Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Used Combofix to clean Ping.exe, want to make sure I'm in the clear!


  • This topic is locked This topic is locked
25 replies to this topic

#1 mjcritchfield

mjcritchfield

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:03:32 PM

Posted 14 February 2012 - 01:45 AM

Hey guys,

I consider myself pretty computer savvy, but somehow I contracted a nasty virus. I first noticed my CPU was way up when I wasn't even doing anything. Then, my Microsoft Security Essentials started almost daily catching nasty sound backdoor trojans. I traced it back to my IE5 "temporary internet files" folder, and when I tried to delete the files the would pop right back up. After looking around on the web a little bit, I found a program called "Unlocker" for freeing up files that are "in use" to be deleted. When I used this tool, it told me that the files in the folder were attached to a process called "ping.exe," which I then found out was a super nasty virus.

That search led me to this site, where I found a person with a similar problem who was advised to download and use combofix. I proceeded to use it once, after which my internet connection didn't work. I then ran it again, and my internet connection was back - but I want to make sure that I'm in the clear. I've posted the combofix log file below. Also, what antivirus software would you advise that I run on my computer on a regular basis. Thanks so much for all of your help already - hope my worst virus days are behind me!

=======

ComboFix 12-02-13.01 - Max 02/13/2012 22:03:01.2.2 - x86
Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.3062.2328 [GMT -8:00]
Running from: c:\users\Max\Downloads\ComboFix.exe
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\$NtUninstallKB33825$\124834625
c:\windows\system32\GroupPolicy\Machine\Registry.pol
c:\windows\$NtUninstallKB33825$ . . . . Failed to delete
.
---- Previous Run -------
.
c:\windows\$NtUninstallKB33825$\1191428898\@
c:\windows\$NtUninstallKB33825$\1191428898\cfg.ini
c:\windows\$NtUninstallKB33825$\1191428898\Desktop.ini
c:\windows\$NtUninstallKB33825$\1191428898\L\xadqgnnk
c:\windows\$NtUninstallKB33825$\1191428898\oemid
c:\windows\$NtUninstallKB33825$\1191428898\U\00000001.@
c:\windows\$NtUninstallKB33825$\1191428898\U\00000002.@
c:\windows\$NtUninstallKB33825$\1191428898\U\00000004.@
c:\windows\$NtUninstallKB33825$\1191428898\U\80000000.@
c:\windows\$NtUninstallKB33825$\1191428898\U\80000004.@
c:\windows\$NtUninstallKB33825$\1191428898\U\80000032.@
c:\windows\$NtUninstallKB33825$\1191428898\version
c:\windows\$NtUninstallKB33825$\3519625755
c:\windows\system32\GroupPolicy\Machine\Registry.pol
.
-- Previous Run --
.
Infected copy of c:\windows\system32\userinit.exe was found and disinfected
Restored copy from - c:\windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
.
--------
.
c:\windows\system32\drivers\afd.sys was missing
Restored copy from - c:\windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.21712_none_da774a9ad5cea29e\afd.sys
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_.afd
.
.
((((((((((((((((((((((((( Files Created from 2012-01-14 to 2012-02-14 )))))))))))))))))))))))))))))))
.
.
2012-02-14 06:11 . 2012-02-14 06:13 -------- d-----w- c:\users\Max\AppData\Local\temp
2012-02-14 06:11 . 2012-02-14 06:11 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-02-14 06:11 . 2011-04-25 03:24 338944 ----a-w- c:\windows\system32\drivers\afd.sys
2012-02-13 20:12 . 2012-02-13 20:19 -------- d-----w- c:\program files\Unlocker
2012-02-11 01:12 . 2012-02-13 20:41 -------- d-----w- c:\users\Max\AppData\Local\Spotify
2012-02-11 01:11 . 2012-02-13 20:41 -------- d-----w- c:\users\Max\AppData\Roaming\Spotify
2012-02-11 01:06 . 2012-02-11 01:06 -------- d-----w- C:\ProcAlyzer Dumps
2012-02-10 23:10 . 2012-02-11 01:06 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2012-02-10 23:10 . 2012-02-14 04:13 -------- d-----w- c:\program files\Spybot - Search & Destroy 2
2012-02-08 22:05 . 2012-02-08 22:05 -------- d-----w- c:\windows\Temp86B8B378-2C7C-2EB3-C3BF-4ED0DFDB3F70-Signatures
2012-02-08 21:56 . 2012-02-08 21:56 -------- d-----w- c:\windows\Temp24020236-19EF-635D-F1C8-588110AE5B33-Signatures
2012-02-08 20:02 . 2012-02-08 22:11 -------- d-----w- c:\program files\Microsoft Security Essentials
2012-02-08 18:48 . 2012-02-13 17:47 0 --sha-w- c:\windows\system32\dds_trash_log.cmd
2012-02-01 06:50 . 2009-07-14 01:15 90624 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\HPZPPWN7.DLL
2012-01-28 05:32 . 2012-01-28 05:32 -------- d-----w- c:\program files\Integrate
2012-01-22 07:23 . 2011-11-17 05:41 134000 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2012-01-22 07:23 . 2011-11-17 05:34 224768 ----a-w- c:\windows\system32\schannel.dll
2012-01-22 07:23 . 2011-11-17 05:39 369352 ----a-w- c:\windows\system32\drivers\cng.sys
2012-01-22 07:23 . 2011-11-17 05:32 1038848 ----a-w- c:\windows\system32\lsasrv.dll
2012-01-22 07:23 . 2011-11-17 05:41 67440 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2012-01-22 07:23 . 2011-11-17 05:29 22528 ----a-w- c:\windows\system32\lsass.exe
2012-01-22 07:23 . 2011-11-17 05:35 314880 ----a-w- c:\windows\system32\webio.dll
2012-01-22 07:23 . 2011-11-17 05:34 100352 ----a-w- c:\windows\system32\sspicli.dll
2012-01-22 07:22 . 2011-11-17 05:34 15872 ----a-w- c:\windows\system32\sspisrv.dll
2012-01-22 07:22 . 2011-11-17 05:34 22016 ----a-w- c:\windows\system32\secur32.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-01-31 12:44 . 2010-08-25 07:21 237072 ------w- c:\windows\system32\MpSigStub.exe
2011-12-15 20:51 . 2011-12-15 20:52 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-12-10 23:24 . 2011-10-25 07:31 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-11-24 04:25 . 2011-12-14 17:20 2342912 ----a-w- c:\windows\system32\win32k.sys
2011-11-19 14:01 . 2012-01-11 17:20 67072 ----a-w- c:\windows\system32\packager.dll
2011-11-17 05:38 . 2012-01-11 17:20 1288472 ----a-w- c:\windows\system32\ntdll.dll
2011-11-16 17:12 . 2011-06-27 05:18 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-02-11 00:49 . 2012-02-11 00:26 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2010-10-06 23:36 94208 ----a-w- c:\users\Max\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2010-10-06 23:36 94208 ----a-w- c:\users\Max\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2010-10-06 23:36 94208 ----a-w- c:\users\Max\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2010-10-06 23:36 94208 ----a-w- c:\users\Max\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"VistaSwitcher"="c:\program files\VistaSwitcher\vswitch.exe" [2010-05-11 191440]
"F7B9E70633AFD6CEE6F29AC81DA30B2D6A21B039._service_run"="c:\users\Max\AppData\Local\Google\Chrome\Application\chrome.exe" [2012-02-07 1216496]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-24 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-24 173592]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-24 150552]
.
c:\users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Launchy.lnk - c:\program files\Launchy\Launchy.exe [2010-8-24 380928]
Rainmeter.lnk - c:\program files\Rainmeter\Rainmeter.exe [2011-9-18 100864]
Texter.lnk - c:\program files\Texter\texter.exe [2007-11-6 377303]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean.exe
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Air Mouse.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Air Mouse.lnk
backup=c:\windows\pss\Air Mouse.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft Office.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk
backup=c:\windows\pss\Microsoft Office.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^Users^Max^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk]
path=c:\users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
backup=c:\windows\pss\Dropbox.lnk.Startup
backupExtension=.Startup
.
[HKLM\~\startupfolder\C:^Users^Max^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Logitech . Product Registration.lnk]
path=c:\users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Product Registration.lnk
backup=c:\windows\pss\Logitech . Product Registration.lnk.Startup
backupExtension=.Startup
.
[HKLM\~\startupfolder\C:^Users^Max^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk]
path=c:\users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
backup=c:\windows\pss\OneNote 2007 Screen Clipper and Launcher.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2011-11-02 07:25 59240 ----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\F7B9E70633AFD6CEE6F29AC81DA30B2D6A21B039._service_run]
2012-02-07 05:35 1216496 ----a-w- c:\users\Max\AppData\Local\Google\Chrome\Application\chrome.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2010-08-26 03:35 136176 ----atw- c:\users\Max\AppData\Local\Google\Update\GoogleUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2011-12-08 09:36 421736 ----a-w- c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LWS]
2011-08-12 19:18 205336 ----a-w- c:\program files\Logitech\LWS\Webcam Software\LWS.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2011-10-24 22:28 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2011-04-08 19:59 254696 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VirtualCloneDrive]
2011-03-07 13:33 89456 ----a-w- c:\program files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
.
R2 5689;5689;c:\windows\TEMP\5689.sys [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-11-29 136176]
R2 NecUsb3;USB3 Service;c:\windows\System32\svchost.exe [2009-07-14 20992]
R3 AirDisplay;Air Display Support;c:\windows\system32\DRIVERS\AVVideoCard.sys [2010-09-07 6656]
R3 cpudrv;cpudrv;c:\program files\SystemRequirementsLab\cpudrv.sys [2009-12-18 11336]
R3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2010-11-29 136176]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4640000]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-08-25 1343400]
S2 UMVPFSrv;UMVPFSrv;c:\program files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2011-08-19 450848]
S3 netw5v32;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2011-06-10 394856]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
NecUsb3Sevic REG_MULTI_SZ NecUsb3
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
aswupdsv
.
Contents of the 'Scheduled Tasks' folder
.
2012-02-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-11-29 21:26]
.
2012-02-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-11-29 21:26]
.
2012-02-13 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3427279702-381020510-3824582292-1001Core.job
- c:\users\Max\AppData\Local\Google\Update\GoogleUpdate.exe [2010-08-26 03:35]
.
2012-02-13 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3427279702-381020510-3824582292-1001UA.job
- c:\users\Max\AppData\Local\Google\Update\GoogleUpdate.exe [2010-08-26 03:35]
.
.
------- Supplementary Scan -------
.
uStart Page = about:blank
uInternet Settings,ProxyOverride = *.local
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office14\EXCEL.EXE/3000
IE: Open with XmlPad - c:\program files\WMHelp Software\WMHelp XmlPad\WmhASPP.dll/101
TCP: DhcpNameServer = 75.75.75.75 75.75.76.76
Handler: wmh - {A1428E78-2D00-4590-A071-0CC9700A7768} - c:\program files\WMHelp Software\WMHelp XmlPad\WmhASPP.dll
FF - ProfilePath - c:\users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\0sfu1dnx.default\
FF - prefs.js: browser.startup.homepage - about:home
FF - prefs.js: keyword.URL - hxxp://vshare.toolbarhome.com/search.aspx?srch=ku&q=
FF - prefs.js: network.proxy.type - 0
.
- - - - ORPHANS REMOVED - - - -
.
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
HKLM-Run-Spybot-S&D Cleaning - c:\program files\Spybot - Search & Destroy 2\SDCleaner.exe
MSConfigStartUp-hpqSRMon - c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe
MSConfigStartUp-MSC - c:\program files\Microsoft Security Client\msseces.exe
MSConfigStartUp-VC10Player - c:\program files\Virtual CD v10\System\VC10Play.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'Explorer.exe'(1900)
c:\users\Max\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\WUDFHost.exe
c:\windows\system32\taskhost.exe
c:\windows\system32\conhost.exe
c:\windows\system32\igfxsrvc.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\system32\DllHost.exe
c:\windows\system32\sppsvc.exe
c:\windows\system32\sdclt.exe
.
**************************************************************************
.
Completion time: 2012-02-13 22:18:09 - machine was rebooted
ComboFix-quarantined-files.txt 2012-02-14 06:18
.
Pre-Run: 115,525,111,808 bytes free
Post-Run: 115,193,921,536 bytes free
.
- - End Of File - - C487769890FF50A3CE6A26FDF729785B

BC AdBot (Login to Remove)

 


#2 SweetTech

SweetTech

    Agent ST


  • Members
  • 13,421 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Antarctica
  • Local time:07:32 PM

Posted 17 February 2012 - 03:16 AM

Hello and welcome to the forums!

My secret agent name on the forums is SweetTech (you can call me Agent ST for short), it's a pleasure to meet you. :)

I am very sorry for the delay in responding, but as you can see we are at the moment being flooded with logs which, when paired with the never-ending shortage of helpers, resulted in the delayed responding to your thread.

I would be glad to take a look at your log and help you with solving any malware problems.

If you have since resolved the issues you were originally experiencing, or have received help elsewhere, please inform me so that this topic can be closed.

If you have not, please adhere to the guidelines below and then follow instructions as outlined further below:


  • Logs from malware removal programs (OTL is one of them) can take some time to analyze. I need you to be patient while I analyze any logs you post. Please remember, I am a volunteer, and I do have a life outside of these forums.
  • Please make sure to carefully read any instruction that I give you. Attention to detail is important! Since I cannot see or directly interact with your computer I am dependent on you to "be my eyes" and provide as much information as you can regarding the current state of your computer.
  • If you're not sure, or if something unexpected happens, do NOT continue! Stop and ask!
  • In Windows Vista and Windows 7, all tools need to be started by right clicking and selecting Run as Administrator!
  • If I instruct you to download a specific tool in which you already have, please delete the copy that you have and re-download the tool. The reason I ask you to do this is because these tools are updated fairly regularly.
  • Do not do things I do not ask for, such as running a spyware scan on your computer. The one thing that you should always do, is to make sure sure that your anti-virus definitions are up-to-date!
  • Please do not use the Attachment feature for any log file. Do a Copy/Paste of the entire contents of the log file and submit it inside your post.
  • I am going to stick with you until ALL malware is gone from your system. I would appreciate it if you would do the same. From this point, we're in this together ;)
    Because of this, you must reply within three days
    failure to reply will result in the topic being closed!
  • Lastly, I am no magician. I will try very hard to fix your issues, but no promises can be made. Also be aware that some infections are so severe that you might need to resort to reformatting and reinstalling your operating system.
    Don't worry, this only happens in severe cases, but it sadly does happen. Be prepared to back up your data. Have means of backing up your data available.

____________________________________________________

Also, what antivirus software would you advise that I run on my computer on a regular basis. Thanks so much for all of your help already - hope my worst virus days are behind me!

In response to your question about what Anti-Virus program to use, I'd go with either Microsoft Security Essentials or Avast.


=========

It appears you're infected with an infection known as ZeroAccess.

ZeroAccess (Max++) Rootkit (aka: Sirefef) is a sophisticated rootkit that uses advanced technology to hide its presence in a system and can infect both x86 and x64 platforms. ZeroAccess is similar to the TDSS rootkit but has more self-protection mechanisms that can be used to disable anti-virus software resulting in "Access Denied" messages whenever you run a security application. For more specific information about this infection, please refer to:


NEXT:



Posted Image One or more of the identified infections is a backdoor trojan and password stealer.

This type of infection allows hackers to access and remotely control your computer, log keystrokes, steal critical system information, and download and execute files without your knowledge.
If you do any banking or other financial transactions on the PC or if it contains any other sensitive information, then from a clean computer, change all passwords where applicable.
It would also be wise to contact those same financial institutions to appraise them of your situation.


I highly suggest you take a look at the two links provided below:
1. How Do I Handle Possible Identify Theft, Internet Fraud, and CC Fraud?
2. When should I re-format? How should I reinstall?


We can still clean this machine but I can't guarantee that it will be 100% secure afterwards. Let me know what you decide to do. If you decide to go through with the cleanup, please proceed with the following steps.



NEXT:



Running TDSSKiller

Download the latest version of TDSSKiller from here and save it to your Desktop.


  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.

    Posted Image
  • Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.

    Posted Image
  • Click the Start Scan button.

    Posted Image
  • If a suspicious object is detected, the default action will be Skip, click on Continue.

    Posted Image
  • If malicious objects are found, they will show in the Scan results and offer three (3) options.
  • Ensure SKIP is selected, then click Continue => Reboot now to finish the cleaning process.

    Posted Image
  • Note: Do not choose Cure or Delete unless instructed.

A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.


NEXT:



Farbar Service Scanner

Please download Farbar Service Scanner and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center
    • Windows Update
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.


NEXT:



Hi!

Still getting the open explorer window on reboot and the eventual MS malware tool allow/deny UAC screen.

We'll worry about that later.

My taskbar now shows limited/no connectivity on an unknown network, instead of indicating no network connection.

Well that is progress! :)

I'd like to get a look

Re-Running OTL

We need to create a New FULL OTL Report
  • Please download OTL from here if you have not done so already:
  • Save it to your desktop.
  • Double click on the Posted Image icon on your desktop.
  • Click the "Scan All Users" checkbox.
  • Change the "Extra Registry" option to "SafeList"
  • In the custom scan box paste the following:
    msconfig
    safebootminimal
    activex
    drivers32
    netsvcs
    "%WinDir%\$NtUninstallKB*$." /30
    C:\Program Files\Common Files\ComObjects\*.* /s
    %systemroot%\*. /mp /s
    %systemroot%\*. /rp /s
    %systemroot%\system32\*.dll /lockedfiles
    %systemroot%\Tasks\*.job /lockedfiles
    %systemroot%\system32\drivers\*.sys /lockedfiles
    %systemroot%\System32\config\*.sav
    %systemroot%\system32\drivers\*.sys /90
    %SYSTEMDRIVE%\*.exe
    /md5start
    volsnap.sys
    atapi.sys
    explorer.exe
    winlogon.exe
    wininit.exe
    tdx.sys
    /md5stop
    hklm\software\clients\startmenuinternet|command /rs
    hklm\software\clients\startmenuinternet|command /64 /rs
    
  • Push the Posted Image button.
  • Two reports will open, copy and paste them in a reply here:
    • OTL.txt <-- Will be opened
    • Extras.txt <-- Will be minimized


NEXT:



Please make sure you include the following items in your next post:

1. Any comments or questions you may have that you'd like for me to answer in my next post to you.
2. TDSSKiller log.
3. Farbar Service Scanner log.
4. OTL.txt & Extras.txt logs.
5. An update on how your computer is currently running.

It would be helpful if you could answer each question in the order asked, as well as numbering your answers.


Please let me know how the above scans go.

Kindest Regards,
Agent ST.

Have I helped you? If you'd like to assist in the fight against malware, click here Posted Image


The instructions seen in this post have been specifically tailored to this user and the issues they are experiencing with their computer. If you think you have a similar problem, please first read this topic, and then begin your own, new thread. I do not offer private support via Private Message.


#3 mjcritchfield

mjcritchfield
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:03:32 PM

Posted 20 February 2012 - 10:24 PM

Hey Agent ST,

Thanks so much for getting back to me! I ran all the scans, and here are the logs you asked for:
=======

1. TDSSKILLER LOG:


19:21:39.0190 2812 TDSS rootkit removing tool 2.7.13.0 Feb 15 2012 19:33:14
19:21:39.0747 2812 ============================================================
19:21:39.0747 2812 Current date / time: 2012/02/20 19:21:39.0747
19:21:39.0747 2812 SystemInfo:
19:21:39.0747 2812
19:21:39.0747 2812 OS Version: 6.1.7601 ServicePack: 1.0
19:21:39.0747 2812 Product type: Workstation
19:21:39.0747 2812 ComputerName: MAXLAPPY
19:21:39.0747 2812 UserName: Max
19:21:39.0747 2812 Windows directory: C:\Windows
19:21:39.0747 2812 System windows directory: C:\Windows
19:21:39.0747 2812 Processor architecture: Intel x86
19:21:39.0747 2812 Number of processors: 2
19:21:39.0747 2812 Page size: 0x1000
19:21:39.0747 2812 Boot type: Normal boot
19:21:39.0747 2812 ============================================================
19:21:41.0087 2812 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
19:21:41.0087 2812 Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
19:21:41.0087 2812 Drive \Device\Harddisk2\DR2 - Size: 0x75400000 (1.83 Gb), SectorSize: 0x200, Cylinders: 0xEF, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
19:21:41.0097 2812 \Device\Harddisk0\DR0:
19:21:41.0097 2812 MBR used
19:21:41.0097 2812 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x14410AA, BlocksNum 0x23FED000
19:21:41.0097 2812 \Device\Harddisk1\DR1:
19:21:41.0097 2812 MBR used
19:21:41.0097 2812 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A384800
19:21:41.0097 2812 \Device\Harddisk2\DR2:
19:21:41.0097 2812 MBR used
19:21:41.0097 2812 \Device\Harddisk2\DR2\Partition0: MBR, Type 0x6, StartLBA 0x89, BlocksNum 0x3A9F77
19:21:41.0127 2812 Initialize success
19:21:41.0127 2812 ============================================================

========

2. FARBAR SERVICE SCANNER LOG:

Farbar Service Scanner Version: 14-02-2012
Ran by Max (administrator) on 20-02-2012 at 19:02:55
Running from "C:\Users\Max\Downloads"
Microsoft Windows 7 Professional Service Pack 1 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Yahoo IP is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============

Windows Update:
============

File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcore.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys
[2012-02-13 22:11] - [2011-04-24 19:24] - 0338944 ____A (Microsoft Corporation) C427F91A748CD342A2B3F9278D9FD6A5

C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\system32\dnsrslvr.dll => MD5 is legit
C:\Windows\system32\mpssvc.dll => MD5 is legit
C:\Windows\system32\bfe.dll => MD5 is legit
C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe => MD5 is legit
C:\Windows\system32\wscsvc.dll => MD5 is legit
C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll => MD5 is legit
C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit


**** End of log ****

======

3A. OTL LOGS: MAIN LOG FILE

OTL logfile created on: 2/20/2012 7:04:47 PM - Run 1
OTL by OldTimer - Version 3.2.33.1 Folder = C:\Users\Max\Downloads
Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.99 Gb Total Physical Memory | 1.41 Gb Available Physical Memory | 47.17% Memory free
5.98 Gb Paging File | 4.08 Gb Available in Paging File | 68.22% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 287.96 Gb Total Space | 111.91 Gb Free Space | 38.86% Space Free | Partition Type: NTFS
Drive E: | 1.83 Gb Total Space | 1.83 Gb Free Space | 99.70% Space Free | Partition Type: FAT
Drive F: | 465.76 Gb Total Space | 317.49 Gb Free Space | 68.17% Space Free | Partition Type: NTFS

Computer Name: MAXLAPPY | User Name: Max | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/02/20 19:03:50 | 000,583,168 | ---- | M] (OldTimer Tools) -- C:\Users\Max\Downloads\OTL.exe
PRC - [2012/02/20 19:01:29 | 000,337,039 | ---- | M] () -- C:\Users\Max\Downloads\FSS.exe
PRC - [2012/01/30 10:35:14 | 000,400,480 | ---- | M] (BillP Studios) -- C:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe
PRC - [2011/09/18 07:54:38 | 000,100,864 | ---- | M] () -- C:\Program Files\Rainmeter\Rainmeter.exe
PRC - [2011/08/19 01:26:50 | 000,450,848 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe
PRC - [2011/06/15 15:16:48 | 000,997,920 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2011/04/27 15:39:26 | 000,208,944 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
PRC - [2011/04/27 15:39:26 | 000,011,736 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
PRC - [2011/02/24 21:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010/11/20 04:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010/04/03 13:05:46 | 000,380,928 | ---- | M] () -- C:\Program Files\Launchy\Launchy.exe
PRC - [2007/11/06 15:20:15 | 000,377,303 | ---- | M] () -- C:\Program Files\Texter\texter.exe


========== Modules (No Company Name) ==========

MOD - [2012/02/20 19:01:29 | 000,337,039 | ---- | M] () -- C:\Users\Max\Downloads\FSS.exe
MOD - [2012/02/14 05:21:41 | 000,446,960 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\Application\19.0.1041.0\ppgooglenaclpluginchrome.dll
MOD - [2012/02/14 05:21:39 | 003,915,248 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\Application\19.0.1041.0\pdf.dll
MOD - [2012/02/14 05:20:23 | 000,551,408 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\Application\19.0.1041.0\libglesv2.dll
MOD - [2012/02/14 05:20:22 | 000,117,744 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\Application\19.0.1041.0\libegl.dll
MOD - [2012/02/14 05:20:12 | 000,122,880 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\Application\19.0.1041.0\avutil-51.dll
MOD - [2012/02/14 05:20:10 | 000,220,672 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\Application\19.0.1041.0\avformat-53.dll
MOD - [2012/02/14 05:20:09 | 001,747,456 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\Application\19.0.1041.0\avcodec-53.dll
MOD - [2012/02/14 04:32:20 | 008,746,656 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\Application\19.0.1041.0\gcswf32.dll
MOD - [2011/11/08 12:46:02 | 000,093,696 | ---- | M] () -- C:\Program Files\FileZilla FTP Client\fzshellext.dll
MOD - [2011/09/18 07:55:10 | 000,143,360 | ---- | M] () -- C:\Program Files\Rainmeter\Plugins\WebParser.dll
MOD - [2011/09/18 07:54:50 | 000,020,992 | ---- | M] () -- C:\Program Files\Rainmeter\Plugins\PowerPlugin.dll
MOD - [2011/09/18 07:54:38 | 000,100,864 | ---- | M] () -- C:\Program Files\Rainmeter\Rainmeter.exe
MOD - [2011/09/18 07:54:36 | 000,625,152 | ---- | M] () -- C:\Program Files\Rainmeter\Rainmeter.dll
MOD - [2011/04/14 17:01:33 | 000,548,854 | ---- | M] () -- C:\Program Files\BillP Studios\WinPatrol\sqlite3.dll
MOD - [2010/04/03 13:06:20 | 000,081,920 | ---- | M] () -- C:\Program Files\Launchy\plugins\calcy.dll
MOD - [2010/04/03 13:06:08 | 000,024,064 | ---- | M] () -- C:\Program Files\Launchy\plugins\gcalc.dll
MOD - [2010/04/03 13:06:02 | 000,094,208 | ---- | M] () -- C:\Program Files\Launchy\plugins\runner.dll
MOD - [2010/04/03 13:05:54 | 000,122,880 | ---- | M] () -- C:\Program Files\Launchy\plugins\weby.dll
MOD - [2010/04/03 13:05:46 | 000,380,928 | ---- | M] () -- C:\Program Files\Launchy\Launchy.exe
MOD - [2010/04/03 13:05:32 | 000,057,344 | ---- | M] () -- C:\Program Files\Launchy\plugins\verby.dll
MOD - [2010/04/03 13:05:22 | 000,090,112 | ---- | M] () -- C:\Program Files\Launchy\plugins\controly.dll
MOD - [2009/12/17 00:18:48 | 000,233,472 | ---- | M] () -- C:\Program Files\Launchy\imageformats\qmng4.dll
MOD - [2009/12/16 22:13:02 | 008,314,880 | ---- | M] () -- C:\Program Files\Launchy\QtGui4.dll
MOD - [2009/12/16 21:56:22 | 000,712,704 | ---- | M] () -- C:\Program Files\Launchy\QtNetwork4.dll
MOD - [2009/12/16 21:54:46 | 002,236,416 | ---- | M] () -- C:\Program Files\Launchy\QtCore4.dll
MOD - [2007/11/06 15:20:15 | 000,377,303 | ---- | M] () -- C:\Program Files\Texter\texter.exe


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (NecUsb3)
SRV - File not found [Auto | Stopped] -- -- (aswupdsv)
SRV - [2011/08/19 01:26:50 | 000,450,848 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe -- (UMVPFSrv)
SRV - [2011/04/27 15:39:26 | 000,208,944 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv)
SRV - [2011/04/27 15:39:26 | 000,011,736 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV - [2010/09/13 10:48:12 | 000,025,704 | R--- | M] (Amazon.com) [On_Demand | Stopped] -- C:\Program Files\Amazon\Amazon Unbox Video\ADVWindowsClientService.exe -- (ADVService)
SRV - [2010/08/24 23:30:19 | 001,343,400 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2009/07/13 17:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)
SRV - [2009/07/13 17:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/13 17:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/07/13 17:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)


========== Driver Services (SafeList) ==========

DRV - [2012/02/20 18:58:31 | 000,029,904 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{0638DE44-3E7C-4D46-8A4D-A26F5CF8663E}\MpKsl53b8c564.sys -- (MpKsl53b8c564)
DRV - [2011/08/19 01:26:50 | 004,334,624 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lvuvc.sys -- (LVUVC) Logitech HD Webcam C310(UVC)
DRV - [2011/08/19 01:26:46 | 000,315,808 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lvrs.sys -- (LVRS)
DRV - [2011/04/27 15:25:24 | 000,065,024 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2011/04/18 13:18:50 | 000,043,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\MpNWMon.sys -- (MpNWMon)
DRV - [2010/11/29 13:47:22 | 000,231,248 | ---- | M] (TrueCrypt Foundation) [Kernel | System | Running] -- C:\Windows\System32\drivers\truecrypt.sys -- (truecrypt)
DRV - [2010/11/24 12:11:32 | 000,037,920 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tbhsd.sys -- (tbhsd)
DRV - [2010/11/20 04:30:17 | 000,296,064 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\vpcvmm.sys -- (vpcvmm)
DRV - [2010/11/20 04:30:17 | 000,172,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vpchbus.sys -- (vpcbus)
DRV - [2010/11/20 04:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vmbus.sys -- (vmbus)
DRV - [2010/11/20 04:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010/11/20 04:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\storvsc.sys -- (storvsc)
DRV - [2010/11/20 02:50:38 | 000,078,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vpcusb.sys -- (vpcusb)
DRV - [2010/11/20 02:50:37 | 000,048,128 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\vpcnfltr.sys -- (vpcnfltr)
DRV - [2010/11/20 02:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 01:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/11/20 01:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010/11/20 01:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010/09/07 11:57:32 | 000,006,656 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AVVideoCard.sys -- (AirDisplay)
DRV - [2009/12/18 09:58:52 | 000,011,336 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\SystemRequirementsLab\cpudrv.sys -- (cpudrv)
DRV - [2009/07/13 15:45:33 | 000,083,456 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\serial.sys -- (Serial)
DRV - [2009/07/13 14:13:48 | 001,035,776 | ---- | M] (LSI Corp) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2009/07/13 14:02:51 | 004,231,168 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\netw5v32.sys -- (netw5v32) Intel®


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========



IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-3427279702-381020510-3824582292-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-3427279702-381020510-3824582292-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKU\S-1-5-21-3427279702-381020510-3824582292-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 4B 79 2F 22 9E 5E CC 01 [binary data]
IE - HKU\S-1-5-21-3427279702-381020510-3824582292-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3427279702-381020510-3824582292-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Web Search..."
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.startup.homepage: "about:home"
FF - prefs.js..keyword.URL: "http://vshare.toolbarhome.com/search.aspx?srch=ku&q="
FF - prefs.js..network.proxy.type: 0

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.0.61118.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Max\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Max\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Max\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Max\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/02/10 16:49:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/02/14 09:10:03 | 000,000,000 | ---D | M]

[2010/08/24 23:03:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Max\AppData\Roaming\Mozilla\Extensions
[2012/02/09 12:03:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\0sfu1dnx.default\extensions
[2012/01/21 15:09:39 | 000,000,000 | ---D | M] (Evernote Web Clipper) -- C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\0sfu1dnx.default\extensions\{E0B8C461-F8FB-49b4-8373-FE32E9252800}
[2011/03/25 11:44:24 | 000,000,000 | ---D | M] (LogMeIn, Inc. Remote Access Plugin) -- C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\0sfu1dnx.default\extensions\LogMeInClient@logmein.com
[2012/02/13 22:37:48 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/02/13 22:37:48 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}
[2012/02/10 16:49:42 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/11/10 05:54:13 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2010/08/26 09:11:35 | 000,075,208 | ---- | M] (Foxit Software Company) -- C:\Program Files\mozilla firefox\plugins\npFoxitReaderPlugin.dll
[2012/01/29 05:36:35 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/01/29 05:36:35 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms},
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Max\AppData\Local\Google\Chrome\Application\19.0.1041.0\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Max\AppData\Local\Google\Chrome\Application\19.0.1041.0\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Max\AppData\Local\Google\Chrome\Application\19.0.1041.0\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Max\AppData\Local\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Java Deployment Toolkit 6.0.300.12 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U30 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Foxit Reader Plugin for Mozilla (Enabled) = C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Google Talk Plugin (Enabled) = C:\Users\Max\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Users\Max\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL
CHR - plugin: Picasa (Enabled) = C:\Program Files\Google\Picasa3\npPicasa3.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\5.0.61118.0\npctrl.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Windows Activation Technologies (Enabled) = C:\Windows\system32\Wat\npWatWeb.dll
CHR - Extension: YouTube = C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.4_0\
CHR - Extension: Minimalist for Everything [Beta] = C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmihblnpomgpjkfddepdpdafhhepdbek\0.5.20_0\
CHR - Extension: Add to Amazon Wish List = C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.8_0\
CHR - Extension: Google Search = C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.17_0\
CHR - Extension: Mailto: for Gmail\uFFFD = C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgkkmcknielgdhebimdnfahpipajcpjn\2.3_0\
CHR - Extension: Offline Google Mail = C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk\1.13_0\
CHR - Extension: Google Calendar = C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn\4.5.3_0\
CHR - Extension: Springpad = C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkmopoamfjnmppabeaphohombnjcjgla\4_0\
CHR - Extension: LastPass = C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\
CHR - Extension: Cloud Reader = C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdipabjmbhpdkjaihfjoikhjjeneebd\1.0.0.0_0\
CHR - Extension: Google Voice (by Google) = C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcnhkahnjcbndmmehfkdnkjomaanaooo\2.3.6.1_0\
CHR - Extension: Simplenote = C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfjoocpipbbafoimjgbkmfnjcjejdbjo\2_0\
CHR - Extension: Super Full Feeds for Google Reader\uFFFD = C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\khbjahpecnkenngkidhioicnfpakihgo\1.3.2_0\
CHR - Extension: StayFocusd = C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\laankejkbhbdhmipfmgcngdelahlfoji\1.2.0.15_0\
CHR - Extension: Springpad Extension = C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.4.1107.26_0\
CHR - Extension: relaxpls.com = C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\npmnpijamnjkmkcpfkadpmdhhehabcld\1.0_0\
CHR - Extension: Weather Underground = C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjejbgheonogbpfkkjigbmahaljipoej\1.2_0\
CHR - Extension: Weather Underground = C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjejbgheonogbpfkkjigbmahaljipoej\1.6_0\
CHR - Extension: Gmail = C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012/02/13 22:13:10 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O4 - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [WinPatrol] C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe (BillP Studios)
O4 - Startup: C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Launchy.lnk = C:\Program Files\Launchy\Launchy.exe ()
O4 - Startup: C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk = C:\Program Files\Rainmeter\Rainmeter.exe ()
O4 - Startup: C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Texter.lnk = C:\Program Files\Texter\texter.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 177
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3427279702-381020510-3824582292-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3427279702-381020510-3824582292-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 177
O7 - HKU\S-1-5-21-3427279702-381020510-3824582292-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Open with XmlPad - C:\Program Files\WMHelp Software\WMHelp XmlPad\WmhASPP.dll (WMHelp Software)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 75.75.75.75 75.75.76.76
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{19D5F0D6-7A0A-496A-8B20-23C68FCC416D}: DhcpNameServer = 75.75.75.75 75.75.76.76
O18 - Protocol\Handler\wmh {A1428E78-2D00-4590-A071-0CC9700A7768} - C:\Program Files\WMHelp Software\WMHelp XmlPad\WmhASPP.dll (WMHelp Software)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 13:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Air Mouse.lnk - C:\Program Files\Air Mouse\Air Mouse\Air Mouse.exe - ()
MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk - - File not found
MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft Office.lnk - - File not found
MsConfig - StartUpFolder: C:^Users^Max^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk - C:\Users\Max\AppData\Roaming\Dropbox\bin\Dropbox.exe - (Dropbox, Inc.)
MsConfig - StartUpFolder: C:^Users^Max^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Logitech . Product Registration.lnk - C:\Program Files\Logitech\Ereg\eReg.exe - (Leader Technologies/Logitech)
MsConfig - StartUpFolder: C:^Users^Max^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk - - File not found
MsConfig - StartUpReg: APSDaemon - hkey= - key= - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
MsConfig - StartUpReg: F7B9E70633AFD6CEE6F29AC81DA30B2D6A21B039._service_run - hkey= - key= - C:\Users\Max\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.)
MsConfig - StartUpReg: Google Update - hkey= - key= - C:\Users\Max\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
MsConfig - StartUpReg: iTunesHelper - hkey= - key= - C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
MsConfig - StartUpReg: LWS - hkey= - key= - C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
MsConfig - StartUpReg: QuickTime Task - hkey= - key= - C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
MsConfig - StartUpReg: SunJavaUpdateSched - hkey= - key= - C:\Program Files\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
MsConfig - StartUpReg: VirtualCloneDrive - hkey= - key= - C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe (Elaborate Bytes AG)
MsConfig - StartUpReg: VistaSwitcher - hkey= - key= - File not found
MsConfig - State: "startup" - 2
MsConfig - State: "services" - 2

SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: MsMpSvc - C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation)
SafeBootMin: NTDS - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.i420 - C:\Windows\System32\lvcodec2.dll (Logitech Inc.)

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: aswupdsv - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

========== Files/Folders - Created Within 30 Days ==========

[2012/02/16 11:31:32 | 000,000,000 | ---D | C] -- C:\Program Files\FileHippo.com
[2012/02/16 11:15:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader 5.0
[2012/02/16 11:13:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit PDF Editor
[2012/02/16 11:12:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit PDF IFilter
[2012/02/16 11:11:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012/02/16 11:09:54 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012/02/16 11:09:52 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2012/02/15 20:10:43 | 000,000,000 | ---D | C] -- C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
[2012/02/15 20:10:41 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2012/02/15 17:56:24 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2012/02/15 09:32:45 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012/02/15 09:32:43 | 001,798,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2012/02/15 09:32:43 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012/02/15 09:32:42 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012/02/15 09:32:42 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012/02/15 09:32:38 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2012/02/15 09:31:59 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\timedate.cpl
[2012/02/15 09:31:44 | 002,343,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2012/02/13 23:09:39 | 000,000,000 | ---D | C] -- C:\Users\Max\AppData\Local\Apple
[2012/02/13 23:09:25 | 000,000,000 | ---D | C] -- C:\Users\Max\AppData\Local\Apple Computer
[2012/02/13 22:58:32 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2012/02/13 22:54:35 | 000,000,000 | ---D | C] -- C:\Users\Max\AppData\Roaming\WinPatrol
[2012/02/13 22:54:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPatrol
[2012/02/13 22:54:31 | 000,000,000 | ---D | C] -- C:\ProgramData\InstallMate
[2012/02/13 22:54:31 | 000,000,000 | ---D | C] -- C:\Program Files\BillP Studios
[2012/02/13 22:39:20 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2012/02/13 22:37:46 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2012/02/13 22:37:46 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2012/02/13 22:37:46 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2012/02/13 22:18:11 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2012/02/13 22:16:39 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012/02/13 22:11:16 | 000,000,000 | ---D | C] -- C:\Users\Max\AppData\Local\temp
[2012/02/13 12:50:25 | 000,295,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\vpcvmm.svs
[2012/02/13 12:43:41 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012/02/13 12:43:41 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012/02/13 12:43:40 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012/02/13 12:43:10 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2012/02/13 12:42:04 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/02/13 12:12:36 | 000,000,000 | ---D | C] -- C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
[2012/02/13 12:12:36 | 000,000,000 | ---D | C] -- C:\Program Files\Unlocker
[2012/02/10 17:21:06 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2012/02/10 17:21:06 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2012/02/10 17:21:05 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2012/02/10 17:21:05 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2012/02/10 17:21:05 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[2012/02/10 17:21:05 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
[2012/02/10 17:21:05 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2012/02/10 17:21:05 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2012/02/10 17:21:05 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2012/02/10 17:21:05 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2012/02/10 17:21:05 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2012/02/10 17:21:04 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2012/02/10 17:21:04 | 000,580,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2012/02/10 17:21:04 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2012/02/10 17:21:04 | 000,353,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2012/02/10 17:21:04 | 000,353,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2012/02/10 17:21:04 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2012/02/10 17:21:04 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2012/02/10 17:21:04 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2012/02/10 17:21:04 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2012/02/10 17:21:04 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2012/02/10 17:21:04 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2012/02/10 17:21:04 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2012/02/10 17:21:04 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2012/02/10 17:21:03 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2012/02/10 17:21:03 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2012/02/10 17:21:03 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2012/02/10 17:21:03 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2012/02/10 17:21:03 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2012/02/10 17:21:03 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2012/02/10 17:21:03 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2012/02/10 17:12:08 | 000,000,000 | ---D | C] -- C:\Users\Max\AppData\Local\Spotify
[2012/02/10 17:11:35 | 000,000,000 | ---D | C] -- C:\Users\Max\AppData\Roaming\Spotify
[2012/02/10 17:06:41 | 000,000,000 | ---D | C] -- C:\ProcAlyzer Dumps
[2012/02/10 15:10:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2012/02/10 15:10:03 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy 2
[2012/02/10 15:01:45 | 000,000,000 | ---D | C] -- C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2012/02/08 14:05:07 | 000,000,000 | ---D | C] -- C:\Windows\Temp86B8B378-2C7C-2EB3-C3BF-4ED0DFDB3F70-Signatures
[2012/02/08 13:56:10 | 000,000,000 | ---D | C] -- C:\Windows\Temp24020236-19EF-635D-F1C8-588110AE5B33-Signatures
[2012/02/08 12:02:44 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Essentials
[2012/01/27 21:32:00 | 000,000,000 | ---D | C] -- C:\Program Files\Integrate
[2012/01/23 20:04:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2012/01/21 23:23:00 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\webio.dll
[2012/01/21 23:22:59 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sspisrv.dll
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/02/20 18:15:01 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/02/20 18:03:34 | 000,013,472 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/02/20 18:03:34 | 000,013,472 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/02/20 17:55:58 | 2408,390,656 | -HS- | M] () -- C:\hiberfil.sys
[2012/02/18 16:48:55 | 000,662,446 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/02/18 16:48:55 | 000,122,242 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/02/15 10:16:55 | 000,542,888 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012/02/13 22:58:54 | 000,001,945 | ---- | M] () -- C:\Windows\epplauncher.mif
[2012/02/13 22:13:10 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2012/02/13 09:47:27 | 000,000,000 | -HS- | M] () -- C:\Windows\System32\dds_trash_log.cmd
[2012/02/10 23:38:11 | 000,001,407 | ---- | M] () -- C:\Users\Max\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/02/10 17:21:06 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2012/02/10 17:21:06 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2012/02/10 17:21:05 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2012/02/10 17:21:05 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2012/02/10 17:21:05 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[2012/02/10 17:21:05 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
[2012/02/10 17:21:05 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2012/02/10 17:21:05 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2012/02/10 17:21:05 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2012/02/10 17:21:05 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2012/02/10 17:21:05 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2012/02/10 17:21:04 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2012/02/10 17:21:04 | 000,580,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2012/02/10 17:21:04 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2012/02/10 17:21:04 | 000,353,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2012/02/10 17:21:04 | 000,353,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2012/02/10 17:21:04 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2012/02/10 17:21:04 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2012/02/10 17:21:04 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2012/02/10 17:21:04 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2012/02/10 17:21:04 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2012/02/10 17:21:04 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2012/02/10 17:21:04 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2012/02/10 17:21:04 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit.inf
[2012/02/10 17:21:04 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2012/02/10 17:21:04 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2012/02/10 17:21:03 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2012/02/10 17:21:03 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2012/02/10 17:21:03 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2012/02/10 17:21:03 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2012/02/10 17:21:03 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2012/02/10 17:21:03 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2012/02/08 11:02:25 | 000,103,733 | ---- | M] () -- C:\Windows\System32\itusbcore.dat
[2012/02/08 11:02:25 | 000,000,196 | ---- | M] () -- C:\Windows\System32\itlsvc.dat
[2012/02/06 14:30:26 | 000,013,312 | ---- | M] () -- C:\Users\Max\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/01/29 05:10:42 | 000,237,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/02/16 11:31:33 | 000,001,945 | ---- | C] () -- C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Update Checker.lnk
[2012/02/13 22:58:34 | 000,001,897 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
[2012/02/13 12:43:41 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012/02/13 12:43:41 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012/02/13 12:43:41 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012/02/13 12:43:41 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012/02/13 12:43:41 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012/02/10 17:21:04 | 000,072,822 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2012/02/10 17:12:06 | 000,001,781 | ---- | C] () -- C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
[2012/02/10 16:26:17 | 000,001,100 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012/02/08 11:02:25 | 000,103,733 | ---- | C] () -- C:\Windows\System32\itusbcore.dat
[2012/02/08 11:02:25 | 000,000,196 | ---- | C] () -- C:\Windows\System32\itlsvc.dat
[2012/02/08 10:48:56 | 000,000,000 | -HS- | C] () -- C:\Windows\System32\dds_trash_log.cmd
[2011/11/22 15:54:22 | 000,158,720 | ---- | C] () -- C:\Windows\System32\WS_VideoConverterContextMenu.dll
[2011/09/18 16:30:02 | 000,013,898 | ---- | C] () -- C:\Windows\hpomdl19.dat.temp
[2011/08/19 01:26:20 | 010,898,456 | ---- | C] () -- C:\Windows\System32\LogiDPP.dll
[2011/08/19 01:26:20 | 000,336,408 | ---- | C] () -- C:\Windows\System32\DevManagerCore.dll
[2011/08/19 01:26:20 | 000,104,472 | ---- | C] () -- C:\Windows\System32\LogiDPPApp.exe
[2011/08/12 11:20:14 | 000,015,896 | ---- | C] () -- C:\Windows\System32\drivers\iKeyLFT2.dll
[2011/07/25 22:48:54 | 000,028,418 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini
[2011/07/05 08:53:33 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat
[2011/06/10 06:34:52 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2011/03/05 17:07:11 | 000,296,064 | ---- | C] () -- C:\Windows\System32\drivers\vpcvmm.sys
[2011/03/05 17:05:15 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2011/01/18 17:39:43 | 000,001,004 | ---- | C] () -- C:\Windows\posteriza.INI
[2011/01/01 12:42:57 | 000,036,864 | ---- | C] () -- C:\Windows\hpfsched.exe
[2010/12/25 15:28:18 | 000,000,287 | ---- | C] () -- C:\Windows\SIERRA.INI
[2010/11/18 11:12:05 | 000,000,008 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2010/10/26 13:51:03 | 000,000,017 | ---- | C] () -- C:\Users\Max\AppData\Local\resmon.resmoncfg
[2010/09/07 09:30:49 | 000,203,984 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat
[2010/09/02 13:48:28 | 000,000,032 | ---- | C] () -- C:\Windows\hndt55x.INI
[2010/09/02 10:30:06 | 000,000,244 | ---- | C] () -- C:\Windows\Tyase.ini
[2010/08/30 08:18:02 | 000,000,071 | ---- | C] () -- C:\Windows\ricdb.ini
[2010/08/30 08:17:59 | 000,000,289 | ---- | C] () -- C:\Windows\System32\RPCS.ini
[2010/08/27 15:56:21 | 000,013,312 | ---- | C] () -- C:\Users\Max\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/08/25 10:22:52 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2010/08/24 23:16:49 | 000,140,288 | ---- | C] () -- C:\Windows\System32\igfxtvcx.dll
[2010/08/24 23:12:31 | 000,176,235 | ---- | C] () -- C:\Windows\System32\Primomonnt.dll
[2010/08/24 23:03:53 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat

========== Custom Scans ==========


< "%WinDir%\$NtUninstallKB*$." /30 >

< C:\Program Files\Common Files\ComObjects\*.* /s >

< %systemroot%\*. /mp /s >

< %systemroot%\*. /rp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\drivers\*.sys /90 >
[2011/12/10 15:24:06 | 000,020,464 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\system32\drivers\mbam.sys

< %SYSTEMDRIVE%\*.exe >
[2011/04/05 14:16:22 | 000,005,632 | ---- | M] () -- C:\mc-wol.exe


< MD5 for: ATAPI.SYS >
[2009/07/13 17:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\ERDNT\cache\atapi.sys
[2009/07/13 17:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009/07/13 17:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys
[2009/07/13 17:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
[2009/07/13 17:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys

< MD5 for: EXPLORER.EXE >
[2011/02/25 21:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2009/07/13 17:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2011/02/25 21:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_525b5180f3f95373\explorer.exe
[2009/10/30 21:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe
[2011/02/25 21:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_51a3a583dafd0cef\explorer.exe
[2010/11/20 04:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2011/02/24 21:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\ERDNT\cache\explorer.exe
[2011/02/24 21:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\explorer.exe
[2011/02/24 21:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe
[2009/08/02 21:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe
[2009/08/02 21:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe
[2009/10/30 22:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe

< MD5 for: TDX.SYS >
[2010/11/20 00:39:17 | 000,074,752 | ---- | M] (Microsoft Corporation) MD5=B459575348C20E8121D6039DA063C704 -- C:\Windows\ERDNT\cache\tdx.sys
[2010/11/20 00:39:17 | 000,074,752 | ---- | M] (Microsoft Corporation) MD5=B459575348C20E8121D6039DA063C704 -- C:\Windows\System32\drivers\tdx.sys
[2010/11/20 00:39:17 | 000,074,752 | ---- | M] (Microsoft Corporation) MD5=B459575348C20E8121D6039DA063C704 -- C:\Windows\winsxs\x86_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.1.7601.17514_none_ec4532373a57c1c2\tdx.sys
[2009/07/13 15:12:11 | 000,074,240 | ---- | M] (Microsoft Corporation) MD5=CB39E896A2A83702D1737BFD402B3542 -- C:\Windows\winsxs\x86_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.1.7600.16385_none_ea141e6f3d693e28\tdx.sys

< MD5 for: VOLSNAP.SYS >
[2009/07/13 17:19:10 | 000,245,328 | ---- | M] (Microsoft Corporation) MD5=58DF9D2481A56EDDE167E51B334D44FD -- C:\Windows\winsxs\x86_volume.inf_31bf3856ad364e35_6.1.7600.16385_none_158d0da45d68903e\volsnap.sys
[2010/11/20 04:30:16 | 000,245,632 | ---- | M] (Microsoft Corporation) MD5=F497F67932C6FA693D7DE2780631CFE7 -- C:\Windows\System32\drivers\volsnap.sys
[2010/11/20 04:30:16 | 000,245,632 | ---- | M] (Microsoft Corporation) MD5=F497F67932C6FA693D7DE2780631CFE7 -- C:\Windows\System32\DriverStore\FileRepository\volume.inf_x86_neutral_6dee0205881d1a1d\volsnap.sys
[2010/11/20 04:30:16 | 000,245,632 | ---- | M] (Microsoft Corporation) MD5=F497F67932C6FA693D7DE2780631CFE7 -- C:\Windows\winsxs\x86_volume.inf_31bf3856ad364e35_6.1.7601.17514_none_17be216c5a5713d8\volsnap.sys

< MD5 for: WININIT.EXE >
[2009/07/13 17:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\ERDNT\cache\wininit.exe
[2009/07/13 17:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\System32\wininit.exe
[2009/07/13 17:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe

< MD5 for: WINLOGON.EXE >
[2009/10/27 22:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009/10/27 21:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2012/01/13 14:53:20 | 000,182,856 | ---- | M] () MD5=63EEC8A8B221AB79045E776E5F592868 -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2010/11/20 04:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\ERDNT\cache\winlogon.exe
[2010/11/20 04:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe
[2010/11/20 04:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2009/07/13 17:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe

< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2012/02/10 16:49:40 | 000,834,840 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2012/02/10 16:49:40 | 000,834,840 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2012/02/10 16:49:40 | 000,834,840 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2012/02/10 16:49:42 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2012/02/10 16:49:42 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2012/02/10 16:49:42 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Users\Max\AppData\Local\Google\Chrome\Application\chrome.exe" --show-icons [2012/02/14 05:21:42 | 001,225,200 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Users\Max\AppData\Local\Google\Chrome\Application\chrome.exe" --hide-icons [2012/02/14 05:21:42 | 001,225,200 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Users\Max\AppData\Local\Google\Chrome\Application\chrome.exe" --make-default-browser [2012/02/14 05:21:42 | 001,225,200 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Users\Max\AppData\Local\Google\Chrome\Application\chrome.exe" [2012/02/14 05:21:42 | 001,225,200 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\System32\ie4uinit.exe" -show [2012/02/10 17:21:04 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\System32\ie4uinit.exe" -reinstall [2012/02/10 17:21:04 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\System32\ie4uinit.exe" -hide [2012/02/10 17:21:04 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2012/02/10 17:21:06 | 000,748,336 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" [2012/02/10 17:21:06 | 000,748,336 | ---- | M] (Microsoft Corporation)

< hklm\software\clients\startmenuinternet|command /64 /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2012/02/10 16:49:40 | 000,834,840 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2012/02/10 16:49:40 | 000,834,840 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2012/02/10 16:49:40 | 000,834,840 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2012/02/10 16:49:42 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2012/02/10 16:49:42 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2012/02/10 16:49:42 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Users\Max\AppData\Local\Google\Chrome\Application\chrome.exe" --show-icons [2012/02/14 05:21:42 | 001,225,200 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Users\Max\AppData\Local\Google\Chrome\Application\chrome.exe" --hide-icons [2012/02/14 05:21:42 | 001,225,200 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Users\Max\AppData\Local\Google\Chrome\Application\chrome.exe" --make-default-browser [2012/02/14 05:21:42 | 001,225,200 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Users\Max\AppData\Local\Google\Chrome\Application\chrome.exe" [2012/02/14 05:21:42 | 001,225,200 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\System32\ie4uinit.exe" -show [2012/02/10 17:21:04 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\System32\ie4uinit.exe" -reinstall [2012/02/10 17:21:04 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\System32\ie4uinit.exe" -hide [2012/02/10 17:21:04 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2012/02/10 17:21:06 | 000,748,336 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" [2012/02/10 17:21:06 | 000,748,336 | ---- | M] (Microsoft Corporation)

< End of report >

3B. OTL LOG: EXTRAS.TXT

OTL Extras logfile created on: 2/20/2012 7:04:47 PM - Run 1
OTL by OldTimer - Version 3.2.33.1 Folder = C:\Users\Max\Downloads
Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.99 Gb Total Physical Memory | 1.41 Gb Available Physical Memory | 47.17% Memory free
5.98 Gb Paging File | 4.08 Gb Available in Paging File | 68.22% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 287.96 Gb Total Space | 111.91 Gb Free Space | 38.86% Space Free | Partition Type: NTFS
Drive E: | 1.83 Gb Total Space | 1.83 Gb Free Space | 99.70% Space Free | Partition Type: FAT
Drive F: | 465.76 Gb Total Space | 317.49 Gb Free Space | 68.17% Space Free | Partition Type: NTFS

Computer Name: MAXLAPPY | User Name: Max | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DisableUnicastResponsesToMulticastBroadcast" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon
"C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service
"C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater
"C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{007811BF-E310-4285-BFC6-55DB29B3EDDE}" = WinPatrol
"{05BFB060-4F22-4710-B0A2-2801A1B606C5}" = Microsoft Antimalware
"{08610298-29AE-445B-B37D-EFBE05802967}" = LWS Pictures And Video
"{096DB245-9671-43AC-6A8D-59C2AD3EC4FC}" = Integrate
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0B0DCE3D-72BA-4EA5-B041-C39EE3245E9D}" = Intel® Upgrade Application
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0CE9BFD2-A0C4-49F6-A22B-2088FC8A46C9}" = Logos Bible Software 4
"{1374CC63-B520-4f3f-98E8-E9020BF01CFF}" = Windows XP Mode
"{138A4072-9E64-46BD-B5F9-DB2BB395391F}" = LWS VideoEffects
"{15634701-BACE-4449-8B25-1567DA8C9FD3}" = CameraHelperMsi
"{1651216E-E7AD-4250-92A1-FB8ED61391C9}" = LWS Help_main
"{174A3B31-4C43-43DD-866F-73C9DB887B48}" = LWS Twitter
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}" = LWS YouTube Plugin
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java™ 6 Update 30
"{2B6E2126-4438-4CF1-BDDE-3C4355092860}" = Pradis Do Not Remove
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{343666E2-A059-48AC-AD67-230BF74E2DB2}" = Apple Application Support
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = erLT
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{529125EF-E3AC-4B74-97E6-F688A7C0F1BF}" = Paint.NET v3.5.10
"{54A4839E-87F8-4BD1-9682-A349E9943F0A}" = Amazon Unbox Video
"{54B6DC7D-8C5B-4DFB-BC15-C010A3326B2B}" = Microsoft Security Client
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
"{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}" = LWS Gallery
"{7059BDA7-E1DB-442C-B7A1-6144596720A4}" = HP Update
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{718CCDCB-A709-4781-8D64-27ADFB25827A}" = WMHelp XmlPad
"{71E66D3F-A009-44AB-8784-75E2819BA4BA}" = LWS Motion Detection
"{761B4ADA-254C-461F-A446-A167E41FA6DD}" = Foxit PDF IFilter
"{76CE5B47-F5A4-4E5C-99A0-CEFF6146EA4A}" = System Requirements Lab for Intel
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{7F4BD545-3446-4845-BAE8-F142A3178FD6}" = Pradis: Creative Bible Lessons
"{8153ED9A-C94A-426E-9880-5E6775C08B62}" = Apple Mobile Device Support
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{83C8FA3C-F4EA-46C4-8392-D3CE353738D6}" = LWS Launcher
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8937D274-C281-42E4-8CDB-A0B2DF979189}" = LWS Webcam Software
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DCD7A9A-8B0B-4184-A5D7-C4BDAA31C750}" = Microsoft Office Live Add-in Patches
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90140000-0012-0000-0000-0000000FF1CE}" = Microsoft Office Standard 2010
"{90140000-0012-0000-0000-0000000FF1CE}_Office14.STANDARD_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}_Office14.STANDARD_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}_Office14.STANDARD_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}_Office14.STANDARD_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}_Office14.STANDARD_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}_Office14.STANDARD_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.STANDARD_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.STANDARD_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.STANDARD_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-002C-0409-0000-0000000FF1CE}_Office14.STANDARD_{7CA93DF4-8902-449E-A42E-4C5923CFBDE3}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}_Office14.STANDARD_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}_Office14.STANDARD_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}_Office14.STANDARD_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{92127AF5-FDD8-4ADF-BC40-C356C9EE0B7D}" = 32 Bit HP CIO Components Installer
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9DAEA76B-E50F-4272-A595-0124E826553D}" = LWS WLM Plugin
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{B10914FD-8812-47A4-85A1-50FCDE7F1F33}" = Windows Live Sync
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B9CA59A0-3B70-48F8-9054-67595DE6E72B}" = League of Legends
"{BAC8C2FD-1FF8-4615-B827-9042248121CB}" = Mobile Mouse Server
"{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant
"{C6579A65-9CAE-4B31-8B6B-3306E0630A66}" = Apple Software Update
"{C70C90D2-D197-40E9-B712-6828BDA5F74A}" = PdfMerge
"{CCF13D13-A87B-34E8-B689-1896D0C2DBA2}" = Google Talk Plugin
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D40EB009-0499-459c-A8AF-C9C110766215}" = Logitech Webcam Software
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D4AFC7AD-F637-4EDD-BC76-767E4AF78CE1}" = OverDrive Media Console
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{EAB71625-61BC-41F7-9A08-19135674933F}" = Logos 4 Prerequisites
"{EED027B7-0DB6-404B-8F45-6DFEE34A0441}" = LWS Video Mask Maker
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F6D6B258-E3CA-4AAC-965A-68D3E3140A8C}" = iTunes
"{FC7724B3-7B81-4DA0-9259-B9AEDA2CE95E}" = ResophNotes
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR
"{FF167195-9EE4-46C0-8CD7-FBA3457E88AB}" = LWS Facebook
"7-Zip" = 7-Zip 9.15 beta
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Amazon MP3 Downloader" = Amazon MP3 Downloader 1.0.12
"AutoHotkey" = AutoHotkey 1.0.48.05
"CCleaner" = CCleaner
"ESET Online Scanner" = ESET Online Scanner v3
"FFmpeg for Audacity on Windows_is1" = FFmpeg for Audacity on Windows
"FileHippo.com" = FileHippo.com Update Checker
"FileZilla Client" = FileZilla Client 3.5.2
"Foxit PDF Editor" = Foxit PDF Editor
"Foxit Reader_is1" = Foxit Reader 5.0
"HandBrake" = HandBrake 0.9.5
"HDMI" = Intel® Graphics Media Accelerator Driver
"ImgBurn" = ImgBurn
"InstallShield_{54A4839E-87F8-4BD1-9682-A349E9943F0A}" = Amazon Unbox Video
"InstallShield_{7F4BD545-3446-4845-BAE8-F142A3178FD6}" = Pradis: Creative Bible Lessons
"Integrate" = Integrate
"KeePassPasswordSafe2_is1" = KeePass Password Safe 2.12
"LAME for Audacity_is1" = LAME v3.98.3 for Audacity
"Launchy_21344213_is1" = Launchy 2.5
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.60.1.1000
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Security Client" = Microsoft Security Essentials
"Mozilla Firefox 10.0.1 (x86 en-US)" = Mozilla Firefox 10.0.1 (x86 en-US)
"Office14.STANDARD" = Microsoft Office Standard 2010
"Picasa 3" = Picasa 3
"PrimoPDF" = PrimoPDF -- by Nitro PDF Software
"Rainmeter" = Rainmeter
"SyncBack_is1" = SyncBack
"The Youth Assistant Special Edition" = The Youth Assistant Special Edition
"TrueCrypt" = TrueCrypt
"TVWiz" = Intel® TV Wizard
"Unlocker" = Unlocker 1.9.1
"VirtualCloneDrive" = VirtualCloneDrive
"VLC media player" = VLC media player 1.1.11
"WinLiveSuite" = Windows Live Essentials
"Wondershare Video Converter Platinum_is1" = Wondershare Video Converter Platinum(Build 5.1.4.3)

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-3427279702-381020510-3824582292-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"Google Chrome" = Google Chrome
"Spotify" = Spotify

========== Last 10 Event Log Errors ==========

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

< End of report >

=========

4. My computer is running much better now - I ran Malwarebytes a few times and things were looking OK, and my CPU usage looks normal again. It is accessing the internet fine. Looking forward to hearing from you soon!

#4 mjcritchfield

mjcritchfield
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:03:32 PM

Posted 21 February 2012 - 12:09 AM

Hey Agent ST,

Sorry - I posted the wrong TDSS log. Here it is:


21:07:43.0936 5712 TDSS rootkit removing tool 2.7.13.0 Feb 15 2012 19:33:14
21:07:44.0430 5712 ============================================================
21:07:44.0430 5712 Current date / time: 2012/02/20 21:07:44.0430
21:07:44.0430 5712 SystemInfo:
21:07:44.0430 5712
21:07:44.0430 5712 OS Version: 6.1.7601 ServicePack: 1.0
21:07:44.0430 5712 Product type: Workstation
21:07:44.0430 5712 ComputerName: MAXLAPPY
21:07:44.0430 5712 UserName: Max
21:07:44.0430 5712 Windows directory: C:\Windows
21:07:44.0430 5712 System windows directory: C:\Windows
21:07:44.0430 5712 Processor architecture: Intel x86
21:07:44.0430 5712 Number of processors: 2
21:07:44.0430 5712 Page size: 0x1000
21:07:44.0430 5712 Boot type: Normal boot
21:07:44.0430 5712 ============================================================
21:07:45.0875 5712 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
21:07:49.0357 5712 Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
21:07:49.0365 5712 Drive \Device\Harddisk2\DR2 - Size: 0x75400000 (1.83 Gb), SectorSize: 0x200, Cylinders: 0xEF, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
21:07:49.0368 5712 \Device\Harddisk0\DR0:
21:07:49.0369 5712 MBR used
21:07:49.0369 5712 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x14410AA, BlocksNum 0x23FED000
21:07:49.0369 5712 \Device\Harddisk1\DR1:
21:07:49.0406 5712 MBR used
21:07:49.0407 5712 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A384800
21:07:49.0407 5712 \Device\Harddisk2\DR2:
21:07:49.0409 5712 MBR used
21:07:49.0409 5712 \Device\Harddisk2\DR2\Partition0: MBR, Type 0x6, StartLBA 0x89, BlocksNum 0x3A9F77
21:07:49.0472 5712 Initialize success
21:07:49.0472 5712 ============================================================
21:07:59.0297 5996 ============================================================
21:07:59.0297 5996 Scan started
21:07:59.0297 5996 Mode: Manual; SigCheck; TDLFS;
21:07:59.0297 5996 ============================================================
21:08:00.0070 5996 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys
21:08:00.0177 5996 1394ohci - ok
21:08:00.0213 5996 5689 - ok
21:08:00.0263 5996 ACPI (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys
21:08:00.0303 5996 ACPI - ok
21:08:00.0343 5996 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys
21:08:00.0393 5996 AcpiPmi - ok
21:08:00.0443 5996 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
21:08:00.0493 5996 adp94xx - ok
21:08:00.0523 5996 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
21:08:00.0563 5996 adpahci - ok
21:08:00.0573 5996 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
21:08:00.0633 5996 adpu320 - ok
21:08:00.0713 5996 AFD (c427f91a748cd342a2b3f9278d9fd6a5) C:\Windows\system32\drivers\afd.sys
21:08:00.0793 5996 AFD - ok
21:08:00.0864 5996 AgereSoftModem (7e10e3bb9b258ad8a9300f91214d67b9) C:\Windows\system32\DRIVERS\AGRSM.sys
21:08:01.0024 5996 AgereSoftModem - ok
21:08:01.0054 5996 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys
21:08:01.0104 5996 agp440 - ok
21:08:01.0134 5996 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
21:08:01.0184 5996 aic78xx - ok
21:08:01.0254 5996 AirDisplay (33788786018c2f99b1a7cc5122fe749a) C:\Windows\system32\DRIVERS\AVVideoCard.sys
21:08:01.0334 5996 AirDisplay - ok
21:08:01.0391 5996 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys
21:08:01.0438 5996 aliide - ok
21:08:01.0469 5996 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys
21:08:01.0516 5996 amdagp - ok
21:08:01.0532 5996 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys
21:08:01.0578 5996 amdide - ok
21:08:01.0618 5996 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
21:08:01.0696 5996 AmdK8 - ok
21:08:01.0705 5996 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
21:08:01.0785 5996 AmdPPM - ok
21:08:01.0840 5996 amdsata (d320bf87125326f996d4904fe24300fc) C:\Windows\system32\drivers\amdsata.sys
21:08:01.0889 5996 amdsata - ok
21:08:01.0917 5996 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
21:08:02.0006 5996 amdsbs - ok
21:08:02.0027 5996 amdxata (46387fb17b086d16dea267d5be23a2f2) C:\Windows\system32\drivers\amdxata.sys
21:08:02.0062 5996 amdxata - ok
21:08:02.0103 5996 AppID (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys
21:08:02.0233 5996 AppID - ok
21:08:02.0285 5996 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
21:08:02.0332 5996 arc - ok
21:08:02.0349 5996 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
21:08:02.0405 5996 arcsas - ok
21:08:02.0459 5996 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
21:08:02.0534 5996 AsyncMac - ok
21:08:02.0566 5996 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys
21:08:02.0591 5996 atapi - ok
21:08:02.0631 5996 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
21:08:02.0751 5996 b06bdrv - ok
21:08:02.0781 5996 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
21:08:02.0898 5996 b57nd60x - ok
21:08:02.0923 5996 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
21:08:02.0995 5996 Beep - ok
21:08:03.0065 5996 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
21:08:03.0141 5996 blbdrive - ok
21:08:03.0222 5996 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys
21:08:03.0278 5996 bowser - ok
21:08:03.0287 5996 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
21:08:03.0344 5996 BrFiltLo - ok
21:08:03.0372 5996 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
21:08:03.0432 5996 BrFiltUp - ok
21:08:03.0481 5996 BridgeMP (77361d72a04f18809d0efb6cceb74d4b) C:\Windows\system32\DRIVERS\bridge.sys
21:08:03.0561 5996 BridgeMP - ok
21:08:03.0582 5996 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
21:08:03.0638 5996 Brserid - ok
21:08:03.0648 5996 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
21:08:03.0727 5996 BrSerWdm - ok
21:08:03.0758 5996 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
21:08:03.0807 5996 BrUsbMdm - ok
21:08:03.0815 5996 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
21:08:03.0870 5996 BrUsbSer - ok
21:08:03.0928 5996 BthEnum (2865a5c8e98c70c605f417908cebb3a4) C:\Windows\system32\drivers\BthEnum.sys
21:08:04.0007 5996 BthEnum - ok
21:08:04.0035 5996 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
21:08:04.0097 5996 BTHMODEM - ok
21:08:04.0135 5996 BthPan (ad1872e5829e8a2c3b5b4b641c3eab0e) C:\Windows\system32\DRIVERS\bthpan.sys
21:08:04.0181 5996 BthPan - ok
21:08:04.0239 5996 BTHPORT (c2fbf6d271d9a94d839c416bf186ead9) C:\Windows\System32\Drivers\BTHport.sys
21:08:04.0290 5996 BTHPORT - ok
21:08:04.0343 5996 BTHUSB (c81e9413a25a439f436b1d4b6a0cf9e9) C:\Windows\System32\Drivers\BTHUSB.sys
21:08:04.0423 5996 BTHUSB - ok
21:08:04.0549 5996 catchme - ok
21:08:04.0588 5996 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
21:08:04.0704 5996 cdfs - ok
21:08:04.0777 5996 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\DRIVERS\cdrom.sys
21:08:04.0833 5996 cdrom - ok
21:08:04.0864 5996 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
21:08:04.0923 5996 circlass - ok
21:08:04.0961 5996 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
21:08:05.0007 5996 CLFS - ok
21:08:05.0046 5996 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
21:08:05.0117 5996 CmBatt - ok
21:08:05.0144 5996 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys
21:08:05.0179 5996 cmdide - ok
21:08:05.0220 5996 CNG (6427525d76f61d0c519b008d3680e8e7) C:\Windows\system32\Drivers\cng.sys
21:08:05.0279 5996 CNG - ok
21:08:05.0307 5996 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
21:08:05.0335 5996 Compbatt - ok
21:08:05.0377 5996 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\drivers\CompositeBus.sys
21:08:05.0467 5996 CompositeBus - ok
21:08:05.0548 5996 cpudrv (d01f685f8b4598d144b0cce9ff95d8d5) C:\Program Files\SystemRequirementsLab\cpudrv.sys
21:08:05.0591 5996 cpudrv - ok
21:08:05.0606 5996 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
21:08:05.0635 5996 crcdisk - ok
21:08:05.0697 5996 CSC (3c2177a897b4ca2788c6fb0c3fd81d4b) C:\Windows\system32\drivers\csc.sys
21:08:05.0750 5996 CSC - ok
21:08:05.0798 5996 DfsC (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys
21:08:05.0888 5996 DfsC - ok
21:08:05.0908 5996 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
21:08:05.0984 5996 discache - ok
21:08:06.0017 5996 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
21:08:06.0063 5996 Disk - ok
21:08:06.0103 5996 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
21:08:06.0158 5996 drmkaud - ok
21:08:06.0193 5996 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys
21:08:06.0243 5996 DXGKrnl - ok
21:08:06.0331 5996 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
21:08:06.0480 5996 ebdrv - ok
21:08:06.0540 5996 ElbyCDIO (d71233d7ccc2e64f8715a20428d5a33b) C:\Windows\system32\Drivers\ElbyCDIO.sys
21:08:06.0573 5996 ElbyCDIO - ok
21:08:06.0605 5996 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
21:08:06.0672 5996 elxstor - ok
21:08:06.0709 5996 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys
21:08:06.0748 5996 ErrDev - ok
21:08:06.0789 5996 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
21:08:06.0852 5996 exfat - ok
21:08:06.0872 5996 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
21:08:06.0937 5996 fastfat - ok
21:08:06.0967 5996 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
21:08:07.0013 5996 fdc - ok
21:08:07.0035 5996 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
21:08:07.0102 5996 FileInfo - ok
21:08:07.0127 5996 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
21:08:07.0228 5996 Filetrace - ok
21:08:07.0236 5996 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
21:08:07.0309 5996 flpydisk - ok
21:08:07.0342 5996 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
21:08:07.0402 5996 FltMgr - ok
21:08:07.0436 5996 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
21:08:07.0499 5996 FsDepends - ok
21:08:07.0517 5996 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys
21:08:07.0546 5996 Fs_Rec - ok
21:08:07.0602 5996 fvevol (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys
21:08:07.0663 5996 fvevol - ok
21:08:07.0687 5996 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
21:08:07.0734 5996 gagp30kx - ok
21:08:07.0772 5996 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
21:08:07.0812 5996 GEARAspiWDM - ok
21:08:07.0908 5996 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
21:08:07.0955 5996 hcw85cir - ok
21:08:08.0010 5996 HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\Windows\system32\drivers\HdAudio.sys
21:08:08.0087 5996 HdAudAddService - ok
21:08:08.0111 5996 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\drivers\HDAudBus.sys
21:08:08.0187 5996 HDAudBus - ok
21:08:08.0198 5996 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
21:08:08.0279 5996 HidBatt - ok
21:08:08.0290 5996 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
21:08:08.0362 5996 HidBth - ok
21:08:08.0391 5996 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
21:08:08.0472 5996 HidIr - ok
21:08:08.0516 5996 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\DRIVERS\hidusb.sys
21:08:08.0642 5996 HidUsb - ok
21:08:08.0707 5996 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys
21:08:08.0762 5996 HpSAMD - ok
21:08:08.0804 5996 HTTP (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys
21:08:08.0899 5996 HTTP - ok
21:08:08.0932 5996 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys
21:08:08.0955 5996 hwpolicy - ok
21:08:08.0990 5996 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\drivers\i8042prt.sys
21:08:09.0097 5996 i8042prt - ok
21:08:09.0171 5996 iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\Windows\system32\drivers\iaStorV.sys
21:08:09.0236 5996 iaStorV - ok
21:08:09.0377 5996 igfx (9467514ea189475a6e7fdc5d7bde9d3f) C:\Windows\system32\DRIVERS\igdkmd32.sys
21:08:09.0577 5996 igfx - ok
21:08:09.0608 5996 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
21:08:09.0644 5996 iirsp - ok
21:08:09.0669 5996 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys
21:08:09.0694 5996 intelide - ok
21:08:09.0707 5996 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
21:08:09.0778 5996 intelppm - ok
21:08:09.0810 5996 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:08:09.0893 5996 IpFilterDriver - ok
21:08:09.0940 5996 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys
21:08:10.0019 5996 IPMIDRV - ok
21:08:10.0029 5996 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
21:08:10.0095 5996 IPNAT - ok
21:08:10.0160 5996 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
21:08:10.0227 5996 IRENUM - ok
21:08:10.0259 5996 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys
21:08:10.0320 5996 isapnp - ok
21:08:10.0346 5996 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys
21:08:10.0382 5996 iScsiPrt - ok
21:08:10.0418 5996 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys
21:08:10.0476 5996 kbdclass - ok
21:08:10.0503 5996 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\DRIVERS\kbdhid.sys
21:08:10.0553 5996 kbdhid - ok
21:08:10.0595 5996 KSecDD (f4647bb23db9038a7536cf6b68f4207f) C:\Windows\system32\Drivers\ksecdd.sys
21:08:10.0653 5996 KSecDD - ok
21:08:10.0669 5996 KSecPkg (e73cae53bbb72ba26918492c6b4c229d) C:\Windows\system32\Drivers\ksecpkg.sys
21:08:10.0742 5996 KSecPkg - ok
21:08:10.0784 5996 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
21:08:10.0852 5996 lltdio - ok
21:08:10.0880 5996 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
21:08:10.0936 5996 LSI_FC - ok
21:08:10.0996 5996 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
21:08:11.0068 5996 LSI_SAS - ok
21:08:11.0087 5996 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
21:08:11.0127 5996 LSI_SAS2 - ok
21:08:11.0147 5996 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
21:08:11.0200 5996 LSI_SCSI - ok
21:08:11.0230 5996 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
21:08:11.0317 5996 luafv - ok
21:08:11.0373 5996 LVRS (7521c0c58ee91be90b6cc33e792d10c7) C:\Windows\system32\DRIVERS\lvrs.sys
21:08:11.0440 5996 LVRS - ok
21:08:11.0574 5996 LVUVC (37e57c48af530df01cdd4e8a2ad77b51) C:\Windows\system32\DRIVERS\lvuvc.sys
21:08:11.0784 5996 LVUVC - ok
21:08:11.0838 5996 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
21:08:11.0884 5996 megasas - ok
21:08:11.0915 5996 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
21:08:11.0968 5996 MegaSR - ok
21:08:11.0995 5996 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
21:08:12.0084 5996 Modem - ok
21:08:12.0094 5996 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
21:08:12.0166 5996 monitor - ok
21:08:12.0202 5996 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
21:08:12.0262 5996 mouclass - ok
21:08:12.0291 5996 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
21:08:12.0360 5996 mouhid - ok
21:08:12.0398 5996 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys
21:08:12.0485 5996 mountmgr - ok
21:08:12.0532 5996 MpFilter (fee0baded54222e9f1dae9541212aab1) C:\Windows\system32\DRIVERS\MpFilter.sys
21:08:12.0598 5996 MpFilter - ok
21:08:12.0629 5996 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys
21:08:12.0697 5996 mpio - ok
21:08:12.0726 5996 MpNWMon (2c3489660d4a8d514c123c3f0d67df46) C:\Windows\system32\DRIVERS\MpNWMon.sys
21:08:12.0764 5996 MpNWMon - ok
21:08:12.0783 5996 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
21:08:12.0868 5996 mpsdrv - ok
21:08:12.0918 5996 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys
21:08:12.0972 5996 MRxDAV - ok
21:08:13.0011 5996 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys
21:08:13.0077 5996 mrxsmb - ok
21:08:13.0129 5996 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:08:13.0184 5996 mrxsmb10 - ok
21:08:13.0205 5996 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:08:13.0321 5996 mrxsmb20 - ok
21:08:13.0366 5996 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys
21:08:13.0408 5996 msahci - ok
21:08:13.0433 5996 msdsm (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys
21:08:13.0482 5996 msdsm - ok
21:08:13.0518 5996 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
21:08:13.0577 5996 Msfs - ok
21:08:13.0597 5996 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
21:08:13.0687 5996 mshidkmdf - ok
21:08:13.0719 5996 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys
21:08:13.0745 5996 msisadrv - ok
21:08:13.0785 5996 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
21:08:13.0841 5996 MSKSSRV - ok
21:08:13.0892 5996 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
21:08:13.0947 5996 MSPCLOCK - ok
21:08:13.0963 5996 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
21:08:14.0072 5996 MSPQM - ok
21:08:14.0105 5996 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
21:08:14.0211 5996 MsRPC - ok
21:08:14.0229 5996 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\drivers\mssmbios.sys
21:08:14.0265 5996 mssmbios - ok
21:08:14.0279 5996 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
21:08:14.0326 5996 MSTEE - ok
21:08:14.0343 5996 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
21:08:14.0385 5996 MTConfig - ok
21:08:14.0406 5996 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
21:08:14.0452 5996 Mup - ok
21:08:14.0493 5996 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
21:08:14.0549 5996 NativeWifiP - ok
21:08:14.0591 5996 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys
21:08:14.0674 5996 NDIS - ok
21:08:14.0700 5996 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
21:08:14.0777 5996 NdisCap - ok
21:08:14.0825 5996 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
21:08:14.0880 5996 NdisTapi - ok
21:08:14.0916 5996 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys
21:08:15.0015 5996 Ndisuio - ok
21:08:15.0044 5996 NdisWan (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys
21:08:15.0143 5996 NdisWan - ok
21:08:15.0182 5996 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys
21:08:15.0279 5996 NDProxy - ok
21:08:15.0329 5996 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
21:08:15.0407 5996 NetBIOS - ok
21:08:15.0441 5996 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys
21:08:15.0533 5996 NetBT - ok
21:08:15.0689 5996 netw5v32 (58218ec6b61b1169cf54aab0d00f5fe2) C:\Windows\system32\DRIVERS\netw5v32.sys
21:08:15.0868 5996 netw5v32 - ok
21:08:15.0914 5996 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
21:08:15.0954 5996 nfrd960 - ok
21:08:16.0013 5996 NisDrv (7b01c6172cfd0b10116175e09200d4b4) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
21:08:16.0081 5996 NisDrv - ok
21:08:16.0139 5996 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
21:08:16.0229 5996 Npfs - ok
21:08:16.0248 5996 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
21:08:16.0322 5996 nsiproxy - ok
21:08:16.0396 5996 Ntfs (81189c3d7763838e55c397759d49007a) C:\Windows\system32\drivers\Ntfs.sys
21:08:16.0650 5996 Ntfs - ok
21:08:16.0684 5996 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
21:08:16.0752 5996 Null - ok
21:08:16.0795 5996 nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\Windows\system32\drivers\nvraid.sys
21:08:16.0869 5996 nvraid - ok
21:08:16.0909 5996 nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\Windows\system32\drivers\nvstor.sys
21:08:16.0975 5996 nvstor - ok
21:08:17.0014 5996 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys
21:08:17.0068 5996 nv_agp - ok
21:08:17.0106 5996 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys
21:08:17.0176 5996 ohci1394 - ok
21:08:17.0257 5996 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
21:08:17.0358 5996 Parport - ok
21:08:17.0393 5996 partmgr (bf8f6af06da75b336f07e23aef97d93b) C:\Windows\system32\drivers\partmgr.sys
21:08:17.0461 5996 partmgr - ok
21:08:17.0478 5996 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
21:08:17.0542 5996 Parvdm - ok
21:08:17.0584 5996 pci (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys
21:08:17.0620 5996 pci - ok
21:08:17.0637 5996 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys
21:08:17.0662 5996 pciide - ok
21:08:17.0681 5996 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
21:08:17.0719 5996 pcmcia - ok
21:08:17.0736 5996 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
21:08:17.0777 5996 pcw - ok
21:08:17.0799 5996 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
21:08:17.0895 5996 PEAUTH - ok
21:08:18.0003 5996 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
21:08:18.0094 5996 PptpMiniport - ok
21:08:18.0113 5996 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
21:08:18.0155 5996 Processor - ok
21:08:18.0200 5996 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
21:08:18.0292 5996 Psched - ok
21:08:18.0335 5996 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
21:08:18.0421 5996 ql2300 - ok
21:08:18.0440 5996 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
21:08:18.0508 5996 ql40xx - ok
21:08:18.0527 5996 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
21:08:18.0587 5996 QWAVEdrv - ok
21:08:18.0604 5996 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
21:08:18.0671 5996 RasAcd - ok
21:08:18.0697 5996 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
21:08:18.0809 5996 RasAgileVpn - ok
21:08:18.0846 5996 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
21:08:18.0939 5996 Rasl2tp - ok
21:08:18.0976 5996 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
21:08:19.0042 5996 RasPppoe - ok
21:08:19.0072 5996 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
21:08:19.0159 5996 RasSstp - ok
21:08:19.0195 5996 rdbss (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys
21:08:19.0286 5996 rdbss - ok
21:08:19.0309 5996 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
21:08:19.0347 5996 rdpbus - ok
21:08:19.0385 5996 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys
21:08:19.0457 5996 RDPCDD - ok
21:08:19.0499 5996 RDPDR (b973fcfc50dc1434e1970a146f7e3885) C:\Windows\system32\drivers\rdpdr.sys
21:08:19.0585 5996 RDPDR - ok
21:08:19.0632 5996 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
21:08:19.0700 5996 RDPENCDD - ok
21:08:19.0719 5996 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
21:08:19.0799 5996 RDPREFMP - ok
21:08:19.0842 5996 RDPWD (288b06960d78428ff89e811632684e20) C:\Windows\system32\drivers\RDPWD.sys
21:08:19.0960 5996 RDPWD - ok
21:08:20.0000 5996 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys
21:08:20.0084 5996 rdyboost - ok
21:08:20.0143 5996 RFCOMM (cb928d9e6daf51879dd6ba8d02f01321) C:\Windows\system32\DRIVERS\rfcomm.sys
21:08:20.0183 5996 RFCOMM - ok
21:08:20.0223 5996 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
21:08:20.0320 5996 rspndr - ok
21:08:20.0385 5996 RTL8167 (5283b9a27ff230f2ff70d92451ff409a) C:\Windows\system32\DRIVERS\Rt86win7.sys
21:08:20.0431 5996 RTL8167 - ok
21:08:20.0469 5996 s3cap (7fa7f2e249a5dcbb7970630e15e1f482) C:\Windows\system32\drivers\vms3cap.sys
21:08:20.0518 5996 s3cap - ok
21:08:20.0569 5996 sbp2port (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys
21:08:20.0644 5996 sbp2port - ok
21:08:20.0683 5996 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys
21:08:20.0781 5996 scfilter - ok
21:08:20.0825 5996 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
21:08:20.0897 5996 secdrv - ok
21:08:20.0936 5996 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
21:08:20.0969 5996 Serenum - ok
21:08:20.0980 5996 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
21:08:21.0079 5996 Serial - ok
21:08:21.0103 5996 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
21:08:21.0151 5996 sermouse - ok
21:08:21.0201 5996 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys
21:08:21.0232 5996 sffdisk - ok
21:08:21.0245 5996 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys
21:08:21.0295 5996 sffp_mmc - ok
21:08:21.0326 5996 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys
21:08:21.0401 5996 sffp_sd - ok
21:08:21.0411 5996 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
21:08:21.0461 5996 sfloppy - ok
21:08:21.0509 5996 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys
21:08:21.0555 5996 sisagp - ok
21:08:21.0594 5996 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
21:08:21.0629 5996 SiSRaid2 - ok
21:08:21.0651 5996 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
21:08:21.0698 5996 SiSRaid4 - ok
21:08:21.0719 5996 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
21:08:21.0801 5996 Smb - ok
21:08:21.0833 5996 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
21:08:21.0862 5996 spldr - ok
21:08:21.0913 5996 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys
21:08:21.0969 5996 srv - ok
21:08:21.0990 5996 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys
21:08:22.0063 5996 srv2 - ok
21:08:22.0102 5996 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys
21:08:22.0163 5996 srvnet - ok
21:08:22.0204 5996 StarOpen - ok
21:08:22.0227 5996 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
21:08:22.0256 5996 stexstor - ok
21:08:22.0294 5996 StillCam (edb05bd63148796f23ea78506404a538) C:\Windows\system32\DRIVERS\serscan.sys
21:08:22.0328 5996 StillCam - ok
21:08:22.0380 5996 storflt (472af0311073dceceaa8fa18ba2bdf89) C:\Windows\system32\drivers\vmstorfl.sys
21:08:22.0436 5996 storflt - ok
21:08:22.0462 5996 storvsc (dcaffd62259e0bdb433dd67b5bb37619) C:\Windows\system32\drivers\storvsc.sys
21:08:22.0510 5996 storvsc - ok
21:08:22.0528 5996 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\drivers\swenum.sys
21:08:22.0568 5996 swenum - ok
21:08:22.0695 5996 tbhsd (77bd6143c6dce0a1bf7b5571bed860dc) C:\Windows\system32\drivers\tbhsd.sys
21:08:22.0746 5996 tbhsd - ok
21:08:22.0828 5996 Tcpip (65d10b191c59c5501a1263fc33f6894b) C:\Windows\system32\drivers\tcpip.sys
21:08:22.0926 5996 Tcpip - ok
21:08:22.0963 5996 TCPIP6 (65d10b191c59c5501a1263fc33f6894b) C:\Windows\system32\DRIVERS\tcpip.sys
21:08:23.0032 5996 TCPIP6 - ok
21:08:23.0075 5996 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys
21:08:23.0141 5996 tcpipreg - ok
21:08:23.0185 5996 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys
21:08:23.0261 5996 TDPIPE - ok
21:08:23.0278 5996 TDTCP (2c10395baa4847f83042813c515cc289) C:\Windows\system32\drivers\tdtcp.sys
21:08:23.0339 5996 TDTCP - ok
21:08:23.0377 5996 tdx (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys
21:08:23.0489 5996 tdx - ok
21:08:23.0510 5996 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\drivers\termdd.sys
21:08:23.0559 5996 TermDD - ok
21:08:23.0642 5996 truecrypt (be45dad1c73a3216edc8c485916f6594) C:\Windows\system32\drivers\truecrypt.sys
21:08:23.0835 5996 truecrypt - ok
21:08:23.0872 5996 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys
21:08:23.0950 5996 tssecsrv - ok
21:08:24.0019 5996 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys
21:08:24.0082 5996 TsUsbFlt - ok
21:08:24.0136 5996 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys
21:08:24.0227 5996 tunnel - ok
21:08:24.0274 5996 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
21:08:24.0339 5996 uagp35 - ok
21:08:24.0377 5996 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys
21:08:24.0445 5996 udfs - ok
21:08:24.0487 5996 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys
21:08:24.0536 5996 uliagpkx - ok
21:08:24.0575 5996 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\drivers\umbus.sys
21:08:24.0660 5996 umbus - ok
21:08:24.0692 5996 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
21:08:24.0746 5996 UmPass - ok
21:08:24.0841 5996 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\Windows\system32\Drivers\usbaapl.sys
21:08:24.0894 5996 USBAAPL - ok
21:08:24.0938 5996 usbaudio (1d9f2bd026e8e2d45033a4df3f16b78c) C:\Windows\system32\drivers\usbaudio.sys
21:08:25.0001 5996 usbaudio - ok
21:08:25.0034 5996 usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:\Windows\system32\DRIVERS\usbccgp.sys
21:08:25.0121 5996 usbccgp - ok
21:08:25.0171 5996 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys
21:08:25.0216 5996 usbcir - ok
21:08:25.0252 5996 usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) C:\Windows\system32\DRIVERS\usbehci.sys
21:08:25.0352 5996 usbehci - ok
21:08:25.0381 5996 usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:\Windows\system32\DRIVERS\usbhub.sys
21:08:25.0466 5996 usbhub - ok
21:08:25.0516 5996 usbohci (a6fb7957ea7afb1165991e54ce934b74) C:\Windows\system32\DRIVERS\usbohci.sys
21:08:25.0565 5996 usbohci - ok
21:08:25.0604 5996 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
21:08:25.0655 5996 usbprint - ok
21:08:25.0715 5996 usbscan (576096ccbc07e7c4ea4f5e6686d6888f) C:\Windows\system32\DRIVERS\usbscan.sys
21:08:25.0762 5996 usbscan - ok
21:08:25.0794 5996 USBSTOR (f991ab9cc6b908db552166768176896a) C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:08:25.0857 5996 USBSTOR - ok
21:08:25.0885 5996 usbuhci (68df884cf41cdada664beb01daf67e3d) C:\Windows\system32\DRIVERS\usbuhci.sys
21:08:25.0924 5996 usbuhci - ok
21:08:25.0987 5996 usbvideo (45f4e7bf43db40a6c6b4d92c76cbc3f2) C:\Windows\system32\Drivers\usbvideo.sys
21:08:26.0028 5996 usbvideo - ok
21:08:26.0114 5996 VClone (fce98c43b5c5db8e0da8ea0e2b45e044) C:\Windows\system32\DRIVERS\VClone.sys
21:08:26.0166 5996 VClone - ok
21:08:26.0196 5996 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys
21:08:26.0235 5996 vdrvroot - ok
21:08:26.0276 5996 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
21:08:26.0331 5996 vga - ok
21:08:26.0403 5996 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
21:08:26.0479 5996 VgaSave - ok
21:08:26.0519 5996 vhdmp (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys
21:08:26.0603 5996 vhdmp - ok
21:08:26.0673 5996 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys
21:08:26.0739 5996 viaagp - ok
21:08:26.0780 5996 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
21:08:26.0902 5996 ViaC7 - ok
21:08:26.0981 5996 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys
21:08:27.0011 5996 viaide - ok
21:08:27.0050 5996 vmbus (c2f2911156fdc7817c52829c86da494e) C:\Windows\system32\drivers\vmbus.sys
21:08:27.0139 5996 vmbus - ok
21:08:27.0224 5996 VMBusHID (d4d77455211e204f370d08f4963063ce) C:\Windows\system32\drivers\VMBusHID.sys
21:08:27.0339 5996 VMBusHID - ok
21:08:27.0368 5996 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys
21:08:27.0453 5996 volmgr - ok
21:08:27.0474 5996 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
21:08:27.0533 5996 volmgrx - ok
21:08:27.0580 5996 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys
21:08:27.0653 5996 volsnap - ok
21:08:27.0717 5996 vpcbus (b26536add1d748cda104d856c979ae79) C:\Windows\system32\DRIVERS\vpchbus.sys
21:08:27.0773 5996 vpcbus - ok
21:08:27.0860 5996 vpcnfltr (a0f7e923a6261760130f22b85df9040e) C:\Windows\system32\DRIVERS\vpcnfltr.sys
21:08:27.0915 5996 vpcnfltr - ok
21:08:27.0945 5996 vpcusb (5f4b55e91ce7e2523c9e1e0ece858869) C:\Windows\system32\DRIVERS\vpcusb.sys
21:08:28.0023 5996 vpcusb - ok
21:08:28.0072 5996 vpcvmm (117690c83c37a340f301c5df3f9f5a57) C:\Windows\system32\drivers\vpcvmm.sys
21:08:30.0174 5996 vpcvmm ( Virus.Win32.ZAccess.k ) - infected
21:08:30.0174 5996 vpcvmm - detected Virus.Win32.ZAccess.k (0)
21:08:30.0230 5996 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
21:08:30.0328 5996 vsmraid - ok
21:08:30.0349 5996 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys
21:08:30.0416 5996 vwifibus - ok
21:08:30.0444 5996 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
21:08:30.0492 5996 WacomPen - ok
21:08:30.0537 5996 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
21:08:30.0639 5996 WANARP - ok
21:08:30.0645 5996 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
21:08:30.0719 5996 Wanarpv6 - ok
21:08:30.0775 5996 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
21:08:30.0804 5996 Wd - ok
21:08:30.0852 5996 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
21:08:30.0920 5996 Wdf01000 - ok
21:08:30.0976 5996 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
21:08:31.0026 5996 WfpLwf - ok
21:08:31.0044 5996 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
21:08:31.0080 5996 WIMMount - ok
21:08:31.0183 5996 WinUsb (a67e5f9a400f3bd1be3d80613b45f708) C:\Windows\system32\DRIVERS\WinUsb.sys
21:08:31.0292 5996 WinUsb - ok
21:08:31.0332 5996 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\drivers\wmiacpi.sys
21:08:31.0390 5996 WmiAcpi - ok
21:08:31.0438 5996 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
21:08:31.0527 5996 ws2ifsl - ok
21:08:31.0585 5996 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys
21:08:31.0705 5996 WudfPf - ok
21:08:31.0746 5996 WUDFRd (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys
21:08:31.0820 5996 WUDFRd - ok
21:08:31.0852 5996 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
21:08:31.0986 5996 \Device\Harddisk0\DR0 - ok
21:08:35.0234 5996 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk1\DR1
21:08:35.0328 5996 \Device\Harddisk1\DR1 - ok
21:08:35.0339 5996 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk2\DR2
21:08:35.0589 5996 \Device\Harddisk2\DR2 - ok
21:08:35.0622 5996 Boot (0x1200) (adca7e421f04a0d8b84b08281952ed0c) \Device\Harddisk0\DR0\Partition0
21:08:35.0623 5996 \Device\Harddisk0\DR0\Partition0 - ok
21:08:35.0629 5996 Boot (0x1200) (145047acfe1f5a334bebe0dda5e7d252) \Device\Harddisk1\DR1\Partition0
21:08:35.0632 5996 \Device\Harddisk1\DR1\Partition0 - ok
21:08:35.0641 5996 Boot (0x1200) (451616926144a6d64713181477afe284) \Device\Harddisk2\DR2\Partition0
21:08:35.0644 5996 \Device\Harddisk2\DR2\Partition0 - ok
21:08:35.0644 5996 ============================================================
21:08:35.0644 5996 Scan finished
21:08:35.0644 5996 ============================================================
21:08:35.0665 0416 Detected object count: 1
21:08:35.0665 0416 Actual detected object count: 1
21:08:48.0078 0416 vpcvmm ( Virus.Win32.ZAccess.k ) - skipped by user
21:08:48.0078 0416 vpcvmm ( Virus.Win32.ZAccess.k ) - User select action: Skip

#5 SweetTech

SweetTech

    Agent ST


  • Members
  • 13,421 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Antarctica
  • Local time:07:32 PM

Posted 21 February 2012 - 02:14 AM

Hi mjcritchfield!

Thanks so much for getting back to me! I ran all the scans, and here are the logs you asked for:

Not a problem! I'm glad to be of assistance. :)

Thanks for posting that second TDSSKiller log for me.

It confirmed my suspicions about that one file.

It's infected, so we'll need to replace it.

We will first need to find a replacement for it.

Run this OTL scan for me:

OTL Custom Scan

We need to create a new OTL Report
  • Double click on the Posted Image icon on your desktop.
  • Click the "Scan All Users" checkbox.
  • Click on the NONE button at the top.
  • In the custom scan box paste the following:
    "%WinDir%\$NtUninstallKB*$."
    %systemroot%\*. /mp /s
    %systemroot%\*. /rp /s
    /md5start
    vpcvmm.sys
    /md5stop
    
  • Push the Posted Image button.
  • One report will open, copy and paste it in a reply here:
  • OTL.txt <-- Will be opened

Have I helped you? If you'd like to assist in the fight against malware, click here Posted Image


The instructions seen in this post have been specifically tailored to this user and the issues they are experiencing with their computer. If you think you have a similar problem, please first read this topic, and then begin your own, new thread. I do not offer private support via Private Message.


#6 mjcritchfield

mjcritchfield
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:03:32 PM

Posted 21 February 2012 - 01:24 PM

Hey Agent ST,

Here's the OTL log you asked for:

========


OTL logfile created on: 2/21/2012 10:10:27 AM - Run 2
OTL by OldTimer - Version 3.2.33.1 Folder = C:\Users\Max\Downloads
Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.99 Gb Total Physical Memory | 1.80 Gb Available Physical Memory | 60.07% Memory free
5.98 Gb Paging File | 4.66 Gb Available in Paging File | 77.99% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 287.96 Gb Total Space | 112.00 Gb Free Space | 38.89% Space Free | Partition Type: NTFS
Drive E: | 1.83 Gb Total Space | 1.83 Gb Free Space | 99.70% Space Free | Partition Type: FAT
Drive F: | 465.76 Gb Total Space | 317.49 Gb Free Space | 68.17% Space Free | Partition Type: NTFS

Computer Name: MAXLAPPY | User Name: Max | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days

========== Custom Scans ==========


< "%WinDir%\$NtUninstallKB*$." >
[2012/02/13 21:53:13 | 000,000,000 | ---D | M] -- C:\Windows\$NtUninstallKB33825$

< %systemroot%\*. /mp /s >

< %systemroot%\*. /rp /s >


< MD5 for: VPCVMM.SYS >
[2009/12/31 01:22:09 | 000,295,936 | ---- | M] (Microsoft Corporation) MD5=1023C696D42268E9071BB376DBEC8396 -- C:\Windows\winsxs\x86_microsoft-windows-virtualpc-vmm_31bf3856ad364e35_7.1.7600.16495_none_3975ce344530abe9\vpcvmm.sys
[2010/11/20 04:30:17 | 000,296,064 | ---- | M] () MD5=117690C83C37A340F301C5DF3F9F5A57 -- C:\Windows\System32\drivers\vpcvmm.sys
[2010/11/20 04:30:17 | 000,296,064 | ---- | M] () MD5=117690C83C37A340F301C5DF3F9F5A57 -- C:\Windows\winsxs\x86_microsoft-windows-virtualpc-vmm_31bf3856ad364e35_7.1.7601.17514_none_3bb1b0024217166b\vpcvmm.sys
[2009/12/31 02:10:35 | 000,295,936 | ---- | M] (Microsoft Corporation) MD5=3F3C99257B2B09061C53F7ADF3C512D4 -- C:\Windows\winsxs\x86_microsoft-windows-virtualpc-vmm_31bf3856ad364e35_7.1.7600.20607_none_3a62bcc55e03800f\vpcvmm.sys
[2009/09/22 17:19:31 | 000,294,912 | ---- | M] (Microsoft Corporation) MD5=5ED378D91E32134F3C0B3810860FFD71 -- C:\Windows\winsxs\x86_microsoft-windows-virtualpc-vmm_31bf3856ad364e35_7.1.7600.16393_none_3973cbba45327c14\vpcvmm.sys

< End of report >

#7 SweetTech

SweetTech

    Agent ST


  • Members
  • 13,421 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Antarctica
  • Local time:07:32 PM

Posted 22 February 2012 - 09:43 AM

Hi mjcritchfield!

Thanks for posting the OTL log for me to review.

Note: ComboFix may prompt you to update, please allow it to do so.

ComboFix Script
  • Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before following the steps below.
  • They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
Copy/paste the text inside the Codebox below into notepad:

Here's how to do that:
Click Start > Run type Notepad click OK.
This will open an empty notepad file:

Copy all the text inside of the code box - Press Ctrl+C (or right click on the highlighted section and choose 'copy')

KillAll::
ClearJavaCache::
FCopy::
C:\Windows\winsxs\x86_microsoft-windows-virtualpc-vmm_31bf3856ad364e35_7.1.7600.16393_none_3973cbba45327c14\vpcvmm.sys | C:\Windows\System32\drivers\vpcvmm.sys
C:\Windows\winsxs\x86_microsoft-windows-virtualpc-vmm_31bf3856ad364e35_7.1.7600.16393_none_3973cbba45327c14\vpcvmm.sys | C:\Windows\winsxs\x86_microsoft-windows-virtualpc-vmm_31bf3856ad364e35_7.1.7601.17514_none_3bb1b0024217166b\vpcvmm.sys

Now paste the copied text into the open notepad - press CTRL+V (or right click and choose 'paste')

Save this file to your desktop, Save this as "CFScript"


Here's how to do that:

1.Click File;
2.Click Save As... Change the directory to your desktop;
3.Change the Save as type to "All Files";
4.Type in the file name: CFScript
5.Click Save ...

Posted Image
  • Referring to the screenshot above, drag CFScript.txt into ComboFix.exe.
  • ComboFix will now run a scan on your system. If ComboFix prompts you to update to the newest version, please allow it to do so. It may reboot your system when it finishes. This is normal.
  • When finished, it shall produce a log for you.
  • Copy and paste the contents of the log in your next reply.

CAUTION: Do not mouse-click ComboFix's window while it is running. That may cause it to stall.

Have I helped you? If you'd like to assist in the fight against malware, click here Posted Image


The instructions seen in this post have been specifically tailored to this user and the issues they are experiencing with their computer. If you think you have a similar problem, please first read this topic, and then begin your own, new thread. I do not offer private support via Private Message.


#8 mjcritchfield

mjcritchfield
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:03:32 PM

Posted 22 February 2012 - 05:04 PM

Hey Agent ST,

Here's the log from Combofix, with the script you included:

======


ComboFix 12-02-22.01 - Max 02/22/2012 13:45:38.3.2 - x86
Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.3062.2152 [GMT -8:00]
Running from: c:\users\Max\Desktop\ComboFix.exe
Command switches used :: c:\users\Max\Desktop\CFScript.txt
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\$NtUninstallKB33825$
.
.
--------------- FCopy ---------------
.
c:\windows\winsxs\x86_microsoft-windows-virtualpc-vmm_31bf3856ad364e35_7.1.7600.16393_none_3973cbba45327c14\vpcvmm.sys --> c:\windows\System32\drivers\vpcvmm.sys
.
((((((((((((((((((((((((( Files Created from 2012-01-22 to 2012-02-22 )))))))))))))))))))))))))))))))
.
.
2012-02-22 21:54 . 2012-02-22 21:56 -------- d-----w- c:\users\Max\AppData\Local\temp
2012-02-22 21:54 . 2012-02-22 21:54 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-02-22 21:54 . 2012-02-22 21:54 -------- d-----w- c:\users\Administrator\AppData\Local\temp
2012-02-21 05:21 . 2012-02-21 05:21 -------- d-----w- c:\program files\Common Files\Java
2012-02-21 05:20 . 2012-02-21 05:20 637848 ----a-w- c:\windows\system32\npdeployJava1.dll
2012-02-21 05:19 . 2012-02-21 05:19 -------- d-----w- c:\program files\Common Files\Skype
2012-02-21 05:18 . 2012-02-21 05:19 -------- d-----r- c:\program files\Skype
2012-02-21 03:46 . 2012-02-21 03:46 -------- d-----w- c:\users\Max\AppData\Local\AirMouse
2012-02-16 19:31 . 2012-02-16 19:31 -------- d-----w- c:\program files\FileHippo.com
2012-02-16 19:09 . 2012-02-16 19:09 -------- d-----w- c:\program files\iPod
2012-02-16 19:09 . 2012-02-16 19:11 -------- d-----w- c:\program files\iTunes
2012-02-16 04:10 . 2012-02-16 04:10 388096 ----a-r- c:\users\Max\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-02-16 04:10 . 2012-02-16 04:10 -------- d-----w- c:\program files\Trend Micro
2012-02-16 01:56 . 2012-02-16 01:56 -------- d-----w- c:\program files\ESET
2012-02-15 17:31 . 2011-12-30 05:27 478720 ----a-w- c:\windows\system32\timedate.cpl
2012-02-15 17:31 . 2012-01-04 08:58 442880 ----a-w- c:\windows\system32\ntshrui.dll
2012-02-15 17:31 . 2011-12-16 07:52 690688 ----a-w- c:\windows\system32\msvcrt.dll
2012-02-15 17:31 . 2012-01-14 03:35 2343424 ----a-w- c:\windows\system32\win32k.sys
2012-02-14 07:09 . 2012-02-14 07:09 -------- d-----w- c:\users\Max\AppData\Local\Apple
2012-02-14 07:09 . 2012-02-14 07:09 -------- d-----w- c:\users\Max\AppData\Local\Apple Computer
2012-02-14 06:54 . 2012-02-16 19:13 -------- d-----w- c:\users\Max\AppData\Roaming\WinPatrol
2012-02-14 06:54 . 2012-02-14 06:54 -------- d-----w- c:\programdata\InstallMate
2012-02-14 06:54 . 2012-02-14 06:54 -------- d-----w- c:\program files\BillP Studios
2012-02-14 06:26 . 2012-01-17 12:39 6557240 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{B89E80A6-9FC2-4559-B553-FA17C39095EE}\mpengine.dll
2012-02-14 06:11 . 2011-04-25 03:24 338944 ----a-w- c:\windows\system32\drivers\afd.sys
2012-02-13 20:12 . 2012-02-13 20:19 -------- d-----w- c:\program files\Unlocker
2012-02-11 01:12 . 2012-02-22 04:44 -------- d-----w- c:\users\Max\AppData\Local\Spotify
2012-02-11 01:11 . 2012-02-22 03:54 -------- d-----w- c:\users\Max\AppData\Roaming\Spotify
2012-02-11 01:06 . 2012-02-11 01:06 -------- d-----w- C:\ProcAlyzer Dumps
2012-02-10 23:10 . 2012-02-11 01:06 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2012-02-10 23:10 . 2012-02-14 04:13 -------- d-----w- c:\program files\Spybot - Search & Destroy 2
2012-02-08 22:05 . 2012-02-08 22:05 -------- d-----w- c:\windows\Temp86B8B378-2C7C-2EB3-C3BF-4ED0DFDB3F70-Signatures
2012-02-08 21:56 . 2012-02-08 21:56 -------- d-----w- c:\windows\Temp24020236-19EF-635D-F1C8-588110AE5B33-Signatures
2012-02-08 20:02 . 2012-02-08 22:11 -------- d-----w- c:\program files\Microsoft Security Essentials
2012-02-08 18:48 . 2012-02-13 17:47 0 --sha-w- c:\windows\system32\dds_trash_log.cmd
2012-02-01 06:50 . 2009-07-14 01:15 90624 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\HPZPPWN7.DLL
2012-01-28 05:32 . 2012-01-28 05:32 -------- d-----w- c:\program files\Integrate
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-02-22 05:47 . 2011-06-27 05:18 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-02-21 05:20 . 2010-12-03 22:53 567696 ----a-w- c:\windows\system32\deployJava1.dll
2012-01-29 13:10 . 2010-08-25 07:21 237072 ------w- c:\windows\system32\MpSigStub.exe
2012-01-12 00:19 . 2012-01-12 00:19 4448256 ----a-w- c:\windows\system32\GPhotos.scr
2011-12-15 20:51 . 2011-12-15 20:52 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-12-10 23:24 . 2011-10-25 07:31 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-02-21 23:31 . 2012-02-11 00:26 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2010-10-06 23:36 94208 ----a-w- c:\users\Max\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2010-10-06 23:36 94208 ----a-w- c:\users\Max\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2010-10-06 23:36 94208 ----a-w- c:\users\Max\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2010-10-06 23:36 94208 ----a-w- c:\users\Max\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-24 141848]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-24 150552]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296]
.
c:\users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Launchy.lnk - c:\program files\Launchy\Launchy.exe [2010-8-24 380928]
Rainmeter.lnk - c:\program files\Rainmeter\Rainmeter.exe [2011-9-18 100864]
Texter.lnk - c:\program files\Texter\texter.exe [2007-11-6 377303]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean.exe
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Air Mouse.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Air Mouse.lnk
backup=c:\windows\pss\Air Mouse.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft Office.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk
backup=c:\windows\pss\Microsoft Office.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^Users^Max^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk]
path=c:\users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
backup=c:\windows\pss\Dropbox.lnk.Startup
backupExtension=.Startup
.
[HKLM\~\startupfolder\C:^Users^Max^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Logitech . Product Registration.lnk]
path=c:\users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Product Registration.lnk
backup=c:\windows\pss\Logitech . Product Registration.lnk.Startup
backupExtension=.Startup
.
[HKLM\~\startupfolder\C:^Users^Max^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk]
path=c:\users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
backup=c:\windows\pss\OneNote 2007 Screen Clipper and Launcher.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2011-11-02 07:25 59240 ----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\F7B9E70633AFD6CEE6F29AC81DA30B2D6A21B039._service_run]
2012-02-14 13:21 1225200 ----a-w- c:\users\Max\AppData\Local\Google\Chrome\Application\chrome.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2010-08-26 03:35 136176 ----atw- c:\users\Max\AppData\Local\Google\Update\GoogleUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
2009-09-24 02:30 173592 ----a-w- c:\windows\System32\hkcmd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2012-01-17 01:22 421736 ----a-w- c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LWS]
2011-08-12 19:18 205336 ----a-w- c:\program files\Logitech\LWS\Webcam Software\LWS.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2011-10-24 22:28 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2012-01-17 19:07 252296 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VirtualCloneDrive]
2011-03-07 13:33 89456 ----a-w- c:\program files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
.
R2 5689;5689;c:\windows\TEMP\5689.sys [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 NecUsb3;USB3 Service;c:\windows\System32\svchost.exe [2009-07-14 20992]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2012-01-31 158856]
R3 AirDisplay;Air Display Support;c:\windows\system32\DRIVERS\AVVideoCard.sys [2010-09-07 6656]
R3 cpudrv;cpudrv;c:\program files\SystemRequirementsLab\cpudrv.sys [2009-12-18 11336]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4640000]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-08-25 1343400]
R4 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-11-29 136176]
R4 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2010-11-29 136176]
S2 UMVPFSrv;UMVPFSrv;c:\program files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2011-08-19 450848]
S3 netw5v32;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2011-06-10 394856]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
NecUsb3Sevic REG_MULTI_SZ NecUsb3
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
aswupdsv
.
.
------- Supplementary Scan -------
.
uStart Page = about:blank
uInternet Settings,ProxyOverride = *.local
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office14\EXCEL.EXE/3000
IE: Open with XmlPad - c:\program files\WMHelp Software\WMHelp XmlPad\WmhASPP.dll/101
TCP: DhcpNameServer = 75.75.75.75 75.75.76.76
Handler: wmh - {A1428E78-2D00-4590-A071-0CC9700A7768} - c:\program files\WMHelp Software\WMHelp XmlPad\WmhASPP.dll
FF - ProfilePath - c:\users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\0sfu1dnx.default\
FF - prefs.js: browser.startup.homepage - about:home
FF - prefs.js: keyword.URL - hxxp://vshare.toolbarhome.com/search.aspx?srch=ku&q=
FF - prefs.js: network.proxy.type - 0
.
- - - - ORPHANS REMOVED - - - -
.
MSConfigStartUp-VistaSwitcher - c:\program files\VistaSwitcher\vswitch.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'Explorer.exe'(3468)
c:\users\Max\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\WUDFHost.exe
c:\windows\system32\taskhost.exe
c:\windows\system32\conhost.exe
c:\windows\system32\DllHost.exe
c:\windows\system32\sppsvc.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\\?\c:\windows\system32\wbem\WMIADAP.EXE
.
**************************************************************************
.
Completion time: 2012-02-22 14:00:19 - machine was rebooted
ComboFix-quarantined-files.txt 2012-02-22 22:00
ComboFix2.txt 2012-02-14 06:18
.
Pre-Run: 119,325,155,328 bytes free
Post-Run: 119,048,462,336 bytes free
.
- - End Of File - - CB8130429A9030598080FB2AFBF957B6

#9 SweetTech

SweetTech

    Agent ST


  • Members
  • 13,421 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Antarctica
  • Local time:07:32 PM

Posted 23 February 2012 - 01:16 AM

Hi mjcritchfield!

How are things running?

Lets see what these scans find, and see where we stand then.

ComboFix Script
  • Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before following the steps below.
  • They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
Copy/paste the text inside the Codebox below into notepad:

Here's how to do that:
Click Start > Run type Notepad click OK.
This will open an empty notepad file:

Copy all the text inside of the code box - Press Ctrl+C (or right click on the highlighted section and choose 'copy')

KillAll::
ClearJavaCache::
Driver::
5689
File::
c:\windows\TEMP\5689.sys

Now paste the copied text into the open notepad - press CTRL+V (or right click and choose 'paste')

Save this file to your desktop, Save this as "CFScript"


Here's how to do that:

1.Click File;
2.Click Save As... Change the directory to your desktop;
3.Change the Save as type to "All Files";
4.Type in the file name: CFScript
5.Click Save ...

Posted Image
  • Referring to the screenshot above, drag CFScript.txt into ComboFix.exe.
  • ComboFix will now run a scan on your system. If ComboFix prompts you to update to the newest version, please allow it to do so. It may reboot your system when it finishes. This is normal.
  • When finished, it shall produce a log for you.
  • Copy and paste the contents of the log in your next reply.

CAUTION: Do not mouse-click ComboFix's window while it is running. That may cause it to stall.



NEXT:


Malwarebytes' Anti-Malware

I see that you have Malwarebytes' Anti-Malware installed on your computer could you please do a scan using these settings:

  • Open Malwarebytes' Anti-Malware
  • Select the Update tab
  • Click Check for Updates
  • After the update have been completed, Select the Scanner tab.
  • Select Perform quick scan, then click on Scan
  • Leave the default options as it is and click on Start Scan
  • When done, you will be prompted. Click OK, then click on Show Results
  • Checked (ticked) all items and click on Remove Selected
  • After it has removed the items, Notepad will open. Please post this log in your next reply. You can also find the log in the Logs tab. The bottom most log is the latest
Extra Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately.



NEXT:



ESET Online Scanner
I'd like us to scan your machine with ESET Online Scan

Note: It is recommended to disable on-board anti-virus program and anti-spyware programs while performing scans so there are no conflicts and it will speed up scan time.
Please don't go surfing while your resident protection is disabled!
Once the scan is finished remember to re-enable your anti-virus along with your anti-spyware programs.



  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on Posted Image to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image icon on your desktop.
  • Check Posted Image
  • Click the Posted Image button.
  • Accept any security warnings from your browser.
  • Check Posted Image
  • Make sure that the option "Remove found threats" is Unchecked
  • When the Computer scan settings display shows, click the Advanced option, the place a check next to the following (if it is not already checked):
    • Enable Anti-Stealth technology
  • Push the Start button.
  • ESET will then download updates for itself, install itself, and begin
    scanning your computer. Please be patient as this can take some time.
  • When the scan completes, push Posted Image
  • Push Posted Image, and save the file to your desktop using a unique name, such as
    ESETScan. Include the contents of this report in your next reply.
  • Push the Posted Image button.
  • Push Posted Image


NEXT:



Security Check
Download Security Check by screen317 from here or here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

Have I helped you? If you'd like to assist in the fight against malware, click here Posted Image


The instructions seen in this post have been specifically tailored to this user and the issues they are experiencing with their computer. If you think you have a similar problem, please first read this topic, and then begin your own, new thread. I do not offer private support via Private Message.


#10 mjcritchfield

mjcritchfield
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:03:32 PM

Posted 24 February 2012 - 12:14 AM

Hey Agent ST,

I ran the scans you asked for - here are the logs:

1. COMBOFIX LOG:


ComboFix 12-02-22.01 - Max 02/23/2012 16:47:45.4.2 - x86
Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.3062.2079 [GMT -8:00]
Running from: c:\users\Max\Desktop\ComboFix.exe
Command switches used :: c:\users\Max\Desktop\CFScript.txt
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
FILE ::
"c:\windows\TEMP\5689.sys"
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
Infected copy of c:\windows\system32\userinit.exe was found and disinfected
Restored copy from - c:\windows\ERDNT\cache\userinit.exe
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_5689
-------\Service_5689
.
.
((((((((((((((((((((((((( Files Created from 2012-01-24 to 2012-02-24 )))))))))))))))))))))))))))))))
.
.
2012-02-24 00:55 . 2012-02-24 00:55 56200 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{B89E80A6-9FC2-4559-B553-FA17C39095EE}\offreg.dll
2012-02-24 00:55 . 2012-02-24 00:55 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-02-24 00:55 . 2012-02-24 00:55 -------- d-----w- c:\users\Administrator\AppData\Local\temp
2012-02-22 21:54 . 2012-02-24 00:57 -------- d-----w- c:\users\Max\AppData\Local\temp
2012-02-21 05:21 . 2012-02-21 05:21 -------- d-----w- c:\program files\Common Files\Java
2012-02-21 05:20 . 2012-02-21 05:20 637848 ----a-w- c:\windows\system32\npdeployJava1.dll
2012-02-21 05:19 . 2012-02-21 05:19 -------- d-----w- c:\program files\Common Files\Skype
2012-02-21 05:18 . 2012-02-21 05:19 -------- d-----r- c:\program files\Skype
2012-02-21 03:46 . 2012-02-21 03:46 -------- d-----w- c:\users\Max\AppData\Local\AirMouse
2012-02-16 19:31 . 2012-02-16 19:31 -------- d-----w- c:\program files\FileHippo.com
2012-02-16 19:09 . 2012-02-16 19:09 -------- d-----w- c:\program files\iPod
2012-02-16 19:09 . 2012-02-16 19:11 -------- d-----w- c:\program files\iTunes
2012-02-16 04:10 . 2012-02-16 04:10 388096 ----a-r- c:\users\Max\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-02-16 04:10 . 2012-02-16 04:10 -------- d-----w- c:\program files\Trend Micro
2012-02-16 01:56 . 2012-02-16 01:56 -------- d-----w- c:\program files\ESET
2012-02-15 17:31 . 2011-12-30 05:27 478720 ----a-w- c:\windows\system32\timedate.cpl
2012-02-15 17:31 . 2012-01-04 08:58 442880 ----a-w- c:\windows\system32\ntshrui.dll
2012-02-15 17:31 . 2011-12-16 07:52 690688 ----a-w- c:\windows\system32\msvcrt.dll
2012-02-15 17:31 . 2012-01-14 03:35 2343424 ----a-w- c:\windows\system32\win32k.sys
2012-02-14 07:09 . 2012-02-14 07:09 -------- d-----w- c:\users\Max\AppData\Local\Apple
2012-02-14 07:09 . 2012-02-14 07:09 -------- d-----w- c:\users\Max\AppData\Local\Apple Computer
2012-02-14 06:54 . 2012-02-16 19:13 -------- d-----w- c:\users\Max\AppData\Roaming\WinPatrol
2012-02-14 06:54 . 2012-02-14 06:54 -------- d-----w- c:\programdata\InstallMate
2012-02-14 06:54 . 2012-02-14 06:54 -------- d-----w- c:\program files\BillP Studios
2012-02-14 06:26 . 2012-01-17 12:39 6557240 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{B89E80A6-9FC2-4559-B553-FA17C39095EE}\mpengine.dll
2012-02-14 06:11 . 2011-04-25 03:24 338944 ----a-w- c:\windows\system32\drivers\afd.sys
2012-02-13 20:12 . 2012-02-13 20:19 -------- d-----w- c:\program files\Unlocker
2012-02-11 01:12 . 2012-02-24 00:38 -------- d-----w- c:\users\Max\AppData\Local\Spotify
2012-02-11 01:11 . 2012-02-24 00:01 -------- d-----w- c:\users\Max\AppData\Roaming\Spotify
2012-02-11 01:06 . 2012-02-11 01:06 -------- d-----w- C:\ProcAlyzer Dumps
2012-02-10 23:10 . 2012-02-11 01:06 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2012-02-10 23:10 . 2012-02-14 04:13 -------- d-----w- c:\program files\Spybot - Search & Destroy 2
2012-02-08 22:05 . 2012-02-08 22:05 -------- d-----w- c:\windows\Temp86B8B378-2C7C-2EB3-C3BF-4ED0DFDB3F70-Signatures
2012-02-08 21:56 . 2012-02-08 21:56 -------- d-----w- c:\windows\Temp24020236-19EF-635D-F1C8-588110AE5B33-Signatures
2012-02-08 20:02 . 2012-02-08 22:11 -------- d-----w- c:\program files\Microsoft Security Essentials
2012-02-08 18:48 . 2012-02-13 17:47 0 --sha-w- c:\windows\system32\dds_trash_log.cmd
2012-02-01 06:50 . 2009-07-14 01:15 90624 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\HPZPPWN7.DLL
2012-01-28 05:32 . 2012-01-28 05:32 -------- d-----w- c:\program files\Integrate
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-02-22 05:47 . 2011-06-27 05:18 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-02-21 05:20 . 2010-12-03 22:53 567696 ----a-w- c:\windows\system32\deployJava1.dll
2012-01-29 13:10 . 2010-08-25 07:21 237072 ------w- c:\windows\system32\MpSigStub.exe
2012-01-12 00:19 . 2012-01-12 00:19 4448256 ----a-w- c:\windows\system32\GPhotos.scr
2011-12-15 20:51 . 2011-12-15 20:52 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-12-10 23:24 . 2011-10-25 07:31 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-02-21 23:31 . 2012-02-11 00:26 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2010-10-06 23:36 94208 ----a-w- c:\users\Max\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2010-10-06 23:36 94208 ----a-w- c:\users\Max\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2010-10-06 23:36 94208 ----a-w- c:\users\Max\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2010-10-06 23:36 94208 ----a-w- c:\users\Max\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-24 141848]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-24 150552]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296]
.
c:\users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Launchy.lnk - c:\program files\Launchy\Launchy.exe [2010-8-24 380928]
Rainmeter.lnk - c:\program files\Rainmeter\Rainmeter.exe [2011-9-18 100864]
Texter.lnk - c:\program files\Texter\texter.exe [2007-11-6 377303]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean.exe
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Air Mouse.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Air Mouse.lnk
backup=c:\windows\pss\Air Mouse.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft Office.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk
backup=c:\windows\pss\Microsoft Office.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^Users^Max^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk]
path=c:\users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
backup=c:\windows\pss\Dropbox.lnk.Startup
backupExtension=.Startup
.
[HKLM\~\startupfolder\C:^Users^Max^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Logitech . Product Registration.lnk]
path=c:\users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Product Registration.lnk
backup=c:\windows\pss\Logitech . Product Registration.lnk.Startup
backupExtension=.Startup
.
[HKLM\~\startupfolder\C:^Users^Max^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk]
path=c:\users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
backup=c:\windows\pss\OneNote 2007 Screen Clipper and Launcher.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2011-11-02 07:25 59240 ----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\F7B9E70633AFD6CEE6F29AC81DA30B2D6A21B039._service_run]
2012-02-14 13:21 1225200 ----a-w- c:\users\Max\AppData\Local\Google\Chrome\Application\chrome.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2010-08-26 03:35 136176 ----atw- c:\users\Max\AppData\Local\Google\Update\GoogleUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
2009-09-24 02:30 173592 ----a-w- c:\windows\System32\hkcmd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2012-01-17 01:22 421736 ----a-w- c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LWS]
2011-08-12 19:18 205336 ----a-w- c:\program files\Logitech\LWS\Webcam Software\LWS.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2011-10-24 22:28 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2012-01-17 19:07 252296 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VirtualCloneDrive]
2011-03-07 13:33 89456 ----a-w- c:\program files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 NecUsb3;USB3 Service;c:\windows\System32\svchost.exe [2009-07-14 20992]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2012-01-31 158856]
R3 AirDisplay;Air Display Support;c:\windows\system32\DRIVERS\AVVideoCard.sys [2010-09-07 6656]
R3 cpudrv;cpudrv;c:\program files\SystemRequirementsLab\cpudrv.sys [2009-12-18 11336]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4640000]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-08-25 1343400]
R4 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-11-29 136176]
R4 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2010-11-29 136176]
S2 UMVPFSrv;UMVPFSrv;c:\program files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2011-08-19 450848]
S3 netw5v32;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2011-06-10 394856]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
NecUsb3Sevic REG_MULTI_SZ NecUsb3
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
aswupdsv
.
.
------- Supplementary Scan -------
.
uStart Page = about:blank
uInternet Settings,ProxyOverride = *.local
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office14\EXCEL.EXE/3000
IE: Open with XmlPad - c:\program files\WMHelp Software\WMHelp XmlPad\WmhASPP.dll/101
TCP: DhcpNameServer = 75.75.75.75 75.75.76.76
Handler: wmh - {A1428E78-2D00-4590-A071-0CC9700A7768} - c:\program files\WMHelp Software\WMHelp XmlPad\WmhASPP.dll
FF - ProfilePath - c:\users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\0sfu1dnx.default\
FF - prefs.js: browser.startup.homepage - about:home
FF - prefs.js: keyword.URL - hxxp://vshare.toolbarhome.com/search.aspx?srch=ku&q=
FF - prefs.js: network.proxy.type - 0
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'Explorer.exe'(3012)
c:\users\Max\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\taskhost.exe
c:\windows\system32\WUDFHost.exe
c:\windows\system32\conhost.exe
c:\windows\system32\DllHost.exe
c:\windows\system32\sppsvc.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\system32\taskhost.exe
.
**************************************************************************
.
Completion time: 2012-02-23 17:01:21 - machine was rebooted
ComboFix-quarantined-files.txt 2012-02-24 01:01
ComboFix2.txt 2012-02-22 22:00
ComboFix3.txt 2012-02-14 06:18
.
Pre-Run: 118,623,690,752 bytes free
Post-Run: 118,542,241,792 bytes free
.
- - End Of File - - CC41CBCC8B4F82B2B9E2E82D2EDCF548

========

2. MBAM LOG:


Malwarebytes Anti-Malware 1.60.1.1000
www.malwarebytes.org

Database version: v2012.02.23.05

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
Max :: MAXLAPPY [administrator]

2/23/2012 5:02:56 PM
mbam-log-2012-02-23 (17-02-56).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 184461
Time elapsed: 4 minute(s), 49 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

=======

3. ESET LOG:


C:\Qoobox\Quarantine\C\Windows\system32\Drivers\vpcvmm.sys.vir a variant of Win32/Rootkit.Kryptik.IY trojan
C:\Qoobox\Quarantine\C\Windows\winsxs\x86_microsoft-windows-virtualpc-vmm_31bf3856ad364e35_7.1.7601.17514_none_3bb1b0024217166b\vpcvmm.sys.vir a variant of Win32/Rootkit.Kryptik.IY trojan

======

4. SECURITY CHECK LOG:

Results of screen317's Security Check version 0.99.31
Windows 7 Service Pack 1 x86 (UAC is enabled)
Internet Explorer 9
``````````````````````````````
Antivirus/Firewall Check:

Windows Firewall Enabled!
ESET Online Scanner v3
WMI entry may not exist for antivirus; attempting automatic update.
```````````````````````````````
Anti-malware/Other Utilities Check:

CCleaner
Java™ 6 Update 30
Java™ 7 Update 3
Adobe Flash Player 11.1.102.62
Mozilla Firefox (10.0.2)
````````````````````````````````
Process Check:
objlist.exe by Laurent

WinPatrol winpatrol.exe is disabled!
``````````End of Log````````````

======

Thanks, Agent ST! Looking forward to hearing from you soon.

max

#11 SweetTech

SweetTech

    Agent ST


  • Members
  • 13,421 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Antarctica
  • Local time:07:32 PM

Posted 24 February 2012 - 02:39 AM

Hi Max!

These threat(s) below are currently in Quarantine/System Restore and shall be removed when we clean up our tools later on.

C:\Qoobox\Quarantine\C\Windows\system32\Drivers\vpcvmm.sys.vir a variant of Win32/Rootkit.Kryptik.IY trojan
C:\Qoobox\Quarantine\C\Windows\winsxs\x86_microsoft-windows-virtualpc-vmm_31bf3856ad364e35_7.1.7601.17514_none_3bb1b0024217166b\vpcvmm.sys.vir a variant of Win32/Rootkit.Kryptik.IY trojan


____________________________________________________

From the looks of your SecurityCheck log, I can see that we have some outdated programs that need to be updated.

Lets address those programs that need updating now!

Java Outdated

Important Note: Your version of Java is out of date. Older versions have vulnerabilities that malicious sites can use to exploit and infect your system.Please follow these steps to remove older version Java components and update:
  • Download the latest version of Java Runtime Environment (JRE) Version 7 and save it to your desktop.
  • Look for "Java Platform, Standard Edition".
  • Click the "Download JRE" button to the right.
  • Read the License Agreement, and then check the box that says: "Accept License Agreement".
  • From the list, select your OS and Platform:
    • 32-bit Select: Windows x86 Offline.
    • 64-bit Select: Windows x64.
  • If a download for an Offline Installation is available, it is recommended to choose that and save the file to your desktop.
  • Close any programs you may have running - especially your web browser.
Go to Posted Image > Control Panel, double-click on Add/Remove Programs or Programs and Features in Vista/Windows 7 and remove all older versions of Java.
  • Check (highlight) any item with Java Runtime Environment (JRE or J2SE) in the name.
  • Click the Remove or Change/Remove button and follow the onscreen instructions for the Java uninstaller.
  • Repeat as many times as necessary to remove each Java versions.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on jre-7u3-windows-i586-s.exe (or jre-7u3-windows-x64.exe for 64-bit) to install the newest version.
  • If using Windows 7 or Vista and the installer refuses to launch due to insufficient user permissions, then Run As Administrator.
  • When the Java Setup - Welcome window opens, click the Install > button.
  • If offered to install a Toolbar, just uncheck the box before continuing unless you want it.
  • The McAfee Security Scan Plus tool is installed by default unless you uncheck the McAfee installation box when updating Java.
Note: The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications but it's not necessary.
To disable the JQS service if you don't want to use it:
  • Go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter.
  • Click Ok and reboot your computer.


NEXT



No Anti-Virus Present

Looking over your log it seems you don't have any evidence of an anti-virus software.

Anti-virus software are programs that detect cleans and erase harmful virus files on a computer
Web server or network.
Unchecked virus files can unintentionally be forwarded to others including trading partners and thereby spreading infection. Because new viruses regularly emerge anti-virus software should be updated frequently. Anti-virus software can scan the computer memory and disk drives for malicious code. They can alert the user if a virus is present and will clean delete (or quarantine) infected files or directories. Please download a free anti-virus software from one these excellent vendors

It is strongly recommended that you run only one antivirus program at a time. Having more than one antivirus program active in memory uses additional resources and can result in program conflicts and false virus alerts. If you choose to install more than one antivirus program on your computer then only one of them should be active in memory at a time.



NEXT:



OTL Fix

We need to run an OTL Fix
  • Please reopen Posted Image on your desktop.
  • Copy and Paste the following code into the Posted Image textbox.
    :Services
    :OTL
    
    :Reg
    
    :Files
    :Commands
    [purity]
    [CreateRestorePoint]
    [emptytemp]
    [EMPTYFLASH]
    
  • Push Posted Image
  • OTL may ask to reboot the machine. Please do so if asked.
  • Click the OK button.
  • A report will open. Copy and Paste that report in your next reply.
  • If the machine reboots, the log will be located at C:\_OTL\MovedFiles\mmddyyyy_hhmmss.log, where mmddyyyy_hhmmss is the date of the tool run.


NEXT:



OTL Custom Scan

We need to run an OTL Custom Scan
  • Please reopen Posted Image on your desktop.
  • Copy and Paste the following code into the Posted Image textbox.


    netsvcs
    drivers32
    hklm\software\clients\startmenuinternet|command /rs
    %systemroot%\*. /rp /s
    %USERPROFILE%\AppData\Local\Google\Chrome\User Data\*.* /s
    HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs

  • Push the Posted Image button.
  • A report will open. Copy and Paste that report in your next reply.


NEXT:


Please make sure you include the following items in your next post:

1. Any comments or questions you may have that you'd like for me to answer in my next post to you.
2. OTL fix log.
3. New OTL Custom Scan log.
4. What outstanding issues (if any) are you still experiencing with your computer?

It would be helpful if you could answer each question in the order asked, as well as numbering your answers.

Have I helped you? If you'd like to assist in the fight against malware, click here Posted Image


The instructions seen in this post have been specifically tailored to this user and the issues they are experiencing with their computer. If you think you have a similar problem, please first read this topic, and then begin your own, new thread. I do not offer private support via Private Message.


#12 mjcritchfield

mjcritchfield
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:03:32 PM

Posted 24 February 2012 - 02:04 PM

Hey Agent ST,

Here are the answers to your questions:

1. I think are looking good - my computer is running WAY better, and I don't see any more weird processes. Combofix found that my userinit.exe file was corrupted and then restored it - is everything OK there? I also DO have the latest version of Java installed - Java 6 was installed as well, so I uninstalled that just to make sure there were no conflicts. I also normally have MSE running as my antivirus, but I uninstalled it to run Combofix to make sure there were no conflicts. It's running now.

======

2. OTL FIX LOG:


All processes killed
========== SERVICES/DRIVERS ==========
========== OTL ==========
========== REGISTRY ==========
========== FILES ==========
========== COMMANDS ==========


[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->Flash cache emptied: 56475 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Max
->Temp folder emptied: 165909 bytes
->Temporary Internet Files folder emptied: 41193 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 52390945 bytes
->Google Chrome cache emptied: 15570127 bytes
->Flash cache emptied: 57122 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 294219 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 17914 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 65.00 mb


[EMPTYFLASH]

User: Administrator

User: All Users

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Max
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0.00 mb


OTL by OldTimer - Version 3.2.33.1 log created on 02242012_102128

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

======

3. OTL - CUSTOM SCAN LOG:


OTL logfile created on: 2/24/2012 10:25:05 AM - Run 3
OTL by OldTimer - Version 3.2.33.1 Folder = C:\Users\Max\Downloads
Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.99 Gb Total Physical Memory | 1.72 Gb Available Physical Memory | 57.43% Memory free
5.98 Gb Paging File | 4.57 Gb Available in Paging File | 76.42% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 287.96 Gb Total Space | 108.51 Gb Free Space | 37.68% Space Free | Partition Type: NTFS
Drive F: | 465.76 Gb Total Space | 317.49 Gb Free Space | 68.17% Space Free | Partition Type: NTFS

Computer Name: MAXLAPPY | User Name: Max | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/02/20 19:03:50 | 000,583,168 | ---- | M] (OldTimer Tools) -- C:\Users\Max\Downloads\OTL.exe
PRC - [2011/09/18 07:54:38 | 000,100,864 | ---- | M] () -- C:\Program Files\Rainmeter\Rainmeter.exe
PRC - [2011/08/19 01:26:50 | 000,450,848 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe
PRC - [2011/06/15 15:16:48 | 000,997,920 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2011/04/27 15:39:26 | 000,208,944 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
PRC - [2011/04/27 15:39:26 | 000,011,736 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
PRC - [2011/02/24 21:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010/11/20 04:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010/04/03 13:05:46 | 000,380,928 | ---- | M] () -- C:\Program Files\Launchy\Launchy.exe
PRC - [2007/11/06 15:20:15 | 000,377,303 | ---- | M] () -- C:\Program Files\Texter\texter.exe


========== Modules (No Company Name) ==========

MOD - [2012/02/14 05:21:41 | 000,446,960 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\Application\19.0.1041.0\ppgooglenaclpluginchrome.dll
MOD - [2012/02/14 05:21:39 | 003,915,248 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\Application\19.0.1041.0\pdf.dll
MOD - [2012/02/14 05:20:23 | 000,551,408 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\Application\19.0.1041.0\libglesv2.dll
MOD - [2012/02/14 05:20:22 | 000,117,744 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\Application\19.0.1041.0\libegl.dll
MOD - [2012/02/14 05:20:12 | 000,122,880 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\Application\19.0.1041.0\avutil-51.dll
MOD - [2012/02/14 05:20:10 | 000,220,672 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\Application\19.0.1041.0\avformat-53.dll
MOD - [2012/02/14 05:20:09 | 001,747,456 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\Application\19.0.1041.0\avcodec-53.dll
MOD - [2012/02/14 04:32:20 | 008,746,656 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\Application\19.0.1041.0\gcswf32.dll
MOD - [2011/11/08 12:46:02 | 000,093,696 | ---- | M] () -- C:\Program Files\FileZilla FTP Client\fzshellext.dll
MOD - [2011/09/18 07:55:10 | 000,143,360 | ---- | M] () -- C:\Program Files\Rainmeter\Plugins\WebParser.dll
MOD - [2011/09/18 07:54:50 | 000,020,992 | ---- | M] () -- C:\Program Files\Rainmeter\Plugins\PowerPlugin.dll
MOD - [2011/09/18 07:54:38 | 000,100,864 | ---- | M] () -- C:\Program Files\Rainmeter\Rainmeter.exe
MOD - [2011/09/18 07:54:36 | 000,625,152 | ---- | M] () -- C:\Program Files\Rainmeter\Rainmeter.dll
MOD - [2010/04/03 13:06:20 | 000,081,920 | ---- | M] () -- C:\Program Files\Launchy\plugins\calcy.dll
MOD - [2010/04/03 13:06:08 | 000,024,064 | ---- | M] () -- C:\Program Files\Launchy\plugins\gcalc.dll
MOD - [2010/04/03 13:06:02 | 000,094,208 | ---- | M] () -- C:\Program Files\Launchy\plugins\runner.dll
MOD - [2010/04/03 13:05:54 | 000,122,880 | ---- | M] () -- C:\Program Files\Launchy\plugins\weby.dll
MOD - [2010/04/03 13:05:46 | 000,380,928 | ---- | M] () -- C:\Program Files\Launchy\Launchy.exe
MOD - [2010/04/03 13:05:32 | 000,057,344 | ---- | M] () -- C:\Program Files\Launchy\plugins\verby.dll
MOD - [2010/04/03 13:05:22 | 000,090,112 | ---- | M] () -- C:\Program Files\Launchy\plugins\controly.dll
MOD - [2009/12/17 00:18:48 | 000,233,472 | ---- | M] () -- C:\Program Files\Launchy\imageformats\qmng4.dll
MOD - [2009/12/16 22:13:02 | 008,314,880 | ---- | M] () -- C:\Program Files\Launchy\QtGui4.dll
MOD - [2009/12/16 21:56:22 | 000,712,704 | ---- | M] () -- C:\Program Files\Launchy\QtNetwork4.dll
MOD - [2009/12/16 21:54:46 | 002,236,416 | ---- | M] () -- C:\Program Files\Launchy\QtCore4.dll
MOD - [2007/11/06 15:20:15 | 000,377,303 | ---- | M] () -- C:\Program Files\Texter\texter.exe


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (NecUsb3)
SRV - File not found [Auto | Stopped] -- -- (aswupdsv)
SRV - [2012/01/31 15:09:34 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2011/08/19 01:26:50 | 000,450,848 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe -- (UMVPFSrv)
SRV - [2011/04/27 15:39:26 | 000,208,944 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv)
SRV - [2011/04/27 15:39:26 | 000,011,736 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV - [2010/09/13 10:48:12 | 000,025,704 | R--- | M] (Amazon.com) [On_Demand | Stopped] -- C:\Program Files\Amazon\Amazon Unbox Video\ADVWindowsClientService.exe -- (ADVService)
SRV - [2010/08/24 23:30:19 | 001,343,400 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2009/07/13 17:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)
SRV - [2009/07/13 17:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/13 17:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/07/13 17:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)


========== Driver Services (SafeList) ==========

DRV - [2011/08/19 01:26:50 | 004,334,624 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lvuvc.sys -- (LVUVC) Logitech HD Webcam C310(UVC)
DRV - [2011/08/19 01:26:46 | 000,315,808 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lvrs.sys -- (LVRS)
DRV - [2011/04/27 15:25:24 | 000,065,024 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2011/04/18 13:18:50 | 000,043,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\MpNWMon.sys -- (MpNWMon)
DRV - [2010/11/29 13:47:22 | 000,231,248 | ---- | M] (TrueCrypt Foundation) [Kernel | System | Running] -- C:\Windows\System32\drivers\truecrypt.sys -- (truecrypt)
DRV - [2010/11/24 12:11:32 | 000,037,920 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tbhsd.sys -- (tbhsd)
DRV - [2010/11/20 04:30:17 | 000,172,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vpchbus.sys -- (vpcbus)
DRV - [2010/11/20 04:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vmbus.sys -- (vmbus)
DRV - [2010/11/20 04:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010/11/20 04:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\storvsc.sys -- (storvsc)
DRV - [2010/11/20 02:50:38 | 000,078,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vpcusb.sys -- (vpcusb)
DRV - [2010/11/20 02:50:37 | 000,048,128 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\vpcnfltr.sys -- (vpcnfltr)
DRV - [2010/11/20 02:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 01:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/11/20 01:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010/11/20 01:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010/09/07 11:57:32 | 000,006,656 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AVVideoCard.sys -- (AirDisplay)
DRV - [2009/12/18 09:58:52 | 000,011,336 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\SystemRequirementsLab\cpudrv.sys -- (cpudrv)
DRV - [2009/09/22 17:19:31 | 000,294,912 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\vpcvmm.sys -- (vpcvmm)
DRV - [2009/07/13 15:45:33 | 000,083,456 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\serial.sys -- (Serial)
DRV - [2009/07/13 14:13:48 | 001,035,776 | ---- | M] (LSI Corp) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2009/07/13 14:02:51 | 004,231,168 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\netw5v32.sys -- (netw5v32) Intel®


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 4B 79 2F 22 9E 5E CC 01 [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Web Search..."
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.startup.homepage: "about:home"
FF - prefs.js..keyword.URL: "http://vshare.toolbarhome.com/search.aspx?srch=ku&q="
FF - prefs.js..network.proxy.type: 0

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.0.61118.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Max\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Max\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Max\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Max\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/02/21 15:31:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/02/20 21:20:49 | 000,000,000 | ---D | M]

[2010/08/24 23:03:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Max\AppData\Roaming\Mozilla\Extensions
[2012/02/09 12:03:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\0sfu1dnx.default\extensions
[2012/01/21 15:09:39 | 000,000,000 | ---D | M] (Evernote Web Clipper) -- C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\0sfu1dnx.default\extensions\{E0B8C461-F8FB-49b4-8373-FE32E9252800}
[2011/03/25 11:44:24 | 000,000,000 | ---D | M] (LogMeIn, Inc. Remote Access Plugin) -- C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\0sfu1dnx.default\extensions\LogMeInClient@logmein.com
[2012/02/21 15:31:17 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/02/21 15:31:12 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2010/08/26 09:11:35 | 000,075,208 | ---- | M] (Foxit Software Company) -- C:\Program Files\mozilla firefox\plugins\npFoxitReaderPlugin.dll
[2012/01/29 05:36:35 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/01/29 05:36:35 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms},
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Max\AppData\Local\Google\Chrome\Application\19.0.1041.0\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Max\AppData\Local\Google\Chrome\Application\19.0.1041.0\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Max\AppData\Local\Google\Chrome\Application\19.0.1041.0\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Max\AppData\Local\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Foxit Reader Plugin for Mozilla (Enabled) = C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Google Talk Plugin (Enabled) = C:\Users\Max\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Users\Max\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL
CHR - plugin: Picasa (Enabled) = C:\Program Files\Google\Picasa3\npPicasa3.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\5.0.61118.0\npctrl.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Windows Activation Technologies (Enabled) = C:\Windows\system32\Wat\npWatWeb.dll
CHR - Extension: YouTube = C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Minimalist for Everything [Beta] = C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmihblnpomgpjkfddepdpdafhhepdbek\0.5.20_0\
CHR - Extension: Add to Amazon Wish List = C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.8_0\
CHR - Extension: Google Search = C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.17_0\
CHR - Extension: Mailto: for Gmail\uFFFD = C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgkkmcknielgdhebimdnfahpipajcpjn\2.3_0\
CHR - Extension: Offline Google Mail = C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk\1.13_0\
CHR - Extension: Google Calendar = C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn\4.5.3_0\
CHR - Extension: Springpad = C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkmopoamfjnmppabeaphohombnjcjgla\4_0\
CHR - Extension: LastPass = C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\
CHR - Extension: Cloud Reader = C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdipabjmbhpdkjaihfjoikhjjeneebd\1.0.0.0_0\
CHR - Extension: Google Voice (by Google) = C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcnhkahnjcbndmmehfkdnkjomaanaooo\2.3.6.1_0\
CHR - Extension: Simplenote = C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfjoocpipbbafoimjgbkmfnjcjejdbjo\2_0\
CHR - Extension: Super Full Feeds for Google Reader\uFFFD = C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\khbjahpecnkenngkidhioicnfpakihgo\1.3.2_0\
CHR - Extension: StayFocusd = C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\laankejkbhbdhmipfmgcngdelahlfoji\1.2.0.15_0\
CHR - Extension: Springpad Extension = C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.4.1107.26_0\
CHR - Extension: relaxpls.com = C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\npmnpijamnjkmkcpfkadpmdhhehabcld\1.0_0\
CHR - Extension: Weather Underground = C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjejbgheonogbpfkkjigbmahaljipoej\1.6_0\
CHR - Extension: Gmail = C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012/02/23 16:56:54 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Launchy.lnk = C:\Program Files\Launchy\Launchy.exe ()
O4 - Startup: C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk = C:\Program Files\Rainmeter\Rainmeter.exe ()
O4 - Startup: C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Texter.lnk = C:\Program Files\Texter\texter.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 177
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 177
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Open with XmlPad - C:\Program Files\WMHelp Software\WMHelp XmlPad\WmhASPP.dll (WMHelp Software)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab (Java Plug-in 10.3.0)
O16 - DPF: {CAFEEFAC-0017-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab (Java Plug-in 1.7.0_03)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab (Java Plug-in 1.7.0_03)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 75.75.75.75 75.75.76.76
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{19D5F0D6-7A0A-496A-8B20-23C68FCC416D}: DhcpNameServer = 75.75.75.75 75.75.76.76
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\wmh {A1428E78-2D00-4590-A071-0CC9700A7768} - C:\Program Files\WMHelp Software\WMHelp XmlPad\WmhASPP.dll (WMHelp Software)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 13:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: aswupdsv - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.i420 - C:\Windows\System32\lvcodec2.dll (Logitech Inc.)

========== Files/Folders - Created Within 30 Days ==========

[2012/02/24 10:21:28 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/02/23 21:15:39 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2012/02/23 17:00:26 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012/02/23 16:55:16 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2012/02/22 13:54:41 | 000,000,000 | ---D | C] -- C:\Users\Max\AppData\Local\temp
[2012/02/22 13:38:14 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012/02/22 13:38:14 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012/02/22 13:38:14 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012/02/22 13:37:22 | 004,417,295 | R--- | C] (Swearware) -- C:\Users\Max\Desktop\ComboFix.exe
[2012/02/20 21:21:10 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2012/02/20 21:19:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012/02/20 21:19:05 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2012/02/20 21:18:59 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2012/02/20 19:46:53 | 000,000,000 | ---D | C] -- C:\Users\Max\AppData\Local\AirMouse
[2012/02/16 11:31:32 | 000,000,000 | ---D | C] -- C:\Program Files\FileHippo.com
[2012/02/16 11:15:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader 5.0
[2012/02/16 11:13:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit PDF Editor
[2012/02/16 11:12:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit PDF IFilter
[2012/02/16 11:11:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012/02/16 11:09:54 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012/02/16 11:09:52 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2012/02/15 20:10:43 | 000,000,000 | ---D | C] -- C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
[2012/02/15 20:10:41 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2012/02/15 17:56:24 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2012/02/13 23:09:39 | 000,000,000 | ---D | C] -- C:\Users\Max\AppData\Local\Apple
[2012/02/13 23:09:25 | 000,000,000 | ---D | C] -- C:\Users\Max\AppData\Local\Apple Computer
[2012/02/13 22:54:35 | 000,000,000 | ---D | C] -- C:\Users\Max\AppData\Roaming\WinPatrol
[2012/02/13 22:54:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPatrol
[2012/02/13 22:54:31 | 000,000,000 | ---D | C] -- C:\ProgramData\InstallMate
[2012/02/13 22:54:31 | 000,000,000 | ---D | C] -- C:\Program Files\BillP Studios
[2012/02/13 12:43:10 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2012/02/13 12:42:04 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/02/13 12:12:36 | 000,000,000 | ---D | C] -- C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
[2012/02/13 12:12:36 | 000,000,000 | ---D | C] -- C:\Program Files\Unlocker
[2012/02/10 17:12:08 | 000,000,000 | ---D | C] -- C:\Users\Max\AppData\Local\Spotify
[2012/02/10 17:11:35 | 000,000,000 | ---D | C] -- C:\Users\Max\AppData\Roaming\Spotify
[2012/02/10 17:06:41 | 000,000,000 | ---D | C] -- C:\ProcAlyzer Dumps
[2012/02/10 15:10:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2012/02/10 15:10:03 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy 2
[2012/02/10 15:01:45 | 000,000,000 | ---D | C] -- C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2012/02/08 14:05:07 | 000,000,000 | ---D | C] -- C:\Windows\Temp86B8B378-2C7C-2EB3-C3BF-4ED0DFDB3F70-Signatures
[2012/02/08 13:56:10 | 000,000,000 | ---D | C] -- C:\Windows\Temp24020236-19EF-635D-F1C8-588110AE5B33-Signatures
[2012/02/08 12:02:44 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Essentials
[2012/01/27 21:32:00 | 000,000,000 | ---D | C] -- C:\Program Files\Integrate

========== Files - Modified Within 30 Days ==========

[2012/02/24 10:29:35 | 000,013,472 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/02/24 10:29:35 | 000,013,472 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/02/24 10:22:18 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/02/24 10:22:16 | 2408,390,656 | -HS- | M] () -- C:\hiberfil.sys
[2012/02/23 21:15:58 | 000,001,945 | ---- | M] () -- C:\Windows\epplauncher.mif
[2012/02/23 21:15:46 | 000,664,058 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/02/23 21:15:46 | 000,122,844 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/02/23 16:56:54 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2012/02/22 13:37:07 | 004,417,295 | R--- | M] (Swearware) -- C:\Users\Max\Desktop\ComboFix.exe
[2012/02/15 10:16:55 | 000,542,888 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012/02/13 09:47:27 | 000,000,000 | -HS- | M] () -- C:\Windows\System32\dds_trash_log.cmd
[2012/02/10 23:38:11 | 000,001,407 | ---- | M] () -- C:\Users\Max\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/02/10 17:21:04 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit.inf
[2012/02/08 11:02:25 | 000,103,733 | ---- | M] () -- C:\Windows\System32\itusbcore.dat
[2012/02/08 11:02:25 | 000,000,196 | ---- | M] () -- C:\Windows\System32\itlsvc.dat
[2012/02/06 14:30:26 | 000,013,312 | ---- | M] () -- C:\Users\Max\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== Files Created - No Company Name ==========

[2012/02/23 21:15:41 | 000,001,897 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
[2012/02/22 13:38:14 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012/02/22 13:38:14 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012/02/22 13:38:14 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012/02/22 13:38:14 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012/02/22 13:38:14 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012/02/16 11:31:33 | 000,001,945 | ---- | C] () -- C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Update Checker.lnk
[2012/02/10 17:21:04 | 000,072,822 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2012/02/10 17:12:06 | 000,001,781 | ---- | C] () -- C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
[2012/02/10 16:26:17 | 000,001,100 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012/02/08 11:02:25 | 000,103,733 | ---- | C] () -- C:\Windows\System32\itusbcore.dat
[2012/02/08 11:02:25 | 000,000,196 | ---- | C] () -- C:\Windows\System32\itlsvc.dat
[2012/02/08 10:48:56 | 000,000,000 | -HS- | C] () -- C:\Windows\System32\dds_trash_log.cmd
[2011/11/22 15:54:22 | 000,158,720 | ---- | C] () -- C:\Windows\System32\WS_VideoConverterContextMenu.dll
[2011/09/18 16:30:02 | 000,013,898 | ---- | C] () -- C:\Windows\hpomdl19.dat.temp
[2011/08/19 01:26:20 | 010,898,456 | ---- | C] () -- C:\Windows\System32\LogiDPP.dll
[2011/08/19 01:26:20 | 000,336,408 | ---- | C] () -- C:\Windows\System32\DevManagerCore.dll
[2011/08/19 01:26:20 | 000,104,472 | ---- | C] () -- C:\Windows\System32\LogiDPPApp.exe
[2011/08/12 11:20:14 | 000,015,896 | ---- | C] () -- C:\Windows\System32\drivers\iKeyLFT2.dll
[2011/07/25 22:48:54 | 000,028,418 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini
[2011/07/05 08:53:33 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat
[2011/06/10 06:34:52 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2011/03/05 17:05:15 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2011/01/18 17:39:43 | 000,001,004 | ---- | C] () -- C:\Windows\posteriza.INI
[2011/01/01 12:42:57 | 000,036,864 | ---- | C] () -- C:\Windows\hpfsched.exe
[2010/12/25 15:28:18 | 000,000,287 | ---- | C] () -- C:\Windows\SIERRA.INI
[2010/11/18 11:12:05 | 000,000,008 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2010/10/26 13:51:03 | 000,000,017 | ---- | C] () -- C:\Users\Max\AppData\Local\resmon.resmoncfg
[2010/09/07 09:30:49 | 000,203,984 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat
[2010/09/02 13:48:28 | 000,000,032 | ---- | C] () -- C:\Windows\hndt55x.INI
[2010/09/02 10:30:06 | 000,000,244 | ---- | C] () -- C:\Windows\Tyase.ini
[2010/08/30 08:18:02 | 000,000,071 | ---- | C] () -- C:\Windows\ricdb.ini
[2010/08/30 08:17:59 | 000,000,289 | ---- | C] () -- C:\Windows\System32\RPCS.ini
[2010/08/27 15:56:21 | 000,013,312 | ---- | C] () -- C:\Users\Max\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/08/25 10:22:52 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2010/08/24 23:16:49 | 000,140,288 | ---- | C] () -- C:\Windows\System32\igfxtvcx.dll
[2010/08/24 23:12:31 | 000,176,235 | ---- | C] () -- C:\Windows\System32\Primomonnt.dll
[2010/08/24 23:03:53 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat

========== LOP Check ==========

[2011/05/18 13:06:34 | 000,000,000 | ---D | M] -- C:\Users\Max\AppData\Roaming\.minecraft
[2010/09/11 21:45:01 | 000,000,000 | ---D | M] -- C:\Users\Max\AppData\Roaming\Amazon
[2011/04/06 08:32:51 | 000,000,000 | ---D | M] -- C:\Users\Max\AppData\Roaming\Audacity
[2010/11/24 19:54:15 | 000,000,000 | ---D | M] -- C:\Users\Max\AppData\Roaming\Canneverbe Limited
[2010/09/01 14:45:09 | 000,000,000 | ---D | M] -- C:\Users\Max\AppData\Roaming\Dorame.DC6B9E36A8DEBEED5BC27362B8BA1F548F6CB916.1
[2011/07/27 09:30:34 | 000,000,000 | ---D | M] -- C:\Users\Max\AppData\Roaming\Downloaded Installations
[2012/02/23 09:53:24 | 000,000,000 | ---D | M] -- C:\Users\Max\AppData\Roaming\Dropbox
[2011/09/05 20:34:53 | 000,000,000 | ---D | M] -- C:\Users\Max\AppData\Roaming\fdrtools.com
[2012/02/15 20:06:48 | 000,000,000 | ---D | M] -- C:\Users\Max\AppData\Roaming\FileZilla
[2011/02/24 10:54:33 | 000,000,000 | ---D | M] -- C:\Users\Max\AppData\Roaming\HandBrake
[2011/09/09 20:20:49 | 000,000,000 | ---D | M] -- C:\Users\Max\AppData\Roaming\HDRsoft
[2010/12/25 13:55:30 | 000,000,000 | ---D | M] -- C:\Users\Max\AppData\Roaming\ImgBurn
[2011/12/10 17:16:44 | 000,000,000 | ---D | M] -- C:\Users\Max\AppData\Roaming\Integrate
[2010/09/01 14:51:58 | 000,000,000 | ---D | M] -- C:\Users\Max\AppData\Roaming\jp.playwell.Saezuri.58F200D7EEA7AA1DF3962E867638EFEED92471BE.1
[2012/02/21 22:34:47 | 000,000,000 | ---D | M] -- C:\Users\Max\AppData\Roaming\KeePass
[2010/08/24 23:15:40 | 000,000,000 | ---D | M] -- C:\Users\Max\AppData\Roaming\Launchy
[2011/09/02 21:55:44 | 000,000,000 | ---D | M] -- C:\Users\Max\AppData\Roaming\Leadertech
[2010/09/06 18:35:47 | 000,000,000 | ---D | M] -- C:\Users\Max\AppData\Roaming\LolClient
[2011/08/18 09:39:35 | 000,000,000 | ---D | M] -- C:\Users\Max\AppData\Roaming\Nitro PDF
[2010/08/30 20:14:19 | 000,000,000 | ---D | M] -- C:\Users\Max\AppData\Roaming\OpenDNS Updater
[2010/12/04 23:35:52 | 000,000,000 | ---D | M] -- C:\Users\Max\AppData\Roaming\OverDrive
[2012/02/14 13:45:57 | 000,000,000 | ---D | M] -- C:\Users\Max\AppData\Roaming\PrimoPDF
[2011/09/22 08:31:41 | 000,000,000 | ---D | M] -- C:\Users\Max\AppData\Roaming\Rainmeter
[2012/02/23 22:21:30 | 000,000,000 | ---D | M] -- C:\Users\Max\AppData\Roaming\Spotify
[2011/03/19 13:45:16 | 000,000,000 | ---D | M] -- C:\Users\Max\AppData\Roaming\SystemRequirementsLab
[2011/01/12 11:55:52 | 000,000,000 | ---D | M] -- C:\Users\Max\AppData\Roaming\TrueCrypt
[2012/02/16 08:19:49 | 000,000,000 | ---D | M] -- C:\Users\Max\AppData\Roaming\uTorrent
[2011/01/08 09:47:36 | 000,000,000 | --SD | M] -- C:\Users\Max\AppData\Roaming\Virtual CD v10
[2012/02/16 11:13:34 | 000,000,000 | ---D | M] -- C:\Users\Max\AppData\Roaming\WinPatrol
[2011/03/09 10:00:38 | 000,000,000 | ---D | M] -- C:\Users\Max\AppData\Roaming\WMHelp
[2011/11/22 15:54:11 | 000,000,000 | ---D | M] -- C:\Users\Max\AppData\Roaming\Wondershare
[2010/12/24 23:55:27 | 000,000,000 | ---D | M] -- C:\Users\Max\AppData\Roaming\XBMC
[2011/11/15 15:50:40 | 000,000,000 | ---D | M] -- C:\Users\Max\AppData\Roaming\Xerox
[2012/02/13 22:02:26 | 000,032,594 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========


< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2012/02/21 15:31:10 | 000,834,840 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2012/02/21 15:31:10 | 000,834,840 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2012/02/21 15:31:10 | 000,834,840 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2012/02/21 15:31:12 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2012/02/21 15:31:12 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2012/02/21 15:31:12 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Users\Max\AppData\Local\Google\Chrome\Application\chrome.exe" --show-icons [2012/02/14 05:21:42 | 001,225,200 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Users\Max\AppData\Local\Google\Chrome\Application\chrome.exe" --hide-icons [2012/02/14 05:21:42 | 001,225,200 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Users\Max\AppData\Local\Google\Chrome\Application\chrome.exe" --make-default-browser [2012/02/14 05:21:42 | 001,225,200 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Users\Max\AppData\Local\Google\Chrome\Application\chrome.exe" [2012/02/14 05:21:42 | 001,225,200 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\System32\ie4uinit.exe" -show [2012/02/10 17:21:04 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\System32\ie4uinit.exe" -reinstall [2012/02/10 17:21:04 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\System32\ie4uinit.exe" -hide [2012/02/10 17:21:04 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2012/02/10 17:21:06 | 000,748,336 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" [2012/02/10 17:21:06 | 000,748,336 | ---- | M] (Microsoft Corporation)

< %systemroot%\*. /rp /s >

< %USERPROFILE%\AppData\Local\Google\Chrome\User Data\*.* /s >
[2011/03/23 09:01:40 | 000,001,762 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\.ChromotingConfig.json
[2012/02/24 09:46:17 | 000,076,780 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Certificate Revocation Lists
[2012/02/24 10:34:05 | 000,013,762 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Local State
[2012/02/24 10:28:43 | 005,255,192 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Safe Browsing Bloom
[2012/02/24 10:28:45 | 001,935,837 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Safe Browsing Bloom Filter 2
[2012/02/24 10:29:10 | 000,007,168 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Safe Browsing Cookies
[2012/02/24 10:28:45 | 000,134,252 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Safe Browsing Csd Whitelist
[2012/02/24 10:28:42 | 003,605,648 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Safe Browsing Download
[2012/02/24 10:28:45 | 000,013,924 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Safe Browsing Download Whitelist
[2012/02/06 10:35:17 | 000,000,378 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Service State
[2012/02/24 09:40:54 | 000,053,248 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Archived History
[2012/02/24 10:24:03 | 000,041,520 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Bookmarks
[2012/02/24 10:19:55 | 000,041,520 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Bookmarks.bak
[2012/02/24 10:35:19 | 001,226,752 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Cookies
[2012/02/24 10:36:03 | 000,246,154 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Current Session
[2012/02/24 10:23:59 | 000,000,008 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Current Tabs
[2012/02/24 10:24:34 | 000,014,336 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extension Cookies
[2012/02/24 10:35:55 | 005,025,792 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Favicons
[2012/02/24 10:35:56 | 000,094,728 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Favicons-journal
[2012/02/10 15:01:49 | 000,150,798 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Google Profile.ico
[2012/02/24 10:35:55 | 034,709,504 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\History
[2012/02/23 22:36:33 | 000,036,864 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\History Index 2011-11
[2012/02/23 22:36:33 | 000,045,056 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\History Index 2011-12
[2012/02/23 22:36:34 | 000,053,248 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\History Index 2012-01
[2012/02/24 10:35:56 | 000,487,424 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\History Index 2012-02
[2012/02/24 10:35:56 | 000,205,712 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\History Index 2012-02-journal
[2012/02/24 09:57:32 | 000,064,837 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\History Provider Cache
[2012/02/24 10:35:55 | 000,070,280 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\History-journal
[2012/02/24 10:21:18 | 000,132,248 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Last Session
[2012/02/24 10:19:45 | 000,000,008 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Last Tabs
[2012/02/24 10:24:02 | 000,055,296 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Login Data
[2012/02/24 10:24:02 | 000,004,624 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Login Data-journal
[2012/02/24 10:24:06 | 000,008,192 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Network Action Predictor
[2012/02/24 10:24:06 | 000,006,704 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Network Action Predictor-journal
[2012/02/24 10:35:56 | 000,186,948 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Preferences
[2012/02/10 16:22:30 | 000,063,009 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Preferences.120210-170008.backup
[2012/02/24 10:24:34 | 000,020,480 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\QuotaManager
[2012/02/24 10:24:06 | 000,172,032 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Shortcuts
[2012/02/24 10:24:06 | 000,012,824 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Shortcuts-journal
[2012/02/24 10:24:13 | 000,057,344 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Top Sites
[2012/02/07 15:06:22 | 000,000,008 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\TransportSecurity
[2012/02/24 10:21:30 | 000,131,072 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Visited Links
[2012/02/24 10:24:02 | 000,391,168 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Web Data
[2012/02/24 10:24:02 | 000,051,912 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal
[2012/02/10 15:01:48 | 000,024,576 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Application Cache\Index
[2012/02/24 10:23:56 | 000,045,056 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Cache\data_0
[2012/02/24 10:35:49 | 000,794,624 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Cache\data_1
[2012/02/24 10:23:56 | 001,056,768 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Cache\data_2
[2012/02/24 10:24:03 | 004,202,496 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Cache\data_3
[2012/02/24 10:24:03 | 000,037,673 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000001
[2012/02/24 10:24:04 | 000,044,203 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000002
[2012/02/24 10:24:04 | 000,043,069 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000003
[2012/02/24 10:24:04 | 000,066,156 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000004
[2012/02/24 10:24:05 | 000,026,166 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000005
[2012/02/24 10:24:06 | 000,020,648 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000006
[2012/02/24 10:24:06 | 000,058,064 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000007
[2012/02/24 10:24:07 | 000,106,639 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000008
[2012/02/24 10:24:07 | 000,060,821 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000009
[2012/02/24 10:24:08 | 000,084,068 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00000a
[2012/02/24 10:24:08 | 000,017,966 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00000b
[2012/02/24 10:24:08 | 000,045,233 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00000c
[2012/02/24 10:24:08 | 000,036,316 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00000d
[2012/02/24 10:24:09 | 000,029,586 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00000e
[2012/02/24 10:24:09 | 000,023,927 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00000f
[2012/02/24 10:24:09 | 000,035,997 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000010
[2012/02/24 10:24:09 | 000,025,047 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000011
[2012/02/24 10:24:09 | 000,025,240 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000012
[2012/02/24 10:24:09 | 000,020,153 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000013
[2012/02/24 10:24:09 | 000,055,250 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000014
[2012/02/24 10:24:09 | 000,017,202 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000015
[2012/02/24 10:24:09 | 000,016,565 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000016
[2012/02/24 10:24:09 | 000,018,259 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000017
[2012/02/24 10:24:09 | 000,023,245 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000018
[2012/02/24 10:24:10 | 000,033,026 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000019
[2012/02/24 10:24:10 | 000,017,350 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00001a
[2012/02/24 10:24:10 | 000,017,518 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00001b
[2012/02/24 10:24:10 | 000,025,932 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00001c
[2012/02/24 10:24:10 | 000,019,847 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00001d
[2012/02/24 10:24:10 | 000,016,496 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00001e
[2012/02/24 10:24:11 | 000,039,813 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00001f
[2012/02/24 10:24:11 | 000,019,692 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000020
[2012/02/24 10:24:11 | 000,106,375 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000021
[2012/02/24 10:24:11 | 000,046,169 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000022
[2012/02/24 10:24:12 | 000,157,957 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000023
[2012/02/24 10:24:12 | 000,048,370 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000024
[2012/02/24 10:24:13 | 000,036,355 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000025
[2012/02/24 10:24:13 | 000,021,237 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000026
[2012/02/24 10:24:14 | 000,032,103 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000027
[2012/02/24 10:24:14 | 000,019,500 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000028
[2012/02/24 10:24:15 | 000,021,577 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000029
[2012/02/24 10:24:15 | 000,028,248 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00002a
[2012/02/24 10:24:15 | 000,029,682 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00002b
[2012/02/24 10:24:16 | 000,017,125 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00002c
[2012/02/24 10:24:16 | 000,034,482 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00002d
[2012/02/24 10:24:16 | 000,027,290 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00002e
[2012/02/24 10:24:16 | 000,066,982 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00002f
[2012/02/24 10:24:35 | 000,039,044 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000030
[2012/02/24 10:24:38 | 000,033,267 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000031
[2012/02/24 10:29:16 | 000,252,164 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000032
[2012/02/24 10:29:17 | 000,100,008 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000033
[2012/02/24 10:29:17 | 000,022,580 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000034
[2012/02/24 10:32:18 | 000,019,754 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000035
[2012/02/24 10:32:19 | 000,142,622 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000036
[2012/02/24 10:32:19 | 000,020,648 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000037
[2012/02/24 10:32:20 | 000,023,245 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000038
[2012/02/24 10:32:25 | 000,028,248 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000039
[2012/02/24 10:32:29 | 000,021,233 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00003a
[2012/02/24 10:32:29 | 000,051,126 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00003b
[2012/02/24 10:32:29 | 000,024,109 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00003c
[2012/02/24 10:33:31 | 000,025,790 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00003d
[2012/02/24 10:34:58 | 000,023,355 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00003e
[2012/02/24 10:35:45 | 000,024,802 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00003f
[2012/02/24 10:35:45 | 000,026,068 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000040
[2012/02/24 10:35:46 | 000,078,448 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000041
[2012/02/24 10:35:46 | 000,032,111 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000042
[2012/02/24 10:35:46 | 000,048,569 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000043
[2012/02/24 10:35:47 | 000,018,553 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000044
[2012/02/24 10:35:47 | 000,028,678 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000045
[2012/02/24 10:35:48 | 000,516,839 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000046
[2012/02/24 10:35:48 | 000,035,965 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000047
[2012/02/24 10:35:48 | 000,044,636 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000048
[2012/02/24 10:35:48 | 000,020,327 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000049
[2012/02/24 10:35:48 | 000,039,176 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00004a
[2012/02/24 10:35:48 | 000,226,499 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00004b
[2012/02/24 10:35:48 | 000,017,154 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00004c
[2012/02/24 10:35:49 | 000,087,775 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00004d
[2012/02/24 10:35:49 | 000,029,981 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00004e
[2012/02/24 10:35:49 | 000,021,536 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00004f
[2012/02/24 10:35:52 | 000,026,113 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000050
[2012/02/24 10:35:52 | 000,023,526 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000051
[2012/02/24 10:35:52 | 000,021,914 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000052
[2012/02/24 10:35:53 | 000,032,111 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000053
[2012/02/24 10:35:53 | 000,087,796 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000054
[2012/02/24 10:35:55 | 000,140,528 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000055
[2012/02/24 10:35:55 | 000,039,273 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000056
[2012/02/24 10:35:56 | 000,019,107 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000057
[2012/02/24 10:35:56 | 000,044,214 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000058
[2012/02/24 10:35:56 | 000,024,967 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000059
[2012/02/24 10:35:56 | 000,075,662 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00005a
[2012/02/24 10:35:56 | 000,066,760 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00005b
[2012/02/24 10:36:00 | 000,043,380 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00005c
[2012/02/24 10:23:56 | 000,524,656 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Cache\index
[2012/02/23 22:36:32 | 000,011,264 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\databases\Databases.db
[2012/02/23 22:23:53 | 000,088,064 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_hdokiejnpimakedhajhdlcegeplioahd_0\3
[2012/02/24 10:24:10 | 000,024,576 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\databases\https_www.google.com_0\29
[2012/02/21 15:15:57 | 000,003,524 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\128.png
[2012/02/21 15:15:57 | 000,000,745 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\manifest.json
[2012/02/21 15:15:57 | 000,000,401 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\ar\messages.json
[2012/02/21 15:15:57 | 000,000,427 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\bg\messages.json
[2012/02/21 15:15:57 | 000,000,250 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\ca\messages.json
[2012/02/21 15:15:57 | 000,000,255 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\cs\messages.json
[2012/02/21 15:15:57 | 000,000,242 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\da\messages.json
[2012/02/21 15:15:57 | 000,000,226 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\de\messages.json
[2012/02/21 15:15:57 | 000,000,475 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\el\messages.json
[2012/02/21 15:15:57 | 000,000,227 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\en\messages.json
[2012/02/21 15:15:57 | 000,000,240 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\es\messages.json
[2012/02/21 15:15:57 | 000,000,222 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\fi\messages.json
[2012/02/21 15:15:57 | 000,000,236 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\fil\messages.json
[2012/02/21 15:15:57 | 000,000,249 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\fr\messages.json
[2012/02/21 15:15:57 | 000,000,419 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\he\messages.json
[2012/02/21 15:15:57 | 000,000,408 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\hi\messages.json
[2012/02/21 15:15:57 | 000,000,220 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\hr\messages.json
[2012/02/21 15:15:57 | 000,000,253 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\hu\messages.json
[2012/02/21 15:15:57 | 000,000,231 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\id\messages.json
[2012/02/21 15:15:57 | 000,000,224 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\it\messages.json
[2012/02/21 15:15:57 | 000,000,349 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\ja\messages.json
[2012/02/21 15:15:57 | 000,000,323 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\ko\messages.json
[2012/02/21 15:15:57 | 000,000,266 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\lt\messages.json
[2012/02/21 15:15:57 | 000,000,245 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\lv\messages.json
[2012/02/21 15:15:57 | 000,000,225 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\nl\messages.json
[2012/02/21 15:15:56 | 000,000,216 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\no\messages.json
[2012/02/21 15:15:57 | 000,000,274 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\pl\messages.json
[2012/02/21 15:15:57 | 000,000,237 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\pt_BR\messages.json
[2012/02/21 15:15:57 | 000,000,236 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\pt_PT\messages.json
[2012/02/21 15:15:57 | 000,000,248 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\ro\messages.json
[2012/02/21 15:15:57 | 000,000,394 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\ru\messages.json
[2012/02/21 15:15:57 | 000,000,241 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\sk\messages.json
[2012/02/21 15:15:57 | 000,000,245 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\sl\messages.json
[2012/02/21 15:15:57 | 000,000,437 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\sr\messages.json
[2012/02/21 15:15:57 | 000,000,238 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\sv\messages.json
[2012/02/21 15:15:57 | 000,000,365 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\th\messages.json
[2012/02/21 15:15:57 | 000,000,255 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\tr\messages.json
[2012/02/21 15:15:57 | 000,000,442 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\uk\messages.json
[2012/02/21 15:15:57 | 000,000,310 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\vi\messages.json
[2012/02/21 15:15:57 | 000,000,257 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\zh_CN\messages.json
[2012/02/21 15:15:57 | 000,000,269 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\zh_TW\messages.json
[2012/02/10 15:02:34 | 000,005,481 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmihblnpomgpjkfddepdpdafhhepdbek\0.5.20_0\background.html
[2012/02/10 15:02:34 | 000,016,786 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmihblnpomgpjkfddepdpdafhhepdbek\0.5.20_0\DESCRIPTION.txt
[2012/02/10 15:02:34 | 000,000,155 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmihblnpomgpjkfddepdpdafhhepdbek\0.5.20_0\INSTALL.txt
[2012/02/10 15:02:34 | 000,001,905 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmihblnpomgpjkfddepdpdafhhepdbek\0.5.20_0\manifest.json
[2012/02/10 15:02:32 | 000,013,533 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmihblnpomgpjkfddepdpdafhhepdbek\0.5.20_0\options.html
[2012/02/10 15:02:32 | 000,003,035 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmihblnpomgpjkfddepdpdafhhepdbek\0.5.20_0\css\import.css
[2012/02/10 15:02:32 | 000,015,425 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmihblnpomgpjkfddepdpdafhhepdbek\0.5.20_0\css\options.css
[2012/02/10 15:02:32 | 000,000,562 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmihblnpomgpjkfddepdpdafhhepdbek\0.5.20_0\css\tooltips.css
[2012/02/10 15:02:32 | 000,051,094 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmihblnpomgpjkfddepdpdafhhepdbek\0.5.20_0\img\bg.png
[2012/02/10 15:02:33 | 000,002,608 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmihblnpomgpjkfddepdpdafhhepdbek\0.5.20_0\img\loadingLarge.gif
[2012/02/10 15:02:33 | 000,000,723 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmihblnpomgpjkfddepdpdafhhepdbek\0.5.20_0\img\loadingSmall.gif
[2012/02/10 15:02:33 | 000,003,584 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmihblnpomgpjkfddepdpdafhhepdbek\0.5.20_0\img\Thumbs.db
[2012/02/10 15:02:33 | 000,000,867 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmihblnpomgpjkfddepdpdafhhepdbek\0.5.20_0\img\tooltips.gif
[2012/02/10 15:02:32 | 000,000,186 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmihblnpomgpjkfddepdpdafhhepdbek\0.5.20_0\img\colorpicker\alpha.png
[2012/02/10 15:02:32 | 000,000,226 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmihblnpomgpjkfddepdpdafhhepdbek\0.5.20_0\img\colorpicker\arrow.png
[2012/02/10 15:02:32 | 000,000,191 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmihblnpomgpjkfddepdpdafhhepdbek\0.5.20_0\img\colorpicker\cross.png
[2012/02/10 15:02:33 | 000,038,400 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmihblnpomgpjkfddepdpdafhhepdbek\0.5.20_0\img\colorpicker\Thumbs.db
[2012/02/10 15:02:33 | 000,014,545 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmihblnpomgpjkfddepdpdafhhepdbek\0.5.20_0\img\colorpicker\wheel.png
[2012/02/10 15:02:34 | 000,007,237 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmihblnpomgpjkfddepdpdafhhepdbek\0.5.20_0\img\icons\icon128.png
[2012/02/10 15:02:34 | 000,000,263 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmihblnpomgpjkfddepdpdafhhepdbek\0.5.20_0\img\icons\icon16.png
[2012/02/10 15:02:33 | 000,053,297 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmihblnpomgpjkfddepdpdafhhepdbek\0.5.20_0\img\icons\icon19.png
[2012/02/10 15:02:33 | 000,053,761 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmihblnpomgpjkfddepdpdafhhepdbek\0.5.20_0\img\icons\icon19_active.png
[2012/02/10 15:02:34 | 000,001,928 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmihblnpomgpjkfddepdpdafhhepdbek\0.5.20_0\img\icons\icon48.png
[2012/02/10 15:02:33 | 000,024,064 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmihblnpomgpjkfddepdpdafhhepdbek\0.5.20_0\img\icons\Thumbs.db
[2012/02/10 15:02:33 | 000,001,284 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmihblnpomgpjkfddepdpdafhhepdbek\0.5.20_0\js\init.js
[2012/02/10 15:02:33 | 000,001,355 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmihblnpomgpjkfddepdpdafhhepdbek\0.5.20_0\js\inject.js
[2012/02/10 15:02:34 | 000,002,490 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmihblnpomgpjkfddepdpdafhhepdbek\0.5.20_0\js\minimalist.js
[2012/02/10 15:02:34 | 000,002,408 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmihblnpomgpjkfddepdpdafhhepdbek\0.5.20_0\js\options.js
[2012/02/10 15:02:33 | 000,185,854 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmihblnpomgpjkfddepdpdafhhepdbek\0.5.20_0\js\ace\ace.js
[2012/02/10 15:02:33 | 000,005,671 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmihblnpomgpjkfddepdpdafhhepdbek\0.5.20_0\js\ace\mode-css.js
[2012/02/10 15:02:33 | 000,014,558 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmihblnpomgpjkfddepdpdafhhepdbek\0.5.20_0\js\ace\mode-html.js
[2012/02/10 15:02:33 | 000,006,137 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmihblnpomgpjkfddepdpdafhhepdbek\0.5.20_0\js\ace\mode-javascript.js
[2012/02/10 15:02:33 | 000,002,410 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmihblnpomgpjkfddepdpdafhhepdbek\0.5.20_0\js\ace\theme-monokai.js
[2012/02/10 15:02:33 | 000,002,831 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmihblnpomgpjkfddepdpdafhhepdbek\0.5.20_0\js\ace\theme-twilight.js
[2012/02/10 15:02:33 | 000,112,911 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmihblnpomgpjkfddepdpdafhhepdbek\0.5.20_0\js\ace\worker-javascript.js
[2012/02/10 15:02:33 | 000,006,894 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmihblnpomgpjkfddepdpdafhhepdbek\0.5.20_0\js\io\exportImport.js
[2012/02/10 15:02:33 | 000,000,100 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmihblnpomgpjkfddepdpdafhhepdbek\0.5.20_0\js\io\importUrl.js
[2012/02/10 15:02:33 | 000,002,391 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmihblnpomgpjkfddepdpdafhhepdbek\0.5.20_0\js\io\stylebot.js
[2012/02/10 15:02:33 | 000,004,271 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmihblnpomgpjkfddepdpdafhhepdbek\0.5.20_0\js\io\sync.js
[2012/02/10 15:02:33 | 000,004,238 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmihblnpomgpjkfddepdpdafhhepdbek\0.5.20_0\js\io\userscripts.js
[2012/02/10 15:02:33 | 000,002,540 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmihblnpomgpjkfddepdpdafhhepdbek\0.5.20_0\js\io\userstyles.js
[2012/02/10 15:02:33 | 000,020,435 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmihblnpomgpjkfddepdpdafhhepdbek\0.5.20_0\js\libs\background.js
[2012/02/10 15:02:33 | 000,014,205 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmihblnpomgpjkfddepdpdafhhepdbek\0.5.20_0\js\libs\colorpicker.js
[2012/02/10 15:02:33 | 000,004,989 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmihblnpomgpjkfddepdpdafhhepdbek\0.5.20_0\js\libs\dashboard.js
[2012/02/10 15:02:34 | 000,674,366 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmihblnpomgpjkfddepdpdafhhepdbek\0.5.20_0\js\libs\data.js
[2012/02/10 15:02:34 | 000,017,154 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmihblnpomgpjkfddepdpdafhhepdbek\0.5.20_0\js\libs\editor.js
[2012/02/10 15:02:34 | 000,208,161 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmihblnpomgpjkfddepdpdafhhepdbek\0.5.20_0\js\libs\jquery-ui.js
[2012/02/10 15:02:34 | 000,093,870 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmihblnpomgpjkfddepdpdafhhepdbek\0.5.20_0\js\libs\jquery.js
[2012/02/10 15:02:34 | 000,000,488 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmihblnpomgpjkfddepdpdafhhepdbek\0.5.20_0\js\libs\Module.js
[2012/02/10 15:02:34 | 000,004,916 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmihblnpomgpjkfddepdpdafhhepdbek\0.5.20_0\js\libs\options.js
[2012/02/10 15:02:34 | 000,001,860 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmihblnpomgpjkfddepdpdafhhepdbek\0.5.20_0\js\libs\preview.js
[2012/02/10 15:02:34 | 000,000,486 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmihblnpomgpjkfddepdpdafhhepdbek\0.5.20_0\js\libs\runtime.js
[2012/02/10 15:02:34 | 000,004,364 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmihblnpomgpjkfddepdpdafhhepdbek\0.5.20_0\js\libs\tooltips.js
[2012/02/10 15:02:34 | 000,006,671 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmihblnpomgpjkfddepdpdafhhepdbek\0.5.20_0\modal\browserAction.html
[2012/02/10 15:02:34 | 000,002,191 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmihblnpomgpjkfddepdpdafhhepdbek\0.5.20_0\modal\notifyUpdate.html
[2012/02/10 15:03:05 | 000,000,635 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.8_0\background.html
[2012/02/10 15:03:05 | 000,001,788 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.8_0\expander.html
[2012/02/10 15:03:05 | 000,001,824 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.8_0\linktemplate.html
[2012/02/10 15:03:05 | 000,001,098 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.8_0\manifest.json
[2012/02/10 15:03:05 | 000,021,861 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.8_0\pushdown.html
[2012/02/10 15:03:05 | 000,000,334 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.8_0\_locales\de\messages.json
[2012/02/10 15:03:05 | 000,000,292 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.8_0\_locales\en\messages.json
[2012/02/10 15:03:05 | 000,000,292 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.8_0\_locales\en_GB\messages.json
[2012/02/10 15:03:05 | 000,000,341 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.8_0\_locales\es\messages.json
[2012/02/10 15:03:05 | 000,000,367 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.8_0\_locales\fr\messages.json
[2012/02/10 15:03:05 | 000,000,328 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.8_0\_locales\it\messages.json
[2012/02/10 15:03:05 | 000,000,510 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.8_0\_locales\ja\messages.json
[2012/02/10 15:03:05 | 000,000,438 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.8_0\_locales\zh\messages.json
[2012/02/10 15:03:05 | 000,004,488 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.8_0\backgroundScripts\background.js
[2012/02/10 15:03:05 | 000,001,812 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.8_0\backgroundScripts\browserSpecific.js
[2012/02/10 15:03:05 | 000,000,312 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.8_0\backgroundScripts\install.js
[2012/02/10 15:03:05 | 000,003,339 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.8_0\backgroundScripts\localeTools.js
[2012/02/10 15:03:05 | 000,002,273 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.8_0\backgroundScripts\settingsHandler.js
[2012/02/10 15:03:05 | 000,001,043 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.8_0\backgroundScripts\stringProcessor.js
[2012/02/10 15:03:05 | 000,010,995 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.8_0\backgroundScripts\strings.js
[2012/02/10 15:03:05 | 000,000,784 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.8_0\contentScripts\inject_bookmarklet.js
[2012/02/10 15:03:05 | 000,007,494 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.8_0\contentScripts\isProduct.js
[2012/02/10 15:03:05 | 000,006,975 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.8_0\contentScripts\pushdownContent.js
[2012/02/10 15:03:05 | 000,001,443 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.8_0\contentScripts\pushDownRun.js
[2012/02/10 15:03:05 | 000,000,353 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.8_0\contentScripts\runIsProduct.js
[2012/02/10 15:03:05 | 000,009,757 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.8_0\contentScripts\tests.js
[2012/02/10 15:03:05 | 000,001,321 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.8_0\images\action.png
[2012/02/10 15:03:05 | 000,000,772 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.8_0\images\close.png
[2012/02/10 15:03:05 | 000,007,171 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.8_0\images\demo.png
[2012/02/10 15:03:05 | 000,028,130 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.8_0\images\glow.png
[2012/02/10 15:03:05 | 000,006,331 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.8_0\images\icon128.png
[2012/02/10 15:03:05 | 000,000,473 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.8_0\images\icon16.png
[2012/02/10 15:03:05 | 000,001,069 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.8_0\images\icon32.png
[2012/02/10 15:03:05 | 000,001,904 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.8_0\images\icon48.png
[2012/02/10 15:03:05 | 000,003,080 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.8_0\images\icon64.png
[2012/02/10 15:03:05 | 000,004,469 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.8_0\images\shims_pushdown.png
[2012/02/10 15:03:05 | 000,001,152 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.8_0\settings\settings.css
[2012/02/10 15:03:05 | 000,002,284 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.8_0\settings\settings.html
[2012/02/10 15:03:05 | 000,003,157 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.8_0\settings\settings.js
[2012/02/10 15:03:05 | 000,006,337 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.8_0\settings\images\ca\amazon.png
[2012/02/10 15:03:05 | 000,001,115 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.8_0\settings\images\ca\footer.gif
[2012/02/10 15:03:05 | 000,006,118 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.8_0\settings\images\cn\amazon.png
[2012/02/10 15:03:05 | 000,000,631 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.8_0\settings\images\cn\footer.gif
[2012/02/10 15:03:05 | 000,005,782 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.8_0\settings\images\de\amazon.png
[2012/02/10 15:03:05 | 000,001,193 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.8_0\settings\images\de\footer.gif
[2012/02/10 15:03:05 | 000,002,166 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.8_0\settings\images\de\save.png
[2012/02/10 15:03:05 | 000,005,030 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.8_0\settings\images\de\wishlist.png
[2012/02/10 15:03:05 | 000,002,544 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.8_0\settings\images\en\save.png
[2012/02/10 15:03:05 | 000,004,839 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.8_0\settings\images\en\wishlist.png
[2012/02/10 15:03:05 | 000,004,045 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.8_0\settings\images\es\amazon.png
[2012/02/10 15:03:05 | 000,002,087 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.8_0\settings\images\es\footer.gif
[2012/02/10 15:03:05 | 000,003,262 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.8_0\settings\images\es\save.png
[2012/02/10 15:03:05 | 000,003,620 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.8_0\settings\images\es\wishlist.png
[2012/02/10 15:03:05 | 000,005,379 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.8_0\settings\images\fr\amazon.png
[2012/02/10 15:03:05 | 000,001,084 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.8_0\settings\images\fr\footer.gif
[2012/02/10 15:03:05 | 000,002,166 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.8_0\settings\images\fr\save.png
[2012/02/10 15:03:05 | 000,006,436 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.8_0\settings\images\fr\wishlist.png
[2012/02/10 15:03:05 | 000,006,209 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.8_0\settings\images\it\amazon.png
[2012/02/10 15:03:05 | 000,001,090 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.8_0\settings\images\it\footer.gif
[2012/02/10 15:03:05 | 000,001,746 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.8_0\settings\images\it\save.png
[2012/02/10 15:03:05 | 000,006,769 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.8_0\settings\images\it\wishlist.png
[2012/02/10 15:03:05 | 000,001,989 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.8_0\settings\images\ja\save.png
[2012/02/10 15:03:05 | 000,004,681 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.8_0\settings\images\ja\wishlist.png
[2012/02/10 15:03:05 | 000,006,647 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.8_0\settings\images\jp\amazon.png
[2012/02/10 15:03:05 | 000,001,337 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.8_0\settings\images\jp\footer.gif
[2012/02/10 15:03:05 | 000,006,224 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.8_0\settings\images\uk\amazon.png
[2012/02/10 15:03:05 | 000,001,326 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.8_0\settings\images\uk\footer.gif
[2012/02/10 15:03:05 | 000,004,618 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.8_0\settings\images\us\amazon.png
[2012/02/10 15:03:05 | 000,001,253 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.8_0\settings\images\us\footer.gif
[2012/02/10 15:03:05 | 000,001,937 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.8_0\settings\images\zh\save.png
[2012/02/10 15:03:05 | 000,004,943 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.8_0\settings\images\zh\wishlist.png
[2012/02/10 15:09:12 | 000,006,856 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.17_0\128.png
[2012/02/10 15:09:12 | 000,000,749 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.17_0\16.png
[2012/02/10 15:09:12 | 000,001,946 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.17_0\32.png
[2012/02/10 15:09:12 | 000,002,184 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.17_0\48.png
[2012/02/10 15:09:12 | 000,000,767 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.17_0\manifest.json
[2012/02/10 15:09:12 | 000,000,423 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.17_0\_locales\ar\messages.json
[2012/02/10 15:09:12 | 000,000,515 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.17_0\_locales\bg\messages.json
[2012/02/10 15:09:12 | 000,000,330 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.17_0\_locales\ca\messages.json
[2012/02/10 15:09:12 | 000,000,355 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.17_0\_locales\cs\messages.json
[2012/02/10 15:09:12 | 000,000,328 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.17_0\_locales\da\messages.json
[2012/02/10 15:09:12 | 000,000,307 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.17_0\_locales\de\messages.json
[2012/02/10 15:09:12 | 000,000,569 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.17_0\_locales\el\messages.json
[2012/02/10 15:09:12 | 000,000,314 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.17_0\_locales\en\messages.json
[2012/02/10 15:09:12 | 000,000,314 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.17_0\_locales\en_GB\messages.json
[2012/02/10 15:09:12 | 000,000,314 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.17_0\_locales\en_US\messages.json
[2012/02/10 15:09:12 | 000,000,340 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.17_0\_locales\es\messages.json
[2012/02/10 15:09:12 | 000,000,341 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.17_0\_locales\es_419\messages.json
[2012/02/10 15:09:12 | 000,000,314 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.17_0\_locales\et\messages.json
[2012/02/10 15:09:12 | 000,000,305 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.17_0\_locales\fi\messages.json
[2012/02/10 15:09:12 | 000,000,337 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.17_0\_locales\fil\messages.json
[2012/02/10 15:09:12 | 000,000,329 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.17_0\_locales\fr\messages.json
[2012/02/10 15:09:12 | 000,000,471 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.17_0\_locales\he\messages.json
[2012/02/10 15:09:12 | 000,000,326 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.17_0\_locales\hi\messages.json
[2012/02/10 15:09:12 | 000,000,340 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.17_0\_locales\hr\messages.json
[2012/02/10 15:09:12 | 000,000,336 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.17_0\_locales\hu\messages.json
[2012/02/10 15:09:12 | 000,000,319 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.17_0\_locales\id\messages.json
[2012/02/10 15:09:12 | 000,000,324 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.17_0\_locales\it\messages.json
[2012/02/10 15:09:12 | 000,000,388 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.17_0\_locales\ja\messages.json
[2012/02/10 15:09:12 | 000,000,380 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.17_0\_locales\ko\messages.json
[2012/02/10 15:09:12 | 000,000,359 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.17_0\_locales\lt\messages.json
[2012/02/10 15:09:12 | 000,000,360 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.17_0\_locales\lv\messages.json
[2012/02/10 15:09:12 | 000,000,323 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.17_0\_locales\nl\messages.json
[2012/02/10 15:09:11 | 000,000,300 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.17_0\_locales\no\messages.json
[2012/02/10 15:09:12 | 000,000,336 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.17_0\_locales\pl\messages.json
[2012/02/10 15:09:12 | 000,000,332 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.17_0\_locales\pt_BR\messages.json
[2012/02/10 15:09:12 | 000,000,331 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.17_0\_locales\pt_PT\messages.json
[2012/02/10 15:09:12 | 000,000,332 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.17_0\_locales\ro\messages.json
[2012/02/10 15:09:12 | 000,000,471 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.17_0\_locales\ru\messages.json
[2012/02/10 15:09:12 | 000,000,338 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.17_0\_locales\sk\messages.json
[2012/02/10 15:09:12 | 000,000,329 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.17_0\_locales\sl\messages.json
[2012/02/10 15:09:12 | 000,000,483 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.17_0\_locales\sr\messages.json
[2012/02/10 15:09:12 | 000,000,333 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.17_0\_locales\sv\messages.json
[2012/02/10 15:09:12 | 000,000,472 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.17_0\_locales\th\messages.json
[2012/02/10 15:09:12 | 000,000,330 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.17_0\_locales\tr\messages.json
[2012/02/10 15:09:12 | 000,000,501 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.17_0\_locales\uk\messages.json
[2012/02/10 15:09:12 | 000,000,363 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.17_0\_locales\vi\messages.json
[2012/02/10 15:09:12 | 000,000,346 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.17_0\_locales\zh_CN\messages.json
[2012/02/10 15:09:12 | 000,000,346 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.17_0\_locales\zh_TW\messages.json
[2012/02/10 15:03:04 | 000,000,813 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgkkmcknielgdhebimdnfahpipajcpjn\2.3_0\background.html
[2012/02/10 15:03:04 | 000,010,767 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgkkmcknielgdhebimdnfahpipajcpjn\2.3_0\icon128.png
[2012/02/10 15:03:04 | 000,000,691 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgkkmcknielgdhebimdnfahpipajcpjn\2.3_0\icon16.png
[2012/02/10 15:03:04 | 000,003,105 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgkkmcknielgdhebimdnfahpipajcpjn\2.3_0\icon48.png
[2012/02/10 15:03:04 | 000,000,794 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgkkmcknielgdhebimdnfahpipajcpjn\2.3_0\manifest.json
[2012/02/10 15:03:04 | 000,002,589 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgkkmcknielgdhebimdnfahpipajcpjn\2.3_0\mtgm.js
[2012/02/10 15:03:04 | 000,003,601 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgkkmcknielgdhebimdnfahpipajcpjn\2.3_0\options.html
[2012/02/10 15:03:03 | 000,006,063 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk\1.13_0\icon_128.png
[2012/02/10 15:03:03 | 000,000,763 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk\1.13_0\manifest.json
[2012/02/10 15:03:03 | 000,000,135 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk\1.13_0\_locales\ar\messages.json
[2012/02/10 15:03:03 | 000,000,122 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk\1.13_0\_locales\bg\messages.json
[2012/02/10 15:03:03 | 000,000,104 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk\1.13_0\_locales\ca\messages.json
[2012/02/10 15:03:03 | 000,000,093 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk\1.13_0\_locales\cs\messages.json
[2012/02/10 15:03:03 | 000,000,087 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk\1.13_0\_locales\da\messages.json
[2012/02/10 15:03:03 | 000,000,093 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk\1.13_0\_locales\de\messages.json
[2012/02/10 15:03:03 | 000,000,165 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk\1.13_0\_locales\el\messages.json
[2012/02/10 15:03:03 | 000,000,093 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk\1.13_0\_locales\en\messages.json
[2012/02/10 15:03:03 | 000,000,103 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk\1.13_0\_locales\es\messages.json
[2012/02/10 15:03:03 | 000,000,101 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk\1.13_0\_locales\et\messages.json
[2012/02/10 15:03:03 | 000,000,114 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk\1.13_0\_locales\fi\messages.json
[2012/02/10 15:03:03 | 000,000,096 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk\1.13_0\_locales\fil\messages.json
[2012/02/10 15:03:03 | 000,000,100 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk\1.13_0\_locales\fr\messages.json
[2012/02/10 15:03:02 | 000,000,070 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk\1.13_0\_locales\gsw\messages.json
[2012/02/10 15:03:03 | 000,000,154 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk\1.13_0\_locales\he\messages.json
[2012/02/10 15:03:03 | 000,000,128 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk\1.13_0\_locales\hi\messages.json
[2012/02/10 15:03:03 | 000,000,102 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk\1.13_0\_locales\hr\messages.json
[2012/02/10 15:03:03 | 000,000,093 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk\1.13_0\_locales\hu\messages.json
[2012/02/10 15:03:03 | 000,000,092 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk\1.13_0\_locales\id\messages.json
[2012/02/10 15:03:02 | 000,000,069 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk\1.13_0\_locales\in\messages.json
[2012/02/10 15:03:03 | 000,000,093 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk\1.13_0\_locales\it\messages.json
[2012/02/10 15:03:02 | 000,000,131 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk\1.13_0\_locales\iw\messages.json
[2012/02/10 15:03:03 | 000,000,115 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk\1.13_0\_locales\ja\messages.json
[2012/02/10 15:03:03 | 000,000,110 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk\1.13_0\_locales\ko\messages.json
[2012/02/10 15:03:02 | 000,000,077 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk\1.13_0\_locales\ln\messages.json
[2012/02/10 15:03:03 | 000,000,118 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk\1.13_0\_locales\lt\messages.json
[2012/02/10 15:03:03 | 000,000,096 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk\1.13_0\_locales\lv\messages.json
[2012/02/10 15:03:02 | 000,000,070 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk\1.13_0\_locales\mo\messages.json
[2012/02/10 15:03:03 | 000,000,093 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk\1.13_0\_locales\nl\messages.json
[2012/02/10 15:03:02 | 000,000,072 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk\1.13_0\_locales\no\messages.json
[2012/02/10 15:03:03 | 000,000,093 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk\1.13_0\_locales\pl\messages.json
[2012/02/10 15:03:03 | 000,000,086 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk\1.13_0\_locales\pt\messages.json
[2012/02/10 15:03:03 | 000,000,093 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk\1.13_0\_locales\ro\messages.json
[2012/02/10 15:03:03 | 000,000,159 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk\1.13_0\_locales\ru\messages.json
[2012/02/10 15:03:03 | 000,000,093 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk\1.13_0\_locales\sk\messages.json
[2012/02/10 15:03:03 | 000,000,099 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk\1.13_0\_locales\sl\messages.json
[2012/02/10 15:03:03 | 000,000,135 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk\1.13_0\_locales\sr\messages.json
[2012/02/10 15:03:03 | 000,000,093 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk\1.13_0\_locales\sv\messages.json
[2012/02/10 15:03:03 | 000,000,146 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk\1.13_0\_locales\th\messages.json
[2012/02/10 15:03:02 | 000,000,073 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk\1.13_0\_locales\tl\messages.json
[2012/02/10 15:03:03 | 000,000,116 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk\1.13_0\_locales\tr\messages.json
[2012/02/10 15:03:03 | 000,000,122 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk\1.13_0\_locales\uk\messages.json
[2012/02/10 15:03:03 | 000,000,101 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk\1.13_0\_locales\vi\messages.json
[2012/02/10 15:03:03 | 000,000,098 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk\1.13_0\_locales\zh\messages.json
[2012/02/10 15:03:00 | 000,004,094 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn\4.5.3_0\128.png
[2012/02/10 15:03:00 | 000,000,830 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn\4.5.3_0\manifest.json
[2012/02/10 15:03:00 | 000,008,035 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn\4.5.3_0\_locales\ar\messages.json
[2012/02/10 15:03:00 | 000,008,985 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn\4.5.3_0\_locales\bg\messages.json
[2012/02/10 15:03:00 | 000,002,956 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn\4.5.3_0\_locales\ca\messages.json
[2012/02/10 15:03:00 | 000,003,514 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn\4.5.3_0\_locales\cs\messages.json
[2012/02/10 15:03:00 | 000,002,872 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn\4.5.3_0\_locales\da\messages.json
[2012/02/10 15:03:00 | 000,002,939 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn\4.5.3_0\_locales\de\messages.json
[2012/02/10 15:03:00 | 000,011,202 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn\4.5.3_0\_locales\el\messages.json
[2012/02/10 15:03:00 | 000,002,529 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn\4.5.3_0\_locales\en\messages.json
[2012/02/10 15:03:00 | 000,002,537 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn\4.5.3_0\_locales\en_GB\messages.json
[2012/02/10 15:03:00 | 000,003,004 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn\4.5.3_0\_locales\es\messages.json
[2012/02/10 15:03:00 | 000,002,825 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn\4.5.3_0\_locales\fi\messages.json
[2012/02/10 15:03:00 | 000,003,101 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn\4.5.3_0\_locales\fr\messages.json
[2012/02/10 15:03:00 | 000,008,586 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn\4.5.3_0\_locales\hi\messages.json
[2012/02/10 15:03:00 | 000,002,907 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn\4.5.3_0\_locales\hr\messages.json
[2012/02/10 15:03:00 | 000,003,546 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn\4.5.3_0\_locales\hu\messages.json
[2012/02/10 15:02:59 | 000,002,300 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn\4.5.3_0\_locales\in\messages.json
[2012/02/10 15:03:00 | 000,002,935 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn\4.5.3_0\_locales\it\messages.json
[2012/02/10 15:02:59 | 000,006,821 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn\4.5.3_0\_locales\iw\messages.json
[2012/02/10 15:03:00 | 000,005,016 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn\4.5.3_0\_locales\ja\messages.json
[2012/02/10 15:03:00 | 000,004,253 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn\4.5.3_0\_locales\ko\messages.json
[2012/02/10 15:03:00 | 000,003,223 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn\4.5.3_0\_locales\lt\messages.json
[2012/02/10 15:03:00 | 000,003,359 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn\4.5.3_0\_locales\lv\messages.json
[2012/02/10 15:03:00 | 000,002,844 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn\4.5.3_0\_locales\nb\messages.json
[2012/02/10 15:03:00 | 000,002,707 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn\4.5.3_0\_locales\nl\messages.json
[2012/02/10 15:03:00 | 000,003,400 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn\4.5.3_0\_locales\pl\messages.json
[2012/02/10 15:03:00 | 000,002,901 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn\4.5.3_0\_locales\pt_BR\messages.json
[2012/02/10 15:03:00 | 000,002,939 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn\4.5.3_0\_locales\pt_PT\messages.json
[2012/02/10 15:03:00 | 000,003,543 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn\4.5.3_0\_locales\ro\messages.json
[2012/02/10 15:03:00 | 000,008,732 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn\4.5.3_0\_locales\ru\messages.json
[2012/02/10 15:03:00 | 000,003,563 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn\4.5.3_0\_locales\sk\messages.json
[2012/02/10 15:03:00 | 000,002,704 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn\4.5.3_0\_locales\sl\messages.json
[2012/02/10 15:03:00 | 000,009,038 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn\4.5.3_0\_locales\sr\messages.json
[2012/02/10 15:03:00 | 000,003,010 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn\4.5.3_0\_locales\sv\messages.json
[2012/02/10 15:03:00 | 000,008,663 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn\4.5.3_0\_locales\th\messages.json
[2012/02/10 15:03:00 | 000,002,514 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn\4.5.3_0\_locales\tl\messages.json
[2012/02/10 15:03:00 | 000,003,544 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn\4.5.3_0\_locales\tr\messages.json
[2012/02/10 15:03:00 | 000,009,169 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn\4.5.3_0\_locales\uk\messages.json
[2012/02/10 15:03:00 | 000,004,503 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn\4.5.3_0\_locales\vi\messages.json
[2012/02/10 15:03:00 | 000,003,829 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn\4.5.3_0\_locales\zh_CN\messages.json
[2012/02/10 15:03:00 | 000,003,955 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn\4.5.3_0\_locales\zh_TW\messages.json
[2012/02/10 15:02:59 | 000,008,736 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkmopoamfjnmppabeaphohombnjcjgla\4_0\icon_128.png
[2012/02/10 15:02:59 | 000,000,789 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkmopoamfjnmppabeaphohombnjcjgla\4_0\manifest.json
[2012/02/10 15:02:47 | 000,001,071 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\about.html
[2012/02/10 15:02:47 | 000,000,181 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\arrow.png
[2012/02/10 15:02:47 | 000,000,136 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\arrowon.png
[2012/02/10 15:02:47 | 000,000,131 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\backarrow.png
[2012/02/10 15:02:47 | 000,000,150 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\backbg.png
[2012/02/10 15:02:47 | 000,000,147 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\backbgover.png
[2012/02/10 15:02:47 | 000,001,107 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\background.html
[2012/02/10 15:02:47 | 000,101,115 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\background.js
[2012/02/10 15:02:47 | 000,014,372 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\bg.jpg
[2012/02/10 15:02:47 | 000,001,218 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\bg2.png
[2012/02/10 15:02:47 | 000,000,000 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\blank.html
[2012/02/10 15:02:47 | 000,002,391 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\changemasterpw.html
[2012/02/10 15:02:47 | 000,001,173 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\changepw.js
[2012/02/10 15:02:47 | 000,001,721 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\chooseprofilecc.js
[2012/02/10 15:02:47 | 000,000,231 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\chooser.png
[2012/02/10 15:02:47 | 000,001,395 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\close.png
[2012/02/10 15:02:47 | 000,000,064 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\cmenu-vista-bg.gif
[2012/02/10 15:02:47 | 000,000,347 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\cmenu-vista-menu-item-hover.gif
[2012/02/10 15:02:47 | 000,000,843 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\combobox.css
[2012/02/10 15:02:47 | 000,006,156 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\combobox.js
[2012/02/10 15:02:47 | 000,000,862 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\combobox_small.css
[2012/02/10 15:02:47 | 000,001,573 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\configure_formfill.html
[2012/02/10 15:02:47 | 000,001,703 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\congratulations.html
[2012/02/10 15:02:47 | 000,000,949 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\copypassword.png
[2012/02/10 15:02:47 | 000,001,130 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\copyusername.png
[2012/02/10 15:02:47 | 000,006,969 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\create_account.html
[2012/02/10 15:02:47 | 000,015,738 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\csp.js
[2012/02/10 15:02:47 | 000,003,642 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\db.js
[2012/02/10 15:02:47 | 000,001,906 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\disk.png
[2012/02/10 15:02:47 | 000,000,043 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\dot_for_ie.gif
[2012/02/10 15:02:47 | 000,001,384 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\dropdown.png
[2012/02/10 15:02:47 | 000,000,431 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\export.html
[2012/02/10 15:02:48 | 000,853,987 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\fftranslations.js
[2012/02/10 15:02:48 | 000,000,986 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\fill.png
[2012/02/10 15:02:48 | 000,100,455 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\formfill.html
[2012/02/10 15:02:48 | 000,021,378 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\fromcs.js
[2012/02/10 15:02:48 | 000,001,596 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\gauth.png
[2012/02/10 15:02:48 | 000,009,262 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\gauthlastpass.png
[2012/02/10 15:02:48 | 000,000,063 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\general.css
[2012/02/10 15:02:48 | 000,000,051 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\general_small.css
[2012/02/10 15:02:48 | 000,004,958 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\generate.js
[2012/02/10 15:02:48 | 000,007,063 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\home.html
[2012/02/10 15:02:48 | 000,001,366 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\home.png
[2012/02/10 15:02:49 | 000,034,597 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\homelocal.html
[2012/02/10 15:02:49 | 000,001,600 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\Icon-32.png
[2012/02/10 15:02:49 | 000,001,895 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\Icon-48.png
[2012/02/10 15:02:49 | 000,001,660 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\Icon-64.png
[2012/02/10 15:02:49 | 000,001,722 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\icon.gif
[2012/02/10 15:02:49 | 000,001,660 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\Icon.png
[2012/02/10 15:02:49 | 000,001,919 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\icon2.gif
[2012/02/10 15:02:49 | 000,006,680 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\icons.png
[2012/02/10 15:02:49 | 000,001,645 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\icon_gray.gif
[2012/02/10 15:02:49 | 000,001,739 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\icon_gray2.gif
[2012/02/10 15:02:49 | 000,001,909 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\icon_green2.gif

#13 mjcritchfield

mjcritchfield
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:03:32 PM

Posted 24 February 2012 - 02:06 PM

[2012/02/10 15:02:49 | 000,001,132 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\icon_off.png
[2012/02/10 15:02:49 | 000,001,087 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\icon_on.png
[2012/02/10 15:02:49 | 000,001,845 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\icon_yellow2.gif
[2012/02/10 15:02:50 | 000,000,503 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\img.html
[2012/02/10 15:02:50 | 000,006,649 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\import.html
[2012/02/10 15:02:50 | 000,011,638 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\import_other.html
[2012/02/10 15:02:50 | 000,001,593 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\import_your_data.html
[2012/02/10 15:02:50 | 000,007,637 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\iscrollc.js
[2012/02/10 15:02:50 | 000,027,257 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\jquery-ui.css
[2012/02/10 15:02:50 | 000,148,019 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\jquery-ui.min.js
[2012/02/10 15:02:50 | 000,006,261 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\jquery.contextmenu.css
[2012/02/10 15:02:50 | 000,004,932 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\jquery.contextmenu.js
[2012/02/10 15:02:50 | 000,003,084 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\jquery.hotkeys-0.7.9.min.js
[2012/02/10 15:02:50 | 000,067,217 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\jquery.portal.js
[2012/02/10 15:02:50 | 000,002,501 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\jquery.tree.hotkeys.js
[2012/02/10 15:02:50 | 000,057,968 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\jquery.tree.js
[2012/02/10 15:02:50 | 000,001,312 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\jquery.watermark.min.js
[2012/02/10 15:02:50 | 000,001,502 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\kb.png
[2012/02/10 15:02:50 | 000,001,414 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\key.png
[2012/02/10 15:02:50 | 000,011,280 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\login.html
[2012/02/10 15:02:50 | 000,012,099 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\login_small.html
[2012/02/10 15:02:50 | 000,008,355 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\logo.png
[2012/02/10 15:02:50 | 000,018,185 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\logo_big.png
[2012/02/10 15:02:50 | 000,259,737 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\lpfulllib.js
[2012/02/10 15:02:50 | 000,017,429 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\lp_toolstrip.html
[2012/02/10 15:02:53 | 000,001,744 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\manifest.json
[2012/02/10 15:02:50 | 000,000,541 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\mathfail.html
[2012/02/10 15:02:50 | 000,000,053 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\menu.css
[2012/02/10 15:02:50 | 000,004,871 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\menu.html
[2012/02/10 15:02:50 | 000,025,953 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\menu.js
[2012/02/10 15:02:50 | 000,000,148 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\menuheader.png
[2012/02/10 15:02:50 | 000,055,509 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\min.js
[2012/02/10 15:02:50 | 000,004,679 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\namedpipes.js
[2012/02/10 15:02:50 | 000,006,881 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\notification.js
[2012/02/10 15:02:50 | 000,003,464 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\notify.js
[2012/02/10 15:02:50 | 000,001,728 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\omnikey.html
[2012/02/10 15:02:51 | 000,201,543 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\onloadwff.js
[2012/02/10 15:02:51 | 000,003,808 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\otp.js
[2012/02/10 15:02:51 | 000,004,806 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\overlay.html
[2012/02/10 15:02:51 | 000,000,001 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\partner.js
[2012/02/10 15:02:51 | 000,008,581 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\popover.css
[2012/02/10 15:02:51 | 000,029,594 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\popover.html
[2012/02/10 15:02:51 | 000,030,101 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\prefs.html
[2012/02/10 15:02:51 | 000,005,676 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\prefs.js
[2012/02/10 15:02:51 | 000,003,117 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\punycode.js
[2012/02/10 15:02:51 | 000,000,521 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\q3Jrp.png
[2012/02/10 15:02:51 | 000,007,307 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\reenter_password.html
[2012/02/10 15:02:51 | 000,010,333 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\rsakeys.js
[2012/02/10 15:02:51 | 000,075,155 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\server.js
[2012/02/10 15:02:51 | 000,039,904 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\site.html
[2012/02/10 15:02:51 | 000,005,902 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\sites.css
[2012/02/10 15:02:51 | 000,002,803 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\spreadsheet.png
[2012/02/10 15:02:51 | 000,016,088 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\step2.gif
[2012/02/10 15:02:51 | 000,000,160 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\styles.css
[2012/02/10 15:02:51 | 000,009,447 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\teststyle.css
[2012/02/10 15:02:51 | 000,002,869 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\textboxes.css
[2012/02/10 15:02:51 | 000,002,251 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\textboxes_small.css
[2012/02/10 15:02:51 | 000,001,844 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\throbber.gif
[2012/02/10 15:02:51 | 000,005,788 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\toolstrip.js
[2012/02/10 15:02:51 | 000,000,223 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\trbg.png
[2012/02/10 15:02:51 | 000,003,433 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\treestyle.css
[2012/02/10 15:02:51 | 000,000,180 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\ui-bg_flat_0_aaaaaa_40x100.png
[2012/02/10 15:02:51 | 000,000,178 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\ui-bg_flat_75_ffffff_40x100.png
[2012/02/10 15:02:51 | 000,000,111 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\ui-bg_glass_75_dadada_1x400.png
[2012/02/10 15:02:51 | 000,000,110 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\ui-bg_glass_75_e6e6e6_1x400.png
[2012/02/10 15:02:51 | 000,000,101 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\ui-bg_highlight-soft_75_cccccc_1x100.png
[2012/02/10 15:02:51 | 000,004,369 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\ui-icons_222222_256x240.png
[2012/02/10 15:02:51 | 000,004,369 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\ui-icons_454545_256x240.png
[2012/02/10 15:02:51 | 000,001,123 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\vault.css
[2012/02/10 15:02:51 | 000,001,196 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\welcome.html
[2012/02/10 15:02:51 | 000,000,076 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\x.gif
[2012/02/10 15:02:51 | 000,001,502 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\x3.gif
[2012/02/10 15:02:51 | 000,001,573 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\xlarge.png
[2012/02/10 15:02:51 | 000,001,551 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\xlarge2.png
[2012/02/10 15:02:51 | 000,001,721 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\xlarge3.png
[2012/02/10 15:02:51 | 000,000,729 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\yubicoring16.png
[2012/02/10 15:02:51 | 000,027,398 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\yubikeyicon2.jpg
[2012/02/10 15:02:54 | 000,172,225 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\_locales\ar\messages.json
[2012/02/10 15:02:54 | 000,159,271 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\_locales\bg\messages.json
[2012/02/10 15:02:54 | 000,012,444 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\_locales\bn\messages.json
[2012/02/10 15:02:54 | 000,061,432 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\_locales\ca\messages.json
[2012/02/10 15:02:54 | 000,107,100 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\_locales\cs\messages.json
[2012/02/10 15:02:54 | 000,089,939 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\_locales\da\messages.json
[2012/02/10 15:02:54 | 000,109,465 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\_locales\de\messages.json
[2012/02/10 15:02:54 | 000,239,157 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\_locales\el\messages.json
[2012/02/10 15:02:54 | 000,098,909 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\_locales\en_GB\messages.json
[2012/02/10 15:02:54 | 000,105,855 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\_locales\en_US\messages.json
[2012/02/10 15:02:54 | 000,105,499 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\_locales\es\messages.json
[2012/02/10 15:02:54 | 000,099,628 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\_locales\es_419\messages.json
[2012/02/10 15:02:54 | 000,081,766 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\_locales\et\messages.json
[2012/02/10 15:02:54 | 000,112,920 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\_locales\fa\messages.json
[2012/02/10 15:02:54 | 000,105,671 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\_locales\fi\messages.json
[2012/02/10 15:02:54 | 000,109,562 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\_locales\fr\messages.json
[2012/02/10 15:02:54 | 000,000,109 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\_locales\gu\messages.json
[2012/02/10 15:02:54 | 000,185,683 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\_locales\he\messages.json
[2012/02/10 15:02:54 | 000,003,287 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\_locales\hi\messages.json
[2012/02/10 15:02:54 | 000,033,130 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\_locales\hr\messages.json
[2012/02/10 15:02:54 | 000,120,502 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\_locales\hu\messages.json
[2012/02/10 15:02:54 | 000,089,929 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\_locales\id\messages.json
[2012/02/10 15:02:54 | 000,106,942 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\_locales\it\messages.json
[2012/02/10 15:02:54 | 000,154,259 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\_locales\ja\messages.json
[2012/02/10 15:02:54 | 000,000,109 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\_locales\kn\messages.json
[2012/02/10 15:02:54 | 000,125,849 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\_locales\ko\messages.json
[2012/02/10 15:02:54 | 000,115,907 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\_locales\lt\messages.json
[2012/02/10 15:02:54 | 000,025,607 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\_locales\lv\messages.json
[2012/02/10 15:02:54 | 000,000,109 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\_locales\ml\messages.json
[2012/02/10 15:02:54 | 000,000,109 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\_locales\mr\messages.json
[2012/02/10 15:02:54 | 000,092,330 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\_locales\nb\messages.json
[2012/02/10 15:02:54 | 000,099,052 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\_locales\nl\messages.json
[2012/02/10 15:02:54 | 000,097,717 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\_locales\pl\messages.json
[2012/02/10 15:02:54 | 000,097,057 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\_locales\pt_BR\messages.json
[2012/02/10 15:02:54 | 000,097,704 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\_locales\pt_PT\messages.json
[2012/02/10 15:02:54 | 000,097,313 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\_locales\ro\messages.json
[2012/02/10 15:02:54 | 000,232,693 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\_locales\ru\messages.json
[2012/02/10 15:02:54 | 000,097,506 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\_locales\sk\messages.json
[2012/02/10 15:02:54 | 000,067,606 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\_locales\sl\messages.json
[2012/02/10 15:02:54 | 000,202,181 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\_locales\sr\messages.json
[2012/02/10 15:02:54 | 000,101,359 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\_locales\sv\messages.json
[2012/02/10 15:02:54 | 000,000,109 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\_locales\ta\messages.json
[2012/02/10 15:02:54 | 000,154,487 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\_locales\th\messages.json
[2012/02/10 15:02:54 | 000,104,606 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\_locales\tr\messages.json
[2012/02/10 15:02:55 | 000,215,744 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\_locales\uk\messages.json
[2012/02/10 15:02:55 | 000,114,821 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\_locales\vi\messages.json
[2012/02/10 15:02:55 | 000,126,501 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\_locales\zh_CN\messages.json
[2012/02/10 15:02:55 | 000,107,829 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\_locales\zh_TW\messages.json
[2012/02/10 15:02:49 | 000,004,387 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\images\adroll_delcache.png
[2012/02/10 15:02:49 | 000,003,422 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\images\adroll_export.png
[2012/02/10 15:02:49 | 000,002,496 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\images\adroll_help.png
[2012/02/10 15:02:49 | 000,004,151 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\images\adroll_ident.png
[2012/02/10 15:02:49 | 000,003,301 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\images\adroll_import.png
[2012/02/10 15:02:49 | 000,003,791 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\images\adroll_prefs.png
[2012/02/10 15:02:49 | 000,004,012 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\images\adroll_print.png
[2012/02/10 15:02:49 | 000,005,388 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\images\adroll_refresh.png
[2012/02/10 15:02:49 | 000,004,606 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\images\adroll_seccheck.png
[2012/02/10 15:02:49 | 000,006,468 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\images\adroll_sess.png
[2012/02/10 15:02:49 | 000,002,883 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\images\ad_delcache.png
[2012/02/10 15:02:49 | 000,002,220 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\images\ad_export.png
[2012/02/10 15:02:49 | 000,001,788 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\images\ad_help.png
[2012/02/10 15:02:49 | 000,002,456 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\images\ad_ident.png
[2012/02/10 15:02:49 | 000,002,092 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\images\ad_import.png
[2012/02/10 15:02:49 | 000,002,325 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\images\ad_prefs.png
[2012/02/10 15:02:49 | 000,002,313 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\images\ad_print.png
[2012/02/10 15:02:49 | 000,003,123 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\images\ad_refresh.png
[2012/02/10 15:02:49 | 000,002,890 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\images\ad_seccheck.png
[2012/02/10 15:02:49 | 000,003,746 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\images\ad_sess.png
[2012/02/10 15:02:49 | 000,001,181 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\images\asterisk.png
[2012/02/10 15:02:49 | 000,000,848 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\images\checkmark.gif
[2012/02/10 15:02:49 | 000,000,775 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\images\computer_delete.png
[2012/02/10 15:02:49 | 000,001,709 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\images\create_small.png
[2012/02/10 15:02:49 | 000,001,163 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\images\down.png
[2012/02/10 15:02:49 | 000,000,701 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\images\exclamation.png
[2012/02/10 15:02:49 | 000,000,946 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\images\export.png
[2012/02/10 15:02:49 | 000,001,001 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\images\gradient.png
[2012/02/10 15:02:49 | 000,000,813 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\images\group_key.png
[2012/02/10 15:02:53 | 000,014,587 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\images\icon128.png
[2012/02/10 15:02:53 | 000,000,820 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\images\icon16.png
[2012/02/10 15:02:53 | 000,002,176 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\images\icon32.png
[2012/02/10 15:02:53 | 000,003,707 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\images\icon48.png
[2012/02/10 15:02:49 | 000,000,378 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\images\icon_applications.png
[2012/02/10 15:02:49 | 000,003,250 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\images\icon_autofill.png
[2012/02/10 15:02:49 | 000,000,344 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\images\icon_autologin.png
[2012/02/10 15:02:49 | 000,000,789 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\images\icon_bell.png
[2012/02/10 15:02:49 | 000,003,314 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\images\icon_deleted.png
[2012/02/10 15:02:49 | 000,000,472 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\images\icon_favorite.png
[2012/02/10 15:02:49 | 000,001,382 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\images\icon_favorites.png
[2012/02/10 15:02:49 | 000,001,538 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\images\icon_formfill.png
[2012/02/10 15:02:49 | 000,001,567 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\images\icon_help.png
[2012/02/10 15:02:49 | 000,001,436 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\images\icon_identities.png
[2012/02/10 15:02:49 | 000,001,579 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\images\icon_lock.png
[2012/02/10 15:02:49 | 000,000,559 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\images\icon_note.png
[2012/02/10 15:02:49 | 000,001,505 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\images\icon_notes.png
[2012/02/10 15:02:49 | 000,001,590 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\images\icon_preferences.png
[2012/02/10 15:02:49 | 000,000,725 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\images\icon_premium.png
[2012/02/10 15:02:49 | 000,000,559 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\images\icon_protected.png
[2012/02/10 15:02:49 | 000,001,656 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\images\icon_recent.png
[2012/02/10 15:02:49 | 000,001,482 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\images\icon_saveall.png
[2012/02/10 15:02:49 | 000,000,986 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\images\icon_settings_small.gif
[2012/02/10 15:02:49 | 000,001,692 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\images\icon_sites.png
[2012/02/10 15:02:49 | 000,001,762 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\images\icon_tools.png
[2012/02/10 15:02:49 | 000,000,338 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\images\icon_up-red.gif
[2012/02/10 15:02:49 | 000,001,722 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\images\icon_vault.png
[2012/02/10 15:02:49 | 000,000,986 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\images\import.png
[2012/02/10 15:02:49 | 000,000,570 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\images\keyboard.png
[2012/02/10 15:02:49 | 000,001,592 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\images\key_small.png
[2012/02/10 15:02:49 | 000,001,163 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\images\left.png
[2012/02/10 15:02:49 | 000,000,749 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\images\lock.png
[2012/02/10 15:02:49 | 000,014,271 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\images\lpwhite_small.png
[2012/02/10 15:02:49 | 000,002,866 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\images\menuglow_advanced.png
[2012/02/10 15:02:49 | 000,002,062 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\images\menuglow_formfill.png
[2012/02/10 15:02:49 | 000,003,134 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\images\menuglow_generate.png
[2012/02/10 15:02:49 | 000,002,093 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\images\menuglow_notes.png
[2012/02/10 15:02:49 | 000,002,789 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\images\menuglow_vault.png
[2012/02/10 15:02:49 | 000,003,085 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\images\menuroll_advanced.png
[2012/02/10 15:02:49 | 000,002,140 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\images\menuroll_formfill.png
[2012/02/10 15:02:49 | 000,003,022 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\images\menuroll_generate.png
[2012/02/10 15:02:49 | 000,002,007 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\images\menuroll_notes.png
[2012/02/10 15:02:49 | 000,002,852 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\images\menuroll_vault.png
[2012/02/10 15:02:49 | 000,001,969 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\images\menu_advanced.png
[2012/02/10 15:02:49 | 000,001,299 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\images\menu_arrow.png
[2012/02/10 15:02:49 | 000,017,323 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\images\menu_bg.png
[2012/02/10 15:02:49 | 000,001,434 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\images\menu_formfill.png
[2012/02/10 15:02:49 | 000,001,985 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\images\menu_generate.png
[2012/02/10 15:02:49 | 000,001,524 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\images\menu_logoff.png
[2012/02/10 15:02:49 | 000,002,159 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\images\menu_navbg.png
[2012/02/10 15:02:49 | 000,001,481 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\images\menu_notes.png
[2012/02/10 15:02:49 | 000,001,352 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\images\menu_search.png
[2012/02/10 15:02:49 | 000,002,160 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\images\menu_sep.png
[2012/02/10 15:02:49 | 000,001,352 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\images\menu_titlebg.png
[2012/02/10 15:02:49 | 000,001,910 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\images\menu_vault.png
[2012/02/10 15:02:49 | 000,001,514 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\images\menu_x.png
[2012/02/10 15:02:49 | 000,000,641 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\images\note_add.png
[2012/02/10 15:02:49 | 000,000,833 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\images\page_gear.png
[2012/02/10 15:02:49 | 000,001,843 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\images\passwordmeter_back.gif
[2012/02/10 15:02:49 | 000,003,210 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\images\passwordmeter_front.gif
[2012/02/10 15:02:49 | 000,001,579 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\images\power_off.png
[2012/02/10 15:02:49 | 000,000,731 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\images\printer.png
[2012/02/10 15:02:49 | 000,001,318 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\images\pwdrop.png
[2012/02/10 15:02:49 | 000,000,571 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\images\reload.gif
[2012/02/10 15:02:49 | 000,001,148 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\images\right.png
[2012/02/10 15:02:49 | 000,001,181 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\images\screenkeyboard.png
[2012/02/10 15:02:49 | 000,001,670 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\images\search-icon-blue.gif
[2012/02/10 15:02:49 | 000,000,146 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\images\th_off.png
[2012/02/10 15:02:49 | 000,000,146 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\images\th_on.png
[2012/02/10 15:02:49 | 000,002,784 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\images\th_over.png
[2012/02/10 15:02:49 | 000,000,537 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\images\tick.png
[2012/02/10 15:02:49 | 000,001,553 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\images\ui-anim_basic_16x16.gif
[2012/02/10 15:02:49 | 000,000,180 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\images\ui-bg_flat_0_eeeeee_40x100.png
[2012/02/10 15:02:49 | 000,000,213 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\images\ui-bg_flat_55_c0402a_40x100.png
[2012/02/10 15:02:49 | 000,000,180 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\images\ui-bg_flat_55_eeeeee_40x100.png
[2012/02/10 15:02:49 | 000,000,105 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\images\ui-bg_glass_100_f8f8f8_1x400.png
[2012/02/10 15:02:49 | 000,000,109 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\images\ui-bg_glass_35_dddddd_1x400.png
[2012/02/10 15:02:49 | 000,000,110 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\images\ui-bg_glass_60_eeeeee_1x400.png
[2012/02/10 15:02:49 | 000,000,114 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\images\ui-bg_inset-hard_75_999999_1x100.png
[2012/02/10 15:02:49 | 000,000,142 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\images\ui-bg_inset-soft_50_c9c9c9_1x100.png
[2012/02/10 15:02:49 | 000,004,369 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\images\ui-icons_3383bb_256x240.png
[2012/02/10 15:02:49 | 000,005,355 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\images\ui-icons_70b2e1_256x240.png
[2012/02/10 15:02:49 | 000,004,369 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\images\ui-icons_999999_256x240.png
[2012/02/10 15:02:49 | 000,004,369 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\images\ui-icons_fbc856_256x240.png
[2012/02/10 15:02:49 | 000,001,320 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\images\unlock.png
[2012/02/10 15:02:49 | 000,000,338 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\images\up-red.gif
[2012/02/10 15:02:49 | 000,001,501 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\images\xsmall.png
[2012/02/10 15:02:50 | 000,001,629 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.2_0\images\xsmallroll.png
[2012/02/10 15:02:46 | 000,014,260 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdipabjmbhpdkjaihfjoikhjjeneebd\1.0.0.0_0\icon_128.png
[2012/02/10 15:02:46 | 000,000,690 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdipabjmbhpdkjaihfjoikhjjeneebd\1.0.0.0_0\manifest.json
[2012/02/10 15:02:45 | 000,000,421 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcnhkahnjcbndmmehfkdnkjomaanaooo\2.3.6.1_0\background.html
[2012/02/10 15:02:45 | 000,000,907 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcnhkahnjcbndmmehfkdnkjomaanaooo\2.3.6.1_0\bubble-19-lo.png
[2012/02/10 15:02:45 | 000,001,000 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcnhkahnjcbndmmehfkdnkjomaanaooo\2.3.6.1_0\bubble-19.png
[2012/02/10 15:02:45 | 000,000,084 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcnhkahnjcbndmmehfkdnkjomaanaooo\2.3.6.1_0\contentscript.css
[2012/02/10 15:02:45 | 000,066,771 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcnhkahnjcbndmmehfkdnkjomaanaooo\2.3.6.1_0\contentscript.js
[2012/02/10 15:02:45 | 000,003,013 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcnhkahnjcbndmmehfkdnkjomaanaooo\2.3.6.1_0\cs-css-deps.css
[2012/02/10 15:02:45 | 000,010,635 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcnhkahnjcbndmmehfkdnkjomaanaooo\2.3.6.1_0\css-deps.css
[2012/02/10 15:02:45 | 000,009,929 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcnhkahnjcbndmmehfkdnkjomaanaooo\2.3.6.1_0\gc_so.js
[2012/02/10 15:02:45 | 000,001,000 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcnhkahnjcbndmmehfkdnkjomaanaooo\2.3.6.1_0\manifest.json
[2012/02/10 15:02:45 | 000,005,850 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcnhkahnjcbndmmehfkdnkjomaanaooo\2.3.6.1_0\options.html
[2012/02/10 15:02:45 | 000,004,415 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcnhkahnjcbndmmehfkdnkjomaanaooo\2.3.6.1_0\popup.html
[2012/02/10 15:02:45 | 000,001,062 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcnhkahnjcbndmmehfkdnkjomaanaooo\2.3.6.1_0\toolbar_icons.gif
[2012/02/10 15:02:45 | 000,010,919 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcnhkahnjcbndmmehfkdnkjomaanaooo\2.3.6.1_0\voice-128.png
[2012/02/10 15:02:45 | 000,005,463 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcnhkahnjcbndmmehfkdnkjomaanaooo\2.3.6.1_0\voice-48.png
[2012/02/10 15:02:45 | 000,006,926 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcnhkahnjcbndmmehfkdnkjomaanaooo\2.3.6.1_0\voice.css
[2012/02/10 15:02:45 | 000,125,591 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcnhkahnjcbndmmehfkdnkjomaanaooo\2.3.6.1_0\voice.js
[2012/02/10 15:02:45 | 000,002,306 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcnhkahnjcbndmmehfkdnkjomaanaooo\2.3.6.1_0\voice_logo_sm.gif
[2012/02/10 15:02:45 | 000,005,333 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcnhkahnjcbndmmehfkdnkjomaanaooo\2.3.6.1_0\widget.css
[2012/02/10 15:02:45 | 000,000,684 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcnhkahnjcbndmmehfkdnkjomaanaooo\2.3.6.1_0\widget.html
[2012/02/10 15:02:45 | 000,000,606 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcnhkahnjcbndmmehfkdnkjomaanaooo\2.3.6.1_0\images\blue_ghost.jpg
[2012/02/10 15:02:45 | 000,000,288 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcnhkahnjcbndmmehfkdnkjomaanaooo\2.3.6.1_0\images\lilac-close.png
[2012/02/10 15:02:45 | 000,000,682 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcnhkahnjcbndmmehfkdnkjomaanaooo\2.3.6.1_0\images\playbutton.png
[2012/02/10 15:02:45 | 000,000,249 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcnhkahnjcbndmmehfkdnkjomaanaooo\2.3.6.1_0\images\popout.png
[2012/02/10 15:02:45 | 000,005,901 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcnhkahnjcbndmmehfkdnkjomaanaooo\2.3.6.1_0\images\vicons.png
[2012/02/10 15:02:45 | 000,011,395 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfjoocpipbbafoimjgbkmfnjcjejdbjo\2_0\128.png
[2012/02/10 15:02:45 | 000,000,801 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfjoocpipbbafoimjgbkmfnjcjejdbjo\2_0\manifest.json
[2012/02/10 15:02:35 | 000,000,498 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\khbjahpecnkenngkidhioicnfpakihgo\1.3.2_0\analytics.js
[2012/02/10 15:02:35 | 000,000,540 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\khbjahpecnkenngkidhioicnfpakihgo\1.3.2_0\background.html
[2012/02/10 15:02:35 | 000,000,066 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\khbjahpecnkenngkidhioicnfpakihgo\1.3.2_0\background.js
[2012/02/10 15:02:35 | 000,000,176 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\khbjahpecnkenngkidhioicnfpakihgo\1.3.2_0\debug.js
[2012/02/10 15:02:35 | 000,003,913 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\khbjahpecnkenngkidhioicnfpakihgo\1.3.2_0\iframe.js
[2012/02/10 15:02:35 | 000,000,310 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\khbjahpecnkenngkidhioicnfpakihgo\1.3.2_0\iframe_preload.js
[2012/02/10 15:02:35 | 000,001,410 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\khbjahpecnkenngkidhioicnfpakihgo\1.3.2_0\iframe_raw.js
[2012/02/10 15:02:35 | 000,077,914 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\khbjahpecnkenngkidhioicnfpakihgo\1.3.2_0\jquery.js
[2012/02/10 15:02:36 | 000,001,485 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\khbjahpecnkenngkidhioicnfpakihgo\1.3.2_0\manifest.json
[2012/02/10 15:02:35 | 000,077,026 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\khbjahpecnkenngkidhioicnfpakihgo\1.3.2_0\readability.js
[2012/02/10 15:02:35 | 000,013,427 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\khbjahpecnkenngkidhioicnfpakihgo\1.3.2_0\readability_sgr.js
[2012/02/10 15:02:35 | 000,000,042 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\khbjahpecnkenngkidhioicnfpakihgo\1.3.2_0\reader.js
[2012/02/10 15:02:35 | 000,001,033 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\khbjahpecnkenngkidhioicnfpakihgo\1.3.2_0\reader_preload.js
[2012/02/10 15:02:35 | 000,001,333 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\khbjahpecnkenngkidhioicnfpakihgo\1.3.2_0\reader_raw.js
[2012/02/10 15:02:36 | 000,023,196 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\khbjahpecnkenngkidhioicnfpakihgo\1.3.2_0\rss_128x128.png
[2012/02/10 15:02:36 | 000,000,845 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\khbjahpecnkenngkidhioicnfpakihgo\1.3.2_0\rss_16x16.png
[2012/02/10 15:02:36 | 000,004,625 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\khbjahpecnkenngkidhioicnfpakihgo\1.3.2_0\rss_48x48.png
[2012/02/10 15:02:35 | 000,069,778 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\khbjahpecnkenngkidhioicnfpakihgo\1.3.2_0\sgr.js
[2012/02/10 15:02:35 | 000,002,835 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\khbjahpecnkenngkidhioicnfpakihgo\1.3.2_0\storage.js
[2012/02/10 15:02:37 | 000,001,945 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\laankejkbhbdhmipfmgcngdelahlfoji\1.2.0.15_0\about.html
[2012/02/10 15:02:37 | 000,001,014 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\laankejkbhbdhmipfmgcngdelahlfoji\1.2.0.15_0\background.html
[2012/02/10 15:02:37 | 000,034,529 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\laankejkbhbdhmipfmgcngdelahlfoji\1.2.0.15_0\changelog.html
[2012/02/10 15:02:37 | 000,035,265 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\laankejkbhbdhmipfmgcngdelahlfoji\1.2.0.15_0\help.html
[2012/02/10 15:02:37 | 000,001,232 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\laankejkbhbdhmipfmgcngdelahlfoji\1.2.0.15_0\manifest.json
[2012/02/10 15:02:37 | 000,002,700 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\laankejkbhbdhmipfmgcngdelahlfoji\1.2.0.15_0\newtab.html
[2012/02/10 15:02:37 | 000,052,668 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\laankejkbhbdhmipfmgcngdelahlfoji\1.2.0.15_0\options.html
[2012/02/10 15:02:37 | 000,003,935 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\laankejkbhbdhmipfmgcngdelahlfoji\1.2.0.15_0\popup.html
[2012/02/10 15:02:36 | 000,001,063 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\laankejkbhbdhmipfmgcngdelahlfoji\1.2.0.15_0\css\changelog.css
[2012/02/10 15:02:36 | 000,002,522 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\laankejkbhbdhmipfmgcngdelahlfoji\1.2.0.15_0\css\content.css
[2012/02/10 15:02:36 | 000,000,872 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\laankejkbhbdhmipfmgcngdelahlfoji\1.2.0.15_0\css\global.css
[2012/02/10 15:02:36 | 000,001,824 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\laankejkbhbdhmipfmgcngdelahlfoji\1.2.0.15_0\css\help.css
[2012/02/10 15:02:36 | 000,001,408 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\laankejkbhbdhmipfmgcngdelahlfoji\1.2.0.15_0\css\newtab.css
[2012/02/10 15:02:37 | 000,000,368 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\laankejkbhbdhmipfmgcngdelahlfoji\1.2.0.15_0\css\notification.css
[2012/02/10 15:02:37 | 000,010,249 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\laankejkbhbdhmipfmgcngdelahlfoji\1.2.0.15_0\css\options.css
[2012/02/10 15:02:37 | 000,004,522 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\laankejkbhbdhmipfmgcngdelahlfoji\1.2.0.15_0\css\popup.css
[2012/02/10 15:02:37 | 000,000,850 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\laankejkbhbdhmipfmgcngdelahlfoji\1.2.0.15_0\css\reset.css
[2012/02/10 15:02:37 | 000,000,318 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\laankejkbhbdhmipfmgcngdelahlfoji\1.2.0.15_0\img\add_10x10.png
[2012/02/10 15:02:37 | 000,003,958 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\laankejkbhbdhmipfmgcngdelahlfoji\1.2.0.15_0\img\alert_48x48.png
[2012/02/10 15:02:37 | 000,001,004 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\laankejkbhbdhmipfmgcngdelahlfoji\1.2.0.15_0\img\error_16x16.png
[2012/02/10 15:02:38 | 000,022,425 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\laankejkbhbdhmipfmgcngdelahlfoji\1.2.0.15_0\img\eye_128x128_blue.png
[2012/02/10 15:02:37 | 000,001,794 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\laankejkbhbdhmipfmgcngdelahlfoji\1.2.0.15_0\img\eye_16x16_blue.png
[2012/02/10 15:02:37 | 000,001,273 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\laankejkbhbdhmipfmgcngdelahlfoji\1.2.0.15_0\img\eye_19x19_blue.png
[2012/02/10 15:02:37 | 000,001,299 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\laankejkbhbdhmipfmgcngdelahlfoji\1.2.0.15_0\img\eye_19x19_green.png
[2012/02/10 15:02:37 | 000,002,070 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\laankejkbhbdhmipfmgcngdelahlfoji\1.2.0.15_0\img\eye_19x19_nuclear.png
[2012/02/10 15:02:37 | 000,001,301 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\laankejkbhbdhmipfmgcngdelahlfoji\1.2.0.15_0\img\eye_19x19_red.png
[2012/02/10 15:02:37 | 000,002,853 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\laankejkbhbdhmipfmgcngdelahlfoji\1.2.0.15_0\img\eye_32x32_blue.png
[2012/02/10 15:02:38 | 000,005,001 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\laankejkbhbdhmipfmgcngdelahlfoji\1.2.0.15_0\img\eye_48x48_blue.png
[2012/02/10 15:02:37 | 000,005,772 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\laankejkbhbdhmipfmgcngdelahlfoji\1.2.0.15_0\img\eye_48x48_nuclear.png
[2012/02/10 15:02:37 | 000,005,560 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\laankejkbhbdhmipfmgcngdelahlfoji\1.2.0.15_0\img\eye_48x48_red.png
[2012/02/10 15:02:37 | 000,000,342 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\laankejkbhbdhmipfmgcngdelahlfoji\1.2.0.15_0\img\gear_10x10.png
[2012/02/10 15:02:37 | 000,000,671 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\laankejkbhbdhmipfmgcngdelahlfoji\1.2.0.15_0\img\gear_16x16.png
[2012/02/10 15:02:37 | 000,026,319 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\laankejkbhbdhmipfmgcngdelahlfoji\1.2.0.15_0\img\logo_full.png
[2012/02/10 15:02:37 | 000,002,941 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\laankejkbhbdhmipfmgcngdelahlfoji\1.2.0.15_0\img\logo_popup.png
[2012/02/10 15:02:37 | 000,019,192 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\laankejkbhbdhmipfmgcngdelahlfoji\1.2.0.15_0\img\outOfFocus.png
[2012/02/10 15:02:37 | 000,001,005 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\laankejkbhbdhmipfmgcngdelahlfoji\1.2.0.15_0\img\question.png
[2012/02/10 15:02:37 | 000,000,347 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\laankejkbhbdhmipfmgcngdelahlfoji\1.2.0.15_0\img\remove_10x10.png
[2012/02/10 15:02:37 | 000,002,596 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\laankejkbhbdhmipfmgcngdelahlfoji\1.2.0.15_0\img\smartBombBG.png
[2012/02/10 15:02:37 | 000,000,984 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\laankejkbhbdhmipfmgcngdelahlfoji\1.2.0.15_0\img\success_16x16.png
[2012/02/10 15:02:37 | 000,003,082 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\laankejkbhbdhmipfmgcngdelahlfoji\1.2.0.15_0\img\warning_48x48.png
[2012/02/10 15:02:37 | 000,000,194 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\laankejkbhbdhmipfmgcngdelahlfoji\1.2.0.15_0\img\whiteRowTopGradientBG.png
[2012/02/10 15:02:37 | 000,005,236 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\laankejkbhbdhmipfmgcngdelahlfoji\1.2.0.15_0\js\ActivityMonitor.js
[2012/02/10 15:02:37 | 000,000,773 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\laankejkbhbdhmipfmgcngdelahlfoji\1.2.0.15_0\js\content.js
[2012/02/10 15:02:37 | 000,002,023 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\laankejkbhbdhmipfmgcngdelahlfoji\1.2.0.15_0\js\DateUtils.js
[2012/02/10 15:02:37 | 000,003,469 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\laankejkbhbdhmipfmgcngdelahlfoji\1.2.0.15_0\js\DomainParser.js
[2012/02/10 15:02:37 | 000,001,837 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\laankejkbhbdhmipfmgcngdelahlfoji\1.2.0.15_0\js\InfoBar.js
[2012/02/10 15:02:37 | 000,069,838 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\laankejkbhbdhmipfmgcngdelahlfoji\1.2.0.15_0\js\jquery-1.4.min.js
[2012/02/10 15:02:37 | 000,005,507 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\laankejkbhbdhmipfmgcngdelahlfoji\1.2.0.15_0\js\ListManager.js
[2012/02/10 15:02:37 | 000,000,546 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\laankejkbhbdhmipfmgcngdelahlfoji\1.2.0.15_0\js\Newtab.js
[2012/02/10 15:02:37 | 000,000,861 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\laankejkbhbdhmipfmgcngdelahlfoji\1.2.0.15_0\js\Notification.js
[2012/02/10 15:02:37 | 000,005,929 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\laankejkbhbdhmipfmgcngdelahlfoji\1.2.0.15_0\js\NuclearOption.js
[2012/02/10 15:02:37 | 000,031,548 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\laankejkbhbdhmipfmgcngdelahlfoji\1.2.0.15_0\js\Options.js
[2012/02/10 15:02:37 | 000,003,056 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\laankejkbhbdhmipfmgcngdelahlfoji\1.2.0.15_0\js\Popup.js
[2012/02/10 15:02:37 | 000,000,780 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\laankejkbhbdhmipfmgcngdelahlfoji\1.2.0.15_0\js\ReferrerMonitor.js
[2012/02/10 15:02:37 | 000,001,482 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\laankejkbhbdhmipfmgcngdelahlfoji\1.2.0.15_0\js\SmartBomb.js
[2012/02/10 15:02:37 | 000,021,495 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\laankejkbhbdhmipfmgcngdelahlfoji\1.2.0.15_0\js\StayFocusd.js
[2012/02/10 15:02:37 | 000,001,924 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\laankejkbhbdhmipfmgcngdelahlfoji\1.2.0.15_0\js\Upgrader.js
[2012/02/10 15:02:37 | 000,069,838 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\laankejkbhbdhmipfmgcngdelahlfoji\1.2.0.15_0\js\lib\jquery-1.4.min.js
[2012/02/10 15:02:37 | 000,009,469 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\laankejkbhbdhmipfmgcngdelahlfoji\1.2.0.15_0\js\lib\jquery.simplemodal.1.4.1.min.js
[2012/02/10 15:02:37 | 000,017,382 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\laankejkbhbdhmipfmgcngdelahlfoji\1.2.0.15_0\js\lib\json2.js
[2012/02/10 15:02:37 | 000,000,066 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\laankejkbhbdhmipfmgcngdelahlfoji\1.2.0.15_0\js\upgrades\1_0_33.js
[2012/02/10 15:02:37 | 000,000,038 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\laankejkbhbdhmipfmgcngdelahlfoji\1.2.0.15_0\js\upgrades\upgrades.json
[2012/02/10 15:02:37 | 000,001,247 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\laankejkbhbdhmipfmgcngdelahlfoji\1.2.0.15_0\notifications\block.html
[2012/02/10 15:02:37 | 000,001,266 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\laankejkbhbdhmipfmgcngdelahlfoji\1.2.0.15_0\notifications\nuclear.html
[2012/02/10 15:02:44 | 000,000,974 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.4.1107.26_0\manifest.json
[2012/02/10 15:02:44 | 000,002,423 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.4.1107.26_0\_locales\en\messages.json
[2012/02/10 15:02:42 | 000,008,505 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.4.1107.26_0\css\calendar.css
[2012/02/10 15:02:42 | 000,047,609 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.4.1107.26_0\css\springpad.css
[2012/02/10 15:02:42 | 000,002,802 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.4.1107.26_0\css\ext\infobar.css
[2012/02/10 15:02:42 | 000,000,571 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.4.1107.26_0\html\background.html
[2012/02/10 15:02:42 | 000,000,283 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.4.1107.26_0\html\blank.html
[2012/02/10 15:02:42 | 000,000,087 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.4.1107.26_0\html\options.html
[2012/02/10 15:02:43 | 000,001,139 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.4.1107.26_0\html\springpad.html
[2012/02/10 15:02:43 | 000,003,034 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.4.1107.26_0\images\calendar\arrow-left-hover-blue.png
[2012/02/10 15:02:43 | 000,003,009 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.4.1107.26_0\images\calendar\arrow-left.png
[2012/02/10 15:02:43 | 000,003,047 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.4.1107.26_0\images\calendar\arrow-right-hover-blue.png
[2012/02/10 15:02:43 | 000,003,009 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.4.1107.26_0\images\calendar\arrow-right.png
[2012/02/10 15:02:43 | 000,007,934 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.4.1107.26_0\images\elements\logo.springpad.300x60.dark.png
[2012/02/10 15:02:43 | 000,008,157 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.4.1107.26_0\images\elements\logo.springpad.300x60.png
[2012/02/10 15:02:43 | 000,006,991 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.4.1107.26_0\images\elements\logo.springpad.300x60.white.png
[2012/02/10 15:02:43 | 000,013,502 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.4.1107.26_0\images\elements\logo.springpad.400x80.png
[2012/02/10 15:02:43 | 000,001,567 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.4.1107.26_0\images\elements\openid.favicons.png
[2012/02/10 15:02:43 | 000,011,713 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.4.1107.26_0\images\elements\watermark.corner.botton_right.png
[2012/02/10 15:02:43 | 000,046,439 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.4.1107.26_0\images\elements\welcome.png
[2012/02/10 15:02:43 | 000,000,148 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.4.1107.26_0\images\icons\arrow.down.black.centered.19w.png
[2012/02/10 15:02:43 | 000,000,144 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.4.1107.26_0\images\icons\arrow.up.black.centered.19w.png
[2012/02/10 15:02:43 | 000,001,150 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.4.1107.26_0\images\icons\favicon.ico
[2012/02/10 15:02:43 | 000,000,229 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.4.1107.26_0\images\icons\icon.10.flag.grayed.png
[2012/02/10 15:02:43 | 000,000,233 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.4.1107.26_0\images\icons\icon.10.flag.red.png
[2012/02/10 15:02:43 | 000,000,228 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.4.1107.26_0\images\icons\icon.10.notebook.blue.png
[2012/02/10 15:02:43 | 000,000,168 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.4.1107.26_0\images\icons\icon.10.notebook.grayed.png
[2012/02/10 15:02:43 | 000,000,245 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.4.1107.26_0\images\icons\icon.10.tag.blue.png
[2012/02/10 15:02:43 | 000,000,237 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.4.1107.26_0\images\icons\icon.10.tag.grayed.png
[2012/02/10 15:02:43 | 000,000,066 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.4.1107.26_0\images\icons\icon.11.x.black.gif
[2012/02/10 15:02:43 | 000,000,066 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.4.1107.26_0\images\icons\icon.11.x.white.gif
[2012/02/10 15:02:43 | 000,000,219 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.4.1107.26_0\images\icons\icon.12.flag.grayed.png
[2012/02/10 15:02:43 | 000,000,230 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.4.1107.26_0\images\icons\icon.12.flag.red.png
[2012/02/10 15:02:43 | 000,000,412 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.4.1107.26_0\images\icons\icon.12.loading.gif
[2012/02/10 15:02:43 | 000,000,301 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.4.1107.26_0\images\icons\icon.12.pencil.png
[2012/02/10 15:02:43 | 000,000,287 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.4.1107.26_0\images\icons\icon.12.star.gold.png
[2012/02/10 15:02:43 | 000,000,266 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.4.1107.26_0\images\icons\icon.12.star.gray.png
[2012/02/10 15:02:43 | 000,000,414 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.4.1107.26_0\images\icons\icon.12.tag.blue.png
[2012/02/10 15:02:43 | 000,000,232 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.4.1107.26_0\images\icons\icon.12.tag.grayed.png
[2012/02/10 15:02:44 | 000,002,145 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.4.1107.26_0\images\icons\icon.128.springpad.png
[2012/02/10 15:02:43 | 000,000,860 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.4.1107.26_0\images\icons\icon.16.circle.green.check.png
[2012/02/10 15:02:43 | 000,000,793 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.4.1107.26_0\images\icons\icon.16.circle.red.x.png
[2012/02/10 15:02:43 | 000,000,803 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.4.1107.26_0\images\icons\icon.16.circled.blue.info.png
[2012/02/10 15:02:43 | 000,000,643 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.4.1107.26_0\images\icons\icon.16.circled.gray.dash.png
[2012/02/10 15:02:43 | 000,000,857 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.4.1107.26_0\images\icons\icon.16.circled.green.dollar_sign.png
[2012/02/10 15:02:43 | 000,000,769 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.4.1107.26_0\images\icons\icon.16.circled.orange.info.png
[2012/02/10 15:02:43 | 000,000,775 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.4.1107.26_0\images\icons\icon.16.circled.red.exclamation.png
[2012/02/10 15:02:43 | 000,000,408 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.4.1107.26_0\images\icons\icon.16.menu.arrow_back.faded.png
[2012/02/10 15:02:43 | 000,000,334 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.4.1107.26_0\images\icons\icon.16.menu.arrow_back.png
[2012/02/10 15:02:43 | 000,000,232 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.4.1107.26_0\images\icons\icon.16.menu.home.png
[2012/02/10 15:02:43 | 000,000,086 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.4.1107.26_0\images\icons\icon.16.menu.plus.png
[2012/02/10 15:02:43 | 000,000,426 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.4.1107.26_0\images\icons\icon.16.menu.scissors.png
[2012/02/10 15:02:43 | 000,000,413 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.4.1107.26_0\images\icons\icon.16.menu.search.png
[2012/02/10 15:02:43 | 000,000,580 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.4.1107.26_0\images\icons\icon.16.note.png
[2012/02/10 15:02:43 | 000,000,428 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.4.1107.26_0\images\icons\icon.16.send_to_phone.png
[2012/02/10 15:02:44 | 000,000,305 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.4.1107.26_0\images\icons\icon.16.springpad.png
[2012/02/10 15:02:43 | 000,000,795 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.4.1107.26_0\images\icons\icon.16.type.tvshow.png
[2012/02/10 15:02:43 | 000,000,946 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.4.1107.26_0\images\icons\icon.16.world.blue.png
[2012/02/10 15:02:43 | 000,000,282 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.4.1107.26_0\images\icons\icon.24.corner_lock.gray.png
[2012/02/10 15:02:43 | 000,001,286 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.4.1107.26_0\images\icons\icon.32.menu.checkmark.png
[2012/02/10 15:02:43 | 000,001,621 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.4.1107.26_0\images\icons\icon.32.menu.scissors.png
[2012/02/10 15:02:43 | 000,000,591 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.4.1107.26_0\images\icons\icon.32.menu.sticky_note.png
[2012/02/10 15:02:43 | 000,002,136 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.4.1107.26_0\images\icons\icon.32.menu.world.png
[2012/02/10 15:02:43 | 000,001,084 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.4.1107.26_0\images\icons\icon.48.file.generic.png
[2012/02/10 15:02:43 | 000,002,483 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.4.1107.26_0\images\icons\icon.48.file.pdf.png
[2012/02/10 15:02:43 | 000,001,762 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.4.1107.26_0\images\icons\icon.48.file.zip.png
[2012/02/10 15:02:44 | 000,001,019 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.4.1107.26_0\images\icons\icon.48.springpad.png
[2012/02/10 15:02:43 | 000,009,143 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.4.1107.26_0\images\icons\icon.75.address_book.blue.png
[2012/02/10 15:02:43 | 000,002,551 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.4.1107.26_0\images\icons\icon.75.binder.orange.png
[2012/02/10 15:02:43 | 000,006,580 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.4.1107.26_0\images\icons\icon.75.calendar.red.png
[2012/02/10 15:02:43 | 000,008,616 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.4.1107.26_0\images\icons\icon.75.cardboard_box.collections.png
[2012/02/10 15:02:43 | 000,006,800 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.4.1107.26_0\images\icons\icon.75.cardboard_box.green_arrow.png
[2012/02/10 15:02:43 | 000,001,760 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.4.1107.26_0\images\icons\icon.75.checkbox.blue.png
[2012/02/10 15:02:43 | 000,003,219 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.4.1107.26_0\images\icons\icon.75.checkbox.checked.blue.png
[2012/02/10 15:02:43 | 000,002,439 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.4.1107.26_0\images\icons\icon.75.checkbox.checked.png
[2012/02/10 15:02:43 | 000,001,422 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.4.1107.26_0\images\icons\icon.75.checkbox.png
[2012/02/10 15:02:43 | 000,006,321 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.4.1107.26_0\images\icons\icon.75.dinner_setting.png
[2012/02/10 15:02:43 | 000,006,099 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.4.1107.26_0\images\icons\icon.75.gears.png
[2012/02/10 15:02:43 | 000,005,269 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.4.1107.26_0\images\icons\icon.75.house.png
[2012/02/10 15:02:43 | 000,008,400 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.4.1107.26_0\images\icons\icon.75.notebook.ring.blue.png
[2012/02/10 15:02:43 | 000,002,303 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.4.1107.26_0\images\icons\icon.75.pages.stacked.png
[2012/02/10 15:02:43 | 000,002,927 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.4.1107.26_0\images\icons\icon.75.silhoutte.blue.png
[2012/02/10 15:02:43 | 000,004,067 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.4.1107.26_0\images\icons\icon.75.ticket.admit_one.png
[2012/02/10 15:02:43 | 000,001,454 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.4.1107.26_0\images\icons\icon.75.type.activity.png
[2012/02/10 15:02:43 | 000,007,657 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.4.1107.26_0\images\icons\icon.75.type.alarm.png
[2012/02/10 15:02:43 | 000,007,564 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.4.1107.26_0\images\icons\icon.75.type.album.png
[2012/02/10 15:02:43 | 000,006,580 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.4.1107.26_0\images\icons\icon.75.type.appointment.png
[2012/02/10 15:02:43 | 000,003,469 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.4.1107.26_0\images\icons\icon.75.type.book.png
[2012/02/10 15:02:43 | 000,004,710 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.4.1107.26_0\images\icons\icon.75.type.bookmark.png
[2012/02/10 15:02:43 | 000,006,590 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.4.1107.26_0\images\icons\icon.75.type.budget.png
[2012/02/10 15:02:43 | 000,007,434 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.4.1107.26_0\images\icons\icon.75.type.business.png
[2012/02/10 15:02:43 | 000,005,599 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.4.1107.26_0\images\icons\icon.75.type.caterer.png
[2012/02/10 15:02:43 | 000,006,243 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.4.1107.26_0\images\icons\icon.75.type.checklist.png
[2012/02/10 15:02:43 | 000,003,183 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.4.1107.26_0\images\icons\icon.75.type.church.png
[2012/02/10 15:02:43 | 000,002,431 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.4.1107.26_0\images\icons\icon.75.type.concert.png
[2012/02/10 15:02:43 | 000,005,937 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.4.1107.26_0\images\icons\icon.75.type.contact.png
[2012/02/10 15:02:43 | 000,004,514 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.4.1107.26_0\images\icons\icon.75.type.coupon.png
[2012/02/10 15:02:43 | 000,001,825 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.4.1107.26_0\images\icons\icon.75.type.file.png
[2012/02/10 15:02:43 | 000,007,725 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.4.1107.26_0\images\icons\icon.75.type.florist.png
[2012/02/10 15:02:43 | 000,006,243 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.4.1107.26_0\images\icons\icon.75.type.generallist.png
[2012/02/10 15:02:43 | 000,008,711 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.4.1107.26_0\images\icons\icon.75.type.gift.png
[2012/02/10 15:02:43 | 000,005,894 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.4.1107.26_0\images\icons\icon.75.type.group.png
[2012/02/10 15:02:43 | 000,006,592 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.4.1107.26_0\images\icons\icon.75.type.hotel.png
[2012/02/10 15:02:43 | 000,005,894 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.4.1107.26_0\images\icons\icon.75.type.list.png
[2012/02/10 15:02:43 | 000,007,172 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.4.1107.26_0\images\icons\icon.75.type.milestone.png
[2012/02/10 15:02:43 | 000,005,557 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.4.1107.26_0\images\icons\icon.75.type.movie.png
[2012/02/10 15:02:43 | 000,002,431 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.4.1107.26_0\images\icons\icon.75.type.musicalartist.png
[2012/02/10 15:02:43 | 000,002,020 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.4.1107.26_0\images\icons\icon.75.type.note.png
[2012/02/10 15:02:43 | 000,003,591 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.4.1107.26_0\images\icons\icon.75.type.packinglist.png
[2012/02/10 15:02:43 | 000,003,591 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.4.1107.26_0\images\icons\icon.75.type.packinglsit.png
[2012/02/10 15:02:43 | 000,005,937 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.4.1107.26_0\images\icons\icon.75.type.person.png
[2012/02/10 15:02:43 | 000,008,103 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.4.1107.26_0\images\icons\icon.75.type.photographer.png
[2012/02/10 15:02:43 | 000,005,427 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.4.1107.26_0\images\icons\icon.75.type.product.png
[2012/02/10 15:02:43 | 000,003,691 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.4.1107.26_0\images\icons\icon.75.type.recipe.png
[2012/02/10 15:02:43 | 000,007,657 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.4.1107.26_0\images\icons\icon.75.type.reminder.png
[2012/02/10 15:02:43 | 000,007,422 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.4.1107.26_0\images\icons\icon.75.type.restaurant.png
[2012/02/10 15:02:43 | 000,004,440 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.4.1107.26_0\images\icons\icon.75.type.shoppinglist.png
[2012/02/10 15:02:43 | 000,002,375 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.4.1107.26_0\images\icons\icon.75.type.task.png
[2012/02/10 15:02:43 | 000,004,238 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.4.1107.26_0\images\icons\icon.75.type.tasklist.png
[2012/02/10 15:02:43 | 000,006,781 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.4.1107.26_0\images\icons\icon.75.type.tvshow.png
[2012/02/10 15:02:43 | 000,004,260 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.4.1107.26_0\images\icons\icon.75.type.wine.png
[2012/02/10 15:02:43 | 000,008,020 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.4.1107.26_0\images\icons\icon.75.world.blue.png
[2012/02/10 15:02:43 | 000,000,434 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.4.1107.26_0\images\icons\icon.sort.png
[2012/02/10 15:02:43 | 000,003,208 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.4.1107.26_0\images\icons\loading.gif
[2012/02/10 15:02:43 | 000,000,308 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.4.1107.26_0\images\icons\numbers.mini.7w.white.black_outline.png
[2012/02/10 15:02:43 | 000,009,016 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.4.1107.26_0\images\layout\bg.texture.main.png
[2012/02/10 15:02:43 | 000,000,137 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.4.1107.26_0\images\layout\spacer.png
[2012/02/10 15:02:43 | 000,007,787 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.4.1107.26_0\js\background.js
[2012/02/10 15:02:43 | 000,007,815 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.4.1107.26_0\js\bookmarker.js
[2012/02/10 15:02:43 | 000,001,945 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.4.1107.26_0\js\chrome.proxy.js
[2012/02/10 15:02:43 | 000,024,377 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.4.1107.26_0\js\common\calendar.js
[2012/02/10 15:02:43 | 000,004,621 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.4.1107.26_0\js\common\HashListener.js
[2012/02/10 15:02:43 | 000,014,694 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.4.1107.26_0\js\common\mootools-more.js
[2012/02/10 15:02:43 | 000,102,991 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.4.1107.26_0\js\common\mootools.js
[2012/02/10 15:02:43 | 000,010,133 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.4.1107.26_0\js\common\seedrandom.js
[2012/02/10 15:02:43 | 000,059,656 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.4.1107.26_0\js\common\springapp.js
[2012/02/10 15:02:43 | 000,000,854 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.4.1107.26_0\js\common\storage.js
[2012/02/10 15:02:43 | 000,028,816 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.4.1107.26_0\js\common\ui.blocks.js
[2012/02/10 15:02:43 | 000,028,304 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.4.1107.26_0\js\common\ui.js
[2012/02/10 15:02:43 | 000,003,616 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.4.1107.26_0\js\ext\get_page_info.js
[2012/02/10 15:02:43 | 000,001,830 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.4.1107.26_0\js\ext\infobar.js
[2012/02/10 15:02:43 | 000,013,051 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.4.1107.26_0\js\lib\block.js
[2012/02/10 15:02:43 | 000,000,487 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.4.1107.26_0\js\lib\constants.js
[2012/02/10 15:02:43 | 000,012,649 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.4.1107.26_0\js\lib\springpad.js
[2012/02/10 15:02:43 | 000,032,630 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.4.1107.26_0\js\lib\utils.js
[2012/02/10 15:02:42 | 000,030,254 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\npmnpijamnjkmkcpfkadpmdhhehabcld\1.0_0\128.png
[2012/02/10 15:02:42 | 000,000,622 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\npmnpijamnjkmkcpfkadpmdhhehabcld\1.0_0\manifest.json
[2012/02/20 18:27:04 | 000,013,435 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjejbgheonogbpfkkjigbmahaljipoej\1.6_0\128.png
[2012/02/20 18:27:04 | 000,000,664 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjejbgheonogbpfkkjigbmahaljipoej\1.6_0\manifest.json
[2012/02/20 18:27:04 | 000,000,359 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjejbgheonogbpfkkjigbmahaljipoej\1.6_0\_locales\en\messages.json
[2012/02/20 18:27:04 | 000,000,617 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjejbgheonogbpfkkjigbmahaljipoej\1.6_0\_locales\ru\messages.json
[2012/02/10 15:02:39 | 000,005,920 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\128.png
[2012/02/10 15:02:39 | 000,000,755 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\manifest.json

[2012/02/10 15:02:39 | 000,000,556 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\ar\messages.json
[2012/02/10 15:02:39 | 000,000,492 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\bg\messages.json
[2012/02/10 15:02:39 | 000,000,262 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\ca\messages.json
[2012/02/10 15:02:39 | 000,000,289 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\cs\messages.json
[2012/02/10 15:02:39 | 000,000,240 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\da\messages.json
[2012/02/10 15:02:39 | 000,000,239 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\de\messages.json
[2012/02/10 15:02:39 | 000,000,624 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\el\messages.json
[2012/02/10 15:02:39 | 000,000,215 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\en\messages.json
[2012/02/10 15:02:39 | 000,000,281 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\es\messages.json
[2012/02/10 15:02:39 | 000,000,284 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\fi\messages.json
[2012/02/10 15:02:39 | 000,000,234 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\fil\messages.json
[2012/02/10 15:02:39 | 000,000,272 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\fr\messages.json
[2012/02/10 15:02:39 | 000,000,391 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\hi\messages.json
[2012/02/10 15:02:39 | 000,000,246 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\hr\messages.json
[2012/02/10 15:02:39 | 000,000,234 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\hu\messages.json
[2012/02/10 15:02:39 | 000,000,242 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\id\messages.json
[2012/02/10 15:02:39 | 000,000,260 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\it\messages.json
[2012/02/10 15:02:39 | 000,000,364 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\ja\messages.json
[2012/02/10 15:02:39 | 000,000,328 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\ko\messages.json
[2012/02/10 15:02:39 | 000,000,269 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\lt\messages.json
[2012/02/10 15:02:39 | 000,000,262 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\lv\messages.json
[2012/02/10 15:02:39 | 000,000,232 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\nl\messages.json
[2012/02/10 15:02:39 | 000,000,210 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\no\messages.json
[2012/02/10 15:02:39 | 000,000,292 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\pl\messages.json
[2012/02/10 15:02:39 | 000,000,230 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\pt_BR\messages.json
[2012/02/10 15:02:39 | 000,000,231 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\pt_PT\messages.json
[2012/02/10 15:02:39 | 000,000,281 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\ro\messages.json
[2012/02/10 15:02:39 | 000,000,482 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\ru\messages.json
[2012/02/10 15:02:39 | 000,000,210 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\se\messages.json
[2012/02/10 15:02:39 | 000,000,238 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\sk\messages.json
[2012/02/10 15:02:39 | 000,000,249 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\sl\messages.json
[2012/02/10 15:02:39 | 000,000,511 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\sr\messages.json
[2012/02/10 15:02:39 | 000,000,471 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\th\messages.json
[2012/02/10 15:02:39 | 000,000,250 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\tr\messages.json
[2012/02/10 15:02:39 | 000,000,536 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\uk\messages.json
[2012/02/10 15:02:39 | 000,000,257 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\vi\messages.json
[2012/02/10 15:02:39 | 000,000,339 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\zh_CN\messages.json
[2012/02/10 15:02:39 | 000,000,321 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\zh_TW\messages.json
[2012/02/09 13:05:05 | 000,000,024 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\.usage
[2011/11/29 16:37:56 | 000,022,955 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\00\00000000
[2011/11/29 16:38:15 | 000,022,955 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\00\00000002
[2011/11/29 16:38:25 | 000,019,901 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\00\00000003
[2011/11/29 16:38:35 | 000,047,945 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\00\00000004
[2011/11/29 16:38:55 | 000,024,372 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\00\00000006
[2011/11/29 17:07:53 | 000,031,995 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\00\00000007
[2011/11/29 17:08:01 | 000,034,065 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\00\00000008
[2011/11/29 17:08:11 | 000,055,942 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\00\00000009
[2011/11/29 17:08:22 | 000,041,984 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\00\00000010
[2011/11/29 17:08:32 | 000,133,978 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\00\00000011
[2011/11/29 17:37:52 | 000,040,960 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\00\00000012
[2011/11/29 17:38:02 | 000,048,128 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\00\00000013
[2011/11/29 17:38:21 | 000,029,184 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\00\00000015
[2011/11/29 18:07:52 | 000,028,672 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\00\00000017
[2011/11/29 18:08:02 | 000,056,344 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\00\00000018
[2011/11/29 18:08:11 | 000,056,344 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\00\00000019
[2011/11/29 18:08:21 | 000,056,344 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\00\00000020
[2011/11/29 18:37:52 | 000,020,992 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\00\00000022
[2011/11/29 18:38:02 | 000,020,992 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\00\00000023
[2011/11/29 18:38:11 | 000,023,552 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\00\00000024
[2011/11/29 18:39:06 | 005,724,672 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\00\00000026
[2011/11/29 19:08:12 | 000,056,580 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\00\00000028
[2011/11/29 19:08:30 | 000,425,819 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\00\00000029
[2011/11/29 19:08:37 | 000,218,112 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\00\00000030
[2011/11/29 19:08:40 | 005,724,672 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\00\00000031
[2011/11/29 19:37:56 | 000,265,216 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\00\00000032
[2011/11/29 19:38:03 | 000,202,176 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\00\00000033
[2011/11/29 19:38:10 | 000,021,504 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\00\00000034
[2011/11/29 19:38:24 | 000,149,214 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\00\00000035
[2011/11/29 19:38:32 | 000,171,464 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\00\00000036
[2011/11/29 20:07:51 | 000,014,026 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\00\00000037
[2011/11/29 20:08:08 | 000,168,450 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\00\00000038
[2011/11/29 20:08:22 | 000,029,184 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\00\00000040
[2011/11/29 20:08:32 | 000,089,783 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\00\00000041
[2011/11/29 20:37:51 | 000,055,296 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\00\00000042
[2011/11/29 20:38:00 | 000,010,569 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\00\00000043
[2011/11/29 20:38:20 | 000,000,046 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\00\00000045
[2011/11/29 20:38:30 | 000,020,480 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\00\00000046
[2011/11/30 14:03:53 | 000,000,046 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\00\00000047
[2011/11/30 14:04:05 | 000,056,344 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\00\00000048
[2011/11/30 14:04:13 | 000,028,672 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\00\00000049
[2011/11/30 14:04:23 | 000,189,496 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\00\00000050
[2011/11/30 14:06:53 | 000,036,864 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\00\00000051
[2011/11/30 14:10:02 | 000,021,268 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\00\00000053
[2011/11/30 14:10:13 | 000,134,656 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\00\00000054
[2011/11/30 14:10:23 | 000,018,482 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\00\00000055
[2011/11/30 14:10:33 | 000,021,366 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\00\00000056
[2011/11/30 14:12:52 | 000,029,502 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\00\00000057
[2011/11/30 14:13:02 | 000,029,322 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\00\00000058
[2011/11/30 14:13:13 | 000,134,656 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\00\00000059
[2011/11/30 14:13:22 | 000,024,996 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\00\00000060
[2011/11/30 14:15:53 | 000,023,279 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\00\00000062
[2011/11/30 14:16:02 | 000,020,567 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\00\00000063
[2011/11/30 14:16:12 | 000,016,049 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\00\00000064
[2011/11/30 14:16:23 | 000,094,653 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\00\00000065
[2011/11/30 14:18:53 | 000,033,792 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\00\00000067
[2011/11/30 14:19:02 | 000,028,990 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\00\00000068
[2011/11/30 14:19:12 | 000,056,114 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\00\00000069
[2011/11/30 14:21:54 | 000,056,767 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\00\00000072
[2011/11/30 14:22:03 | 000,057,005 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\00\00000073
[2011/11/30 14:24:52 | 000,020,854 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\00\00000075
[2011/11/30 14:25:02 | 000,017,706 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\00\00000076
[2011/11/30 14:25:13 | 000,166,252 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\00\00000077
[2011/11/30 14:25:33 | 000,122,722 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\00\00000079
[2011/11/30 14:27:53 | 000,002,662 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\00\00000080
[2011/11/30 14:28:03 | 000,136,957 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\00\00000081
[2011/11/30 14:30:52 | 000,031,498 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\00\00000082
[2011/11/30 14:31:02 | 000,023,469 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\00\00000083
[2011/11/30 14:31:13 | 000,166,252 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\00\00000084
[2011/11/30 14:31:33 | 000,122,722 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\00\00000086
[2011/11/30 14:33:56 | 001,995,264 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\00\00000087
[2011/11/30 14:34:05 | 001,176,039 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\00\00000088
[2011/11/30 14:34:13 | 000,169,066 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\00\00000089
[2011/11/30 14:34:22 | 000,081,600 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\00\00000090
[2011/12/01 18:44:35 | 001,121,696 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\00\00000092
[2011/12/01 18:47:30 | 000,191,726 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\00\00000093
[2011/12/01 21:35:21 | 000,162,026 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\00\00000094
[2011/12/01 21:35:31 | 000,064,615 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\00\00000095
[2011/12/01 21:35:40 | 000,144,315 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\00\00000096
[2011/12/01 21:35:49 | 000,064,615 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\00\00000097
[2011/12/01 21:35:59 | 000,140,540 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\00\00000098
[2011/12/01 21:36:09 | 000,144,315 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\00\00000099
[2011/12/01 21:36:19 | 000,140,540 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\01\00000100
[2011/12/02 12:07:08 | 000,140,540 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\01\00000101
[2011/12/02 12:07:17 | 000,144,315 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\01\00000102
[2011/12/02 12:07:27 | 000,162,026 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\01\00000103
[2011/12/02 12:07:36 | 000,064,615 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\01\00000104
[2011/12/02 21:45:52 | 000,740,898 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\01\00000105
[2011/12/02 21:46:06 | 000,027,648 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\01\00000107
[2011/12/02 21:46:17 | 000,167,506 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\01\00000108
[2011/12/02 21:48:47 | 000,167,506 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\01\00000109
[2011/12/02 21:51:50 | 000,781,312 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\01\00000110
[2011/12/02 21:52:06 | 000,001,434 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\01\00000112
[2011/12/02 21:54:46 | 000,001,434 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\01\00000113
[2011/12/02 21:54:59 | 000,411,733 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\01\00000114
[2011/12/02 21:55:06 | 000,021,771 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\01\00000115
[2011/12/02 21:57:47 | 000,088,576 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\01\00000117
[2011/12/02 22:00:46 | 000,015,754 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\01\00000118
[2011/12/02 22:01:08 | 000,276,458 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\01\00000120
[2011/12/02 22:03:46 | 000,020,545 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\01\00000121
[2011/12/02 22:04:09 | 002,728,923 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\01\00000122
[2011/12/02 22:04:09 | 000,276,458 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\01\00000123
[2011/12/02 22:33:02 | 000,006,721 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\01\00000125
[2011/12/02 22:33:11 | 000,003,866 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\01\00000126
[2011/12/02 22:33:21 | 000,006,721 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\01\00000127
[2011/12/04 15:15:17 | 000,201,688 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\01\00000128
[2011/12/04 15:36:00 | 000,020,794 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\01\00000130
[2011/12/04 15:36:09 | 000,057,470 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\01\00000131
[2011/12/06 11:05:25 | 000,016,217 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\01\00000133
[2011/12/06 11:05:34 | 000,023,515 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\01\00000134
[2011/12/08 10:35:23 | 000,056,344 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\01\00000135
[2011/12/08 10:47:24 | 000,056,344 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\01\00000137
[2011/12/08 10:56:30 | 000,020,222 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\01\00000138
[2011/12/09 12:08:10 | 000,056,131 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\01\00000139
[2011/12/09 12:11:19 | 000,056,174 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\01\00000141
[2011/12/09 12:11:30 | 000,124,416 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\01\00000142
[2011/12/09 12:11:39 | 000,050,688 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\01\00000143
[2011/12/10 09:53:10 | 000,055,808 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\01\00000145
[2011/12/10 09:53:29 | 001,465,262 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\01\00000146
[2011/12/12 13:21:39 | 000,266,722 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\01\00000150
[2011/12/12 13:21:48 | 000,104,092 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\01\00000151
[2011/12/12 18:45:12 | 000,020,222 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\01\00000152
[2011/12/12 18:45:22 | 000,023,127 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\01\00000153
[2011/12/12 18:45:32 | 000,016,217 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\01\00000154
[2011/12/12 18:48:12 | 000,023,515 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\01\00000155
[2011/12/14 17:55:11 | 000,044,280 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\01\00000156
[2011/12/15 10:08:41 | 000,101,449 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\01\00000157
[2011/12/15 10:08:59 | 000,062,962 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\01\00000158
[2011/12/15 10:09:04 | 000,060,994 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\01\00000159
[2011/12/16 23:16:25 | 000,028,160 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\01\00000162
[2011/12/17 16:14:37 | 000,043,702 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\01\00000163
[2011/12/17 16:14:47 | 000,023,874 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\01\00000164
[2011/12/17 16:14:57 | 000,023,571 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\01\00000165
[2011/12/31 14:01:30 | 000,064,672 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\01\00000177
[2011/12/31 14:49:29 | 000,001,948 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\01\00000179
[2012/01/03 14:49:24 | 000,314,308 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\01\00000181
[2012/01/03 14:49:32 | 000,092,505 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\01\00000182
[2012/01/04 09:53:45 | 000,056,344 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\01\00000185
[2012/01/04 09:53:55 | 000,056,344 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\01\00000186
[2012/01/04 15:22:36 | 000,226,304 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\01\00000188
[2012/01/06 09:17:37 | 000,027,908 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\01\00000189
[2012/01/06 18:22:15 | 000,025,623 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\01\00000191
[2012/01/06 18:22:22 | 000,015,612 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\01\00000192
[2012/01/06 18:22:32 | 000,015,283 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\01\00000193
[2012/01/07 20:31:05 | 000,024,166 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\01\00000195
[2012/01/10 16:47:16 | 000,042,234 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\01\00000197
[2012/01/11 10:07:51 | 000,861,509 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\01\00000198
[2012/01/11 10:49:52 | 000,314,308 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\01\00000199
[2012/01/11 12:37:46 | 000,024,919 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\02\00000200
[2012/01/11 12:37:59 | 000,015,546 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\02\00000201
[2012/01/11 16:48:41 | 000,861,509 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\02\00000203
[2012/01/16 17:05:52 | 000,025,104 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\02\00000209
[2012/01/16 21:57:23 | 000,026,154 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\02\00000210
[2012/01/17 10:39:24 | 000,023,355 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\02\00000211
[2012/01/17 10:39:34 | 000,023,114 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\02\00000212
[2012/01/19 09:34:28 | 000,314,308 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\02\00000215
[2012/01/20 13:32:50 | 000,041,472 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\02\00000219
[2012/01/21 23:22:36 | 000,028,905 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\02\00000220
[2012/01/23 11:00:05 | 000,001,948 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\02\00000221
[2012/01/23 13:51:05 | 000,001,948 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\02\00000222
[2012/01/25 11:03:36 | 000,035,840 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\02\00000224
[2012/01/25 20:24:56 | 000,002,210 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\02\00000228
[2012/01/26 10:53:35 | 000,141,606 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\02\00000229
[2012/01/26 10:53:44 | 000,049,896 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\02\00000230
[2012/01/26 14:53:36 | 000,010,103 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\02\00000233
[2012/01/26 15:21:45 | 000,158,952 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\02\00000234
[2012/01/30 10:38:08 | 000,171,031 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\02\00000238
[2012/01/30 13:50:08 | 000,007,075 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\02\00000239
[2012/01/31 09:18:05 | 000,653,272 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\02\00000240
[2012/02/01 08:10:01 | 000,011,109 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\02\00000241
[2012/02/01 10:05:54 | 000,003,108 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\02\00000242
[2012/02/01 10:06:05 | 000,004,748 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\02\00000243
[2012/02/01 10:06:15 | 000,002,772 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\02\00000244
[2012/02/01 10:06:39 | 000,655,107 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\02\00000246
[2012/02/01 10:08:55 | 000,003,285 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\02\00000247
[2012/02/01 10:09:04 | 000,003,027 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\02\00000248
[2012/02/01 10:13:47 | 021,237,248 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\02\00000250
[2012/02/01 10:14:34 | 021,237,248 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\02\00000251
[2012/02/01 13:14:56 | 000,124,928 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\02\00000252
[2012/02/01 14:44:55 | 000,002,966 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\02\00000253
[2012/02/01 17:10:15 | 000,759,104 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\02\00000254
[2012/02/02 09:15:38 | 000,000,227 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\02\00000255
[2012/02/02 09:15:48 | 000,000,227 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\02\00000256
[2012/02/02 09:15:58 | 000,000,227 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\02\00000257
[2012/02/02 11:27:38 | 000,092,505 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\02\00000258
[2012/02/02 11:27:49 | 000,266,752 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\02\00000259
[2012/02/02 12:18:38 | 000,034,992 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\02\00000260
[2012/02/02 13:09:38 | 000,017,295 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\02\00000261
[2012/02/02 13:39:38 | 000,037,019 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\02\00000264
[2012/02/02 14:18:41 | 000,124,928 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\02\00000265
[2012/02/02 14:48:38 | 000,017,509 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\02\00000266
[2012/02/02 21:51:43 | 000,394,650 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\02\00000267
[2012/02/05 17:15:12 | 000,002,210 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\02\00000268
[2012/02/06 20:33:40 | 000,138,075 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\02\00000269
[2012/02/07 10:38:09 | 000,003,191 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\02\00000270
[2012/02/07 15:46:29 | 000,101,266 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\02\00000271
[2012/02/07 15:55:28 | 000,101,266 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\02\00000273
[2012/02/07 15:55:38 | 000,020,195 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\02\00000274
[2012/02/07 16:25:28 | 000,053,811 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\02\00000275
[2012/02/07 23:04:08 | 002,316,250 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\02\00000276
[2012/02/07 23:04:18 | 002,216,669 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\02\00000277
[2012/02/07 23:04:26 | 002,283,949 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\02\00000278
[2012/02/08 11:34:52 | 000,055,607 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\02\00000279
[2012/02/09 12:14:06 | 000,003,691 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\02\00000280
[2012/02/08 21:14:38 | 000,094,032 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\Paths\000955.sst
[2012/02/09 12:35:05 | 000,000,757 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\Paths\000959.sst
[2012/02/09 13:05:05 | 000,000,000 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\Paths\000962.log
[2012/02/09 13:05:05 | 000,000,016 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\Paths\CURRENT
[2011/11/29 16:37:49 | 000,000,000 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\Paths\LOCK
[2011/11/29 16:37:49 | 000,000,000 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\Paths\LOG.old
[2012/02/09 13:05:05 | 000,000,151 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\Paths\MANIFEST-000961
[2011/11/29 17:07:49 | 000,000,180 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\Origins\000005.sst
[2012/02/24 10:24:04 | 000,000,000 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\Origins\001014.log
[2012/02/24 10:24:04 | 000,000,016 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\Origins\CURRENT
[2011/11/29 16:37:49 | 000,000,000 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\Origins\LOCK
[2011/11/29 16:37:49 | 000,000,000 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\Origins\LOG.old
[2012/02/24 10:24:04 | 000,000,114 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\Origins\MANIFEST-001013
[2011/12/03 19:04:52 | 002,931,054 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\chrome-extension_bmihblnpomgpjkfddepdpdafhhepdbek_0.indexeddb.leveldb\000005.sst
[2012/01/12 12:44:25 | 000,680,988 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\chrome-extension_bmihblnpomgpjkfddepdpdafhhepdbek_0.indexeddb.leveldb\000296.sst
[2012/01/27 20:08:02 | 000,680,988 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\chrome-extension_bmihblnpomgpjkfddepdpdafhhepdbek_0.indexeddb.leveldb\000401.sst
[2012/02/24 10:24:05 | 000,000,019 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\chrome-extension_bmihblnpomgpjkfddepdpdafhhepdbek_0.indexeddb.leveldb\000711.log
[2012/02/24 10:24:04 | 000,000,016 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\chrome-extension_bmihblnpomgpjkfddepdpdafhhepdbek_0.indexeddb.leveldb\CURRENT
[2011/12/03 16:51:57 | 000,000,000 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\chrome-extension_bmihblnpomgpjkfddepdpdafhhepdbek_0.indexeddb.leveldb\LOCK
[2011/12/03 16:51:57 | 000,000,000 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\chrome-extension_bmihblnpomgpjkfddepdpdafhhepdbek_0.indexeddb.leveldb\LOG.old
[2012/02/24 10:24:04 | 000,000,167 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\chrome-extension_bmihblnpomgpjkfddepdpdafhhepdbek_0.indexeddb.leveldb\MANIFEST-000709
[6 C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\JumpListIcons\*.tmp files -> C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\JumpListIcons\*.tmp -> ]
[6 C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\JumpListIconsOld\*.tmp files -> C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\JumpListIconsOld\*.tmp -> ]
[2012/02/10 14:54:50 | 000,005,120 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-devtools_devtools_0.localstorage
[2012/01/12 11:21:20 | 008,999,936 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_bmihblnpomgpjkfddepdpdafhhepdbek_0.localstorage
[2012/01/25 21:01:32 | 000,003,072 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ciagpekplgpbepdgggflgmahnjgiaced_0.localstorage
[2011/11/19 11:41:14 | 000,005,120 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_eemcgdkfndhakfknompkggombfjjjeno_0.localstorage
[2012/02/22 21:42:51 | 000,013,312 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_hdokiejnpimakedhajhdlcegeplioahd_0.localstorage
[2012/02/15 23:37:41 | 000,037,888 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_kcnhkahnjcbndmmehfkdnkjomaanaooo_0.localstorage
[2011/09/19 10:45:30 | 000,005,120 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_khbjahpecnkenngkidhioicnfpakihgo_0.localstorage
[2012/02/15 09:06:22 | 000,007,168 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_laankejkbhbdhmipfmgcngdelahlfoji_0.localstorage
[2011/07/29 17:39:34 | 000,003,072 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_lifbcibllhkdhoafpjfnlhfpfgnpldfl_0.localstorage
[2011/09/19 08:02:12 | 000,093,184 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_njhgeimnepehieioinbhmfpphfoocmng_0.localstorage
[2012/02/24 10:32:27 | 000,003,072 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_plus.google.com_0.localstorage
[2012/02/24 10:35:57 | 000,003,072 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.meebo.com_0.localstorage
[2012/02/24 10:36:01 | 000,274,432 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.meebo.com_0.localstorage
[2012/02/24 10:35:53 | 000,003,072 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.sfgate.com_0.localstorage
[2011/11/15 09:50:50 | 000,782,336 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\old_Cache_000\data_0
[2011/11/15 09:50:50 | 016,621,568 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\old_Cache_000\data_1
[2011/11/15 09:50:50 | 031,465,472 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\old_Cache_000\data_2
[2011/11/15 09:50:50 | 046,145,536 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\old_Cache_000\data_3
[2011/11/15 09:50:50 | 002,629,632 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\old_Cache_000\data_4
[2011/06/08 14:25:39 | 000,323,584 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\localserver.db
[2011/04/11 13:20:37 | 000,019,456 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\permissions.db
[2011/06/08 14:24:54 | 000,381,952 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\http_80\rtm_mjcritchfield#database
[2011/04/11 11:41:45 | 000,015,662 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\http_80\icons#desktop\Remember The Milk.ico
[2011/04/11 11:41:45 | 000,000,731 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\http_80\icons#desktop\Remember The Milk_cp.png
[2011/03/05 09:26:31 | 000,036,417 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\http_80\RTM_managed[2]#localserver\app.14[2433].css
[2011/03/05 09:26:32 | 000,001,204 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\http_80\RTM_managed[2]#localserver\app.2.gears[2434].css
[2011/03/07 17:02:55 | 000,002,552 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\http_80\RTM_managed[2]#localserver\app_ie.6[2642].css
[2011/03/06 16:15:22 | 000,000,073 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\http_80\RTM_managed[2]#localserver\bg[2618].gif
[2011/03/05 09:26:37 | 000,000,044 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\http_80\RTM_managed[2]#localserver\bg_dot2[2439].gif
[2011/03/05 09:26:37 | 000,000,053 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\http_80\RTM_managed[2]#localserver\bluebox_back[2440].gif
[2011/03/08 22:19:01 | 000,000,073 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\http_80\RTM_managed[2]#localserver\bluebox_bl[2659].gif
[2011/03/05 09:26:37 | 000,000,073 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\http_80\RTM_managed[2]#localserver\bluebox_br[2442].gif
[2011/03/06 16:15:22 | 000,000,073 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\http_80\RTM_managed[2]#localserver\bluebox_tl[2620].gif
[2011/03/05 09:26:38 | 000,000,073 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\http_80\RTM_managed[2]#localserver\bluebox_tr[2444].gif
[2011/03/08 22:19:01 | 000,000,133 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\http_80\RTM_managed[2]#localserver\btn_cancel_org[2660].gif
[2011/03/05 18:20:26 | 000,000,140 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\http_80\RTM_managed[2]#localserver\btn_publish_blu[2567].gif
[2011/03/06 16:15:23 | 000,000,140 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\http_80\RTM_managed[2]#localserver\btn_publish_gry[2622].gif
[2011/03/05 18:20:26 | 000,000,117 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\http_80\RTM_managed[2]#localserver\btn_send_blu[2568].gif
[2011/03/07 17:02:58 | 000,000,117 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\http_80\RTM_managed[2]#localserver\btn_send_gry[2644].gif
[2011/03/05 09:26:39 | 000,000,125 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\http_80\RTM_managed[2]#localserver\btn_share_blu[2450].gif
[2011/03/05 09:26:39 | 000,000,125 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\http_80\RTM_managed[2]#localserver\btn_share_gry[2451].gif
[2011/03/05 09:26:39 | 000,000,323 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\http_80\RTM_managed[2]#localserver\btn_sort_lft[2452].png
[2011/03/05 18:20:27 | 000,000,175 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\http_80\RTM_managed[2]#localserver\btn_sort_mid[2569].png
[2011/03/11 08:01:30 | 000,000,333 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\http_80\RTM_managed[2]#localserver\btn_sort_rgt[2679].png
[2011/03/05 18:20:27 | 000,000,897 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\http_80\RTM_managed[2]#localserver\busy[2571].gif
[2011/03/06 16:15:23 | 000,000,091 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\http_80\RTM_managed[2]#localserver\busy_inactive[2623].gif
[2011/03/05 18:20:35 | 000,000,056 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\http_80\RTM_managed[2]#localserver\ch[2591].gif
[2011/03/08 22:19:03 | 000,000,122 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\http_80\RTM_managed[2]#localserver\done_blue[2661].gif
[2011/03/05 09:26:40 | 000,000,120 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\http_80\RTM_managed[2]#localserver\done_grey[2458].gif
[2010/12/31 11:34:30 | 000,059,411 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\http_80\RTM_managed[2]#localserver\en-US.interface.76[1493].js
[2010/12/30 15:11:42 | 000,003,370 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\http_80\RTM_managed[2]#localserver\gears_init[1444].js
[2011/03/08 22:19:03 | 000,000,159 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\http_80\RTM_managed[2]#localserver\ico_add[2662].gif
[2011/03/06 16:15:24 | 000,000,204 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\http_80\RTM_managed[2]#localserver\ico_add_sm[2624].gif
[2011/03/05 18:20:28 | 000,000,061 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\http_80\RTM_managed[2]#localserver\ico_arr[2573].gif
[2011/03/11 08:01:30 | 000,000,051 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\http_80\RTM_managed[2]#localserver\ico_arr_sort[2680].gif
[2011/03/05 09:26:41 | 000,000,347 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\http_80\RTM_managed[2]#localserver\ico_atom[2463].gif
[2011/03/05 09:26:41 | 000,000,101 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\http_80\RTM_managed[2]#localserver\ico_calendar[2464].gif
[2011/03/05 18:20:29 | 000,000,220 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\http_80\RTM_managed[2]#localserver\ico_check_blu[2574].gif
[2011/03/05 18:20:29 | 000,000,160 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\http_80\RTM_managed[2]#localserver\ico_check_gry[2575].gif
[2011/03/05 09:26:42 | 000,000,155 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\http_80\RTM_managed[2]#localserver\ico_clock[2467].gif
[2011/03/05 09:26:42 | 000,000,145 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\http_80\RTM_managed[2]#localserver\ico_close_blu_blu[2468].gif
[2011/03/05 09:26:42 | 000,000,111 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\http_80\RTM_managed[2]#localserver\ico_close_gry_whi[2469].gif
[2011/03/15 21:42:58 | 000,000,204 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\http_80\RTM_managed[2]#localserver\ico_close_org_blu[2717].gif
[2011/03/07 17:03:01 | 000,000,150 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\http_80\RTM_managed[2]#localserver\ico_close_org_whi[2645].gif
[2011/03/05 18:20:30 | 000,000,118 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\http_80\RTM_managed[2]#localserver\ico_cross_gry[2577].gif
[2011/03/05 18:20:30 | 000,000,223 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\http_80\RTM_managed[2]#localserver\ico_cross_org[2578].gif
[2011/03/05 09:26:43 | 000,000,159 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\http_80\RTM_managed[2]#localserver\ico_edit[2474].gif
[2011/03/06 16:15:26 | 000,000,106 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\http_80\RTM_managed[2]#localserver\ico_email[2625].gif
[2011/03/15 21:42:59 | 000,000,152 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\http_80\RTM_managed[2]#localserver\ico_exclaim_blu[2718].gif
[2011/03/07 17:03:02 | 000,000,131 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\http_80\RTM_managed[2]#localserver\ico_export[2646].gif
[2011/03/08 22:19:06 | 000,000,377 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\http_80\RTM_managed[2]#localserver\ico_feedback[2663].gif
[2011/03/05 18:20:31 | 000,000,338 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\http_80\RTM_managed[2]#localserver\ico_feed_blu[2580].gif
[2011/03/05 09:26:44 | 000,000,174 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\http_80\RTM_managed[2]#localserver\ico_globe[2480].gif
[2011/03/05 09:26:44 | 000,000,162 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\http_80\RTM_managed[2]#localserver\ico_help_blu[2481].gif
[2011/03/05 18:20:32 | 000,000,120 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\http_80\RTM_managed[2]#localserver\ico_help_gry[2581].gif
[2011/03/05 18:20:32 | 000,000,151 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\http_80\RTM_managed[2]#localserver\ico_info_blu[2582].gif
[2011/03/06 16:15:26 | 000,000,152 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\http_80\RTM_managed[2]#localserver\ico_info_org_org[2626].gif
[2011/03/05 09:26:44 | 000,000,120 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\http_80\RTM_managed[2]#localserver\ico_key[2485].gif
[2011/03/05 09:26:44 | 000,000,132 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\http_80\RTM_managed[2]#localserver\ico_link[2486].gif
[2011/03/05 18:20:32 | 000,000,132 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\http_80\RTM_managed[2]#localserver\ico_link_gry[2583].gif
[2011/03/11 18:58:46 | 000,000,194 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\http_80\RTM_managed[2]#localserver\ico_lock[2691].gif
[2011/03/06 16:15:27 | 000,000,236 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\http_80\RTM_managed[2]#localserver\ico_note[2627].png
[2011/03/05 18:20:33 | 000,000,111 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\http_80\RTM_managed[2]#localserver\ico_phone[2585].gif
[2011/03/11 08:01:32 | 000,000,094 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\http_80\RTM_managed[2]#localserver\ico_print[2681].gif
[2011/03/05 09:26:45 | 000,000,254 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\http_80\RTM_managed[2]#localserver\ico_pro[2492].gif
[2011/03/05 09:26:45 | 000,000,231 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\http_80\RTM_managed[2]#localserver\ico_pro_sm[2493].gif
[2011/03/05 18:20:33 | 000,000,141 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\http_80\RTM_managed[2]#localserver\ico_recur[2586].gif
[2011/03/05 09:26:46 | 000,000,131 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\http_80\RTM_managed[2]#localserver\ico_repeat[2495].gif
[2011/03/05 18:20:33 | 000,000,188 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\http_80\RTM_managed[2]#localserver\ico_search_blu[2587].gif
[2011/03/08 22:19:08 | 000,000,144 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\http_80\RTM_managed[2]#localserver\ico_search_gry[2664].gif
[2011/03/05 09:26:46 | 000,000,178 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\http_80\RTM_managed[2]#localserver\ico_search_sm[2498].gif
[2011/03/06 16:15:28 | 000,000,117 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\http_80\RTM_managed[2]#localserver\ico_sort_chk_blu[2629].gif
[2011/03/05 18:20:34 | 000,000,117 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\http_80\RTM_managed[2]#localserver\ico_sort_chk_gry[2589].gif
[2011/03/07 17:03:04 | 000,000,309 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\http_80\RTM_managed[2]#localserver\ico_sync[2648].gif
[2011/03/07 17:03:04 | 000,000,089 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\http_80\RTM_managed[2]#localserver\ico_tag[2649].gif
[2011/03/05 09:26:47 | 000,000,131 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\http_80\RTM_managed[2]#localserver\ico_trash[2503].gif
[2011/03/05 18:20:35 | 000,000,162 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\http_80\RTM_managed[2]#localserver\ico_username[2590].gif
[2011/03/07 17:03:04 | 000,000,094 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\http_80\RTM_managed[2]#localserver\ico_weeklyplanner[2650].gif
[2011/03/06 16:15:30 | 000,000,318 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\http_80\RTM_managed[2]#localserver\iw_bl[2632].png
[2011/03/05 18:20:36 | 000,000,233 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\http_80\RTM_managed[2]#localserver\iw_br[2593].png
[2011/03/07 17:03:05 | 000,000,132 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\http_80\RTM_managed[2]#localserver\iw_l[2651].png
[2011/03/06 16:15:30 | 000,000,269 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\http_80\RTM_managed[2]#localserver\iw_r2[2633].png
[2011/03/05 09:26:49 | 000,000,139 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\http_80\RTM_managed[2]#localserver\iw_r[2516].png
[2011/03/05 18:20:36 | 000,000,224 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\http_80\RTM_managed[2]#localserver\iw_tl[2594].png
[2011/03/16 20:02:50 | 000,000,240 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\http_80\RTM_managed[2]#localserver\iw_tr[2724].png
[2011/03/05 09:26:48 | 000,000,564 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\http_80\RTM_managed[2]#localserver\left_blue[2509].png
[2011/03/05 09:26:48 | 000,000,519 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\http_80\RTM_managed[2]#localserver\left_grey[2510].png
[2011/03/11 08:01:33 | 000,000,538 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\http_80\RTM_managed[2]#localserver\left_white[2683].png
[2011/03/09 20:24:35 | 000,004,778 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\http_80\RTM_managed[2]#localserver\logo2[2670].png
[2011/03/09 20:24:35 | 000,004,988 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\http_80\RTM_managed[2]#localserver\logo_tester[2671].png
[2011/06/07 17:59:51 | 000,617,560 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\http_80\RTM_managed[2]#localserver\mjcritchfield[3202]
[2011/03/05 18:20:36 | 000,000,373 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\http_80\RTM_managed[2]#localserver\mkr_dblu[2595].png
[2011/03/05 09:26:49 | 000,000,368 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\http_80\RTM_managed[2]#localserver\mkr_grn[2521].png
[2011/03/05 09:26:49 | 000,000,321 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\http_80\RTM_managed[2]#localserver\mkr_gry[2522].png
[2011/03/05 09:26:49 | 000,000,378 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\http_80\RTM_managed[2]#localserver\mkr_lblu[2523].png
[2011/03/19 21:53:51 | 000,000,381 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\http_80\RTM_managed[2]#localserver\mkr_org[2740].png
[2011/03/05 18:20:37 | 000,000,289 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\http_80\RTM_managed[2]#localserver\mkr_shadow[2596].png
[2011/03/11 08:01:35 | 000,000,047 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\http_80\RTM_managed[2]#localserver\news_back[2684].gif
[2011/03/05 18:20:38 | 000,000,078 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\http_80\RTM_managed[2]#localserver\news_bl[2598].gif
[2011/03/05 09:26:51 | 000,000,078 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\http_80\RTM_managed[2]#localserver\news_br[2531].gif
[2011/03/05 09:26:50 | 000,000,055 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\http_80\RTM_managed[2]#localserver\news_b[2528].gif
[2011/03/05 18:20:38 | 000,000,057 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\http_80\RTM_managed[2]#localserver\news_l[2599].gif
[2011/03/11 08:01:35 | 000,000,056 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\http_80\RTM_managed[2]#localserver\news_r[2685].gif
[2011/03/05 09:26:52 | 000,000,078 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\http_80\RTM_managed[2]#localserver\news_tl[2535].gif
[2011/03/05 18:20:38 | 000,000,077 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\http_80\RTM_managed[2]#localserver\news_tr[2601].gif
[2011/03/05 09:26:51 | 000,000,055 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\http_80\RTM_managed[2]#localserver\news_t[2534].gif
[2011/03/05 09:26:47 | 000,000,137 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\http_80\RTM_managed[2]#localserver\off-connected-synced[2506].gif
[2011/03/11 08:01:33 | 000,000,761 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\http_80\RTM_managed[2]#localserver\off-connected-syncing[2682].gif
[2011/03/06 16:15:30 | 000,000,093 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\http_80\RTM_managed[2]#localserver\off-disconnected[2630].gif
[2011/03/05 18:20:38 | 000,000,053 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\http_80\RTM_managed[2]#localserver\orangebox_back[2602].gif
[2011/03/05 18:20:38 | 000,000,073 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\http_80\RTM_managed[2]#localserver\orangebox_bl[2603].gif
[2011/03/05 09:26:52 | 000,000,072 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\http_80\RTM_managed[2]#localserver\orangebox_br[2539].gif
[2011/03/05 09:26:52 | 000,000,073 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\http_80\RTM_managed[2]#localserver\orangebox_tl[2540].gif
[2011/03/09 20:24:37 | 000,000,073 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\http_80\RTM_managed[2]#localserver\orangebox_tr[2672].gif
[2011/03/11 18:58:51 | 000,001,629 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\http_80\RTM_managed[2]#localserver\right_blue[2692].png
[2011/03/05 18:20:39 | 000,001,548 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\http_80\RTM_managed[2]#localserver\right_grey[2604].png
[2011/03/06 16:15:33 | 000,001,579 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\http_80\RTM_managed[2]#localserver\right_white[2635].png
[2011/03/05 09:26:33 | 000,015,915 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\http_80\RTM_managed[2]#localserver\rtm.1[2436].css
[2011/05/16 22:02:35 | 000,716,338 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\http_80\RTM_managed[2]#localserver\rtm.3.37[3123].js
[2011/02/14 09:48:12 | 000,005,539 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\http_80\RTM_managed[2]#localserver\sha1[2383].js
[2011/03/05 09:26:53 | 000,000,651 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\http_80\RTM_managed[2]#localserver\spr_box[2546].png
[2011/03/13 21:10:21 | 000,000,491 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\http_80\RTM_managed[2]#localserver\spr_box[2706].gif
[2011/03/05 09:26:53 | 000,000,537 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\http_80\RTM_managed[2]#localserver\spr_box_hl[2547].gif
[2011/03/05 18:20:39 | 000,000,648 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\http_80\RTM_managed[2]#localserver\spr_box_hl[2605].png
[2011/03/05 18:20:40 | 000,000,205 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\http_80\RTM_managed[2]#localserver\spr_rows[2606].gif
[2011/03/11 18:58:51 | 000,000,186 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\http_80\RTM_managed[2]#localserver\spr_rows[2693].png
[2011/03/05 09:26:54 | 000,000,194 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\http_80\RTM_managed[2]#localserver\spr_rows_hl[2551].gif
[2011/03/05 09:26:55 | 000,000,185 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\http_80\RTM_managed[2]#localserver\spr_rows_hl[2552].png
[2011/03/11 18:58:52 | 000,000,053 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\http_80\RTM_managed[2]#localserver\whitebox_back[2694].gif
[2011/03/07 17:03:09 | 000,000,076 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\http_80\RTM_managed[2]#localserver\whitebox_bl[2653].gif
[2011/03/05 18:20:40 | 000,000,076 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\http_80\RTM_managed[2]#localserver\whitebox_br[2609].gif
[2011/03/06 16:15:33 | 000,000,055 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\http_80\RTM_managed[2]#localserver\whitebox_b[2636].gif
[2011/03/06 16:15:34 | 000,000,057 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\http_80\RTM_managed[2]#localserver\whitebox_l[2637].gif
[2011/03/05 09:26:55 | 000,000,056 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\http_80\RTM_managed[2]#localserver\whitebox_r[2558].gif
[2011/03/09 20:24:39 | 000,000,079 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\http_80\RTM_managed[2]#localserver\whitebox_tl[2673].gif
[2011/03/05 18:20:41 | 000,000,076 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\http_80\RTM_managed[2]#localserver\whitebox_tr[2611].gif
[2011/03/11 18:58:52 | 000,000,055 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\http_80\RTM_managed[2]#localserver\whitebox_t[2695].gif
[2010/12/09 09:34:34 | 000,001,480 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\http_80\RTM_offline_managed[1]#localserver\gears_init[9].js
[2010/12/09 09:34:34 | 000,000,345 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\http_80\RTM_offline_managed[1]#localserver\offline[11].js
[2010/12/09 09:34:34 | 000,000,592 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\http_80\RTM_offline_managed[1]#localserver\offline[7]
[2011/06/08 09:27:25 | 000,934,912 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\https_443\rtm_mjcritchfield#database
[2011/02/09 21:23:52 | 000,015,662 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\https_443\icons#desktop\Remember The Milk.ico
[2011/02/09 21:23:52 | 000,000,731 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\https_443\icons#desktop\Remember The Milk_cp.png
[2011/06/08 08:50:59 | 000,036,417 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\https_443\RTM_managed[4]#localserver\app.14[3207].css
[2011/04/03 12:51:35 | 000,001,204 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\https_443\RTM_managed[4]#localserver\app.2.gears[2796].css
[2011/05/10 12:30:07 | 000,002,552 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\https_443\RTM_managed[4]#localserver\app_ie.6[3060].css
[2011/04/03 12:51:37 | 000,000,073 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\https_443\RTM_managed[4]#localserver\bg[2800].gif
[2011/05/10 12:30:10 | 000,000,044 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\https_443\RTM_managed[4]#localserver\bg_dot2[3062].gif
[2011/04/03 12:51:37 | 000,000,053 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\https_443\RTM_managed[4]#localserver\bluebox_back[2802].gif
[2011/04/03 12:51:37 | 000,000,073 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\https_443\RTM_managed[4]#localserver\bluebox_bl[2803].gif
[2011/04/03 12:51:37 | 000,000,073 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\https_443\RTM_managed[4]#localserver\bluebox_br[2804].gif
[2011/04/03 12:51:37 | 000,000,073 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\https_443\RTM_managed[4]#localserver\bluebox_tl[2805].gif
[2011/06/08 08:51:01 | 000,000,073 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\https_443\RTM_managed[4]#localserver\bluebox_tr[3209].gif
[2011/04/03 12:51:38 | 000,000,133 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\https_443\RTM_managed[4]#localserver\btn_cancel_org[2807].gif
[2011/04/03 12:51:38 | 000,000,140 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\https_443\RTM_managed[4]#localserver\btn_publish_blu[2808].gif
[2011/04/03 12:51:38 | 000,000,140 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\https_443\RTM_managed[4]#localserver\btn_publish_gry[2809].gif
[2011/05/10 12:30:10 | 000,000,117 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\https_443\RTM_managed[4]#localserver\btn_send_blu[3063].gif
[2011/04/03 12:51:38 | 000,000,117 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\https_443\RTM_managed[4]#localserver\btn_send_gry[2811].gif
[2011/05/10 12:30:10 | 000,000,125 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\https_443\RTM_managed[4]#localserver\btn_share_blu[3064].gif
[2011/05/10 12:30:11 | 000,000,125 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\https_443\RTM_managed[4]#localserver\btn_share_gry[3065].gif
[2011/06/08 08:51:02 | 000,000,323 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\https_443\RTM_managed[4]#localserver\btn_sort_lft[3210].png
[2011/04/03 12:51:38 | 000,000,175 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\https_443\RTM_managed[4]#localserver\btn_sort_mid[2815].png
[2011/04/03 12:51:39 | 000,000,333 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\https_443\RTM_managed[4]#localserver\btn_sort_rgt[2816].png
[2011/04/03 12:51:39 | 000,000,897 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\https_443\RTM_managed[4]#localserver\busy[2817].gif
[2011/04/03 12:51:39 | 000,000,091 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\https_443\RTM_managed[4]#localserver\busy_inactive[2818].gif
[2011/04/03 12:51:46 | 000,000,056 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\https_443\RTM_managed[4]#localserver\ch[2874].gif
[2011/06/08 08:51:02 | 000,000,122 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\https_443\RTM_managed[4]#localserver\done_blue[3211].gif
[2011/04/03 12:51:39 | 000,000,120 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\https_443\RTM_managed[4]#localserver\done_grey[2820].gif
[2011/01/31 16:09:15 | 000,059,411 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\https_443\RTM_managed[4]#localserver\en-US.interface.76[2251].js
[2011/01/29 10:00:14 | 000,003,370 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\https_443\RTM_managed[4]#localserver\gears_init[2098].js
[2011/04/03 12:51:39 | 000,000,159 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\https_443\RTM_managed[4]#localserver\ico_add[2821].gif
[2011/06/08 08:51:03 | 000,000,204 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\https_443\RTM_managed[4]#localserver\ico_add_sm[3212].gif
[2011/04/03 12:51:39 | 000,000,061 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\https_443\RTM_managed[4]#localserver\ico_arr[2823].gif
[2011/05/10 12:30:11 | 000,000,051 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\https_443\RTM_managed[4]#localserver\ico_arr_sort[3066].gif
[2011/05/31 12:59:19 | 000,000,347 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\https_443\RTM_managed[4]#localserver\ico_atom[3159].gif
[2011/04/03 12:51:40 | 000,000,101 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\https_443\RTM_managed[4]#localserver\ico_calendar[2826].gif
[2011/05/10 12:30:12 | 000,000,220 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\https_443\RTM_managed[4]#localserver\ico_check_blu[3067].gif
[2011/04/03 12:51:40 | 000,000,160 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\https_443\RTM_managed[4]#localserver\ico_check_gry[2828].gif
[2011/04/03 12:51:40 | 000,000,155 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\https_443\RTM_managed[4]#localserver\ico_clock[2829].gif
[2011/05/10 12:30:12 | 000,000,145 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\https_443\RTM_managed[4]#localserver\ico_close_blu_blu[3068].gif
[2011/06/08 08:51:03 | 000,000,111 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\https_443\RTM_managed[4]#localserver\ico_close_gry_whi[3213].gif
[2011/04/03 12:51:40 | 000,000,204 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\https_443\RTM_managed[4]#localserver\ico_close_org_blu[2832].gif
[2011/05/10 12:30:12 | 000,000,150 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\https_443\RTM_managed[4]#localserver\ico_close_org_whi[3069].gif
[2011/04/03 12:51:40 | 000,000,118 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\https_443\RTM_managed[4]#localserver\ico_cross_gry[2834].gif
[2011/04/03 12:51:40 | 000,000,223 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\https_443\RTM_managed[4]#localserver\ico_cross_org[2835].gif
[2011/05/10 12:30:12 | 000,000,159 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\https_443\RTM_managed[4]#localserver\ico_edit[3070].gif
[2011/06/08 08:51:04 | 000,000,106 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\https_443\RTM_managed[4]#localserver\ico_email[3214].gif
[2011/04/03 12:51:41 | 000,000,152 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\https_443\RTM_managed[4]#localserver\ico_exclaim_blu[2838].gif
[2011/05/10 12:30:13 | 000,000,131 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\https_443\RTM_managed[4]#localserver\ico_export[3071].gif
[2011/04/03 12:51:41 | 000,000,377 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\https_443\RTM_managed[4]#localserver\ico_feedback[2841].gif
[2011/06/08 08:51:04 | 000,000,338 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\https_443\RTM_managed[4]#localserver\ico_feed_blu[3215].gif
[2011/05/10 12:30:13 | 000,000,174 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\https_443\RTM_managed[4]#localserver\ico_globe[3072].gif
[2011/04/03 12:51:41 | 000,000,162 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\https_443\RTM_managed[4]#localserver\ico_help_blu[2843].gif
[2011/04/03 12:51:41 | 000,000,120 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\https_443\RTM_managed[4]#localserver\ico_help_gry[2844].gif
[2011/05/10 12:30:13 | 000,000,151 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\https_443\RTM_managed[4]#localserver\ico_info_blu[3073].gif
[2011/06/08 08:51:05 | 000,000,152 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\https_443\RTM_managed[4]#localserver\ico_info_org_org[3216].gif
[2011/04/03 12:51:42 | 000,000,120 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\https_443\RTM_managed[4]#localserver\ico_key[2847].gif
[2011/05/10 12:30:13 | 000,000,132 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\https_443\RTM_managed[4]#localserver\ico_link[3074].gif
[2011/04/03 12:51:42 | 000,000,132 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\https_443\RTM_managed[4]#localserver\ico_link_gry[2849].gif
[2011/04/03 12:51:42 | 000,000,194 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\https_443\RTM_managed[4]#localserver\ico_lock[2850].gif
[2011/05/10 12:30:14 | 000,000,236 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\https_443\RTM_managed[4]#localserver\ico_note[3075].png
[2011/04/03 12:51:43 | 000,000,111 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\https_443\RTM_managed[4]#localserver\ico_phone[2852].gif
[2011/04/03 12:51:43 | 000,000,094 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\https_443\RTM_managed[4]#localserver\ico_print[2853].gif
[2011/04/03 12:51:43 | 000,000,254 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\https_443\RTM_managed[4]#localserver\ico_pro[2854].gif
[2011/05/31 12:59:25 | 000,000,231 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\https_443\RTM_managed[4]#localserver\ico_pro_sm[3160].gif
[2011/04/03 12:51:43 | 000,000,141 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\https_443\RTM_managed[4]#localserver\ico_recur[2856].gif
[2011/04/03 12:51:43 | 000,000,131 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\https_443\RTM_managed[4]#localserver\ico_repeat[2857].gif
[2011/05/10 12:30:14 | 000,000,188 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\https_443\RTM_managed[4]#localserver\ico_search_blu[3076].gif
[2011/06/08 08:51:06 | 000,000,144 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\https_443\RTM_managed[4]#localserver\ico_search_gry[3217].gif
[2011/04/03 12:51:44 | 000,000,178 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\https_443\RTM_managed[4]#localserver\ico_search_sm[2860].gif
[2011/05/31 12:59:26 | 000,000,117 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\https_443\RTM_managed[4]#localserver\ico_sort_chk_blu[3161].gif
[2011/05/10 12:30:15 | 000,000,117 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\https_443\RTM_managed[4]#localserver\ico_sort_chk_gry[3078].gif
[2011/04/03 12:51:44 | 000,000,309 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\https_443\RTM_managed[4]#localserver\ico_sync[2863].gif
[2011/05/31 12:59:26 | 000,000,089 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\https_443\RTM_managed[4]#localserver\ico_tag[3162].gif
[2011/05/10 12:30:15 | 000,000,131 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\https_443\RTM_managed[4]#localserver\ico_trash[3079].gif
[2011/04/03 12:51:45 | 000,000,162 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\https_443\RTM_managed[4]#localserver\ico_username[2866].gif
[2011/04/03 12:51:45 | 000,000,094 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\https_443\RTM_managed[4]#localserver\ico_weeklyplanner[2867].gif
[2011/06/08 08:51:07 | 000,000,318 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\https_443\RTM_managed[4]#localserver\iw_bl[3218].png
[2011/06/08 08:51:08 | 000,000,233 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\https_443\RTM_managed[4]#localserver\iw_br[3219].png
[2011/05/31 12:59:27 | 000,000,132 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\https_443\RTM_managed[4]#localserver\iw_l[3164].png
[2011/05/31 12:59:27 | 000,000,269 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\https_443\RTM_managed[4]#localserver\iw_r2[3165].png
[2011/04/03 12:51:47 | 000,000,139 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\https_443\RTM_managed[4]#localserver\iw_r[2878].png
[2011/04/03 12:51:47 | 000,000,224 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\https_443\RTM_managed[4]#localserver\iw_tl[2880].png
[2011/04/03 12:51:47 | 000,000,240 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\https_443\RTM_managed[4]#localserver\iw_tr[2881].png
[2011/05/10 12:30:15 | 000,000,564 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\https_443\RTM_managed[4]#localserver\left_blue[3082].png
[2011/04/03 12:51:46 | 000,000,519 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\https_443\RTM_managed[4]#localserver\left_grey[2872].png
[2011/04/03 12:51:46 | 000,000,538 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\https_443\RTM_managed[4]#localserver\left_white[2873].png
[2011/04/03 12:51:48 | 000,004,778 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\https_443\RTM_managed[4]#localserver\logo2[2888].png
[2011/05/31 12:59:28 | 000,004,988 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\https_443\RTM_managed[4]#localserver\logo_tester[3167].png
[2011/06/08 08:51:01 | 000,619,258 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\https_443\RTM_managed[4]#localserver\mjcritchfield[3208]
[2011/04/03 12:51:47 | 000,000,373 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\https_443\RTM_managed[4]#localserver\mkr_dblu[2882].png
[2011/04/03 12:51:48 | 000,000,368 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\https_443\RTM_managed[4]#localserver\mkr_grn[2883].png
[2011/05/10 12:30:17 | 000,000,321 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\https_443\RTM_managed[4]#localserver\mkr_gry[3084].png
[2011/04/03 12:51:48 | 000,000,378 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\https_443\RTM_managed[4]#localserver\mkr_lblu[2885].png
[2011/05/31 12:59:28 | 000,000,381 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\https_443\RTM_managed[4]#localserver\mkr_org[3166].png
[2011/05/10 12:30:17 | 000,000,289 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\https_443\RTM_managed[4]#localserver\mkr_shadow[3086].png
[2011/04/03 12:51:48 | 000,000,047 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\https_443\RTM_managed[4]#localserver\news_back[2891].gif
[2011/05/31 12:59:28 | 000,000,078 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\https_443\RTM_managed[4]#localserver\news_bl[3168].gif
[2011/05/10 12:30:17 | 000,000,078 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\https_443\RTM_managed[4]#localserver\news_br[3090].gif
[2011/05/10 12:30:17 | 000,000,055 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\https_443\RTM_managed[4]#localserver\news_b[3088].gif
[2011/04/03 12:51:49 | 000,000,057 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\https_443\RTM_managed[4]#localserver\news_l[2894].gif
[2011/05/31 12:59:29 | 000,000,056 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\https_443\RTM_managed[4]#localserver\news_r[3169].gif
[2011/04/03 12:51:49 | 000,000,078 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\https_443\RTM_managed[4]#localserver\news_tl[2897].gif
[2011/05/31 12:59:29 | 000,000,077 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\https_443\RTM_managed[4]#localserver\news_tr[3170].gif
[2011/05/10 12:30:18 | 000,000,055 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\https_443\RTM_managed[4]#localserver\news_t[3092].gif
[2011/05/31 12:59:27 | 000,000,137 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\https_443\RTM_managed[4]#localserver\off-connected-synced[3163].gif
[2011/05/10 12:30:15 | 000,000,761 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\https_443\RTM_managed[4]#localserver\off-connected-syncing[3080].gif
[2011/05/10 12:30:15 | 000,000,093 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\https_443\RTM_managed[4]#localserver\off-disconnected[3081].gif
[2011/05/10 12:30:18 | 000,000,053 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\https_443\RTM_managed[4]#localserver\orangebox_back[3094].gif
[2011/04/03 12:51:49 | 000,000,073 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\https_443\RTM_managed[4]#localserver\orangebox_bl[2900].gif
[2011/05/31 12:59:29 | 000,000,072 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\https_443\RTM_managed[4]#localserver\orangebox_br[3171].gif
[2011/05/10 12:30:18 | 000,000,073 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\https_443\RTM_managed[4]#localserver\orangebox_tl[3096].gif
[2011/04/03 12:51:50 | 000,000,073 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\https_443\RTM_managed[4]#localserver\orangebox_tr[2903].gif
[2011/05/31 12:59:29 | 000,001,629 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\https_443\RTM_managed[4]#localserver\right_blue[3172].png
[2011/05/10 12:30:18 | 000,001,548 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\https_443\RTM_managed[4]#localserver\right_grey[3098].png
[2011/04/03 12:51:50 | 000,001,579 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\https_443\RTM_managed[4]#localserver\right_white[2906].png
[2011/04/03 12:51:35 | 000,015,915 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\https_443\RTM_managed[4]#localserver\rtm.1[2798].css
[2011/05/31 12:59:33 | 000,716,338 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\https_443\RTM_managed[4]#localserver\rtm.3.37[3177].js
[2011/02/03 09:22:17 | 000,005,539 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\https_443\RTM_managed[4]#localserver\sha1[2317].js
[2011/05/10 12:30:19 | 000,000,651 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\https_443\RTM_managed[4]#localserver\spr_box[3100].png
[2011/05/31 12:59:30 | 000,000,491 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\https_443\RTM_managed[4]#localserver\spr_box[3173].gif
[2011/04/03 12:51:51 | 000,000,537 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\https_443\RTM_managed[4]#localserver\spr_box_hl[2909].gif
[2011/05/10 12:30:19 | 000,000,648 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\https_443\RTM_managed[4]#localserver\spr_box_hl[3101].png
[2011/04/03 12:51:51 | 000,000,186 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\https_443\RTM_managed[4]#localserver\spr_rows[2912].png
[2011/05/10 12:30:19 | 000,000,205 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\https_443\RTM_managed[4]#localserver\spr_rows[3102].gif
[2011/05/10 12:30:19 | 000,000,185 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\https_443\RTM_managed[4]#localserver\spr_rows_hl[3104].png
[2011/06/08 08:51:10 | 000,000,194 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\https_443\RTM_managed[4]#localserver\spr_rows_hl[3220].gif
[2011/05/31 12:59:30 | 000,000,053 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\https_443\RTM_managed[4]#localserver\whitebox_back[3174].gif
[2011/05/10 12:30:19 | 000,000,076 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\https_443\RTM_managed[4]#localserver\whitebox_bl[3106].gif
[2011/04/03 12:51:52 | 000,000,076 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\https_443\RTM_managed[4]#localserver\whitebox_br[2918].gif
[2011/04/03 12:51:52 | 000,000,055 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\https_443\RTM_managed[4]#localserver\whitebox_b[2915].gif
[2011/05/31 12:59:30 | 000,000,057 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\https_443\RTM_managed[4]#localserver\whitebox_l[3175].gif
[2011/05/10 12:30:20 | 000,000,056 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\https_443\RTM_managed[4]#localserver\whitebox_r[3108].gif
[2011/05/31 12:59:31 | 000,000,079 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\https_443\RTM_managed[4]#localserver\whitebox_tl[3176].gif
[2011/05/10 12:30:20 | 000,000,076 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\https_443\RTM_managed[4]#localserver\whitebox_tr[3110].gif
[2011/04/03 12:51:52 | 000,000,055 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\https_443\RTM_managed[4]#localserver\whitebox_t[2921].gif
[2010/12/10 13:00:22 | 000,001,480 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\https_443\RTM_offline_managed[3]#localserver\gears_init[148].js
[2010/12/10 13:00:22 | 000,000,592 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\https_443\RTM_offline_managed[3]#localserver\offline[147]
[2010/12/10 13:00:22 | 000,000,345 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.rememberthemilk.com\https_443\RTM_offline_managed[3]#localserver\offline[151].js
[2012/02/24 10:20:04 | 002,596,864 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Sync Data\SyncData.sqlite3
[2012/02/24 10:20:04 | 000,062,072 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Sync Data\SyncData.sqlite3-journal
[2010/12/07 22:11:02 | 000,000,000 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\User StyleSheets\Custom.css
[2011/10/25 10:19:50 | 000,001,373 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\PepperFlash\11.0.31.200\manifest.json
[2011/10/25 10:19:50 | 009,644,032 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\PepperFlash\11.0.31.200\pepflashplayer.dll
[2011/12/05 16:09:54 | 000,001,443 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\PepperFlash\11.1.31.203\manifest.json
[2011/12/05 16:09:54 | 007,761,920 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll
[2011/11/01 10:15:31 | 000,065,594 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2185\DECODED_IMAGES
[2011/11/01 10:15:32 | 000,000,024 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2185\DECODED_MESSAGE_CATALOGS
[2011/10/26 22:11:13 | 000,006,401 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2185\youtube.crx
[2011/11/01 10:15:32 | 000,006,442 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2185\CRX_INSTALL\128.png
[2011/11/01 10:15:32 | 000,000,697 | ---- | M] () -- C:\Users\Max\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2185\CRX_INSTALL\manifest.json

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2012-02-15 17:47:25

< End of report >

======

4. Sorry about that - my post was too long, so I needed to split it in half. I' m not having any more outstanding issues - the computer's running great! Thank you so much for your help thus far.

max

#14 SweetTech

SweetTech

    Agent ST


  • Members
  • 13,421 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Antarctica
  • Local time:07:32 PM

Posted 25 February 2012 - 09:25 AM

Hi Max!

is everything OK there?

Yes, everything looks to be okay with that file now.

4. Sorry about that - my post was too long, so I needed to split it in half. I' m not having any more outstanding issues - the computer's running great! Thank you so much for your help thus far.

Not a problem! I'm glad to be of assistance! :)


You don't recognize these folders do you?

[2012/02/08 14:05:07 | 000,000,000 | ---D | C] -- C:\Windows\Temp86B8B378-2C7C-2EB3-C3BF-4ED0DFDB3F70-Signatures
[2012/02/08 13:56:10 | 000,000,000 | ---D | C] -- C:\Windows\Temp24020236-19EF-635D-F1C8-588110AE5B33-Signatures



OTL Fix

We need to run an OTL Fix

Note: If you have MalwareBytes Anti-Malware 1.6 or higher installed and are using the Pro version or trial version, please temporarily disable it for the duration of this fix as it may interfere with the successfully execution of the script below.

  • Please reopen Posted Image on your desktop.
  • Copy and Paste the following code into the Posted Image textbox.
    :Services
    :OTL
    O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
    SRV - File not found [Auto | Stopped] -- -- (NecUsb3)
    :Reg
    
    :Files
    dir /s /a "C:\Windows\Temp86B8B378-2C7C-2EB3-C3BF-4ED0DFDB3F70-Signatures" /c
    dir /s /a "C:\Windows\Temp24020236-19EF-635D-F1C8-588110AE5B33-Signatures" /c
    :Commands
    [CreateRestorePoint]
    [emptytemp]
    [EMPTYFLASH]
    [EMPTYJAVA]
    
  • Push Posted Image
  • OTL may ask to reboot the machine. Please do so if asked.
  • Click the OK button.
  • A report will open. Copy and Paste that report in your next reply.
  • If the machine reboots, the log will be located at C:\_OTL\MovedFiles\mmddyyyy_hhmmss.log, where mmddyyyy_hhmmss is the date of the tool run.

Have I helped you? If you'd like to assist in the fight against malware, click here Posted Image


The instructions seen in this post have been specifically tailored to this user and the issues they are experiencing with their computer. If you think you have a similar problem, please first read this topic, and then begin your own, new thread. I do not offer private support via Private Message.


#15 mjcritchfield

mjcritchfield
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:03:32 PM

Posted 25 February 2012 - 10:18 PM

Hey Agent ST,

Thanks so much! Here's the OTL log:

======

All processes killed
========== SERVICES/DRIVERS ==========
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ not found.
Service NecUsb3 stopped successfully!
Service NecUsb3 deleted successfully!
========== REGISTRY ==========
========== FILES ==========
< dir /s /a "C:\Windows\Temp86B8B378-2C7C-2EB3-C3BF-4ED0DFDB3F70-Signatures" /c >
Volume in drive C has no label.
Volume Serial Number is F008-0D3F
Directory of C:\Windows\Temp86B8B378-2C7C-2EB3-C3BF-4ED0DFDB3F70-Signatures
02/08/2012 02:05 PM <DIR> .
02/08/2012 02:05 PM <DIR> ..
02/08/2012 12:09 PM 13,457,088 mpasbase.vdm
02/08/2012 01:59 PM 1,098,944 mpasdlta.vdm
02/08/2012 12:09 PM 42,478,784 mpavbase.vdm
02/08/2012 01:59 PM 3,937,472 mpavdlta.vdm
01/05/2012 08:19 PM 6,557,240 mpengine.dll
5 File(s) 67,529,528 bytes
Total Files Listed:
5 File(s) 67,529,528 bytes
2 Dir(s) 116,070,625,280 bytes free
C:\Users\Max\Downloads\cmd.bat deleted successfully.
C:\Users\Max\Downloads\cmd.txt deleted successfully.
< dir /s /a "C:\Windows\Temp24020236-19EF-635D-F1C8-588110AE5B33-Signatures" /c >
Volume in drive C has no label.
Volume Serial Number is F008-0D3F
Directory of C:\Windows\Temp24020236-19EF-635D-F1C8-588110AE5B33-Signatures
02/08/2012 01:56 PM <DIR> .
02/08/2012 01:56 PM <DIR> ..
02/08/2012 12:09 PM 13,457,088 mpasbase.vdm
02/08/2012 01:52 PM 1,098,944 mpasdlta.vdm
02/08/2012 12:09 PM 42,478,784 mpavbase.vdm
02/08/2012 01:52 PM 3,937,472 mpavdlta.vdm
01/05/2012 08:19 PM 6,557,240 mpengine.dll
5 File(s) 67,529,528 bytes
Total Files Listed:
5 File(s) 67,529,528 bytes
2 Dir(s) 116,070,625,280 bytes free
C:\Users\Max\Downloads\cmd.bat deleted successfully.
C:\Users\Max\Downloads\cmd.txt deleted successfully.
========== COMMANDS ==========


[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Max
->Temp folder emptied: 15500012 bytes
->Temporary Internet Files folder emptied: 381759 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Google Chrome cache emptied: 243961936 bytes
->Flash cache emptied: 58366 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 112650 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 248.00 mb


[EMPTYFLASH]

User: Administrator

User: All Users

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Max
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0.00 mb


[EMPTYJAVA]

User: Administrator

User: All Users

User: Default

User: Default User

User: Max
->Java cache emptied: 0 bytes

User: Public

Total Java Files Cleaned = 0.00 mb


OTL by OldTimer - Version 3.2.33.1 log created on 02252012_191456

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users