Users\felicity\Desktop\Optimized-Content-Marketing-Strategy-Guide.pdf
[2012/04/30 20:53:27 | 000,000,419 | ---- | C] () -- C:\windows\BRWMARK.INI
[2012/03/28 15:50:49 | 000,000,132 | ---- | C] () -- C:\Users\felicity\AppData\Roaming\Adobe GIF Format CS5 Prefs
[2012/03/05 16:51:12 | 000,000,132 | ---- | C] () -- C:\Users\felicity\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2012/01/12 11:10:54 | 000,002,048 | -HS- | C] () -- C:\windows\Installer\{540b8e83-9192-4312-6da2-8409d0744685}\@
[2012/01/12 11:10:54 | 000,002,048 | -HS- | C] () -- C:\Users\felicity\AppData\Local\{540b8e83-9192-4312-6da2-8409d0744685}\@
[2011/08/24 11:02:32 | 000,000,600 | ---- | C] () -- C:\Users\felicity\AppData\Roaming\PUTTY.RND
[2011/06/06 15:44:05 | 000,008,704 | ---- | C] () -- C:\Users\felicity\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/05/24 12:47:00 | 000,003,540 | ---- | C] () -- C:\Users\felicity\AppData\Roaming\FjMenu1.XML
[2011/05/19 16:27:41 | 000,004,096 | -H-- | C] () -- C:\Users\felicity\AppData\Local\keyfile3.drm
[2011/04/18 20:10:17 | 000,066,048 | ---- | C] () -- C:\windows\System32\PrintBrmUi.exe
[2011/01/09 14:46:27 | 000,009,379 | ---- | C] () -- C:\Users\felicity\AppData\Roaming\Comma Separated Values (Windows).EML
[2010/10/12 11:35:46 | 000,000,126 | ---- | C] () -- C:\windows\mdm.ini
[2010/10/12 11:35:20 | 000,000,535 | ---- | C] () -- C:\windows\ODBCINST.INI
[2010/09/10 22:07:25 | 000,001,456 | ---- | C] () -- C:\Users\felicity\AppData\Local\Adobe Save for Web 12.0 Prefs
[2010/09/10 17:11:20 | 000,000,056 | -H-- | C] () -- C:\windows\System32\ezsidmv.dat
[2010/09/09 14:33:15 | 000,000,600 | ---- | C] () -- C:\Users\felicity\AppData\Local\PUTTY.RND
[2010/07/16 10:49:29 | 000,000,476 | ---- | C] () -- C:\windows\ODBC.INI

========== Custom Scans ==========

< %AppData%\Roaming\Mozilla\Firefox\Profiles\*.default\extensions\ /s /md5 >

< %AppData%\Local\ >

< %systemroot%\system32\sysprep >

< *.xpi /md5 >

< %systemroot%\Downloaded Program Files\ >

< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile >

< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2012/06/19 21:56:35 | 000,867,064 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2012/06/19 21:56:35 | 000,867,064 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2012/06/19 21:56:35 | 000,867,064 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2012/06/19 21:56:43 | 000,913,888 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2012/06/19 21:56:43 | 000,913,888 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2012/06/19 21:56:43 | 000,913,888 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --show-icons [2012/06/28 20:28:57 | 001,250,328 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --hide-icons [2012/06/28 20:28:57 | 001,250,328 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --make-default-browser [2012/06/28 20:28:57 | 001,250,328 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Program Files\Google\Chrome\Application\chrome.exe" [2012/06/28 20:28:57 | 001,250,328 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\System32\ie4uinit.exe" -show [2011/04/18 20:18:32 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\System32\ie4uinit.exe" -reinstall [2011/04/18 20:18:32 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\System32\ie4uinit.exe" -hide [2011/04/18 20:18:32 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2012/05/18 09:21:54 | 000,748,664 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2012/05/18 09:21:54 | 000,748,664 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ReinstallCommand: "C:\Program Files\Safari\Safari.exe" /reinstall [2011/11/10 16:19:40 | 002,388,848 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\HideIconsCommand: "C:\Program Files\Safari\Safari.exe" /hideicons [2011/11/10 16:19:40 | 002,388,848 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ShowIconsCommand: "C:\Program Files\Safari\Safari.exe" /showicons [2011/11/10 16:19:40 | 002,388,848 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\shell\open\command\\: "C:\Program Files\Safari\Safari.exe" [2011/11/10 16:19:40 | 002,388,848 | ---- | M] (Apple Inc.)

< hklm\software\clients\startmenuinternet|command /64 /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2012/06/19 21:56:35 | 000,867,064 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2012/06/19 21:56:35 | 000,867,064 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2012/06/19 21:56:35 | 000,867,064 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2012/06/19 21:56:43 | 000,913,888 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2012/06/19 21:56:43 | 000,913,888 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2012/06/19 21:56:43 | 000,913,888 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --show-icons [2012/06/28 20:28:57 | 001,250,328 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --hide-icons [2012/06/28 20:28:57 | 001,250,328 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --make-default-browser [2012/06/28 20:28:57 | 001,250,328 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Program Files\Google\Chrome\Application\chrome.exe" [2012/06/28 20:28:57 | 001,250,328 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\System32\ie4uinit.exe" -show [2011/04/18 20:18:32 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\System32\ie4uinit.exe" -reinstall [2011/04/18 20:18:32 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\System32\ie4uinit.exe" -hide [2011/04/18 20:18:32 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2012/05/18 09:21:54 | 000,748,664 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2012/05/18 09:21:54 | 000,748,664 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ReinstallCommand: "C:\Program Files\Safari\Safari.exe" /reinstall [2011/11/10 16:19:40 | 002,388,848 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\HideIconsCommand: "C:\Program Files\Safari\Safari.exe" /hideicons [2011/11/10 16:19:40 | 002,388,848 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ShowIconsCommand: "C:\Program Files\Safari\Safari.exe" /showicons [2011/11/10 16:19:40 | 002,388,848 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\shell\open\command\\: "C:\Program Files\Safari\Safari.exe" [2011/11/10 16:19:40 | 002,388,848 | ---- | M] (Apple Inc.)

 

[Flick]

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\system32\drivers\*.sys /90 >
[2012/04/28 13:17:07 | 000,183,808 | ---- | M] (Microsoft Corporation) -- C:\windows\system32\drivers\rdpwd.sys

< %systemroot%\System32\config\*.sav >

< %SYSTEMDRIVE%\*.exe /md5 >

< "%WinDir%\$NtUninstallKB*$." /30 >

< %systemdrive%\Program Files\Common Files\ComObjects\*.* /s >

< %systemroot%\*. /mp /s >

< %systemroot%\*. /rp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %USERPROFILE%\AppData\Local\Google\Chrome\User Data\*.* /s >
[2012/06/22 21:55:25 | 000,201,355 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Certificate Revocation Lists
[2012/06/22 21:59:51 | 000,000,004 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\chrome_shutdown_ms.txt
[2011/03/15 12:41:04 | 000,000,000 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\First Run
[2012/06/22 21:59:51 | 000,011,437 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Local State
[2012/06/22 21:52:20 | 003,295,840 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Safe Browsing Bloom
[2012/06/22 21:52:21 | 001,039,247 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Safe Browsing Bloom Filter 2
[2012/06/22 21:49:29 | 000,006,144 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Safe Browsing Cookies
[2012/06/22 21:49:29 | 000,001,544 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Safe Browsing Cookies-journal
[2012/06/22 21:52:21 | 000,134,356 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Safe Browsing Csd Whitelist
[2012/06/22 21:52:19 | 003,448,412 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Safe Browsing Download
[2012/06/22 21:52:21 | 000,015,912 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Safe Browsing Download Whitelist
[2012/06/22 21:59:51 | 000,360,448 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Archived History
[2012/06/22 21:59:51 | 000,016,384 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Archived History-journal
[2010/07/07 12:38:28 | 000,012,314 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Bookmarks
[2010/07/07 12:38:28 | 000,012,314 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Bookmarks.bak
[2012/06/22 21:49:53 | 000,051,200 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cookies
[2012/06/22 21:49:53 | 000,014,960 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cookies-journal
[2012/06/22 21:59:51 | 000,035,971 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Current Session
[2012/06/22 21:59:51 | 000,009,033 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Current Tabs
[2010/07/07 12:38:29 | 000,006,144 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Extension Cookies
[2012/06/22 21:49:55 | 000,034,816 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Favicons
[2012/06/22 21:49:55 | 000,010,792 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Favicons-journal
[2012/06/22 21:49:20 | 000,150,798 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Google Profile.ico
[2012/06/22 21:59:51 | 000,425,984 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\History
[2012/06/22 21:49:55 | 000,520,192 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\History Index 2011-11
[2012/06/22 21:49:55 | 000,016,384 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\History Index 2011-11-journal
[2012/06/22 21:59:51 | 000,217,088 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\History Index 2012-01
[2012/06/22 21:59:51 | 000,016,384 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\History Index 2012-01-journal
[2012/06/22 21:59:51 | 000,036,864 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\History Index 2012-03
[2012/06/22 21:59:51 | 000,016,384 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\History Index 2012-03-journal
[2012/06/22 21:59:51 | 000,081,920 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\History Index 2012-06
[2012/06/22 21:59:51 | 000,016,384 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\History Index 2012-06-journal
[2012/06/22 21:59:51 | 000,005,254 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\History Provider Cache
[2012/06/22 21:59:51 | 000,016,384 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\History-journal
[2012/03/05 14:20:17 | 000,009,019 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Last Session
[2012/03/05 14:20:17 | 000,008,205 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Last Tabs
[2011/11/24 16:52:54 | 000,012,288 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Login Data
[2012/06/22 21:49:43 | 000,030,720 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Network Action Predictor
[2012/06/22 21:49:43 | 000,016,384 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Network Action Predictor-journal
[2012/06/28 16:12:00 | 000,035,498 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Preferences
[2012/06/22 21:50:19 | 000,000,180 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\README
[2012/06/22 21:49:43 | 000,012,288 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Shortcuts
[2012/06/22 21:49:43 | 000,012,824 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Shortcuts-journal
[2012/06/22 21:49:36 | 000,069,632 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Top Sites
[2012/06/22 21:49:36 | 000,016,384 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Top Sites-journal
[2012/06/22 21:59:51 | 000,131,072 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Visited Links
[2012/06/22 21:49:23 | 000,081,920 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Web Data
[2012/06/22 21:49:23 | 000,012,848 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal
[2012/06/22 21:59:51 | 000,155,648 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\data_0
[2012/06/22 21:59:51 | 003,153,920 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\data_1
[2012/06/22 21:59:51 | 003,153,920 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\data_2
[2012/06/22 21:59:51 | 008,396,800 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\data_3
[2010/07/07 12:39:51 | 000,025,086 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000001
[2010/07/07 12:39:51 | 000,028,736 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000002
[2010/07/07 12:39:51 | 000,016,429 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000003
[2010/07/07 12:39:51 | 000,022,775 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000004
[2010/07/07 12:39:54 | 000,146,444 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000005
[2010/07/07 12:40:04 | 000,022,380 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000006
[2010/07/07 12:40:05 | 000,017,193 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000007
[2010/07/07 12:40:05 | 000,021,450 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000008
[2010/07/07 12:40:05 | 000,102,009 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000009
[2010/07/07 12:40:05 | 000,060,539 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00000a
[2010/07/07 12:40:09 | 000,027,167 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00000b
[2010/07/07 12:40:10 | 000,031,560 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00000c
[2010/07/07 12:40:10 | 000,041,808 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00000d
[2010/07/07 12:40:11 | 000,028,861 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00000e
[2010/07/07 12:40:11 | 000,022,876 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00000f
[2010/07/07 12:40:13 | 000,017,438 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000011
[2010/07/07 13:09:24 | 000,026,781 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000012
[2010/07/07 13:09:24 | 000,096,657 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000013
[2010/07/07 13:09:24 | 000,072,174 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000014
[2010/07/07 13:09:24 | 000,024,329 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000015
[2010/07/07 13:09:25 | 000,024,329 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000016
[2010/07/07 13:09:27 | 000,024,506 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000017
[2010/07/07 13:09:27 | 000,021,510 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000018
[2010/07/07 13:09:27 | 000,024,298 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000019
[2010/07/07 13:09:27 | 000,022,966 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00001a
[2010/07/07 13:09:27 | 000,071,142 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00001b
[2010/07/07 13:09:27 | 000,022,095 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00001c
[2010/07/07 13:09:27 | 000,024,077 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00001d
[2010/07/07 13:09:27 | 000,021,151 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00001e
[2010/07/07 13:09:27 | 000,019,288 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00001f
[2010/07/07 13:09:27 | 000,024,364 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000020
[2010/07/07 13:09:34 | 000,096,657 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000021
[2010/07/07 13:09:34 | 000,072,174 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000022
[2010/07/07 13:09:34 | 000,024,329 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000023
[2010/07/07 13:09:47 | 000,548,874 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000024
[2010/07/07 13:09:58 | 000,096,657 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000025
[2010/07/07 13:09:58 | 000,020,583 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000026
[2010/07/07 13:09:58 | 000,034,277 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000027
[2010/07/07 13:10:12 | 000,028,756 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000028
[2010/07/07 13:10:12 | 000,096,657 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000029
[2010/07/07 13:10:20 | 000,019,357 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00002a
[2010/07/07 13:10:30 | 000,065,365 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00002b
[2010/07/07 13:10:40 | 000,032,257 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00002c
[2010/07/07 13:10:50 | 000,114,780 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00002d
[2010/07/07 13:11:00 | 000,027,604 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00002e
[2010/07/07 13:13:20 | 000,018,810 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00002f
[2010/07/07 13:13:20 | 000,022,149 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000030
[2010/07/07 13:13:20 | 000,027,783 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000031
[2010/07/07 13:35:49 | 000,028,950 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000032
[2010/07/09 09:33:43 | 000,025,099 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000033
[2010/07/09 09:34:00 | 000,102,445 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000034
[2010/07/09 09:34:00 | 000,047,428 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000035
[2010/07/09 09:34:00 | 000,029,611 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000036
[2010/07/09 09:34:00 | 000,678,170 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000037
[2010/07/09 09:34:09 | 000,038,542 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000038
[2010/07/09 09:34:09 | 000,031,695 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000039
[2010/07/09 09:34:09 | 000,018,524 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00003a
[2010/07/09 09:34:09 | 000,025,146 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00003b
[2010/07/09 09:34:10 | 000,019,055 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00003c
[2010/07/09 09:34:10 | 000,016,526 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00003d
[2010/07/09 09:34:11 | 000,027,419 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00003e
[2010/07/09 09:35:37 | 000,058,746 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00003f
[2010/07/09 09:35:37 | 000,064,129 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000040
[2010/07/09 09:35:37 | 000,055,976 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000041
[2010/07/09 09:35:38 | 000,049,038 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000042
[2010/07/09 09:35:38 | 000,059,711 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000043
[2010/07/09 09:35:38 | 000,062,527 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000044
[2010/07/09 09:35:37 | 000,063,238 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000045
[2010/07/09 09:35:38 | 000,054,953 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000046
[2010/07/09 09:35:38 | 000,055,826 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000047
[2010/07/09 09:35:38 | 000,020,665 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000048
[2010/07/09 09:37:11 | 000,039,834 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000049
[2010/07/09 09:37:31 | 000,021,160 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00004a
[2010/07/09 09:37:31 | 000,016,534 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00004b
[2010/07/09 09:37:31 | 000,020,206 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00004c
[2010/07/09 09:37:33 | 000,031,312 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00004d
[2010/07/09 09:37:43 | 000,020,462 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00004e
[2010/07/09 09:38:08 | 000,019,763 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00004f
[2010/07/09 09:38:09 | 000,046,142 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000050
[2010/07/09 09:38:09 | 000,016,591 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000051
[2010/07/09 09:38:11 | 000,093,009 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000052
[2010/07/09 09:38:13 | 000,048,526 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000053
[2010/07/09 09:38:13 | 000,030,092 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000054
[2010/07/09 09:38:14 | 000,579,432 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000055
[2010/07/09 09:38:18 | 000,053,083 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000056
[2010/07/09 09:38:19 | 000,021,089 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000057
[2010/07/09 09:40:17 | 000,023,586 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000058
[2010/07/09 09:40:22 | 000,029,984 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000059
[2010/07/09 09:41:05 | 000,028,762 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00005a
[2010/07/09 09:41:10 | 000,020,469 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00005b
[2010/07/09 09:41:14 | 000,040,262 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00005c
[2010/07/09 09:41:14 | 000,089,949 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00005d
[2010/07/09 09:41:15 | 000,020,038 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00005e
[2010/07/09 09:41:17 | 000,020,517 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00005f
[2010/07/09 09:41:18 | 000,018,280 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000060
[2010/07/09 09:41:21 | 000,020,414 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000062
[2010/07/09 09:41:21 | 000,079,402 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000063
[2010/07/09 09:41:22 | 000,166,558 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000064
[2010/07/09 09:41:23 | 000,025,071 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000065
[2010/07/09 09:41:23 | 000,021,474 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000066
[2010/07/09 09:41:23 | 000,034,372 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000067
[2010/07/09 09:41:23 | 000,019,377 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000068
[2010/07/09 09:41:23 | 000,027,538 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000069
[2010/07/09 09:41:23 | 000,020,216 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00006a
[2010/07/09 09:41:24 | 000,031,238 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00006b
[2010/07/09 09:41:24 | 000,254,131 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00006c
[2010/07/09 09:41:25 | 000,141,206 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00006d
[2010/07/09 09:41:25 | 000,026,038 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00006e
[2010/07/09 09:41:25 | 000,025,705 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00006f
[2010/07/09 09:41:25 | 000,019,875 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000070
[2010/07/09 09:41:25 | 000,024,603 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000071
[2010/07/09 09:41:26 | 000,073,295 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000072
[2010/07/09 09:41:26 | 000,031,180 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000073
[2010/07/09 09:41:27 | 000,037,568 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000074
[2010/07/09 09:41:28 | 000,052,173 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000075
[2010/07/09 09:41:29 | 000,076,605 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000076

 

[Flick]

[2011/03/15 12:41:18 | 000,026,348 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000077
[2011/03/15 12:41:25 | 000,035,485 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000078
[2011/03/15 12:41:25 | 000,048,971 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000079
[2011/03/15 12:41:25 | 000,149,542 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00007a
[2011/10/19 16:53:22 | 000,102,970 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00007b
[2011/10/19 16:53:23 | 000,031,972 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00007c
[2011/10/19 21:59:35 | 000,027,118 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00007d
[2011/10/19 21:59:36 | 000,026,751 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00007e
[2011/10/19 21:59:36 | 000,147,615 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00007f
[2011/10/19 21:59:36 | 000,082,353 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000080
[2011/10/19 21:59:36 | 000,101,241 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000081
[2011/10/19 21:59:36 | 000,061,990 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000082
[2011/10/19 21:59:36 | 000,082,915 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000083
[2011/10/19 21:59:37 | 000,075,378 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000084
[2011/10/19 21:59:37 | 000,084,216 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000086
[2011/10/19 21:59:37 | 000,081,170 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000087
[2011/10/19 21:59:37 | 000,125,195 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000088
[2011/10/19 21:59:37 | 000,124,672 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000089
[2011/10/19 21:59:37 | 000,092,662 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00008a
[2011/10/19 21:59:37 | 000,066,865 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00008b
[2011/10/19 21:59:37 | 000,080,688 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00008c
[2011/10/19 21:59:37 | 000,115,186 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00008d
[2011/10/19 21:59:37 | 000,056,330 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00008e
[2011/10/19 21:59:37 | 000,085,382 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00008f
[2011/10/19 21:59:37 | 000,075,184 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000090
[2011/10/19 21:59:37 | 000,076,058 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000091
[2011/10/19 21:59:37 | 000,071,671 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000092
[2011/10/19 21:59:37 | 000,072,194 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000093
[2011/10/19 21:59:37 | 000,129,179 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000094
[2011/10/19 21:59:37 | 000,024,693 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000095
[2011/10/19 21:59:37 | 000,113,166 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000096
[2011/10/19 21:59:38 | 000,089,727 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000097
[2011/10/19 21:59:38 | 000,165,186 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000098
[2011/10/19 21:59:38 | 000,137,383 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000099
[2011/10/19 21:59:38 | 000,069,440 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00009a
[2011/10/19 21:59:38 | 000,122,776 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00009b
[2011/10/19 21:59:38 | 000,074,221 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00009c
[2011/10/19 21:59:38 | 000,099,679 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00009d
[2011/10/19 21:59:38 | 000,118,126 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00009e
[2011/10/19 21:59:38 | 000,109,356 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00009f
[2011/10/19 21:59:38 | 000,099,705 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000a0
[2011/10/19 21:59:38 | 000,140,052 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000a1
[2011/10/19 21:59:38 | 000,018,941 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000a2
[2011/10/19 21:59:38 | 000,098,279 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000a3
[2011/10/19 21:59:38 | 000,128,796 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000a4
[2011/10/19 21:59:39 | 000,095,114 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000a5
[2011/10/19 21:59:39 | 000,023,047 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000a6
[2011/10/19 21:59:39 | 000,089,860 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000a7
[2011/10/19 21:59:39 | 000,055,124 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000a8
[2011/10/19 21:59:39 | 000,083,355 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000a9
[2011/10/19 21:59:39 | 000,121,127 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000aa
[2011/10/19 21:59:39 | 000,141,603 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000ab
[2011/10/19 21:59:39 | 000,075,952 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000ac
[2011/10/19 21:59:39 | 000,091,914 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000ad
[2011/10/19 21:59:39 | 000,089,288 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000ae
[2011/10/19 21:59:39 | 000,092,433 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000af
[2011/10/19 21:59:39 | 000,076,036 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000b0
[2011/10/19 21:59:39 | 000,090,576 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000b1
[2011/10/19 21:59:39 | 000,071,630 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000b2
[2011/10/19 21:59:40 | 000,174,275 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000b3
[2011/10/19 21:59:40 | 000,171,573 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000b4
[2011/10/19 21:59:40 | 000,170,467 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000b5
[2011/10/19 21:59:40 | 000,098,607 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000b6
[2011/10/19 21:59:40 | 000,125,155 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000b7
[2011/10/19 21:59:40 | 000,136,115 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000b8
[2011/10/19 21:59:40 | 000,101,317 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000b9
[2011/10/19 21:59:40 | 000,151,106 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000ba
[2011/10/19 21:59:40 | 000,130,690 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000bb
[2011/10/19 21:59:40 | 000,118,569 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000bc
[2011/10/19 21:59:40 | 000,106,211 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000bd
[2011/10/19 21:59:40 | 000,141,669 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000be
[2011/10/19 21:59:40 | 000,094,409 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000bf
[2011/10/19 21:59:41 | 000,103,166 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000c0
[2011/10/19 21:59:41 | 000,089,412 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000c1
[2011/10/19 21:59:41 | 000,103,189 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000c2
[2011/10/19 21:59:41 | 000,098,686 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000c3
[2011/10/19 21:59:41 | 000,143,446 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000c4
[2011/10/19 21:59:41 | 000,132,838 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000c5
[2011/10/19 21:59:41 | 000,155,601 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000c6
[2011/10/19 21:59:41 | 000,119,614 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000c7
[2011/10/19 21:59:41 | 000,116,308 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000c8
[2011/10/19 21:59:41 | 000,102,125 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000c9
[2011/10/19 21:59:41 | 000,108,878 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000ca
[2011/10/19 21:59:41 | 000,157,202 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000cb
[2011/10/19 21:59:41 | 000,102,467 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000cc
[2011/10/19 21:59:42 | 000,146,337 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000cd
[2011/10/19 21:59:42 | 000,072,096 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000ce
[2011/10/19 21:59:42 | 000,102,997 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000cf
[2011/10/19 21:59:42 | 000,120,642 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000d0
[2011/10/19 21:59:42 | 000,105,616 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000d1
[2011/10/19 21:59:42 | 000,171,512 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000d2
[2011/10/19 21:59:42 | 000,115,285 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000d3
[2011/10/19 21:59:42 | 000,105,273 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000d4
[2011/10/19 21:59:42 | 000,107,870 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000d5
[2011/10/19 21:59:42 | 000,125,062 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000d6
[2011/10/19 21:59:42 | 000,116,073 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000d7
[2011/10/19 21:59:42 | 000,018,175 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000d8
[2011/10/19 21:59:42 | 000,024,029 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000d9
[2011/10/19 21:59:42 | 000,018,958 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000da
[2011/10/19 21:59:42 | 000,034,363 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000db
[2011/10/19 21:59:42 | 000,017,289 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000dc
[2011/10/19 21:59:42 | 000,017,316 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000dd
[2011/10/19 21:59:43 | 000,018,540 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000de
[2011/10/19 21:59:43 | 000,018,175 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000e0
[2011/10/19 21:59:43 | 000,023,550 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000e1
[2011/10/19 21:59:43 | 000,020,211 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000e2
[2011/10/19 21:59:43 | 000,021,339 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000e3
[2011/10/19 21:59:43 | 000,142,542 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000e4
[2011/10/19 21:59:43 | 000,017,685 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000e5
[2011/10/19 21:59:43 | 000,020,998 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000e6
[2011/10/19 21:59:43 | 000,018,193 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000e7
[2011/10/19 21:59:43 | 000,020,430 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000e8
[2011/10/19 21:59:43 | 000,019,624 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000e9
[2011/10/19 21:59:43 | 000,016,420 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000ea
[2011/10/19 21:59:43 | 000,251,819 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000eb
[2011/10/19 21:59:43 | 000,020,354 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000ec
[2011/10/19 21:59:43 | 000,031,608 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000ed
[2011/10/19 21:59:43 | 000,395,971 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000ee
[2011/10/19 21:59:44 | 000,051,823 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000ef
[2011/10/19 22:20:17 | 000,016,654 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000f0
[2011/10/19 22:20:17 | 000,027,118 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000f1
[2011/10/19 22:20:17 | 000,026,755 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000f3
[2011/10/19 22:20:18 | 000,160,784 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000f4
[2011/10/19 22:20:18 | 000,082,353 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000f5
[2011/10/19 22:20:18 | 000,069,248 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000f6
[2011/10/19 22:20:18 | 000,108,262 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000f7
[2011/10/19 22:20:18 | 000,078,883 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000f8
[2011/10/19 22:20:18 | 000,099,531 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000f9
[2011/10/19 22:20:18 | 000,099,636 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000fa
[2011/10/19 22:20:19 | 000,087,897 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000fb
[2011/10/19 22:20:19 | 000,109,799 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000fc
[2011/10/19 22:20:19 | 000,079,725 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000fd
[2011/10/19 22:20:19 | 000,083,447 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000fe
[2011/10/19 22:20:19 | 000,085,385 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000ff
[2011/10/19 22:20:19 | 000,071,340 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000100
[2011/10/19 22:20:19 | 000,256,776 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000101
[2011/10/19 22:20:19 | 000,081,258 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000102
[2011/10/19 22:20:19 | 000,073,340 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000103
[2011/10/19 22:20:19 | 000,106,336 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000104
[2011/10/19 22:20:19 | 000,108,714 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000105
[2011/10/19 22:20:19 | 000,141,416 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000106
[2011/10/19 22:20:19 | 000,112,501 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000107
[2011/10/19 22:20:19 | 000,122,178 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000108
[2011/10/19 22:20:20 | 000,162,862 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000109
[2011/10/19 22:20:20 | 000,104,696 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00010a
[2011/10/19 22:20:20 | 000,102,331 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00010b
[2011/10/19 22:20:20 | 000,105,122 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00010c
[2011/10/19 22:20:20 | 000,114,362 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00010d
[2011/10/19 22:20:20 | 000,088,312 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00010e
[2011/10/19 22:20:20 | 000,083,865 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00010f
[2011/10/19 22:20:20 | 000,087,520 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000110
[2011/10/19 22:20:20 | 000,085,680 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000111
[2011/10/19 22:20:20 | 000,061,554 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000112
[2011/10/19 22:20:20 | 000,130,227 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000113
[2011/10/19 22:20:20 | 000,068,649 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000114
[2011/10/19 22:20:20 | 000,090,355 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000115
[2011/10/19 22:20:20 | 000,069,120 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000116
[2011/10/19 22:20:20 | 000,089,686 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000117
[2011/10/19 22:20:20 | 000,068,813 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000118
[2011/10/19 22:20:20 | 000,091,918 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000119
[2011/10/19 22:20:21 | 000,133,243 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00011a
[2011/10/19 22:20:21 | 000,127,459 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00011b
[2011/10/19 22:20:21 | 000,085,224 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00011c
[2011/10/19 22:20:21 | 000,146,165 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00011d
[2011/10/19 22:20:21 | 000,124,840 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00011e
[2011/10/19 22:20:21 | 000,091,127 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00011f
[2011/10/19 22:20:21 | 000,115,119 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000120
[2011/10/19 22:20:21 | 000,183,397 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000121
[2011/10/19 22:20:21 | 000,097,872 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000122
[2011/10/19 22:20:21 | 000,073,659 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000123
[2011/10/19 22:20:21 | 000,049,423 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000124
[2011/10/19 22:20:21 | 000,081,838 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000125
[2011/10/19 22:20:21 | 000,106,967 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000126
[2011/10/19 22:20:21 | 000,120,040 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000127
[2011/10/19 22:20:21 | 000,050,662 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000128
[2011/10/19 22:20:21 | 000,133,003 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000129
[2011/10/19 22:20:22 | 000,125,369 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00012a
[2011/10/19 22:20:22 | 000,077,683 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00012b
[2011/10/19 22:20:22 | 000,067,498 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00012c
[2011/10/19 22:20:22 | 000,064,607 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00012d
[2011/10/19 22:20:22 | 000,107,544 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00012e
[2011/10/19 22:20:22 | 000,088,763 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00012f
[2011/10/19 22:20:22 | 000,137,177 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000130
[2011/10/19 22:20:22 | 000,135,012 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000131
[2011/10/19 22:20:22 | 000,134,957 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000132
[2011/10/19 22:20:22 | 000,136,890 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000133
[2011/10/19 22:20:22 | 000,197,139 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000134
[2011/10/19 22:20:22 | 000,110,788 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000135
[2011/10/19 22:20:22 | 000,081,931 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000136
[2011/10/19 22:20:23 | 000,121,397 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000137
[2011/10/19 22:20:23 | 000,068,713 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000138
[2011/10/19 22:20:23 | 000,069,235 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000139
[2011/10/19 22:20:23 | 000,089,703 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00013a
[2011/10/19 22:20:23 | 000,080,101 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00013b
[2011/10/19 22:20:23 | 000,122,077 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00013c
[2011/10/19 22:20:23 | 000,093,370 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00013d
[2011/10/19 22:20:23 | 000,117,941 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00013e
[2011/10/19 22:20:23 | 000,089,271 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00013f
[2011/10/19 22:20:23 | 000,167,277 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000140
[2011/10/19 22:20:23 | 000,132,139 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000141
[2011/10/19 22:20:23 | 000,140,109 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000142
[2011/10/19 22:20:23 | 000,166,382 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000143
[2011/10/19 22:20:23 | 000,099,568 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000144
[2011/10/19 22:20:23 | 000,133,754 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000145
[2011/10/19 22:20:24 | 000,169,367 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000146
[2011/10/19 22:20:24 | 000,146,176 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000147
[2011/10/19 22:20:24 | 000,151,832 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000148
[2011/10/19 22:20:24 | 000,149,019 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000149
[2011/10/19 22:20:24 | 000,110,386 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00014a
[2011/10/19 22:20:24 | 000,154,899 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00014b
[2011/10/19 22:20:24 | 000,136,077 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00014c
[2011/10/19 22:20:24 | 000,135,868 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00014d
[2011/10/19 22:20:24 | 000,116,082 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00014e
[2011/10/19 22:20:25 | 000,116,072 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00014f
[2011/10/19 22:20:25 | 000,135,478 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000150
[2011/10/19 22:20:25 | 000,157,610 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000151
[2011/10/19 22:20:25 | 000,173,344 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000152
[2011/10/19 22:20:25 | 000,131,031 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000153
[2011/10/19 22:20:25 | 000,092,737 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000154
[2011/10/19 22:20:25 | 000,064,517 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000155
[2011/10/19 22:20:26 | 000,177,129 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000156
[2011/10/19 22:20:26 | 000,104,573 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000157
[2011/10/19 22:20:26 | 000,222,859 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000158
[2011/10/19 22:20:26 | 000,229,823 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000159
[2011/10/19 22:20:26 | 000,025,124 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00015b
[2011/10/19 22:20:26 | 000,019,917 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00015c
[2011/10/19 22:20:26 | 000,108,115 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00015e
[2011/11/24 15:53:03 | 000,109,298 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00015f
[2011/11/24 15:53:03 | 000,032,170 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000160
[2011/11/24 16:52:01 | 000,038,798 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000175
[2011/11/24 16:52:13 | 000,031,988 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000176
[2011/11/24 16:52:14 | 000,028,313 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000177
[2011/11/24 16:52:15 | 000,024,973 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000178
[2011/11/24 16:52:22 | 000,016,994 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000179
[2011/11/24 16:52:43 | 000,061,709 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00017a
[2011/11/24 16:52:43 | 000,026,027 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00017b
[2011/11/24 16:52:43 | 000,036,628 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00017c
[2011/11/24 16:52:43 | 000,017,361 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00017d
[2011/11/24 16:52:49 | 000,290,933 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00017e
[2011/11/24 16:52:50 | 000,028,195 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00017f
[2011/11/24 16:52:50 | 000,019,453 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000180
[2011/11/24 16:52:50 | 000,080,958 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000181
[2011/11/24 16:52:50 | 000,089,184 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000182
[2011/11/24 16:52:50 | 000,017,629 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000183
[2011/11/24 16:52:50 | 000,019,443 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000184
[2011/11/24 16:52:51 | 000,057,388 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000185
[2011/11/24 16:52:52 | 000,020,453 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000186
[2011/11/24 16:52:52 | 000,017,097 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000187
[2011/11/24 16:52:52 | 000,016,611 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000188
[2011/11/24 16:52:52 | 000,024,973 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000189
[2011/11/24 16:52:52 | 000,031,048 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00018a
[2011/11/24 16:52:53 | 000,042,423 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00018b
[2011/11/24 16:52:53 | 000,020,308 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00018c
[2011/11/24 16:52:53 | 000,027,426 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00018d
[2011/11/24 16:52:53 | 000,110,064 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00018e
[2011/11/24 16:52:54 | 000,039,545 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00018f
[2011/11/24 16:52:54 | 000,030,345 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000190
[2011/11/24 16:52:55 | 000,032,064 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000191
[2011/11/24 16:52:55 | 000,027,027 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000192
[2011/11/24 16:52:55 | 000,051,555 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000193
[2011/11/24 16:53:01 | 000,030,010 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000194
[2011/11/24 16:53:02 | 000,537,280 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000195
[2011/11/24 16:53:20 | 000,021,002 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000196
[2011/11/24 16:53:21 | 000,027,426 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000197
[2011/11/24 16:53:22 | 000,042,529 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000198
[2011/11/24 16:53:22 | 000,043,271 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000199
[2011/11/24 16:53:22 | 000,035,613 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00019a
[2011/11/24 16:53:22 | 000,025,170 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00019b
[2011/11/24 16:53:22 | 000,017,169 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00019c
[2011/11/24 16:53:23 | 000,040,579 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00019d
[2011/11/24 16:53:23 | 000,046,695 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00019e
[2011/11/24 16:53:24 | 000,033,532 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00019f
[2011/11/24 16:53:24 | 000,019,005 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001a0
[2011/11/24 17:27:46 | 000,059,052 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001b8
[2012/01/16 13:36:52 | 000,116,886 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001b9
[2012/01/16 13:36:52 | 000,032,829 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001ba
[2012/01/16 13:37:09 | 000,033,186 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001bb
[2012/01/16 13:37:10 | 000,090,226 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001bc
[2012/01/16 13:37:11 | 000,090,226 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001bd
[2012/01/16 13:37:12 | 000,102,483 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001be
[2012/01/16 13:37:14 | 000,816,526 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001c0
[2012/01/16 13:37:14 | 000,041,804 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001c1
[2012/01/16 13:37:16 | 000,019,232 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001c2
[2012/01/16 13:37:16 | 000,033,759 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001c3
[2012/01/16 13:37:17 | 000,082,353 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001c4
[2012/01/16 13:37:17 | 000,049,514 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001c5
[2012/01/16 13:37:17 | 000,111,538 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001c6
[2012/01/16 13:37:18 | 000,017,935 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001c7
[2012/01/16 13:37:18 | 000,018,674 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001c8
[2012/01/16 13:37:18 | 000,032,151 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001c9
[2012/01/16 13:37:19 | 000,119,521 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001ca
[2012/01/16 13:37:19 | 000,065,362 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001cb
[2012/01/16 13:37:19 | 000,020,459 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001cc
[2012/01/16 13:37:19 | 000,044,551 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001cd
[2012/01/16 13:37:19 | 000,028,518 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001ce
[2012/01/16 13:47:09 | 000,037,767 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001cf
[2012/01/16 13:47:09 | 000,017,432 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001d0
[2012/01/16 13:47:10 | 000,093,889 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001d1
[2012/01/16 13:47:10 | 000,043,139 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001d2
[2012/01/16 13:47:10 | 000,016,395 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001d3
[2012/01/16 13:47:10 | 000,016,705 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001d4
[2012/01/16 13:47:10 | 000,023,618 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001d5
[2012/01/16 13:47:10 | 000,033,133 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001d6
[2012/01/16 13:47:10 | 000,023,433 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001d7
[2012/01/16 13:47:10 | 000,026,599 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001d8
[2012/01/16 13:47:10 | 000,030,207 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001d9
[2012/01/16 14:52:47 | 000,043,139 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001da
[2012/01/16 14:52:47 | 000,017,643 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001db
[2012/01/16 14:52:47 | 000,017,282 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001dc
[2012/01/16 14:53:44 | 000,025,174 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001de
[2012/01/16 14:56:02 | 000,029,336 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001e2
[2012/01/16 14:56:58 | 000,024,546 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001e3
[2012/01/16 14:58:40 | 000,029,336 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001e4
[2012/03/05 14:18:59 | 000,121,366 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001e6
[2012/03/05 14:18:59 | 000,020,648 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001e7
[2012/03/05 14:19:00 | 000,029,754 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001e8
[2012/03/05 14:20:10 | 000,020,456 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001e9
[2012/03/05 14:20:13 | 000,022,233 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001ea
[2012/03/05 14:20:14 | 000,077,910 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001eb
[2012/03/05 14:20:14 | 000,044,637 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001ec
[2012/03/05 14:20:14 | 000,018,336 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001ed
[2012/03/05 14:20:14 | 000,046,209 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001ee
[2012/03/05 14:20:15 | 000,036,378 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001ef
[2012/03/05 14:20:15 | 000,021,237 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001f0
[2012/03/05 14:20:16 | 000,048,992 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001f1
[2012/06/22 21:49:23 | 000,023,733 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001f2
[2012/06/22 21:49:24 | 000,149,384 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001f3
[2012/06/22 21:49:24 | 000,016,917 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001f4
[2012/06/22 21:49:24 | 000,028,693 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001f5
[2012/06/22 21:49:26 | 000,094,861 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001f6
[2012/06/22 21:49:44 | 000,048,838 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001f7
[2012/06/22 21:49:44 | 000,018,632 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001f8
[2012/06/22 21:49:45 | 000,029,070 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001f9
[2012/06/22 21:49:46 | 000,061,773 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001fa
[2012/06/22 21:50:02 | 000,079,942 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001fb
[2010/07/07 12:38:13 | 000,262,512 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Cache\index
[2010/07/07 13:36:25 | 000,017,408 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\localserver.db
[2010/07/07 13:36:25 | 000,019,456 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\permissions.db
[2011/03/15 12:41:07 | 000,000,000 | ---- | M] () -- C:\Users\felicity\AppData\Local\Google\Chrome\User Data\Default\User StyleSheets\Custom.css

 

[Flick]

< %USERPROFILE%\AppData\Local\ /s >

< %systemroot%\Installer\ /s >

< %systemroot%\system32\Cache\ /s >

< %systemroot%\system32\config\systemprofile\Application Data /s >

< %PROGRAMFILES%\*. >
[2011/01/13 10:20:56 | 000,000,000 | ---D | M] -- C:\Program Files\7-Zip
[2012/07/11 19:38:32 | 000,000,000 | ---D | M] -- C:\Program Files\Adobe
[2010/09/09 14:44:27 | 000,000,000 | ---D | M] -- C:\Program Files\Adobe Media Player
[2011/06/28 12:58:08 | 000,000,000 | ---D | M] -- C:\Program Files\Apple Software Update
[2010/05/13 03:37:32 | 000,000,000 | ---D | M] -- C:\Program Files\Atheros
[2012/01/13 13:00:51 | 000,000,000 | ---D | M] -- C:\Program Files\Bonjour
[2011/06/06 15:03:13 | 000,000,000 | ---D | M] -- C:\Program Files\CamStudio 2.6b
[2010/05/13 03:36:04 | 000,000,000 | ---D | M] -- C:\Program Files\Cisco
[2012/07/11 19:38:33 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files
[2010/05/13 03:38:16 | 000,000,000 | ---D | M] -- C:\Program Files\CSR
[2010/07/09 09:04:16 | 000,000,000 | ---D | M] -- C:\Program Files\CyberLink
[2010/05/13 03:29:12 | 000,000,000 | ---D | M] -- C:\Program Files\DIFX
[2011/08/05 17:39:09 | 000,000,000 | ---D | M] -- C:\Program Files\DVD Maker
[2011/04/14 11:32:16 | 000,000,000 | ---D | M] -- C:\Program Files\epson
[2012/01/09 11:33:33 | 000,000,000 | ---D | M] -- C:\Program Files\FileZilla FTP Client
[2010/05/13 03:44:27 | 000,000,000 | ---D | M] -- C:\Program Files\Fingerprint Sensor
[2010/08/31 11:33:16 | 000,000,000 | ---D | M] -- C:\Program Files\Flexsim5
[2010/07/09 08:59:10 | 000,000,000 | ---D | M] -- C:\Program Files\Fujitsu
[2010/05/13 03:51:19 | 000,000,000 | ---D | M] -- C:\Program Files\Fujitsu Hardware Diagnostics Tool
[2010/09/10 17:55:40 | 000,000,000 | ---D | M] -- C:\Program Files\GlobalSCAPE
[2011/03/11 16:49:50 | 000,000,000 | ---D | M] -- C:\Program Files\Google
[2010/09/10 17:55:40 | 000,000,000 | -H-D | M] -- C:\Program Files\InstallShield Installation Information
[2010/05/13 03:44:35 | 000,000,000 | ---D | M] -- C:\Program Files\Intel
[2012/06/18 22:45:25 | 000,000,000 | ---D | M] -- C:\Program Files\Internet Explorer
[2012/05/24 20:54:29 | 000,000,000 | ---D | M] -- C:\Program Files\iPod
[2012/05/24 20:55:27 | 000,000,000 | ---D | M] -- C:\Program Files\iTunes
[2012/07/11 19:38:33 | 000,000,000 | ---D | M] -- C:\Program Files\Java
[2011/11/23 12:00:38 | 000,000,000 | ---D | M] -- C:\Program Files\Jungle Disk Desktop
[2010/05/13 03:40:15 | 000,000,000 | ---D | M] -- C:\Program Files\LSI SoftModem
[2012/07/10 22:41:03 | 000,000,000 | ---D | M] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/10/19 16:45:35 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft
[2010/09/09 11:30:49 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Analysis Services
[2012/02/16 02:05:41 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Application Virtualization Client
[2010/08/31 11:31:33 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft CAPICOM 2.1.0.2
[2010/10/18 13:45:37 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Expression
[2010/05/13 19:23:18 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Games
[2012/01/19 16:14:56 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft IntelliPoint
[2012/06/04 11:53:27 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft IntelliType Pro
[2010/09/09 11:32:26 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Office
[2012/07/11 19:39:12 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Security Client
[2012/05/24 20:59:14 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Silverlight
[2010/09/09 12:52:33 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft SQL Server
[2010/09/09 11:32:25 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft SQL Server Compact Edition
[2010/09/09 11:32:25 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Sync Framework
[2010/09/09 11:32:44 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Synchronization Services
[2010/05/13 04:00:33 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Touch Pack for Windows 7
[2010/10/12 11:14:33 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Visual Studio
[2010/09/09 11:31:17 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Visual Studio 8
[2010/05/13 03:59:27 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft XNA
[2010/09/10 10:32:08 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft.NET
[2012/06/19 21:56:46 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox
[2012/06/22 13:37:38 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Maintenance Service
[2012/03/26 13:41:42 | 000,000,000 | ---D | M] -- C:\Program Files\MSBuild
[2010/04/28 07:43:19 | 000,000,000 | ---D | M] -- C:\Program Files\MSXML 4.0
[2010/11/16 15:22:45 | 000,000,000 | ---D | M] -- C:\Program Files\MySQL
[2012/03/15 17:05:22 | 000,000,000 | ---D | M] -- C:\Program Files\NCH Software
[2010/05/13 03:40:30 | 000,000,000 | ---D | M] -- C:\Program Files\O2Micro
[2010/05/13 03:42:30 | 000,000,000 | ---D | M] -- C:\Program Files\O2Micro OZ711 SCR Driver
[2010/10/21 15:56:49 | 000,000,000 | ---D | M] -- C:\Program Files\Paint.NET
[2011/11/14 11:05:27 | 000,000,000 | ---D | M] -- C:\Program Files\QuickTime
[2010/05/13 03:29:28 | 000,000,000 | ---D | M] -- C:\Program Files\Realtek
[2009/07/14 14:52:30 | 000,000,000 | ---D | M] -- C:\Program Files\Reference Assemblies
[2010/07/09 08:57:27 | 000,000,000 | ---D | M] -- C:\Program Files\Roxio
[2011/12/05 11:58:56 | 000,000,000 | ---D | M] -- C:\Program Files\Safari
[2012/06/28 16:12:02 | 000,000,000 | R--D | M] -- C:\Program Files\Skype
[2010/07/09 08:58:11 | 000,000,000 | ---D | M] -- C:\Program Files\Softex
[2010/07/09 09:48:14 | 000,000,000 | ---D | M] -- C:\Program Files\Stoutlab
[2010/05/13 03:30:38 | 000,000,000 | ---D | M] -- C:\Program Files\Synaptics
[2010/07/09 09:06:12 | 000,000,000 | ---D | M] -- C:\Program Files\Tablet
[2011/06/06 15:11:44 | 000,000,000 | ---D | M] -- C:\Program Files\TechSmith
[2010/05/13 03:29:48 | 000,000,000 | -H-D | M] -- C:\Program Files\Temp
[2009/07/14 14:53:23 | 000,000,000 | -H-D | M] -- C:\Program Files\Uninstall Information
[2010/05/13 03:59:49 | 000,000,000 | ---D | M] -- C:\Program Files\Virtual Earth 3D
[2012/07/11 16:31:57 | 000,000,000 | ---D | M] -- C:\Program Files\Vodafone
[2010/09/13 19:39:09 | 000,000,000 | ---D | M] -- C:\Program Files\Watchtower
[2010/10/12 11:14:35 | 000,000,000 | ---D | M] -- C:\Program Files\Web Publish
[2011/08/05 17:39:05 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Defender
[2012/05/10 03:35:11 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Journal
[2012/06/04 11:40:35 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Live
[2011/08/05 17:39:09 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Mail
[2011/08/05 17:39:09 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Player
[2009/07/14 14:52:30 | 000,000,000 | ---D | M] -- C:\Program Files\Windows NT
[2011/08/05 17:39:09 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Photo Viewer
[2011/08/05 17:39:09 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Portable Devices
[2011/08/05 17:39:09 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Sidebar

< %appdata%\*.* >
[2012/03/28 16:39:13 | 000,000,132 | ---- | M] () -- C:\Users\felicity\AppData\Roaming\Adobe GIF Format CS5 Prefs
[2012/03/05 16:51:49 | 000,000,132 | ---- | M] () -- C:\Users\felicity\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2011/09/21 14:33:10 | 000,009,379 | ---- | M] () -- C:\Users\felicity\AppData\Roaming\Comma Separated Values (Windows).EML
[2011/07/04 22:09:06 | 000,003,540 | ---- | M] () -- C:\Users\felicity\AppData\Roaming\FjMenu1.XML
[2011/08/24 11:02:35 | 000,000,600 | ---- | M] () -- C:\Users\felicity\AppData\Roaming\PUTTY.RND

< MD5 for: AFD.SYS >
[2011/04/25 12:35:40 | 000,338,944 | ---- | M] (Microsoft Corporation) MD5=0DB7A48388D54D154EBEC120461A0FCD -- C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7600.16802_none_d81220b5bf827af7\afd.sys
[2010/11/20 18:40:03 | 000,338,944 | ---- | M] (Microsoft Corporation) MD5=1151FD4FB0216CFED887BFDE29EBD516 -- C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.17514_none_d9efac7dbcaf385b\afd.sys
[2011/04/25 12:18:03 | 000,338,944 | ---- | M] (Microsoft Corporation) MD5=9EBBBA55060F786F0FCAA3893BFA2806 -- C:\Windows\System32\drivers\afd.sys
[2011/04/25 12:18:03 | 000,338,944 | ---- | M] (Microsoft Corporation) MD5=9EBBBA55060F786F0FCAA3893BFA2806 -- C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.17603_none_d9f97e05bca8003a\afd.sys
[2011/04/25 12:27:23 | 000,338,944 | ---- | M] (Microsoft Corporation) MD5=C114AB7A1550D42EA1700FFD4179CF5A -- C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7600.20951_none_d864ad9ad8c98d1f\afd.sys
[2011/04/25 13:24:09 | 000,338,944 | ---- | M] (Microsoft Corporation) MD5=C427F91A748CD342A2B3F9278D9FD6A5 -- C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.21712_none_da774a9ad5cea29e\afd.sys
[2009/07/14 09:12:38 | 000,338,944 | ---- | M] (Microsoft Corporation) MD5=DDC040FDB01EF1712A6B13E52AFB104C -- C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7600.16385_none_d7be98b5bfc0b4c1\afd.sys

< MD5 for: ATAPI.SYS >
[2009/07/14 11:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009/07/14 11:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys
[2009/07/14 11:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
[2009/07/14 11:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys

< MD5 for: CRYPTSVC.DLL >
[2012/04/24 14:36:42 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=06E771AA596B8761107AB57E99F128D7 -- C:\Windows\System32\cryptsvc.dll
[2012/04/24 14:36:42 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=06E771AA596B8761107AB57E99F128D7 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17827_none_77ff39f3f916c65f\cryptsvc.dll
[2012/04/24 14:28:22 | 000,142,336 | ---- | M] (Microsoft Corporation) MD5=21993009E0CCB9B4FA195F14D3408626 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.21979_none_7854c7b7125b248c\cryptsvc.dll
[2012/04/24 14:47:04 | 000,139,264 | ---- | M] (Microsoft Corporation) MD5=520A108A2657F4BCA7FCED9CA7D885DE -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.17008_none_762f534bfbdf7203\cryptsvc.dll
[2009/07/14 11:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_75d5ef87fc22e35a\cryptsvc.dll
[2010/11/20 22:18:24 | 000,136,192 | ---- | M] (Microsoft Corporation) MD5=A585BEBF7D054BD9618EDA0922D5484A -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_7807034ff91166f4\cryptsvc.dll
[2012/04/24 14:33:53 | 000,141,312 | ---- | M] (Microsoft Corporation) MD5=F522279B4717E2BFF269C771FAC2B78E -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.21199_none_7658a1151545269d\cryptsvc.dll

< MD5 for: DNSRSLVR.DLL >
[2010/11/20 22:18:33 | 000,132,608 | ---- | M] (Microsoft Corporation) MD5=2FE30D71919C51131405797620E0A714 -- C:\Windows\winsxs\x86_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7601.17514_none_e3e9e6c8e09b7c76\dnsrslvr.dll
[2011/03/03 15:38:01 | 000,132,608 | ---- | M] (Microsoft Corporation) MD5=33EF4861F19A0736B11314AAD9AE28D0 -- C:\Windows\System32\dnsrslvr.dll
[2011/03/03 15:38:01 | 000,132,608 | ---- | M] (Microsoft Corporation) MD5=33EF4861F19A0736B11314AAD9AE28D0 -- C:\Windows\winsxs\x86_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7601.17570_none_e3a50618e0cfbec0\dnsrslvr.dll
[2011/03/03 15:29:23 | 000,132,608 | ---- | M] (Microsoft Corporation) MD5=B15BE77A2BACF9C3177D27518AFE26A9 -- C:\Windows\winsxs\x86_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7600.16772_none_e1c0a9a6e3a78582\dnsrslvr.dll
[2011/03/03 15:50:46 | 000,132,608 | ---- | M] (Microsoft Corporation) MD5=B3A0A4414D8EC1DD28018004CE8DCBEE -- C:\Windows\winsxs\x86_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7600.20914_none_e28d2873fc92ad7b\dnsrslvr.dll
[2009/07/14 11:15:12 | 000,132,608 | ---- | M] (Microsoft Corporation) MD5=D0722E963D3C6145446874241401B209 -- C:\Windows\winsxs\x86_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7600.16385_none_e1b8d300e3acf8dc\dnsrslvr.dll
[2011/03/03 15:12:25 | 000,132,608 | ---- | M] (Microsoft Corporation) MD5=F3501CA4E93BF218C71CF9DEECEE838F -- C:\Windows\winsxs\x86_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7601.21673_none_e431a3c1f9eaaa8f\dnsrslvr.dll

< MD5 for: ES.DLL >
[2010/08/18 11:57:16 | 000,203,320 | ---- | M] () MD5=59402EEA6FFC47B6DEA9857247A85742 -- C:\Users\felicity\AppData\Local\Google\Chrome\Application\5.0.375.127\Locales\es.dll
[2012/06/28 20:27:57 | 000,008,216 | ---- | M] () MD5=8C4CBA187C451FAE0C9C1674B9C3AC39 -- C:\Program Files\Google\Chrome\Application\20.0.1132.47\Locales\es.dll
[2012/06/07 18:13:44 | 000,008,216 | ---- | M] () MD5=99DE0F08708D5EB156CC2EFA41C1FF6E -- C:\Program Files\Google\Chrome\Application\19.0.1084.56\Locales\es.dll
[2010/07/31 10:17:13 | 000,203,320 | ---- | M] () MD5=A576C96A2910F541FF935881CDE23864 -- C:\Users\felicity\AppData\Local\Google\Chrome\Application\5.0.375.126\Locales\es.dll
[2009/07/14 11:15:19 | 000,271,360 | ---- | M] (Microsoft Corporation) MD5=F6916EFC29D9953D5D0DF06882AE8E16 -- C:\Windows\System32\es.dll
[2009/07/14 11:15:19 | 000,271,360 | ---- | M] (Microsoft Corporation) MD5=F6916EFC29D9953D5D0DF06882AE8E16 -- C:\Windows\winsxs\x86_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.1.7600.16385_none_0cc3f540b311359a\es.dll

< MD5 for: EXPLORER.EXE >
[2010/04/26 20:49:39 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=00B0358734CAA32C39D181FE6916B178 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20542_none_523cdab8f40fe558\explorer.exe
[2011/02/26 15:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2009/07/14 11:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2011/02/26 15:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_525b5180f3f95373\explorer.exe
[2010/04/26 20:54:44 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe
[2011/02/26 15:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_51a3a583dafd0cef\explorer.exe
[2011/01/16 15:55:21 | 000,255,488 | ---- | M] () MD5=3C33B26F2F7FA61D882515F2D6078691 -- C:\Users\felicity\AppData\Local\Temp\RarSFX0\procs\explorer.exe
[2010/11/20 22:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2011/02/25 15:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\explorer.exe
[2011/02/25 15:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe
[2010/04/26 20:48:27 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe
[2005/08/16 01:54:58 | 000,001,536 | ---- | M] () MD5=ABC6379205DE2618851C4FCBF72112EB -- C:\Users\felicity\AppData\Local\Temp\RarSFX0\h\explorer.exe
[2010/04/26 20:48:27 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe
[2010/04/26 20:54:44 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe
[2010/04/26 20:49:39 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=FC89FACA0473641CB625EDA9277D0885 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16434_none_51c00e6ddae85c4b\explorer.exe

< MD5 for: IPNATHLP.DLL >
[2009/07/14 11:15:33 | 000,300,544 | ---- | M] (Microsoft Corporation) MD5=D1A079A0DE2EA524513B6930C24527A2 -- C:\Windows\System32\ipnathlp.dll
[2009/07/14 11:15:33 | 000,300,544 | ---- | M] (Microsoft Corporation) MD5=D1A079A0DE2EA524513B6930C24527A2 -- C:\Windows\winsxs\x86_microsoft-windows-sharedaccess_31bf3856ad364e35_6.1.7600.16385_none_04a3b4c9aa9fddd8\ipnathlp.dll

< MD5 for: NETBT.SYS >
[2010/11/20 18:39:44 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=280122DDCF04B378EDD1AD54D71C1E54 -- C:\Windows\System32\drivers\netbt.sys
[2010/11/20 18:39:44 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=280122DDCF04B378EDD1AD54D71C1E54 -- C:\Windows\winsxs\x86_microsoft-windows-netbt_31bf3856ad364e35_6.1.7601.17514_none_626c324d55864070\netbt.sys
[2009/07/14 09:12:21 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=DD52A733BF4CA5AF84562A5E2F963B91 -- C:\Windows\winsxs\x86_microsoft-windows-netbt_31bf3856ad364e35_6.1.7600.16385_none_603b1e855897bcd6\netbt.sys

< MD5 for: NETMAN.DLL >
[2009/07/14 11:16:03 | 000,280,576 | ---- | M] (Microsoft Corporation) MD5=7CCCFCA7510684768DA22092D1FA4DB2 -- C:\Windows\System32\netman.dll
[2009/07/14 11:16:03 | 000,280,576 | ---- | M] (Microsoft Corporation) MD5=7CCCFCA7510684768DA22092D1FA4DB2 -- C:\Windows\winsxs\x86_microsoft-windows-netman_31bf3856ad364e35_6.1.7600.16385_none_0f9371b9b32368a4\netman.dll

< MD5 for: QMGR.DLL >
[2009/07/14 11:16:12 | 000,589,312 | ---- | M] (Microsoft Corporation) MD5=53F476476F55A27F580661BDE09C4EC4 -- C:\Windows\winsxs\x86_microsoft-windows-bits-client_31bf3856ad364e35_6.1.7600.16385_none_23671b105ac5a0fd\qmgr.dll
[2010/11/20 22:20:58 | 000,585,728 | ---- | M] (Microsoft Corporation) MD5=E585445D5021971FAE10393F0F1C3961 -- C:\Windows\System32\qmgr.dll
[2010/11/20 22:20:58 | 000,585,728 | ---- | M] (Microsoft Corporation) MD5=E585445D5021971FAE10393F0F1C3961 -- C:\Windows\winsxs\x86_microsoft-windows-bits-client_31bf3856ad364e35_6.1.7601.17514_none_25982ed857b42497\qmgr.dll

< MD5 for: RPCSS.DLL >
[2010/11/20 22:21:03 | 000,376,832 | ---- | M] (Microsoft Corporation) MD5=7660F01D3B38ACA1747E397D21D790AF -- C:\Windows\System32\rpcss.dll
[2010/11/20 22:21:03 | 000,376,832 | ---- | M] (Microsoft Corporation) MD5=7660F01D3B38ACA1747E397D21D790AF -- C:\Windows\winsxs\x86_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.1.7601.17514_none_6bd245e79c221747\rpcss.dll
[2009/07/14 11:16:13 | 000,376,320 | ---- | M] (Microsoft Corporation) MD5=B82CD39E336973359D7C9BF911E8E84F -- C:\Windows\winsxs\x86_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.1.7600.16385_none_69a1321f9f3393ad\rpcss.dll

< MD5 for: SERVICES.EXE >
[2009/07/14 11:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\services.exe
[2009/07/14 11:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=A302BBFF2A7278C0E239EE5D471D86A9 -- C:\Windows\System32\services.exe

< MD5 for: SVCHOST.EXE >
[2012/04/04 15:56:38 | 000,199,240 | ---- | M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2009/07/14 11:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe
[2009/07/14 11:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe

< MD5 for: TCPIP.SYS >
[2011/04/25 14:56:06 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=0158D5E9982E9D6A90DFC802F618E130 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_b347f075c77b9c9d\tcpip.sys
[2011/06/21 15:34:23 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=04E4A7D53A7ACE02E8C55B17A498F631 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_b513df73c4b4f466\tcpip.sys
[2011/09/30 02:02:44 | 001,301,872 | ---- | M] (Microsoft Corporation) MD5=22F7E7CBCA308DEE3428B097D4F8A61C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21060_none_b38e8546e0cbe4a1\tcpip.sys
[2011/04/25 14:31:30 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=24326784DF8F3D5F5BBB9F878CE33C14 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_b52f4dc5c4a121e0\tcpip.sys
[2009/07/14 11:19:10 | 001,285,712 | ---- | M] (Microsoft Corporation) MD5=2CC3D75488ABD3EC628BBB9A4FC84EFC -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_b2f46875c7b9d667\tcpip.sys
[2010/11/20 22:30:12 | 001,290,112 | ---- | M] (Microsoft Corporation) MD5=37E8FA3779668837CA9E2C36D2415949 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_b5257c3dc4a85a01\tcpip.sys
[2011/09/30 02:17:18 | 001,303,920 | ---- | M] (Microsoft Corporation) MD5=3C1C41E317710F74CEC1E7F0D5325993 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_b5a84e10ddca7566\tcpip.sys
[2012/03/30 20:29:05 | 001,287,024 | ---- | M] (Microsoft Corporation) MD5=55E9965552741F3850CB22CBBA9671ED -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16986_none_b2f57423c7b8dea8\tcpip.sys
[2011/09/30 01:43:37 | 001,285,488 | ---- | M] (Microsoft Corporation) MD5=56C198AC82EFA622DD93E9E43575F79C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16889_none_b2f8731bc7b62d86\tcpip.sys
[2010/04/09 17:16:33 | 001,289,096 | ---- | M] (Microsoft Corporation) MD5=5D6A83E928F22AF5AC9868B162FFAD0D -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20687_none_b38009a0e0d5a32d\tcpip.sys
[2010/04/09 17:24:54 | 001,285,000 | ---- | M] (Microsoft Corporation) MD5=63170B9EE1D0EF0032F0408605671D1A -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16569_none_b30e0d41c7a5fe2f\tcpip.sys
[2011/09/30 02:03:04 | 001,290,608 | ---- | M] (Microsoft Corporation) MD5=65D10B191C59C5501A1263FC33F6894B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_b4d1ffa1c4e682b5\tcpip.sys
[2011/04/25 16:31:09 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=6D4728CFF2724FF3A4654971D61D0F1C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_b5ad1a5addc7c444\tcpip.sys
[2012/03/30 20:23:11 | 001,291,632 | ---- | M] (Microsoft Corporation) MD5=7FA2E0F8B072BD04B77B421480B6CC22 -- C:\Windows\System32\drivers\tcpip.sys
[2012/03/30 20:23:11 | 001,291,632 | ---- | M] (Microsoft Corporation) MD5=7FA2E0F8B072BD04B77B421480B6CC22 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_b52e5147c4a202d7\tcpip.sys
[2011/04/25 14:44:18 | 001,298,816 | ---- | M] (Microsoft Corporation) MD5=8861B9A06BA99C6E1D62D0C86DFAB86C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_b39a7d5ae0c2aec5\tcpip.sys
[2012/03/30 19:04:23 | 001,306,480 | ---- | M] (Microsoft Corporation) MD5=88FCDB9923EFECA207B3CEBD24407126 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_b583df0adde66104\tcpip.sys
[2011/06/21 15:30:45 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=93C444D118B184452132357C322124CD -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20992_none_b3703df4e0e237e0\tcpip.sys
[2010/06/14 16:06:58 | 001,288,576 | ---- | M] (Microsoft Corporation) MD5=A39EA325C081AD27461F630C8E3E56E0 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_b3b219fae0b0af43\tcpip.sys
[2010/06/14 16:12:30 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=BB7F39C31C4A4417FD318E7CD184E225 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_b33b1c29c7858b92\tcpip.sys
[2011/06/21 15:39:53 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=C2DAAEB48F3A47C410B041A0D2382EE1 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16839_none_b32e82b7c78da1d1\tcpip.sys
[2011/06/21 16:54:00 | 001,303,424 | ---- | M] (Microsoft Corporation) MD5=DEC4940487050AE13C60C86F40E07E75 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_b583db3edde666b6\tcpip.sys
[2012/03/30 20:08:19 | 001,303,408 | ---- | M] (Microsoft Corporation) MD5=E47C2844A1605A44178F4281E4D58B3D -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21178_none_b38bb990e0ccc871\tcpip.sys

< MD5 for: TDX.SYS >
[2010/11/20 18:39:17 | 000,074,752 | ---- | M] (Microsoft Corporation) MD5=B459575348C20E8121D6039DA063C704 -- C:\Windows\System32\drivers\tdx.sys
[2010/11/20 18:39:17 | 000,074,752 | ---- | M] (Microsoft Corporation) MD5=B459575348C20E8121D6039DA063C704 -- C:\Windows\winsxs\x86_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.1.7601.17514_none_ec4532373a57c1c2\tdx.sys
[2009/07/14 09:12:11 | 000,074,240 | ---- | M] (Microsoft Corporation) MD5=CB39E896A2A83702D1737BFD402B3542 -- C:\Windows\winsxs\x86_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.1.7600.16385_none_ea141e6f3d693e28\tdx.sys

< MD5 for: USERINIT.EXE >
[2010/11/20 22:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe
[2010/11/20 22:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009/07/14 11:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009/05/26 18:47:22 | 000,031,232 | ---- | M] (NirSoft) MD5=AC6094297CD882B8626466CDEB64F19F -- C:\Users\felicity\AppData\Local\Temp\RarSFX0\userinit.exe

< MD5 for: VOLSNAP.SYS >
[2009/07/14 11:19:10 | 000,245,328 | ---- | M] (Microsoft Corporation) MD5=58DF9D2481A56EDDE167E51B334D44FD -- C:\Windows\winsxs\x86_volume.inf_31bf3856ad364e35_6.1.7600.16385_none_158d0da45d68903e\volsnap.sys
[2010/11/20 22:30:16 | 000,245,632 | ---- | M] (Microsoft Corporation) MD5=F497F67932C6FA693D7DE2780631CFE7 -- C:\Windows\System32\drivers\volsnap.sys
[2010/11/20 22:30:16 | 000,245,632 | ---- | M] (Microsoft Corporation) MD5=F497F67932C6FA693D7DE2780631CFE7 -- C:\Windows\System32\DriverStore\FileRepository\volume.inf_x86_neutral_6dee0205881d1a1d\volsnap.sys
[2010/11/20 22:30:16 | 000,245,632 | ---- | M] (Microsoft Corporation) MD5=F497F67932C6FA693D7DE2780631CFE7 -- C:\Windows\winsxs\x86_volume.inf_31bf3856ad364e35_6.1.7601.17514_none_17be216c5a5713d8\volsnap.sys

< MD5 for: WININIT.EXE >
[2009/07/14 11:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\System32\wininit.exe
[2009/07/14 11:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe

< MD5 for: WINLOGON.EXE >
[2012/04/04 15:56:38 | 000,199,240 | ---- | M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2010/04/26 20:54:44 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2010/04/26 20:54:44 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2010/11/20 22:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe
[2010/11/20 22:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2009/07/14 11:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe
[2009/05/26 18:47:22 | 000,031,232 | ---- | M] (NirSoft) MD5=AC6094297CD882B8626466CDEB64F19F -- C:\Users\felicity\AppData\Local\Temp\RarSFX0\winlogon.exe

< MD5 for: WMISVC.DLL >
[2009/07/14 11:16:19 | 000,168,960 | ---- | M] (Microsoft Corporation) MD5=F62E510B6AD4C21EB9FE8668ED251826 -- C:\Windows\System32\wbem\WMIsvc.dll
[2009/07/14 11:16:19 | 000,168,960 | ---- | M] (Microsoft Corporation) MD5=F62E510B6AD4C21EB9FE8668ED251826 -- C:\Windows\winsxs\x86_microsoft-windows-wmi-core-svc_31bf3856ad364e35_6.1.7600.16385_none_a08911f35844b3ff\WMIsvc.dll
[2009/07/14 11:16:19 | 000,168,960 | ---- | M] (Microsoft Corporation) MD5=F62E510B6AD4C21EB9FE8668ED251826 -- C:\Windows\winsxs\x86_microsoft-windows-wmi-core-svc_31bf3856ad364e35_6.1.7601.17514_none_a2ba25bb55333799\WMIsvc.dll

< MD5 for: WSCSVC.DLL >
[2009/07/14 11:16:20 | 000,073,728 | ---- | M] (Microsoft Corporation) MD5=6F5D49EFE0E7164E03AE773A3FE25340 -- C:\Windows\System32\wscsvc.dll
[2009/07/14 11:16:20 | 000,073,728 | ---- | M] (Microsoft Corporation) MD5=6F5D49EFE0E7164E03AE773A3FE25340 -- C:\Windows\winsxs\x86_microsoft-windows-securitycenter-core_31bf3856ad364e35_6.1.7600.16385_none_1a16b3d6136c6bb2\wscsvc.dll
[2009/07/14 11:16:20 | 000,073,728 | ---- | M] (Microsoft Corporation) MD5=6F5D49EFE0E7164E03AE773A3FE25340 -- C:\Windows\winsxs\x86_microsoft-windows-securitycenter-core_31bf3856ad364e35_6.1.7601.17514_none_1c47c79e105aef4c\wscsvc.dll
[2010/12/21 15:38:24 | 000,073,728 | ---- | M] (Microsoft Corporation) MD5=A661A76333057B383A06E65F0073222F -- C:\Windows\winsxs\x86_microsoft-windows-securitycenter-core_31bf3856ad364e35_6.1.7600.16723_none_1a559a62133d85fa\wscsvc.dll
[2010/12/21 15:29:14 | 000,073,728 | ---- | M] (Microsoft Corporation) MD5=FC6DB3FF10A271A83A2CAFB340120FC4 -- C:\Windows\winsxs\x86_microsoft-windows-securitycenter-core_31bf3856ad364e35_6.1.7600.20862_none_1ab2f7332c7c7c31\wscsvc.dll

========== Hard Links - Junction Points - Mount Points - Symbolic Links ==========
[C:\windows\System32\config\systemprofile\AppData\Local\Application Data] -> C:\windows\system32\config\systemprofile\AppData\Local -> Junction
[C:\windows\System32\config\systemprofile\AppData\Local\History] -> C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History -> Junction
[C:\windows\System32\config\systemprofile\AppData\Local\Temporary Internet Files] -> C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files -> Junction
[C:\windows\System32\config\systemprofile\Application Data] -> C:\windows\system32\config\systemprofile\AppData\Roaming -> Junction
[C:\windows\System32\config\systemprofile\Cookies] -> C:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies -> Junction
[C:\windows\System32\config\systemprofile\Documents\My Music] -> C:\windows\system32\config\systemprofile\Music -> Junction
[C:\windows\System32\config\systemprofile\Documents\My Pictures] -> C:\windows\system32\config\systemprofile\Pictures -> Junction
[C:\windows\System32\config\systemprofile\Documents\My Videos] -> C:\windows\system32\config\systemprofile\Videos -> Junction
[C:\windows\System32\config\systemprofile\Local Settings] -> C:\windows\system32\config\systemprofile\AppData\Local -> Junction
[C:\windows\System32\config\systemprofile\My Documents] -> C:\windows\system32\config\systemprofile\Documents -> Junction
[C:\windows\System32\config\systemprofile\NetHood] -> C:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Network Shortcuts -> Junction
[C:\windows\System32\config\systemprofile\PrintHood] -> C:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Printer Shortcuts -> Junction
[C:\windows\System32\config\systemprofile\Recent] -> C:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Recent -> Junction
[C:\windows\System32\config\systemprofile\SendTo] -> C:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\SendTo -> Junction
[C:\windows\System32\config\systemprofile\Start Menu] -> C:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu -> Junction
[C:\windows\System32\config\systemprofile\Templates] -> C:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Templates -> Junction

< End of report >

 

[Flick]

OTL Extras logfile created on: 11/07/2012 6:11:02 AM - Run 1
OTL by OldTimer - Version 3.2.53.1 Folder = C:\Users\felicity\Desktop
Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000C09 | Country: Australia | Language: ENA | Date Format: d/MM/yyyy

2.93 Gb Total Physical Memory | 1.63 Gb Available Physical Memory | 55.73% Memory free
5.85 Gb Paging File | 4.24 Gb Available in Paging File | 72.58% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 146.65 Gb Total Space | 31.00 Gb Free Space | 21.14% Space Free | Partition Type: NTFS
Drive D: | 302.90 Gb Total Space | 142.00 Gb Free Space | 46.88% Space Free | Partition Type: NTFS
Drive F: | 1.88 Gb Total Space | 1.88 Gb Free Space | 99.71% Space Free | Partition Type: FAT
Drive J: | 500.00 Gb Total Space | 500.00 Gb Free Space | 100.00% Space Free | Partition Type: FAT32

Computer Name: FELICITY-TABLET | User Name: felicity | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\windows\winhlp32.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

========== Firewall Settings ==========

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{0294F00A-91AC-4FBF-BD14-0EE1583927AF}" = Battery Utility
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{0439D13F-C7CD-458A-90DE-44135CBD40B8}" = Bluetooth Feature Pack 5.0
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Central Data
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{0F842B77-56EA-4AAF-8295-81A022350B5E}" = Microsoft Security Client
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{17F82182-0E3D-4A14-8843-5ECBFAF4F12F}" = Security Panel Application for Supervisor
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{191C41F6-4BA8-4D3D-BBC5-AAC8F3077E3F}" = Fujitsu MobilityCenter Extension Utility
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Central Tools
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{207E8B60-07D2-4B7F-97FE-0DA448606861}" = Fujitsu Button Utilities
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{23B8A91D-680B-462B-87AD-3D70F7341731}" = iTunes
"{26A24AE4-039D-4CA4-87B4-2F83216032FF}" = Java(TM) 6 Update 32
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros Client Installation Program
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2BDE2BF2-AD90-4191-B3C8-D0046CE54916}" = Fujitsu Display Manager
"{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}" = CyberLink PowerDVD 8
"{2D87E961-577B-492B-AD54-1368680FB9A7}" = Virtual Earth 3D (Beta)
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{38766225-85FA-469B-A373-82BF1923A7E4}" = MySQL Workbench 5.2 CE
"{3898934B-05AE-41CD-96BE-70DA9BFBCE1F}" = Microsoft XNA Framework Redistributable 3.0
"{399C37FB-08AF-493B-BFED-20FBD85EDF7F}" = FJ Camera
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{44193AE6-D871-473C-8D1F-D55FBCB45552}" = Inst5657
"{45CA9B23-5EF8-43AA-9851-E9E062BF0147}" = Security Panel Application
"{469ED3E8-D21E-40E8-B00F-63516D26FAE3}" = O2Micro Flash Memory Card Windows Driver
"{47BC37A3-35C8-484A-8CBD-851914EB095E}" = Update Navi
"{4837C529-3700-5555-95FC-70C653003160}" = Jungle Disk Desktop
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4ABB4D92-0682-4887-A0BC-CE5F920DDD23}" = Watchtower Library 2009 - English
"{50A0893D-47D8-48E0-A7E8-44BCD7E4422E}" = Microsoft SQL Server Native Client
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5C3EA21C-22C0-4A44-BE58-D8CBB2F2B6B2}" = OZ711 SCR Driver
"{5F8D931D-B230-47F3-A9C0-0C8CA459A332}" = Microsoft Expression Web 4
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6B99AF03-2668-4572-BD3D-8C7A5D103065}" = AuthenTec Fingerprint Software
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7254349B-460B-488F-B4DB-A96100C5C48B}" = Power Saving Utility
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Central Audio
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7972B5F5-344C-4424-BEFD-431F5BD2D079}" = Flexsim 5.0.4
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6EE0B4-650F-452E-B9C2-882A72227B19}" = Microsoft SQL Server Database Publishing Wizard 1.1
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8FF90DB8-6DED-44A3-B182-244FEC09012F}" = Microsoft Touch Pack for Windows 7
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0015-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.PROPLUSR_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-002C-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{7CA93DF4-8902-449E-A42E-4C5923CFBDE3}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010
"{90140000-0044-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006D-0409-0000-0000000FF1CE}" = Microsoft Office Click-to-Run 2010
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
"{90140000-00BA-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{91140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{926BD0E8-24A3-41D2-AF9B-340F1A37ED12}" = MobileMe Control Panel
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{942E5031-2BD6-4C1B-918C-C8A1CBAE7B8C}" = Microsoft IntelliPoint 8.2
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{96B51C0B-D3BE-4DF3-959C-28B22C10CFBB}" = Vodafone Mobile Connect Lite
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BD2DD45-8763-4F12-BDC6-958FCFEF0FCB}" = Microsoft IntelliType Pro 8.2
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A33E457B-5369-481F-8B53-71108AE2EB5B}" = Roxio Creator LJ
"{A4512736-8D63-4298-9271-5329931FA46B}" = Microsoft SQL Server Management Studio Express
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{ABE8CE7E-01CC-4500-BAF5-FFC29EA108A1}" = Shock Sensor Utility
"{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.4.5 MUI
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Central Copy
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{BA0CC975-682B-4678-A35C-05E607F36387}" = Fujitsu Hotkey Utility
"{BC5929D3-9D88-4B35-8E37-CD1F2849292C}" = IIS Search Engine Optimization Toolkit 1.0
"{BF127B80-CFD5-4379-9752-E8AF1A5D0141}" = Microsoft Expression Encoder 4 Screen Capture Codec
"{C0E8FE43-C35B-451D-B35F-D4BD056D70E7}" = Camtasia Studio 7
"{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant
"{C6579A65-9CAE-4B31-8B6B-3306E0630A66}" = Apple Software Update
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"{CC4878C0-4A6A-49CD-AAA7-DD3FCB06CC84}" = Microsoft Web Platform Installer 3.0
"{CCAFF072-4DDB-4846-963D-15F02A8E9472}" = Intel(R) PROSet/Wireless WiFi Software
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E56B8E1D-8E90-46DC-AE55-EBA87ED69A5F}" = DealBook 360
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E8A5B78F-4456-4511-AB3D-E7BFFB974A7A}" = Fujitsu System Extension Utility
"{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Central Core
"{ED5761A3-C109-4E0E-8241-19DB67E66BED}" = CuteFTP 8 Lite
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.9
"{EFC04D3F-A152-47E7-8517-EE0F6201AFEF}" = Apple Mobile Device Support
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E2B312-D7FD-4349-A9B6-E90B36DB1BD0}" = Paint.NET v3.5.5
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Graphics Media Accelerator Driver
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2AF3E5D-9697-485C-A5AC-E2B9468C446A}" = Safari
"{F4E57F49-84B4-4CF2-B0A1-8CA1752BDF7E}" = OmniPass 7.00.02
"{F5993FCC-DF5D-4879-B70D-AA1F379C5C6B}" = Microsoft Expression Web 4 Service Pack 2
"{F90E143F-8EB2-4E41-BF4B-E00B046C33E5}" = Microsoft SQL Server Management Objects Collection
"{FDB5E0F3-86EA-4379-8A2F-1BC2436543E9}" = iCloud
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR
"{FE51662F-D8F6-43B5-99D9-D4894AF00F83}" = Roxio Creator LJ
"7-Zip" = 7-Zip 9.20
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"EPSON Printer and Utilities" = EPSON Printer Software
"F02860D720F53C6FCD75A013226E3E82F54FAB68" = Windows Driver Package - Fujitsu America, Inc. (FjBtnDrv) HIDClass (08/27/2009 4.2.0827.2009)
"FileZilla Client" = FileZilla Client 3.5.3
"Google Chrome" = Google Chrome
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{0294F00A-91AC-4FBF-BD14-0EE1583927AF}" = Battery Utility
"InstallShield_{17F82182-0E3D-4A14-8843-5ECBFAF4F12F}" = Security Panel for Supervisor
"InstallShield_{191C41F6-4BA8-4D3D-BBC5-AAC8F3077E3F}" = Fujitsu MobilityCenter Extension Utility
"InstallShield_{2BDE2BF2-AD90-4191-B3C8-D0046CE54916}" = Fujitsu Display Manager
"InstallShield_{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}" = CyberLink PowerDVD 8
"InstallShield_{45CA9B23-5EF8-43AA-9851-E9E062BF0147}" = Security Panel
"InstallShield_{469ED3E8-D21E-40E8-B00F-63516D26FAE3}" = O2Micro Flash Memory Card Windows Driver
"InstallShield_{5C3EA21C-22C0-4A44-BE58-D8CBB2F2B6B2}" = OZ711 SCR Driver
"InstallShield_{7254349B-460B-488F-B4DB-A96100C5C48B}" = Power Saving Utility
"InstallShield_{ABE8CE7E-01CC-4500-BAF5-FFC29EA108A1}" = Shock Sensor Utility
"InstallShield_{BA0CC975-682B-4678-A35C-05E607F36387}" = Fujitsu Hotkey Utility
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"InstallShield_{E8A5B78F-4456-4511-AB3D-E7BFFB974A7A}" = Fujitsu System Extension Utility
"LSI Soft Modem" = LSI HDA Modem
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.61.0.1400
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft IntelliPoint 8.2" = Microsoft IntelliPoint 8.2
"Microsoft IntelliType Pro 8.2" = Microsoft IntelliType Pro 8.2
"Microsoft Security Client" = Microsoft Security Essentials
"Mozilla Firefox 13.0.1 (x86 en-GB)" = Mozilla Firefox 13.0.1 (x86 en-GB)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Office14.Click2Run" = Microsoft Office Click-to-Run 2010
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"PC-Doctor for Windows" = Fujitsu Hardware Diagnostics Tool
"Pen Tablet Driver" = Pen Tablet
"Prism" = Prism Video File Converter
"ProInst" = Intel PROSet Wireless
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Visual Studio 6.0 Professional Edition" = Microsoft Visual Studio 6.0 Professional Edition
"Web_4.0.1303.0" = Microsoft Expression Web 4
"WebPost" = Microsoft Web Publishing Wizard 1.53
"WinLiveSuite" = Windows Live Essentials

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"InstallShield_{E56B8E1D-8E90-46DC-AE55-EBA87ED69A5F}" = DealBook 360
"SkyDriveSetup.exe" = Microsoft SkyDrive

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 10/07/2012 12:07:02 PM | Computer Name = felicity-TABLET | Source = TabletServicePen | ID = 0
Description =

Error - 10/07/2012 12:07:02 PM | Computer Name = felicity-TABLET | Source = TabletServicePen | ID = 0
Description =

Error - 10/07/2012 12:07:14 PM | Computer Name = felicity-TABLET | Source = TabletServicePen | ID = 0
Description =

Error - 10/07/2012 12:07:14 PM | Computer Name = felicity-TABLET | Source = TabletServicePen | ID = 0
Description =

Error - 10/07/2012 12:07:14 PM | Computer Name = felicity-TABLET | Source = TabletServicePen | ID = 0
Description =

Error - 10/07/2012 12:09:26 PM | Computer Name = felicity-TABLET | Source = Application Hang | ID = 1002
Description = The program sxt2dw2k.exe version 1.0.15.15641 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 1a00 Start
Time: 01cd5eb6350eba20 Termination Time: 16 Application Path: C:\Users\felicity\Desktop\sxt2dw2k.exe

Report
Id: 9b32153c-caa9-11e1-959b-002258c7044b

Error - 10/07/2012 12:18:26 PM | Computer Name = felicity-TABLET | Source = Application Error | ID = 1000
Description = Faulting application name: Skype.exe, version: 5.9.0.123, time stamp:
0x4fce1530 Faulting module name: Skype.exe, version: 5.9.0.123, time stamp: 0x4fce1530
Exception
code: 0xc0000005 Fault offset: 0x001e5a37 Faulting process id: 0x118c Faulting application
start time: 0x01cd5eb61290c69e Faulting application path: C:\Program Files\Skype\Phone\Skype.exe
Faulting
module path: C:\Program Files\Skype\Phone\Skype.exe Report Id: e013b8c4-caaa-11e1-959b-002258c7044b

Error - 10/07/2012 4:08:01 PM | Computer Name = felicity-TABLET | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 10/07/2012 4:08:01 PM | Computer Name = felicity-TABLET | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 13096627

Error - 10/07/2012 4:08:01 PM | Computer Name = felicity-TABLET | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 13096627

[ System Events ]
Error - 10/07/2012 12:06:59 PM | Computer Name = felicity-TABLET | Source = Service Control Manager | ID = 7023
Description = The Computer Browser service terminated with the following error:
%%1060

Error - 10/07/2012 12:07:00 PM | Computer Name = felicity-TABLET | Source = Service Control Manager | ID = 7003
Description = The IKE and AuthIP IPsec Keying Modules service depends the following
service: BFE. This service might not be installed.

Error - 10/07/2012 12:07:00 PM | Computer Name = felicity-TABLET | Source = Service Control Manager | ID = 7003
Description = The IPsec Policy Agent service depends the following service: BFE.
This service might not be installed.

Error - 10/07/2012 12:08:11 PM | Computer Name = felicity-TABLET | Source = DCOM | ID = 10016
Description =

Error - 10/07/2012 12:10:35 PM | Computer Name = felicity-TABLET | Source = Service Control Manager | ID = 7023
Description = The Function Discovery Resource Publication service terminated with
the following error: %%-2147024891

Error - 10/07/2012 12:10:35 PM | Computer Name = felicity-TABLET | Source = Service Control Manager | ID = 7001
Description = The HomeGroup Provider service depends on the Function Discovery Resource
Publication service which failed to start because of the following error: %%-2147024891

Error - 10/07/2012 12:25:42 PM | Computer Name = felicity-TABLET | Source = Service Control Manager | ID = 7023
Description = The Function Discovery Resource Publication service terminated with
the following error: %%-2147024891

Error - 10/07/2012 12:25:42 PM | Computer Name = felicity-TABLET | Source = Service Control Manager | ID = 7001
Description = The HomeGroup Provider service depends on the Function Discovery Resource
Publication service which failed to start because of the following error: %%-2147024891

Error - 10/07/2012 4:08:37 PM | Computer Name = felicity-TABLET | Source = Service Control Manager | ID = 7001
Description = The HomeGroup Provider service depends on the Function Discovery Resource
Publication service which failed to start because of the following error: %%-2147024891

Error - 10/07/2012 4:08:37 PM | Computer Name = felicity-TABLET | Source = Service Control Manager | ID = 7023
Description = The Function Discovery Resource Publication service terminated with
the following error: %%-2147024891


< End of report >

 

[Flick]

Please close this thread. Thank you so much for your help but I have reinstalled my computer completely as I didn't need anything on my hard drive.I'm following your final advice on what to do after you've been infected as well.

Thanks again for this service.

 

[Jay Pfoutz]

Personal Tips on Preventing Malware

See this page for more info about malware and prevention.

Topic marked solved and closed!