ODL texts.
OTL logfile created on: 3/2/2014 3:43:58 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\steve\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16518)
Locale: 00000409 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
2.87 Gb Total Physical Memory | 1.42 Gb Available Physical Memory | 49.46% Memory free
5.74 Gb Paging File | 3.92 Gb Available in Paging File | 68.33% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 148.81 Gb Total Space | 71.50 Gb Free Space | 48.04% Space Free | Partition Type: NTFS
Drive D: | 148.88 Gb Total Space | 141.97 Gb Free Space | 95.35% Space Free | Partition Type: NTFS
Unable to calculate disk information.
Drive F: | 465.76 Gb Total Space | 282.89 Gb Free Space | 60.74% Space Free | Partition Type: NTFS
Computer Name: STEVE-TOSH | User Name: steve | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\steve\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\FindRight\FindRight.FirstRun.exe ()
PRC - C:\Program Files (x86)\FindRight\updateFindRight.exe ()
PRC - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_70.exe (Adobe Systems, Inc.)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google)
PRC - C:\Users\steve\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\OFFICEVIRT.EXE ()
========== Modules (No Company Name) ==========
MOD - C:\Users\steve\AppData\Local\Temp\_MEI28842\_ssl.pyd ()
MOD - C:\Users\steve\AppData\Local\Temp\_MEI28842\wx._controls_.pyd ()
MOD - C:\Users\steve\AppData\Local\Temp\_MEI28842\wx._windows_.pyd ()
MOD - C:\Users\steve\AppData\Local\Temp\_MEI28842\wx._gdi_.pyd ()
MOD - C:\Users\steve\AppData\Local\Temp\_MEI28842\_hashlib.pyd ()
MOD - C:\Users\steve\AppData\Local\Temp\_MEI28842\unicodedata.pyd ()
MOD - C:\Users\steve\AppData\Local\Temp\_MEI28842\windows._lib_cacheinvalidation.pyd ()
MOD - C:\Users\steve\AppData\Local\Temp\_MEI28842\_elementtree.pyd ()
MOD - C:\Users\steve\AppData\Local\Temp\_MEI28842\pyexpat.pyd ()
MOD - C:\Users\steve\AppData\Local\Temp\_MEI28842\win32file.pyd ()
MOD - C:\Users\steve\AppData\Local\Temp\_MEI28842\PyWinTypes27.dll ()
MOD - C:\Users\steve\AppData\Local\Temp\_MEI28842\win32security.pyd ()
MOD - C:\Users\steve\AppData\Local\Temp\_MEI28842\win32api.pyd ()
MOD - C:\Users\steve\AppData\Local\Temp\_MEI28842\_ctypes.pyd ()
MOD - C:\Users\steve\AppData\Local\Temp\_MEI28842\wx._html2.pyd ()
MOD - C:\Users\steve\AppData\Local\Temp\_MEI28842\_socket.pyd ()
MOD - C:\Users\steve\AppData\Local\Temp\_MEI28842\win32inet.pyd ()
MOD - C:\Users\steve\AppData\Local\Temp\_MEI28842\win32process.pyd ()
MOD - C:\Users\steve\AppData\Local\Temp\_MEI28842\_multiprocessing.pyd ()
MOD - C:\Users\steve\AppData\Local\Temp\_MEI28842\win32pdh.pyd ()
MOD - C:\Users\steve\AppData\Local\Temp\_MEI28842\win32pipe.pyd ()
MOD - C:\Users\steve\AppData\Local\Temp\_MEI28842\win32event.pyd ()
MOD - C:\Users\steve\AppData\Local\Temp\_MEI28842\win32profile.pyd ()
MOD - C:\Users\steve\AppData\Local\Temp\_MEI28842\select.pyd ()
MOD - C:\Users\steve\AppData\Local\Temp\_MEI28842\wx._core_.pyd ()
MOD - C:\Users\steve\AppData\Local\Temp\_MEI28842\wx._misc_.pyd ()
MOD - C:\Users\steve\AppData\Local\Temp\_MEI28842\pysqlite2._sqlite.pyd ()
MOD - C:\Users\steve\AppData\Local\Temp\_MEI28842\pythoncom27.dll ()
MOD - C:\Users\steve\AppData\Local\Temp\_MEI28842\win32com.shell.shell.pyd ()
MOD - C:\Users\steve\AppData\Local\Temp\_MEI28842\wx._wizard.pyd ()
MOD - C:\Users\steve\AppData\Local\Temp\_MEI28842\win32ts.pyd ()
MOD - C:\Users\steve\AppData\Local\Temp\_MEI28842\win32crypt.pyd ()
MOD - C:\Program Files (x86)\FindRight\FindRight.FirstRun.exe ()
MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll ()
MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\4412bbbb473c356b5ea3e1ea13b25f52\System.Management.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\8bc548587e91ecf0552a40e47bbf99cc\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5c24d3b0041ebf4f48a93615b9fa3de9\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\217ece46920546d718414291d463bb1c\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\5b6ddf934128d538cd5cd77bf4209b93\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\b3a78269847005365001c33870cd121f\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\ede2c6c842840e009f01bcc74fa4c457\mscorlib.ni.dll ()
MOD - C:\Users\steve\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll ()
MOD - C:\Users\steve\AppData\Roaming\Dropbox\bin\libcef.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\OFFICEVIRT.EXE ()
========== Services (SafeList) ==========
SRV:64bit: - (IEEtwCollectorService) -- C:\Windows\SysNative\IEEtwCollector.exe (Microsoft Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (TOSHIBA HDD SSD Alert Service) -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe (TOSHIBA Corporation)
SRV - (Update FindRight) -- C:\Program Files (x86)\FindRight\updateFindRight.exe ()
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (sftvsa) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
SRV - (sftlist) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV:64bit: - (usbser) -- C:\Windows\SysNative\drivers\usbser.sys (Microsoft Corporation)
DRV:64bit: - (Sftvol) -- C:\Windows\SysNative\drivers\Sftvollh.sys (Microsoft Corporation)
DRV:64bit: - (Sftredir) -- C:\Windows\SysNative\drivers\Sftredirlh.sys (Microsoft Corporation)
DRV:64bit: - (Sftplay) -- C:\Windows\SysNative\drivers\Sftplaylh.sys (Microsoft Corporation)
DRV:64bit: - (Sftfs) -- C:\Windows\SysNative\drivers\Sftfslh.sys (Microsoft Corporation)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (L1C) -- C:\Windows\SysNative\drivers\L1C62x64.sys (Atheros Communications, Inc.)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (RSUSBSTOR) -- C:\Windows\SysNative\drivers\RtsUStor.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (CnxtHdAudService) -- C:\Windows\SysNative\drivers\CHDRT64.sys (Conexant Systems Inc.)
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (TVALZ) -- C:\Windows\SysNative\drivers\TVALZ_O.SYS (TOSHIBA Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (FwLnk) -- C:\Windows\SysNative\drivers\FwLnk.sys (TOSHIBA Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (WDC_SAM) -- C:\Windows\SysNative\drivers\wdcsam64.sys (Western Digital Technologies)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.mysearc...=1085628055&ir=
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://start.mysearc...=1085628055&ir=
IE:64bit: - HKLM\..\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}: "URL" = http://start.mysearc...=1085628055&ir=
IE:64bit: - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-re...q={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{C0D9125E-BCDF-42F0-869F-111CFC952579}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.mysearc...=1085628055&ir=
IE - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE - HKLM\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://feed.snap.do/...q={searchTerms}
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-re...q={searchTerms}
IE - HKLM\..\SearchScopes\{A0245DA5-0C8E-444A-8D62-548C05CD5ED9}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://feed.snap.do/...q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://mozilla%20firefox/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://feed.snap.do/...q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://feed.snap.do/...q={searchTerms}
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "Mysearchdial"
FF - prefs.js..browser.search.order.1: "Mysearchdial"
FF - prefs.js..browser.search.selectedEngine: "Mysearchdial"
FF - prefs.js..browser.startup.homepage: "http://start.mysearc...1085628055&ir="
FF - prefs.js..extensions.enabledAddons: 008abed2-b43a-46c9-9a5b-a771c87b82da%401ad61d53-2bdc-4484-a26b-b888ecae1906.com:0.93.32
FF - prefs.js..extensions.enabledAddons: ffxtlbr%40mysearchdial.com:1.6.0
FF - prefs.js..extensions.enabledAddons: %7Bad9a41d2-9a49-4fa6-a79e-71a0785364c8%7D:9.5.3
FF - prefs.js..extensions.enabledAddons: %7B42e50651-9669-456e-9081-d5a836274274%7D:1.0.1
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:27.0.1
FF - prefs.js..keyword.URL: ""
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_70.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1207148.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\npFFApi.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 27.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 27.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 27.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 27.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
[2012/11/11 12:17:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\steve\AppData\Roaming\Mozilla\Extensions
[2014/03/02 15:00:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\steve\AppData\Roaming\Mozilla\Firefox\Profiles\xa5ui7qh.default-1388601918661\extensions
[2014/03/02 15:00:37 | 000,000,000 | ---D | M] ("MySearchDial NewTab") -- C:\Users\steve\AppData\Roaming\Mozilla\Firefox\Profiles\xa5ui7qh.default-1388601918661\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}
[2014/02/09 08:30:02 | 000,000,000 | ---D | M] ("weDownload Manager Pro") -- C:\Users\steve\AppData\Roaming\Mozilla\Firefox\Profiles\xa5ui7qh.default-1388601918661\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com
[2014/03/02 15:00:38 | 000,000,000 | ---D | M] (mysearchdial.com) -- C:\Users\steve\AppData\Roaming\Mozilla\Firefox\Profiles\xa5ui7qh.default-1388601918661\extensions\ffxtlbr@mysearchdial.com
[2014/02/26 22:35:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\steve\AppData\Roaming\Mozilla\Firefox\Profiles\xa5ui7qh.default-1388601918661\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData
[2014/02/26 22:35:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\steve\AppData\Roaming\Mozilla\Firefox\Profiles\xa5ui7qh.default-1388601918661\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins
[2014/02/26 22:35:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\steve\AppData\Roaming\Mozilla\Firefox\Profiles\xa5ui7qh.default-1388601918661\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\userCode
[2014/02/08 23:49:24 | 000,207,637 | ---- | M] () (No name found) -- C:\Users\steve\AppData\Roaming\Mozilla\Firefox\Profiles\xa5ui7qh.default-1388601918661\extensions\firefox@org.audiotube.xpi
[2014/02/26 05:19:14 | 000,008,049 | ---- | M] () (No name found) -- C:\Users\steve\AppData\Roaming\Mozilla\Firefox\Profiles\xa5ui7qh.default-1388601918661\extensions\{42e50651-9669-456e-9081-d5a836274274}.xpi
[2014/03/02 15:00:41 | 000,002,401 | ---- | M] () -- C:\Users\steve\AppData\Roaming\Mozilla\Firefox\Profiles\xa5ui7qh.default-1388601918661\searchplugins\Mysearchdial.xml
[2014/02/14 16:38:47 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014/02/14 16:38:55 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
========== Chrome ==========
CHR - homepage: {_signature:TeaYB5se+TN/l59kOB2JGz4Lq02YLbnzREEw9XAQ3+E=,_version:4,extensions:{ids:[ahfgeienlihckogmohjhadlkjgocpleb,blpcfgokakmgnkcojhhkbfbldkacnbeo,coobgpohoikkiipiblmjeljniedjpjpf,eemcgdkfndhakfknompkggombfjjjeno,mfehgcgbbipciphmccgaenjidiccnmng,pjkljhegncpnkpknbcohdijeoejaedia]},homepage:http://www.google.co...earch_provider:
CHR - homepage: {create_all_shortcuts:true,do_not_launch_chrome:true,import_history:false,import_search_engine:false,make_chrome_default:true,ping_delay:-60,skip_first_run_ui:false,verbose_logging:false},dns_prefetching:{host_referral_list:[2,[http://ad-apac.doubleclick.net/,[http://ads.rubiconpr...2984254343813]],[http://ad-emea.doubleclick.net/,[http://ad-emea.doubl...5503599978645]],[http://ad.doubleclick.net/,[http://googleads.g.d...6745476020354]],[http://ads.heias.com/,[http://ads.heias.com...6525344788971]],[http://ams1.ib.adnxs.com/,[http://cdn.flashtalk...6455438143852]],[http://assets.zendesk.com/,[http://assets.zendes...5999411921652]],[http://b3-uk.mookie1.com/,[http://e.nexac.com/,...3714495520542]],[http://bcp.crwdcntrl.net/,[http://bcp.crwdcntrl...9769221390867]],[http://ct1.addthis.com/,[http://aidps.atdmt.c...6241343833072]],[http://dp2.specificclick.net/,[http://b.scorecardre...4354218957534]],[http://emea-bidder.mathtag.com/,[http://ad.doubleclic...7105595980861]],[http://forum.ctc.org.uk/,[http://ajax.googleap...2984254343813]],[http://googleads.g.doubleclick.net/,[http://emea-bidder.m...8504174173832]],[http://gotoshop.virginmedia.com/,[http://ad.doubleclic...6102865362829]],[http://optimized-by....conproject.com/,[http://a.scorecardre...6525344788971]],[http://platform.twitter.com/,[http://cdn.api.twitt...4444411627724]],[http://srx.au.ebayrtm.com/,[http://ad-apac.doubl...2984254343813]],[http://store.virginmedia.com/,[http://virgin.inq.co...8175401910324]],[http://tags.bluekai.com/,[http://cm.g.doublecl...5999411921652]],[http://tap2-cdn.rubiconproject.com/,[http://ads.p161.net/...4354218957534]],[http://virgin.inq.com/,[http://store.virginm...4681347249376]],[http://www.beewee.org.uk/,[http://www.beewee.or...8904784593297]],[http://www.bikeforums.net/,[http://b.scorecardre...7691368222829]],[http://www.ctc.org.uk/,[http://ct1.addthis.c...2984254343813]],[http://www.ctcshop.org.uk/,[http://d3io1k5o0zdpq...7691368222829]],[http://www.dailymail.co.uk/,[http://ad.yieldmanag...5295730496120]],[http://www.ebay.co.uk/,[http://ad-emea.doubl...5348279254952]],[http://www.ebay.com.au/,[http://ad-apac.doubl...7691368222829]],[http://www.facebook.com/,[http://static.ak.fbc...0903328583551]],[http://www.freenewswebsite.com/,[http://www.google-an...9416085407748]],[http://www.google.co.uk/,[http://lh4.googleuse...2086570657060]],[http://www.google.com/,[http://www.google.co...4439670053731]],[http://www.halifax.co.uk/,[http://ad-emea.doubl...5335319191497]],[http://www.hannan-uk.com/,[http://c.statcounter...6084614441109]],[http://www.jzx100.com/,[http://cm.g.doublecl...7691368222829]],[http://www.kickstarter.com/,[http://api.mixpanel....7105595980861]],[http://www.rightmove.co.uk/,[http://b.scorecardre...3166035031863]],[http://www.rutlandcycling.com/,[http://api-public.ad...7691368222829]],[http://www.thesamba.com/,[http://i517.photobuc...7105595980861]],[http://www.timetriallingforum.co.uk/,[http://i2.wp.com/,3....2984254343813]],[http://www.virginmedia.com/,[http://ad.yieldmanag...8067527882096]],[https://accounts.google.com/,[https://accounts.you...8994870919889]],[https://apis.google.com/,[https://apis.google....9476730092063]],[https://check.lloydstsb.co.uk/,[https://check.lloyds...9614810014193]],[https://check2.halifax-online.co.uk/,[https://check2.halif...5335319191497]],[https://en-gb.facebook.com/,[https://fbcdn-dragon...4200465375926]],[https://mail.google.com/,[https://clients2.goo...2356671811124]],[https://plus.google.com/,[https://apis.google....8102097879814]],[https://plusone.google.com/,[https://plusone.goog...3395879477677]],[https://secure.halifax-online.co.uk/,[https://aa.online-me...2360650398162]],[https://www.google.com/,[https://fonts.google...4616119918744]],[https://www.halifax-online.co.uk/,[https://ad-emea.doub...3763608113506]],[https://www.rutlandcycling.com/,[https://seal.thawte....],startup_list:[1,http://www.google.com/]},download:{directory_upgrade:true},extensions:{autoupdate:{last_check:13004636827181370,next_check:13004737106323928},blacklistupdate:{lastpingday:13004611207991370,version:0.0.0.139},chrome_url_overrides:{bookmarks:[chrome-extension://eemcgdkfndhakfknompkggombfjjjeno/main.html]},known_disabled:null,last_chrome_version:24.0.1312.57,settings:{aakhlmakppmkkmfkoibponkmmpgpmjgl:{blacklist:true},aandpgohbohmlknpjbblpmoladhoochg:{blacklist:true},abciiempgohamehppammbkhkicmkgkob:{blacklist:true},abfclfmhaemoockhhinpplncjehfpdbd:{blacklist:true},acmpfcamncegnhjdeiodgilikjafcamg:{blacklist:true},acomnmbomlajgjbcijkflekoojdfcldj:{blacklist:true},aconhjfogglfnkjhkjipaifepjklolog:{blacklist:true},aebfkgcamgnimcbnbiopgdakknjgggnm:{blacklist:true},aemcjbfajnnmhblifaejadoecfoaebld:{blacklist:true},afenhmponmfmdmbmccbmglppcmjhmhmh:{blacklist:true},aglmapjbjphdidmnileogpjkgpdoliep:{blacklist:true},agmhonoepgcnakccfpidhjehlocaeaaj:{blacklist:true},ahfgeienlihckogmohjhadlkjgocpleb:{active_permissions:{api:[appNotifications,management,webstorePrivate]},app_launcher_ordinal:n,page_ordinal:n},ahjfgnikolodijnpakeknpilnemojlhc:{blacklist:true},aieglpnmmhleoenpbmfaffppfomgjmba:{blacklist:true},aieihijcjcccdiepockaiekhpflicdii:{blacklist:true},aifmjmboebdkdelpjenakhaodgneempp:{blacklist:true},ajlkjjdbgcjdiklbcomhnfghjigfccoh:{blacklist:true},akadaakimgegecohlifeejdnnjbnobop:{blacklist:true},akbdojiajlefghcdclgkgmbbljamgehd:{blacklist:true},alcbnnpmipohgdllkkglhkbncijplago:{blacklist:true},aldalonecchncedclgcndcndgilaclnk:{blacklist:true},alfahpoknocfdebmiclonikapcnljlob:{blacklist:true},aljdncnajablgppdcfbehhmidlmbndda:{blacklist:true},amfgdngndpfldigimkcindjalokfnmem:{blacklist:true},amoobcjlpgloocplpikcldcpjjdnoeii:{blacklist:true},anmjpohfnlopdfaojooicpemopnliimn:{blacklist:true},aofechiiopolnegcjcddgedjabmkemhf:{blacklist:true},aojicjocmihiopalnhjikigammkhgckb:{blacklist:true},apdebchnkegjokdjplmfmepcdgneemhe:{blacklist:true},apdmgffkfhjfeejmbjidennfjdkmmmbl:{blacklist:true},aphncaagnlabkeipnbbicmcahnamibgb:{blacklist:true},bandboadndbkchlpicmfkpoedgnocblf:{blacklist:true},bcddmcejgphfgofbpoocakaeapfomlek:{blacklist:true},bdgijcibmhjjccgbdohofncdjcophknj:{blacklist:true},benclngoadbppljglhphhnfknoppmjoa:{blacklist:true},bhdkpmneahdelgdgfhddianklldfoell:{blacklist:true},bhmahaiplmeodpakkcchmolaihbhkpdl:{blacklist:true},bilgncckogfgfipdlejkffnbkgjkmflh:{blacklist:true},bioeopenmokdgbekbgpgnacecjmpckbb:{blacklist:true},bjihddggcgnblgojnmhpnngonofbnkaj:{blacklist:true},bkhafliomebnpccanacmlfaemgfiofko:{blacklist:true},bkkchglolnigbfncnbnnbhhempjkdpkf:{blacklist:true},bkplhcigeaiiliajeehehiikokgocbhb:{blacklist:true},bldgnkigdcpgnbfehgbameigoohecdfl:{blacklist:true},blpcfgokakmgnkcojhhkbfbldkacnbeo:{ack_external:true,active_permissions:{api:[appNotifications]},app_launcher_ordinal:x,creation_flags:153,exclude_from_sideload_wipeout:true,from_bookmark:true,from_webstore:true,granted_permissions:{api:[appNotifications]},install_time:13004233702425898,lastpingday:13004611207975370,location:1,manifest:{app:{launch:{container:tab,web_url:http://www.youtube.com/},web_content:{enabled:true,origin:http://www.youtube.com}},current_locale:en_US,default_locale:en,description:The world's most popular online video community.,icons:{128:128.png},key:MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDC/HotmFlyuz5FaHaIbVBhhL4BwbcUtsfWwzgUMpZt5ZsLB2nW/Y5xwNkkPANYGdVsJkT2GPpRRIKBO5QiJ7jPMa3EZtcZHpkygBlQLSjMhdrAKevpKgIl6YTkwzNvExY6rzVDzeE9zqnIs33eppY4S5QcoALMxuSWlMKqgFQjHQIDAQAB,name:YouTube,permissions:[appNotifications],update_url:http://clients2.google.com/service/update2/crx,version:4.2.5},page_ordinal:n,path:blpcfgokakmgnkcojhhkbfbldkacnbeo\\4.2.5_0,state:1,was_installed_by_default:true},bndahdijlcnncjbpammoedeapmlobllc:{blacklist:true},bnffnggkphadlnoopcoakdnkellnifjp:{blacklist:true},boaoagnmpennjoigkkmnjhecapibhfko:{blacklist:true},boclfockfmgcppbajihcgajhpggaakgl:{blacklist:true},bokkificjhapflinbdejegngffgkcgfe:{blacklist:true},caphkimknlmnhpjoneddiaakmcaajagb:{blacklist:true},cbbbpmlnlpnjojeplppgeilanlihoojg:{blacklist:true},cbbjhegipokkofhhicbckicchjpcpeni:{blacklist:true},cbhhdkemlehgodemcigfabmcdnohhhef:{blacklist:true},cbjlfaogacjpkplebfbijaakaifoflno:{blacklist:true},cdogaeccgljmkecjmoedambgiekkllij:{blacklist:true},cedclbokcakighlpbnbhfjffdjeihfdp:{blacklist:true},cekdjgnecpoooikhmceokdhojckkkhmh:{blacklist:true},cepfogmgfkddnllaopgknbdfkceejmhk:{blacklist:true},cfbdodejdeejbkffcmiaknpmojjeibpn:{blacklist:true},cfnfobbpdaccoljfahpmfjdmbfmmkeof:{blacklist:true},cfogpbanfnocakdckmgafapdlmclpiln:{blacklist:true},cgnegjfmdfenjojhjffejinpnpoglmlh:{blacklist:true},cgnkbnaiipmfbakpmhllalggoepniemh:{blacklist:true},cihlkpohodpdkdnfalhdkhhlhmhffmbe:{blacklist:true},cjhklhdjonhcohlacgggcbklpnldleck:{blacklist:true},cjohbbapkbkkhpohinffggbphnhoblea:{blacklist:true},ckckpgefkpjfopjppjfcikppehdhceah:{blacklist:true},ckphhghhpjbfddcgkpfbelfeojcciglo:{blacklist:true},clapnamcglekekmamicmbahkghdcjaeh:{blacklist:true},clfhanhcjmgjnbpjfopldmnabimhmcmp:{blacklist:true},cmjphjljejnfgdbkdgdlclaabimpknna:{blacklist:true},cmlokmkdolieoaoddlfhaidnlmiadhik:{blacklist:true},cnimdnlablahacgompaahbgohcokcclp:{blacklist:true},coajchbkdbfhmhbgcjepiofllfjjcpfp:{blacklist:true},coobgpohoikkiipiblmjeljniedjpjpf:{ack_external:true,app_launcher_ordinal:w,creation_flags:153,exclude_from_sideload_wipeout:true,from_bookmark:true,from_webstore:true,install_time:13004233702302898,lastpingday:13004611207975370,location:1,manifest:{app:{launch:{web_url:http://www.google.com/webhp?source=search_app},urls:[*://www.google.com/search,*://www.google.com/webhp,*://www.google.com/imgres]},current_locale:en_US,default_locale:en,description:The fastest way to search the web.,icons:{128:128.png,16:16.png,32:32.png,48:48.png},key:MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDIiso3Loy5VJHL40shGhUl6it5ZG55XB9q/2EX6aa88jAxwPutbCgy5d9bm1YmBzLfSgpX4xcpgTU08ydWbd7b50fbkLsqWl1mRhxoqnN01kuNfv9Hbz9dWWYd+O4ZfD3L2XZs0wQqo0y6k64n+qeLkUMd1MIhf6MR8Xz1SOA8pwIDAQAB,name:Google Search,update_url:http://clients2.google.com/service/update2/crx,version:0.0.0.19},page_ordinal:n,path:coobgpohoikkiipiblmjeljniedjpjpf\\0.0.0.19_0,state:1,was_installed_by_default:true},copjbedljgpkaakkmbhgkpoaadeahido:{blacklist:true},cpiiakoibaohkfoaijaigdnocfolnmll:{blacklist:true},dadcalgappognjbjpalfophhcfakoeac:{blacklist:true},danapgfidmepmcfbjjacceiaiiioieio:{blacklist:true},dbanhghadfmjndnjmmejdgfdmgidlbpm:{blacklist:true},dbiblcmlcgdjjbdpbmbcpineegngkiip:{blacklist:true},dbmdicehacbaohlockjgdglcobimmjkh:{blacklist:true},dejippphmhbpgckbhdidnjmdcpfccbaj:{blacklist:true},deocpjmfifplhepinpkmpinpnbiemfje:{blacklist:true},deonbedlmakdddidplniclflladdjoep:{blacklist:true},dfafokiagoiocidlpglcanjkcdbdnioi:{blacklist:true},dfoegfajplmijblljfancdapbdaopebb:{blacklist:true},dgaehaeahdegbdlenicbmkbakhdgoeml:{blacklist:true},dgcfmgdfbfbgcpbendbhbkfjppboebed:{blacklist:true},dgkemngdheppgohkjjelnkjmdeimmfml:{blacklist:true},dhclobcklknojliojkkclgjndemadnig:{blacklist:true},dibljdngacjhpccjckmlmeklpgjeinjd:{blacklist:true},digmihafmlfkgdbjjdgbcojghcgcoeoa:{blacklist:true},diinokaoicgobepmadnmedlhdfnpehcj:{blacklist:true},dinhjcapnfbffhiihdlnbdfjdjjfhcbk:{blacklist:true},djnahdkbfgnhgpakidinfonfcjbagkgp:{blacklist:true},dkhkecikbdfpoiopnnpoeglbdphgflmf:{blacklist:true},dlobhinihbmedmheccecfnkcadpehmbf:{blacklist:true},dmabikjmolgegjajdhmgpmgffajlmmkb:{blacklist:true},dmhgenmamfphbclmhdgmffajkfommkom:{blacklist:true},dmhjdbigobajgnfoabodjgmcdgoeoljm:{blacklist:true},dmkdhgkknhnfpdjeicefnpmhcpbimden:{blacklist:true},dnemhlkdpajbbniphgkgceplmnkfnhfo:{blacklist:true},doneghboglgnflpdicnkaojmmljgejkj:{blacklist:true},dpaphgcjeeochbiafgbochohgmpcmlbj:{blacklist:true},dpgenihgggagjjggfocjceeobjkadcbc:{blacklist:true},dpmloehicimdjkibmobhmpgdndgbcced:{blacklist:true},ebdcdchjcndpjhehacedepnggfdbfkpn:{blacklist:true},echjhfifjidfhoappglfmoffcpmpkigb:{blacklist:true},echngajnlpjeacbanjejlhcajjfoedcc:{blacklist:true},ecinfbhalenfhdhnljmkglajfjjfehoj:{blacklist:true},edmnikahahfkfilbbjbdoiabnghbkmjc:{blacklist:true},efbeabpbbkahnnjalakldjfhljboclkf:{blacklist:true},efhjelcghjkfigiagdfbfilndaffpmdj:{blacklist:true},efnaljpgehfilpmkhobibbjceeeondmn:{blacklist:true},egljdhfnbjahogjahnigfnbpidlmdagi:{blacklist:true},ehgoiaffgjoinpkllmmnikghgpghnabc:{blacklist:true},ehmjnpjodmgeocfphkjjnheiheehcoid:{blacklist:true},ehomcoocpagnlcakcbecdaknmacmedld:{blacklist:true},eiflkkehgogioennialfbilppmegcpoa:{blacklist:true},eihjeehdobnpkonebmpanonopghepfle:{blacklist:true},eijbdinddjecmebnlienfoijpjjobkjh:{blacklist:true},ejakhnjbomgngodiidgbkapjgbdckhnh:{blacklist:true},ejijgghlncnaphklndknkbkclebfboca:{blacklist:true},ejlekamipdcfcfpgfepjmklllbpeecaj:{blacklist:true},elcaigjcaijbfpjngaekbblphmfjdhfo:{blacklist:true},emcdpbapjmnjgoannclkongdfboaabho:{blacklist:true},eofejpelggimkodeojpeojnbijgiglgh:{blacklist:true},eopmhecjnginkckggjmhombbopmkjpam:{blacklist:true},epbmnbdplhcomkedpjfceakddnbgfjmf:{blacklist:true},fafoohpbicgbcejffcplajonhhooddle:{blacklist:true},fbhiehmngojjcmljddjmgpmcockbccmo:{blacklist:true},fbjjhbijaiopkcdolheliknnjlkaekeb:{blacklist:true},fcfepemfihgibdacjlnlecebknaaepmj:{blacklist:true},fclheclkknbgfndeahkfdomollhmfkcn:{blacklist:true},ffgfbfakpcnngelphjnppokmoicdollk:{blacklist:true},fhlkffpjoajppmhcakbkjndbjfljccpi:{blacklist:true},fiapkdjniadkodmdibdnchoifkpfoiid:{blacklist:true},fibgploapkhokkbncddlkcmbmiengcfp:{blacklist:true},fihepkmlkmciffbhijldnpmifhbkiinp:{blacklist:true},fiiblakkkkgeljngobmpeljjapemenhi:{blacklist:true},fjhfnfakmfcejgmfkmnapemgblmehppf:{blacklist:true},fjjeecfjmgfnleghoellhldedkaocjfc:{blacklist:true},fleljamdchegbjeiipbnmiebnhgheeld:{blacklist:true},flmmgcfcpbfddenepkfmgfpbaceolcoe:{blacklist:true},fmcccidacjgnfiafddkngmeolkoiihil:{blacklist:true},fmonlemffgbabjifjfaoamdflijecdbk:{blacklist:true},fngolbdmkneakeaoiieafkilnogbocda:{blacklist:true},fnhcgnmfccojojojacgeiaaeacefdohb:{blacklist:true},fnkaadkanmfgpfbmdcllhjdgmdbgljpi:{blacklist:true},fnnmbghphdnmmjdapccfobgjemjadeli:{blacklist:true},fnoadkjdjfgafomgmablhmffooijcfbn:{blacklist:true},foenbafkkmajnmfnlcmejonkfaipdmme:{blacklist:true},fomljmklmcefndkgpakgifbiiidgbjej:{blacklist:true},fommcgokigkhmnhlhlkckfjhefnmfohd:{blacklist:true},fopgndklnkecillfbdmfknhmadmenikm:{blacklist:true},fpbippbofbmgmbojjmgfcifpmdaelcmd:{blacklist:true},fpbkafpphnhlpakobppekmkebmbhkoco:{blacklist:true},fpjdackpllilinpkgmhkpidkanmccblc:{blacklist:true},fpmajanjndhgpifbcbnklbiehgnpkgmf:{blacklist:true},fpoajjnnpmledpmohlgpgbmlhbgkgahg:{blacklist:true},fpokembamndopkflopmplkklbdngnknd:{blacklist:true},gaicmfjflflabagobdiodejfpjikheeo:{blacklist:true},gandihaiobadcggbfkhpbkocmiemjlnf:{blacklist:true},gbenikfjhilhpgagllmfgggdjaflbmbi:{blacklist:true},gchbiabnbdikkgfhnkclecjncojnkmhb:{blacklist:true},gdggdkkjecogagaffaemnbfmllcoihjp:{blacklist:true},gekkhpjigmckhgmgngadbeknekgpgolb:{blacklist:true},gfjfhihpkmehdmblhfaikkipeplpdcla:{blacklist:true},gfmmoiakbmdohkgeoekiokjgljcminig:{blacklist:true},ggkpicnfnljflddbdoeeaajjgepapcbf:{blacklist:true},ghgphbmpcfgkfneodjpbdanmdoemklio:{blacklist:true},ghmaokcegalalefnhlfcnjhnpdbanjkj:{blacklist:true},gifglngcdbggmlgkcombebegdaoknkho:{blacklist:true},gjkbghdignnlcknknflbigpammebiolo:{blacklist:true},gjmhdmobkhfhkpfmfegnkkimlamjdldi:{blacklist:true},gkhbgnodbilglgholifcjdblbgdaieah:{blacklist:true},gkjeccpmibljcfpfapfljciimedljpnm:{blacklist:true},gkjmgdpdndoaiholejnmdbbpdaafahmm:{blacklist:true},glhhlafadlhkgbklgbjnmblfhnkfknbm:{blacklist:true},gmghjgfdialcnhadahmjefeflgnhcjeb:{blacklist:true},gnapdhmknipknfmhhnhdmhakdfhgeing:{blacklist:true},gncfgndgeoddelbfhlndhljnecoednaa:{blacklist:true},gngmkbiihflpghldjnbpemaicedhdddk:{blacklist:true},gobjcjhhebpjbmjdgmejhebbleadnceo:{blacklist:true},goedioiidkokkbobdnopnlnaaalniegm:{blacklist:true},gpgehbjbkfhngdlfpfeokjgbkmmokjhe:{blacklist:true},gplgjmecjpbfcdikpbicknafcnfcidek:{blacklist:true},hbaajkahagmlkdekmbdabikbopdgpaac:{blacklist:true},hbdhabpmbbanaopgkbaondabkkepjfaf:{blacklist:true},hbmlheccjkodhfejcmblndjodllmnlnl:{blacklist:true},hcapokajkngndbglnfglpfdpoeidmpha:{blacklist:true},hcpndbchnlgojmnijaldkicigmihmdca:{blacklist:true},hdijkiondgomjpehfhopomicjbiodmcm:{blacklist:true},hdnbmmfjbblajkjkcaeofolgfnljpnim:{blacklist:true},hecijapnccjhonbmacmkmffooodfokoo:{blacklist:true},hefmoncdemhjembgbnkgglhlookbipdc:{blacklist:true},hfcgbiofoebieldldghfocjfnnajmpej:{blacklist:true},hfjpjodbolkmheaehcnmfhjakjileoof:{blacklist:true},hfpfbhnmbbigpmoodjemilggabklpopj:{blacklist:true},hgbaomphocgmdpmiohjclchaaljpaelp:{blacklist:true},hgboiaecclcbjphldpbgfgggcbihmnai:{blacklist:true},hgjgaeknhmidehalnmokomhpfhbfmpcm:{blacklist:true},hhbihfbjoifhhebcnchglobmkmapgjkm:{blacklist:true},hhfffemhgkginfafaoapljdllodppana:{blacklist:true},hhfiljkpjapjjphcocclhhaldpfkkjbi:{blacklist:true},hhjmkijkgojfifipdgmiemghfikbohcm:{blacklist:true},hhlgbfcfbkhlmajakkcjippgpcmejkko:{blacklist:true},hilncbjbdpnfepdidfchmdclhpnlegpj:{blacklist:true},hjkhligcnpfjhjlapmejaiaiigibofif:{blacklist:true},hjnigaibahdeadcdnpnommdehajodlhc:{blacklist:true},hkbgccpdcpbdckohbknjlamamelcnlki:{blacklist:true},hkjcejgfmaanpncnpoidgbhoikcaeepd:{blacklist:true},hkjfdgjkgpbbdmadbglcgljjjddkcdha:{blacklist:true},hmmoglffhpmacaacfbbmbbkcbdkjphnc:{blacklist:true},hnbcdmfeoldeppcbnnjmjkdofohaljbn:{blacklist:true},hncomkjbbkchfjelocejkbbflmjhlhfp:{blacklist:true},hnipgljcblpgnnojcfldehpeknhakbgj:{blacklist:true},hnkcpoijaeegompjgbjjhkdmljldaccg:{blacklist:true},hnnebfeppcbhhbhiifeaajgcjnkljlld:{blacklist:true},hnonhhpgjnjcjfbkjdpfbkfpaodcmncb:{blacklist:true},hpcdoodjfcmpcpkeendjnjkeinimhkih:{blacklist:true},hpibmhghjndideebpackbdlpncgkcppp:{blacklist:true},iablioliielnhdianpbiijaoncbmfend:{blacklist:true},iccblehkchfmjgfafjcpjlkjcponhdhl:{blacklist:true},icihfeaofpcfehanhbnjigdlpfahjlee:{blacklist:true},idbdlnkdnaodonmgnimcfelpngbmcpjk:{blacklist:true},iedogbkombgmapifenoojnmpcnjighfm:{blacklist:true},iemfpgbdjfoihicbocpbjppipdbfimeh:{blacklist:true},ifbkndkaolfbjjhnnhfmkbkoclpdkpli:{blacklist:true},ifeijfpkjckedpclgncedmgdiaoeahmk:{blacklist:true},igaajdmlejbjcbmpmnigopikfdaccdcm:{blacklist:true},igbaoknfddliiaoimhehfbkfekpmmfll:{blacklist:true},igghanohiioehififjoalfkdoicafjof:{blacklist:true},iggjepemmdkieakihpomccndhdfcljdp:{blacklist:true},igkdgkdiiolilocklmiolkpoohacojop:{blacklist:true},ihnembcpodnfgkafmiojebccomjekopm:{blacklist:true},iiiinekimabooeihccihfopoadcaaphn:{blacklist:true},ijecjbcgpblkacpijljpaienknanaloa:{blacklist:true},ijenlpgidnapbndonoinbkhekgjonojg:{blacklist:true},ijjmbbddenkbenbcfldgghhjgjmcnioo:{blacklist:true},ilhjicgcglhjigdehkcehjdokmkahbjl:{blacklist:true},iljfgjkppapinhcgonhjnipfppfmfedh:{blacklist:true},ilmknaabackgdbnkgbihgpgiopnlkjek:{blacklist:true},imfbomjbodpfgfhfahlgkkcllmhbelhk:{blacklist:true},imkffpjpdngdkpgadcmnlkhhmhdocijn:{blacklist:true},indfhnliadamglhalanplbajgenpjdml:{blacklist:true},iobnpmeeecphddicmhhmdjbnlbdhjlne:{blacklist:true},iomejadoamfilglofmeaffghddcgapmf:{blacklist:true},jabpdgllijbnknhkgjideeajfofafckp:{blacklist:true},jaejgaoiipdjjlbnapngknalafalbkej:{blacklist:true},jafnimahlamccccjbkhjjpeiipiedpik:{blacklist:true},janhdpmhnighonkkbkdpnljcoenpfkbh:{blacklist:true},jbfebbkjjmkcoldeaeelhpconkmgjhbg:{blacklist:true},jbmbiepnidbnhbbfdbgioomdkgnbcacj:{blacklist:true},jbnafcjbcfgejacaanogofkkehcomamp:{blacklist:true},jcmipejepoimfflnoapdmkdephgjinck:{blacklist:true},jddbdddmbfencninofcgnodekclofpaj:{blacklist:true},jdiakcmbpmcnniggjcmcjknnklpdlogc:{blacklist:true},jeehjhnmgohgpfpjneglogiholalkeip:{blacklist:true},jfalnphfjdoalcdhlnhdpekbmmopkgkj:{blacklist:true},jfhmafmjfdblceidmfdmoihamolaaeco:{blacklist:true},jfjagidcpadkoaonbogmbgfimmnefeie:{blacklist:true},jgdkappiifgomhgikcjbanhnmlekpeje:{blacklist:true},jgmpapdckakiohhebmeoemejibommimi:{blacklist:true},jgoljhcbgajhbhnchplgjdkknendhjnn:{blacklist:true},jhhabiomopkibeecgngiggmopkeofacl:{blacklist:true},jindbcpkhnnnjgcjgmkjedbibibiojjf:{blacklist:true},jiofcofpcbijcnlpekdkpmgjdppajbjb:{blacklist:true},jjnkfllhcgkgnfbekpnmoikpfihpjfli:{blacklist:true},jkihmglffmfjedfbpbpdbbimcodjbmdh:{blacklist:true},jkmhalpofmlfeglboejbchpoijnkmcgh:{blacklist:true},jljfnkmkkdkppfndippkedacgfkafped:{blacklist:true},jmbkhogpjgjpfjhpdikloblkbkljkgao:{blacklist:true},jmeanodbelbflfmnkfdjgpikmldgjjko:{blacklist:true},jmifipgdcllamghkhdplfjffkciekbgo:{blacklist:true},jpehgolpfgnknboibogccapmdcadjkbd:{blacklist:true},jpeijjbllejgmokmahkeommcodahoobm:{blacklist:true},jpgidahfcgiajlcbleeiaibpmmblcmnb:{blacklist:true},jpkdlckejfjidmplieobnhijmoiecbhl:{blacklist:true},kbipembkfhbdmkkkfbigmohilmknjnof:{blacklist:true},kcanfkmhccbaheheaackijegkclkaeic:{blacklist:true},kcfnnanmpghdnoompcfclakpacapnfbn:{blacklist:true},kcgplbmkmfcpngilmhjmebdgkkpbdemp:{blacklist:true},kdchmeaiapjkejkcbeclgjklemecieeg:{blacklist:true},kdcnnmifdmlmjffdgeieikcokcogpbej:{blacklist:true},kdfahjokahcbmecgaandpobmgiiknagf:{blacklist:true},kdjhalklkkcmodeicjiaekcgifkcepaf:{blacklist:true},kelcbonmemlciepjdmfcifnhloeammhj:{blacklist:true},kelljdoinjlkmkncffgadbebgpmlcang:{blacklist:true},kffhenjbibjnbnjhlkcdlmpeccpaohio:{blacklist:true},kgbkdabomfdpfoibliicpmibceaoohgh:{blacklist:true},kgdhnhadbnpeibkghaebmhmngobdafag:{blacklist:true},kgdkcodealpfjolmiagcogfbgmaamegh:{blacklist:true},kgdmldjagfciieddcnlhampgkajkpanc:{blacklist:true},kibgmcdcfmcglajcfbecilngejnfppjp:{blacklist:true},kiipngoehgkgkackngaidmhmnchfbmio:{blacklist:true},kikjpgpbpnapbimplfcbcbakjacpgceb:{granted_permissions:{api:[tabs,cookies,notifications,contextMenus,webNavigation,webRequest,webRequestBlocking,unlimitedStorage,storage,proxy,webRequestInternal],explicit_host:[http://*/*,https://*...criptable_host:[http://*/*,https://*...ontent_scripts:[{all_frames:true,js:[js/lib/consts.js,js/lib/logging.js,js/lib/reports.js,js/lib/xhr.js,js/api/cookie.js,js/api/message.js,js/api/pageAction.js,js/lib/installer.js,js/lib/app_api.js],matches:[http://*/*,https://*/*],run_at:document_start}],content_security_policy:script-src 'self' 'unsafe-eval'; object-src 'self',description:Enhance your search results with direct download links and information for apps and games.,icons:{128:icons/icon128.png,16:icons/icon16.png,48:icons/icon48.png},key:MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCu8GEww/SpmxxDWtUIoK+qf7gcvMs9g2pbGq356uPGhNudUe1FfwbhK89mzTMusLcZY/bgjcC5z/NV5019ehcBC9Ss8CfVUB1F/f9ElNm4r3DA6OMpIY0n3LLjeoRWK55QZR53N1sQKE5xWAZl1Hx4vrLnnvS0aTkg10BGFHGIJQIDAQAB,manifest_version:2,name:weDownload Manager Pro,page_action:{default_icon:icons/actions/1.png,default_title:weDownload Manager Pro},permissions:[http://*/*,https://*...ible_resources:[crossriderManifest.json]},path:kikjpgpbpnapbimplfcbcbakjacpgceb\\1.25.32_0,state:1},kincjchfokkeneeofpeefomkikfkiedl:{blacklist:true},kinhljbhjmcmoddhdoodekeklmjapjff:{blacklist:true},kkhomejdleoonmbdhcigkhkjcghngncf:{blacklist:true},kleaapgdkahaekcocmkbgfainbhihccj:{blacklist:true},kljhmdlkclaglodecegamnpioaflmage:{blacklist:true},kmlebjoghkhpapfhbdikannggmmffnco:{blacklist:true},kojkdbedffnppdoalcfkkeelbhbklhgp:{blacklist:true},kolbbghckjilleabphhgeggcgpfidofi:{blacklist:true},lambangeielkjcnmioccboaphdfcffib:{blacklist:true},lbaddolhebpnhdcdkicpcflhnfamcemn:{blacklist:true},lbficnmfealeidppcbgdcbemgfjodbkg:{blacklist:true},lceaiepehinnomgijphkmjccbigkljkj:{blacklist:true},lcfkojlnjnedeoepfemhdgkhiabkeadc:{blacklist:true},lcmpleboacinanffcdgenhhbkboclkjb:{blacklist:true},ldgfapfmnplpaohbbadnecegcpfkfall:{blacklist:true},ldmoahefokhfelhpbgfjpelcdbahdofk:{blacklist:true},leccghfplhenabeogpibljliijgapfgb:{blacklist:true},lfggokjjaanlfikbbapgnfemifmddalf:{blacklist:true},lgalokbapphhklmilicdefmgbjkcmldf:{blacklist:true},lgcnahanhlfpceencjmlehpfklokhojk:{blacklist:true},lhajoamjgchgljkdjigcgmmcehjkagan:{blacklist:true},likifpgnijjfbdegfepoalpamlgnfofi:{blacklist:true},liomofjeffddiiccaolcnllbhnipbkhe:{blacklist:true},ljcicfibknpmlcmcecddjlbgkejehhpa:{blacklist:true},ljeihpebkahejeacdalhkhmckmggppif:{blacklist:true},ljmjoloiepllcndinchenhomcdcgbgef:{blacklist:true},lkdimamelhbiijkiljlnedmhnnkkmlbl:{blacklist:true},lkfdchejjogilmloogbbjlnlpbhgjfab:{blacklist:true},lkhcbijhgfchgdmklonlobkfbcadbokg:{blacklist:true},lljnngafekbnkpdfophmcdlbfebcbcld:{blacklist:true},lnahlgmhpghkhmafjppdidhcoaomipfg:{blacklist:true},lnbeebaenahmkbffnimghceldeeihfak:{blacklist:true},lncjcfkpannmofmpgdfoonkniofdnaba:{blacklist:true},lndempehphjoeimfchjflohpmhamiamf:{blacklist:true},lnjgjionmhobdfdegbciceafphgemjnc:{blacklist:true},lnlaeblencbjjjeaanegaldcjfekeled:{blacklist:true},lodollblmkailkkdiijmoccefdfjohgk:{blacklist:true},loggadfheaoeabmkgolecncpfdfioefa:{blacklist:true},lojppnndedobolgfepahepphhloediji:{blacklist:true},loldehkdjdncebfnncknlkdchjclifbn:{blacklist:true},lookpbabilcplifjdeifacodednpacmk:{blacklist:true},lpgiafapdmlapiokjnmpbbfkomiceoml:{blacklist:true},lplmcpcnhpbffpcfiaddbeaplhhbengd:{blacklist:true},maakimnachffhlgdhfomaejeeaikgjap:{blacklist:true},magllcifjcllaafcdplnajmobccbcdlo:{blacklist:true},mamfageekafifnickhgkibkofcclfefe:{blacklist:true},mandondadnlimicalgkbkaohmeopdojj:{blacklist:true},mbmdaiddhfoljplpdhohimgieioblfif:{blacklist:true},mcbkimglepddodbiongpohpeidioafgk:{blacklist:true},mcknnlhkkdbcppajgefagceglahcafjd:{blacklist:true},mdiehnlecbjlppbpaaipmlnhhjgepfcg:{blacklist:true},mdngbiejioalifclonjepjjfppmbgned:{blacklist:true},megkcfpbmemnpkgadkoompnoajcolpni:{blacklist:true},mfffdpnblflpobcnekhekiahepofaane:{blacklist:true},mfhfkclojmdocagbmecgcnlofppebebd:{blacklist:true},mfncimdpmknolnnnccdmkpnpkaofonkc:{blacklist:true},mfooalpniplhaaealemjpchkchmmgdko:{blacklist:true},mgdgiplcofghdmpekdeeceolepakodcb:{blacklist:true},mhbffdldpckobeihgebaamjalehefnia:{blacklist:true},mjalegijammcloleihdmooifidcjggjp:{blacklist:true},mjgobkikdipfikmaoakdcdbicpioljgg:{blacklist:true},mjhlngjakabhonjagnlimeicooahajpl:{blacklist:true},mjolnadmlahbpepjaemohnkhpjkbhmef:{blacklist:true},mknjbohhleiicbpagpgmhoaigbblmnic:{blacklist:true},mkobblpffgbncfhijabakfafmkjdmmnm:{blacklist:true},mlmegahemifabfmdnndafagnncfbnahn:{blacklist:true},mlmmbepkgelpbenpobinockmiehdahai:{blacklist:true},mlnoedbhndgbjcbeadjfnmjloejlgojk:{blacklist:true},mmjodihhmnpkldljaifiajmlnpflfhpm:{blacklist:true},mndoohjdoechinpkfbkolflbonciahfo:{blacklist:true},mnhcgaghminpdabllkbkecahjfkdiabk:{blacklist:true},mnichagcickblneeijmfnmoiakigmmhf:{blacklist:true},mnllienogacopjnkmhgnniopjpgjpopp:{blacklist:true},mogepbcllienegdibkfpmombhefhcoic:{blacklist:true},mpgehpkneknbopplhmmkfijfiniddipf:{blacklist:true},mplhbhmkccidaokcelbcbcmhhedebcng:{blacklist:true},mplpabdbfbloeiboikmdbnggfnjbjmlh:{blacklist:true},naopgnjebjeeedbbhcadkhkmeefmloho:{blacklist:true},nbieffehfdniifkgdckbndjhojohbfjj:{blacklist:true},nckmikohoilfkcoahbjpbgbpegcjgngm:{blacklist:true},ncpdanjmicnihdlijomcggnnekloephc:{blacklist:true},ndhkiimgbjnendpcfbiadlifmangejoa:{blacklist:true},ndiogongcmocdgjciemhagfhpjamehpe:{blacklist:true},negkalblfongjbphdcbbhddlickhlamd:{blacklist:true},nepfiodmbijheamafkiglonfkjebdjmf:{blacklist:true},nfecfkjnlkbphobjbcnphimihniieehc:{blacklist:true},nhbfbnmmdjkjahhfdeklgphihfodfgnb:{blacklist:true},nhboiakpmibkbkbeehchlfkggmhphpnk:{blacklist:true},nhkmojkfnknbbmhbnacjdlodokeophkl:{blacklist:true},nhooocacdhkpbmoocdclodjlddcebfoe:{blacklist:true},nibohffepnilngkecenfdgnokfhmnkod:{blacklist:true},nidmbljkkcbdfklgdkklgjgmhejmbojn:{blacklist:true},nidodbfomffkfabciljelkbdiabkeehe:{blacklist:true},nifbebeekindefklojhchehidpikbjfc:{blacklist:true},nihhbeikpchdddoillfdcdinnnnllmna:{blacklist:true},nlgapikcofpablcmfgaoodlhiejiehhh:{blacklist:true},nloaaepkhcnmoakooihnefhhggbmemed:{blacklist:true},nmgpbidjnaebdlbdbpjggenmbaolmfoi:{blacklist:true},nmmnodocfckpoddcgihiihcdinaonckb:{blacklist:true},nmphbnbmgfccfhcmibikmhcgajjpelpf:{blacklist:true},nnioepmjbjjlflmdgjanlcmbjahljeeo:{blacklist:true},nochkknnbahbhmmknnmdhagelcnfagom:{blacklist:true},noefghcilkpcabnhhilojimkkjplhcnd:{blacklist:true},npadaghbcdejfngcjpbnoikajdnongca:{blacklist:true},npolaghondefgiomhkbiiompikfjneep:{blacklist:true},oakhllhnbcpgagdafgbninlpjdemdmjk:{blacklist:true},oanjogmonneelfpnfmdlalfddkeckdej:{blacklist:true},obfnipbbnnhkbafmdbbfpgfgbjmmkgpm:{blacklist:true},obgljnmbldahelaakfdbjkplokjoneip:{blacklist:true},ocmhjnhildbnglmlfimkjnnfgddelacb:{blacklist:true},ocnlnkjmfnolmbclblfhfhcakldceiec:{blacklist:true},odeckaficnaplobiiaomegfbokokehhb:{blacklist:true},odnamglmogfldajnhkfodmloofeokcmm:{blacklist:true},oghphhcagopecifjblgdcfihjnlcbcfc:{blacklist:true},ogjbodghhojomghbdfnlkppdagkfjede:{blacklist:true},oidjdpbndkjhmhmgdoggibcjnippkcgo:{blacklist:true},oilfokmpgejhjhecdjjpikloibggpenf:{blacklist:true},ojglppmhgfohhfeinlhklglifnbfebak:{blacklist:true},ojmdhklabgbnnkkilmkcfcemdhognifc:{blacklist:true},omceiakkomngangmllpgbjcoeloglald:{blacklist:true},omnicnmbagoinlpamknknbcgopadcoci:{blacklist:true},onfbaaifbbahonepmednhkjbhdgogkbl:{blacklist:true},onjaecbdddgibdijafoemfiachlbcgkj:{blacklist:true},onpnpccdagncipgnoofbhchlbajcjnkd:{blacklist:true},oocfbmollajebjjpkahmlnclfhkjijea:{blacklist:true},ookcgejbfhcmcanfkfmmmpahflnlajbl:{blacklist:true},oomelpjfeldbopnleifpjibbpekflhlg:{blacklist:true},opnnngnphijodjhemhdafpnnpdjggofe:{blacklist:true},pajgiddgjidlcajihkjoacjbplimkgfe:{blacklist:true},pbdgmppmccanplobanhfkjndjkmmabgk:{blacklist:true},pbekednmpdekknlffkiopooofokfmkla:{blacklist:true},pbglijbamgmlcpnnpbfjkbdeheejjloj:{blacklist:true},pcaedgdgamlfffkfblocmakhgieggoak:{blacklist:true},peahabnpipmmfiajjjhgfggbeigbmbgp:{blacklist:true},peiijdmlgbelnnmnkighhkpeihmmamio:{blacklist:true},pfaooklcbjnkgconjjepimkohgcjmdji:{blacklist:true},pfcelnbmkeoaeicedjomcjkcammlkdbk:{blacklist:true},pfgmgcnbngcnhjddppmnloflcidemopc:{blacklist:true},pfhlnanelpgjbhndafjamnpfhkjadoip:{blacklist:true},pfoiaildicnbcjojocjlpcibenphhbln:{blacklist:true},pfonklmafadkmcedjlodommcoipgbcde:{blacklist:true},pgelifedkjaohmjehecojkfldinjlamn:{blacklist:true},pgjpnfpidejcmjibaaohcmehfohacckf:{blacklist:true},pgldfhecfiofkhnbgcncepnkjkeoahlk:{blacklist:true},phkpgooenaonkpnabopdbjjfmphclela:{blacklist:true},pihcfdffalbcnmbghijdfcaanagapelf:{blacklist:true},pjdhkkcnlbfebiokpeghfffajaabahfo:{blacklist:true},pjgbfgdpkbfimabdalhjmmeeelbmkcac:{blacklist:true},pjkljhegncpnkpknbcohdijeoejaedia:{ack_external:true,active_permissions:{api:[notifications]},app_launcher_ordinal:t,creation_flags:137,exclude_from_sideload_wipeout:true,from_bookmark:false,from_webstore:true,granted_permissions:{api:[notifications]},install_time:13004233702208898,lastpingday:13004611207975370,location:1,manifest:{app:{launch:{container:tab,web_url:https://mail.google.com/mail/ca},urls:[*://mail.google.com/mail/ca]},current_locale:en_US,default_locale:en,description:Fast, searchable email with less spam.,icons:{128:128.png},key:MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDCuGglK43iAz3J9BEYK/Mz6ZhloIMMDqQSAaf3vJt4eHbTbSDsu4WdQ9dQDRcKlg8nwQdePBt0C3PSUBtiSNSS37Z3qEGfS7LCju3h6pI1Yr9MQtxw+jUa7kXXIS09VV73pEFUT/F7c6Qe8L5ZxgAcBvXBh1Fie63qb02I9XQ/CQIDAQAB,name:Gmail,options_page:https://mail.google.com/mail/ca/#settings,permissions:[notifications],update_url:http://clients2.google.com/service/update2/crx,version:7},page_ordinal:n,path:pjkljhegncpnkpknbcohdijeoejaedia\\7_0,state:1,was_installed_by_default:true},pjloefkigphblpjminnlpbhjchjafcfc:{blacklist:true},pkbbbncikcipejaiiiioboongndhmjgl:{blacklist:true},pkbkgagehkkoajkpgnmjegibihpalfdk:{blacklist:true},pkbkkendemaimikinaefldfljliecapm:{blacklist:true},pkcbihpffghlanbclfmkegjmbijcpobj:{blacklist:true},pkdlpbfmpolnhligegklimbccminkioc:{blacklist:true},pkhidkonipdjidjglnkfcfhnkfnlefbk:{blacklist:true},plfijddblbcdcnammpdmfccchkbdekmm:{blacklist:true},pnaiiipilbpcceggeanphcpkkihnojan:{blacklist:true},pndadpldhngimdmhnajebjldbmcbpjol:{blacklist:true},pnnbdjcjeiobikdfikegpclkcimgafpp:{blacklist:true},pnpfkfanlgljpkpilhgiimfadggfmhcd:{blacklist:true},pnpgiaejfbdapllkchhgchjpdbcpiooa:{blacklist:true},pobponmhkpmphbnfhpjdagklbkmjhked:{blacklist:true},ppmfajacidhcjbddpgmcmigffpppcadd:{blacklist:true}}},first_run_tabs:[http://www.google.com/,http://welcome_page],homepage:http://start.mysearchdial.com/?f=1&a=dsites0301&cd=2XzuyEtN2Y1L1QzutC0CyCyDzy0DtC0C0E0B0F0F0DtC0DtBtN0D0Tzu0SyBzytBtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R&cr=1085628055&ir=,homepage_is_newtabpage:false,net:{http_server_properties:{servers:{accounts.google.co.uk:443:{settings:{4:100,5:10},supports_spdy:true},accounts.google.com:443:{settings:{4:100,5:10},supports_spdy:true},accounts.youtube.com:443:{settings:{4:100,5:10},supports_spdy:true},ad.doubleclick.net:443:{settings:{4:100},supports_spdy:true},apis.google.com:443:{settings:{4:100,5:19,6:0},supports_spdy:true},chatenabled.mail.google.com:443:{settings:{4:10,5:10},supports_spdy:true},clients1.google.com:443:{settings:{4:100,5:10},supports_spdy:true},clients2.google.com:443:{settings:{4:100,5:10,6:0},supports_spdy:true},csi.gstatic.com:443:{settings:{4:100},supports_spdy:true},en-gb.facebook.com:443:{settings:{4:100,7:16384},supports_spdy:true},encrypted-tbn2.gstatic.com:443:{settings:{4:100,5:32,6:0},supports_spdy:true},fonts.googleapis.com:443:{settings:{4:100,5:32,6:0},supports_spdy:true},googleads.g.doubleclick.net:443:{settings:{4:100,5:32,6:0},supports_spdy:true},lh5.googleusercontent.com:443:{settings:{4:100,5:32,6:0},supports_spdy:true},mail-attachment.googleusercontent.com:443:{settings:{4:10,5:10},supports_spdy:true},mail.google.com:443:{settings:{4:10,5:10},supports_spdy:true},p5-r7vtrelvon364-ukvi6pj2scxwypxm-135974-i1-v6exp3-ds.metric.gstatic.com:443:{settings:{4:100},supports_spdy:true},pagead2.googleadservices.com:443:{settings:{4:100,5:10},supports_spdy:true},r.twimg.com:443:{supports_spdy:true},ssl.google-analytics.com:443:{settings:{4:100,5:10},supports_spdy:true},ssl.gstatic.com:443:{settings:{4:100,5:10},supports_spdy:true},themes.googleusercontent.com:443:{settings:{4:100,5:9,6:0},supports_spdy:true},www.facebook.com:443:{settings:{4:100,5:16,7:16384},supports_spdy:true},www.google.com:443:{settings:{4:100,5:10,6:0},supports_spdy:true},www.gstatic.com:443:{settings:{4:100,5:32,6:0},supports_spdy:true}},version:1}},ntp:{promo_resource_cache_update:1360254313.256233},plugins:{enabled_internal_pdf3:true,enabled_nacl:true,last_internal_directory:C:\\Program Files (x86)\\Google\\Chrome\\Application\\24.0.1312.57,migrated_to_pepper_flash:true,plugins_list:[{enabled:true,name:Shockwave Flash,path:C:\\Program Files (x86)\\Google\\Chrome\\Application\\24.0.1312.57\\PepperFlash\\pepflashplayer.dll,version:11.5.31.137},{enabled:true,name:Chrome Remote Desktop Viewer,path:internal-remoting-viewer,version:},{enabled:true,name:Native Client,path:C:\\Program Files (x86)\\Google\\Chrome\\Application\\24.0.1312.57\\ppGoogleNaClPluginChrome.dll,version:},{enabled:true,name:Chrome PDF Viewer,path:C:\\Program Files (x86)\\Google\\Chrome\\Application\\24.0.1312.57\\pdf.dll,version:},{enabled:true,name:Adobe Acrobat,path:C:\\Program Files (x86)\\Adobe\\Reader 9.0\\Reader\\Browser\\nppdf32.dll,version:9.5.2.295},{enabled:true,name:Java Deployment Toolkit 6.0.170.4,path:C:\\Program Files (x86)\\Java\\jre6\\bin\\new_plugin\\npdeploytk.dll,version:6.0.170.4},{enabled:true,name:Java Platform SE 6 U17,path:C:\\Program Files (x86)\\Java\\jre6\\bin\\new_plugin\\npjp2.dll,version:6.0.170.4},{enabled:true,name:Microsoft Office 2010,path:C:\\PROGRA~2\\MICROS~4\\Office14\\NPSPWRAP.DLL,version:14.0.4761.1000},{enabled:true,name:Google Update,path:C:\\Program Files (x86)\\Google\\Update\\1.3.21.123\\npGoogleUpdate3.dll,version:1.3.21.123},{enabled:true,name:Silverlight Plug-In,path:C:\\Program Files (x86)\\Microsoft Silverlight\\4.1.10329.0\\npctrl.dll,version:4.1.10329.0},{enabled:true,name:Windows Live® Photo Gallery,path:C:\\Program Files (x86)\\Windows Live\\Photo Gallery\\NPWLPG.dll,version:14.0.8081.0709_ship.wlx.w3m3 (ship)},{enabled:true,name:npFFApi,path:C:\\Program Files\\CheckPoint\\ZAForceField\\WOW64\\TrustChecker\\bin\\npFFApi.dll,version:1, 0, 0, 1},{enabled:true,name:Shockwave for Director,path:C:\\Windows\\SysWOW64\\Adobe\\Director\\np32dsw_1168638.dll,version:11.6.8r638},{enabled:true,name:Shockwave Flash,path:C:\\Windows\\SysWOW64\\Macromed\\Flash\\NPSWF32_11_5_502_110.dll,version:11,5,502,110},{enabled:true,name:Adobe Flash Player},{enabled:false,name:Adobe Reader},{enabled:true,name:Adobe Shockwave Player},{enabled:true,name:Chrome PDF Viewer},{enabled:true,name:Chrome Remote Desktop Viewer},{enabled:true,name:Google Update},{enabled:true,name:Java},{enabled:true,name:Microsoft Office},{enabled:true,name:Native Client},{enabled:true,name:Silverlight},{enabled:true,name:Windows Live® Photo Gallery},{enabled:true,name:npFFApi}]},profile:{avatar_index:0,content_settings:{clear_on_exit_migrated:true,pref_version:1},exit_type:Normal,exited_cleanly:true,name:First user},promo:{ntp_bubble_promo:[{closed:false,end:1361231940.0,gplus_required:false,group:0,increment:1,increment_frequency:0,increment_max:1,max_views:1,num_groups:1,segment:1,start:1352332800.0,text:Chrome has been auto-updated.<br/>\n You're now on the latest, greatest version.,views:0}]},session:{startup_urls: [ http://start.mysearc...=1085628055&ir= ]
CHR - Extension: No name found = C:\Users\steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: No name found = C:\Users\steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: No name found = C:\Users\steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.32_0\crossrider
CHR - Extension: No name found = C:\Users\steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.32_0\
CHR - Extension: No name found = C:\Users\steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2009/06/10 21:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (FindRight) - {2c774641-5504-46a8-b63f-6715ae3fe376} - C:\Program Files (x86)\FindRight\FindRightBHO.dll (FindRight)
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (mysearchdial Helper Object) - {EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD} - C:\Program Files (x86)\Mysearchdial\1.8.21.0\bh\mysearchdial.dll (MySearchDial)
O3:64bit: - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (mysearchdial Toolbar) - {3004627E-F8E9-4E8B-909D-316753CBA923} - C:\Program Files (x86)\Mysearchdial\1.8.21.0\mysearchdialTlbr.dll (MySearchDial)
O3 - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No CLSID value found.
O4:64bit: - HKLM..\Run: [cAudioFilterAgent] C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe (Conexant Systems, Inc.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe ()
O4:64bit: - HKLM..\Run: [Toshiba Registration] C:\Program Files\TOSHIBA\Registration\ToshibaReminder.exe (Toshiba Europe GmbH)
O4:64bit: - HKLM..\Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKCU..\Run: [GoogleDriveSync] C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google)
O4 - HKLM..\RunOnce: [Del21469107] C:\Windows\SysWow64\cmd.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [Del21980962] C:\Windows\SysWow64\cmd.exe (Microsoft Corporation)
O4 - HKCU..\RunOnce: [Del21469107] C:\Windows\SysWow64\cmd.exe (Microsoft Corporation)
O4 - HKCU..\RunOnce: [Del21980962] C:\Windows\SysWow64\cmd.exe (Microsoft Corporation)
O4 - Startup: C:\Users\steve\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\steve\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: samsungsetup.com ([www] http in Trusted sites)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.51.2)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.51.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 194.168.4.100 194.168.8.100
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7BC6162B-8FA6-4F02-9D16-FCC1846E815F}: DhcpNameServer = 194.168.4.100 194.168.8.100
O20 - AppInit_DLLs: (c:\progra~3\browse~1\261040~1.25\{c16c1~1\browse~1.dll) - File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ==========
[2014/03/02 15:24:28 | 000,000,000 | ---D | C] -- C:\Users\steve\AppData\Local\CUSTPDF Writer
[2014/03/02 15:12:40 | 000,000,000 | ---D | C] -- C:\Users\steve\AppData\Local\CutePDF Writer
[2014/03/02 15:00:50 | 000,000,000 | ---D | C] -- C:\Users\steve\AppData\Roaming\0D0S1L2Z1P1B0T1P1B2Z
[2014/03/02 15:00:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FindRight
[2014/03/02 14:52:04 | 000,000,000 | ---D | C] -- C:\Users\steve\AppData\Roaming\0D0S1L2Z1P1B
[2014/03/02 14:51:11 | 000,020,312 | ---- | C] (Systweak Inc., (www.systweak.com)) -- C:\Windows\SysNative\roboot64.exe
[2014/03/02 14:51:11 | 000,000,000 | ---D | C] -- C:\Users\steve\AppData\Roaming\mysearchdial
[2014/03/02 14:51:09 | 000,000,000 | ---D | C] -- C:\Users\steve\AppData\Roaming\systweak
[2014/03/02 14:51:09 | 000,000,000 | ---D | C] -- C:\Users\steve\AppData\Roaming\DigitalSites
[2014/03/02 14:51:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Creator
[2014/03/02 14:51:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mysearchdial
[2014/03/02 14:51:05 | 000,000,000 | ---D | C] -- C:\Program Files\PDFCreator
[2014/03/02 14:47:11 | 000,000,000 | ---D | C] -- C:\Users\steve\AppData\Roaming\Opera Software
[2014/03/02 14:47:11 | 000,000,000 | ---D | C] -- C:\Users\steve\AppData\Local\Opera Software
[2014/03/02 14:46:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Opera
[2014/03/02 14:46:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GPLGS
[2014/03/02 14:46:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CutePDF
[2014/03/02 14:46:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Acro Software
[2014/02/25 09:17:57 | 000,000,000 | ---D | C] -- C:\Windows\Migration
[2014/02/17 20:45:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Oracle
[2014/02/17 20:44:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2014/02/17 20:44:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2014/02/17 20:44:47 | 000,264,616 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2014/02/17 20:44:34 | 000,096,168 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2014/02/17 20:44:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2014/02/14 16:38:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2014/02/12 09:27:19 | 000,548,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2014/02/12 09:26:32 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2014/02/12 09:26:31 | 000,574,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2014/02/12 09:26:31 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2014/02/12 09:26:31 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2014/02/12 09:26:30 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2014/02/12 09:26:30 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2014/02/12 09:26:30 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2014/02/12 09:26:29 | 000,627,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014/02/12 09:26:29 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2014/02/12 09:26:29 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2014/02/12 09:26:29 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2014/02/12 09:26:29 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2014/02/12 09:26:29 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2014/02/12 09:26:28 | 000,553,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2014/02/12 09:26:28 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2014/02/12 09:26:28 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2014/02/12 09:26:28 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2014/02/12 09:26:27 | 000,708,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2014/02/12 09:26:27 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2014/02/12 09:26:26 | 000,817,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2014/02/12 09:26:25 | 002,041,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2014/02/12 09:26:25 | 001,964,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2014/02/12 09:26:22 | 005,768,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2014/02/12 09:13:16 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll
[2014/02/12 09:13:16 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll
[2014/02/12 09:13:08 | 000,658,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_isv.exe
[2014/02/12 09:13:07 | 000,626,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate.exe
[2014/02/12 09:13:07 | 000,594,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_isv.exe
[2014/02/12 09:13:07 | 000,572,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate.exe
[2014/02/12 09:13:07 | 000,553,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp.exe
[2014/02/12 09:13:07 | 000,552,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp_isv.exe
[2014/02/12 09:13:07 | 000,528,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdrm.dll
[2014/02/12 09:13:07 | 000,510,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp.exe
[2014/02/12 09:13:07 | 000,508,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp_isv.exe
[2014/02/12 09:13:07 | 000,488,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc.dll
[2014/02/12 09:13:07 | 000,485,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_isv.dll
[2014/02/12 09:13:07 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc.dll
[2014/02/12 09:13:07 | 000,423,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_isv.dll
[2014/02/12 09:13:07 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp_isv.dll
[2014/02/12 09:13:07 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp.dll
[2014/02/12 09:13:07 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp.dll
[2014/02/12 09:13:06 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp_isv.dll
[2014/02/12 09:13:00 | 003,928,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2014/02/12 09:13:00 | 002,565,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2014/02/11 22:06:04 | 000,000,000 | ---D | C] -- C:\Users\steve\Desktop\RD_Record000_data
[2014/02/08 23:22:41 | 000,000,000 | ---D | C] -- C:\Users\steve\AppData\Roaming\Audacity
[2014/02/08 23:22:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Audacity
[2014/02/08 23:22:15 | 000,000,000 | ---D | C] -- C:\Users\steve\AppData\Local\Programs
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2014/03/02 15:35:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/03/02 15:24:30 | 000,187,522 | ---- | M] () -- C:\Users\steve\Documents\Golden Anniversary.pdf
[2014/03/02 15:13:00 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/03/02 15:12:42 | 000,187,522 | ---- | M] () -- C:\Users\steve\Desktop\Golden Anniversary.pdf
[2014/03/02 15:00:37 | 000,000,292 | ---- | M] () -- C:\Windows\tasks\MySearchDial.job
[2014/03/02 15:00:31 | 000,000,292 | ---- | M] () -- C:\Windows\tasks\Digital Sites.job
[2014/03/02 14:59:46 | 000,000,046 | ---- | M] () -- C:\Users\steve\AppData\Roaming\WB.CFG
[2014/03/02 13:33:02 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/03/02 11:45:32 | 000,002,318 | ---- | M] () -- C:\Windows\tasks\weDownload Manager Pro-firefoxinstaller.job
[2014/03/02 11:40:33 | 000,002,042 | ---- | M] () -- C:\Windows\tasks\weDownload Manager Pro-chromeinstaller.job
[2014/03/02 11:40:32 | 000,001,312 | ---- | M] () -- C:\Windows\tasks\weDownload Manager Pro-codedownloader.job
[2014/03/02 09:01:14 | 000,016,304 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/03/02 09:01:14 | 000,016,304 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/03/02 08:54:07 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/03/02 08:53:48 | 2312,085,504 | -HS- | M] () -- C:\hiberfil.sys
[2014/03/01 12:21:07 | 001,641,922 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/03/01 12:21:07 | 000,621,368 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/03/01 12:21:07 | 000,006,450 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/02/22 12:35:17 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014/02/22 12:35:17 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014/02/17 20:44:23 | 000,096,168 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2014/02/17 20:44:22 | 000,264,616 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2014/02/17 20:44:22 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2014/02/17 20:44:22 | 000,174,504 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2014/02/10 18:39:25 | 012,520,148 | ---- | M] () -- C:\Users\steve\Desktop\ableton_live_8_manual_en.pdf
[2014/02/08 23:22:37 | 000,000,974 | ---- | M] () -- C:\Users\Public\Desktop\Audacity.lnk
[2014/02/08 19:13:27 | 000,172,147 | ---- | M] () -- C:\Users\steve\Desktop\cv_-_Steve_Higgins.pdf
[2014/02/06 11:30:12 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2014/02/06 11:07:39 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2014/02/06 11:06:47 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2014/02/06 10:56:03 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2014/02/06 10:52:11 | 000,574,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2014/02/06 10:49:03 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2014/02/06 10:48:45 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2014/02/06 10:48:11 | 000,708,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2014/02/06 10:32:49 | 000,218,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2014/02/06 10:17:15 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2014/02/06 10:11:37 | 005,768,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2014/02/06 10:01:36 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2014/02/06 10:00:46 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2014/02/06 09:57:13 | 000,627,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014/02/06 09:52:21 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2014/02/06 09:50:32 | 002,041,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2014/02/06 09:49:22 | 000,440,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2014/02/06 09:47:22 | 000,112,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2014/02/06 09:46:27 | 000,553,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2014/02/06 09:25:43 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2014/02/06 09:09:30 | 001,964,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2014/02/06 08:40:06 | 000,817,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2014/02/06 08:34:31 | 000,703,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2014/03/02 15:24:35 | 000,187,522 | ---- | C] () -- C:\Users\steve\Documents\Golden Anniversary.pdf
[2014/03/02 15:12:57 | 000,187,522 | ---- | C] () -- C:\Users\steve\Desktop\Golden Anniversary.pdf
[2014/03/02 14:59:46 | 000,000,046 | ---- | C] () -- C:\Users\steve\AppData\Roaming\WB.CFG
[2014/03/02 14:59:41 | 000,000,292 | ---- | C] () -- C:\Windows\tasks\MySearchDial.job
[2014/03/02 14:51:11 | 000,000,292 | ---- | C] () -- C:\Windows\tasks\Digital Sites.job
[2014/03/02 14:51:05 | 000,087,552 | ---- | C] () -- C:\Windows\SysNative\custmon64i.dll
[2014/03/02 14:46:36 | 000,087,600 | ---- | C] () -- C:\Windows\SysNative\cpwmon64.dll
[2014/02/10 18:39:11 | 012,520,148 | ---- | C] () -- C:\Users\steve\Desktop\ableton_live_8_manual_en.pdf
[2014/02/08 23:22:37 | 000,000,986 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
[2014/02/08 23:22:37 | 000,000,974 | ---- | C] () -- C:\Users\Public\Desktop\Audacity.lnk
[2014/02/08 19:13:25 | 000,172,147 | ---- | C] () -- C:\Users\steve\Desktop\cv_-_Steve_Higgins.pdf
[2013/07/28 15:55:45 | 000,000,979 | ---- | C] () -- C:\Windows\mgxoschk.ini
[2013/06/09 12:55:34 | 000,003,584 | ---- | C] () -- C:\Users\steve\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/03/07 07:07:03 | 000,000,017 | ---- | C] () -- C:\Windows\SysWow64\shortcut_ex.dat
[2013/01/22 21:39:16 | 000,000,144 | ---- | C] () -- C:\Windows\SysWow64\lkfl.dat
[2013/01/22 21:39:16 | 000,000,128 | ---- | C] () -- C:\Windows\SysWow64\pdfl.dat
[2013/01/22 21:39:16 | 000,000,080 | ---- | C] () -- C:\Windows\SysWow64\ibfl.dat
[2013/01/13 21:47:52 | 000,000,123 | ---- | C] () -- C:\Windows\wininit.ini
[2012/11/04 16:57:24 | 000,735,726 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/10/31 21:36:23 | 000,000,000 | ---- | C] () -- C:\Windows\NDSTray.INI
========== ZeroAccess Check ==========
[2009/07/14 04:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/07/26 02:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/26 01:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 01:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 12:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 01:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2014/03/02 14:52:04 | 000,000,000 | ---D | M] -- C:\Users\steve\AppData\Roaming\0D0S1L2Z1P1B
[2014/03/02 15:00:50 | 000,000,000 | ---D | M] -- C:\Users\steve\AppData\Roaming\0D0S1L2Z1P1B0T1P1B2Z
[2014/02/22 16:25:59 | 000,000,000 | ---D | M] -- C:\Users\steve\AppData\Roaming\Ableton
[2014/02/11 22:06:05 | 000,000,000 | ---D | M] -- C:\Users\steve\AppData\Roaming\Audacity
[2013/01/22 21:40:31 | 000,000,000 | ---D | M] -- C:\Users\steve\AppData\Roaming\CheckPoint
[2014/03/02 14:51:09 | 000,000,000 | ---D | M] -- C:\Users\steve\AppData\Roaming\DigitalSites
[2014/03/02 08:54:53 | 000,000,000 | ---D | M] -- C:\Users\steve\AppData\Roaming\Dropbox
[2013/10/30 07:29:10 | 000,000,000 | ---D | M] -- C:\Users\steve\AppData\Roaming\MailFrontier
[2014/03/02 14:59:41 | 000,000,000 | ---D | M] -- C:\Users\steve\AppData\Roaming\mysearchdial
[2014/03/02 14:59:14 | 000,000,000 | ---D | M] -- C:\Users\steve\AppData\Roaming\Nokia
[2014/03/02 14:59:14 | 000,000,000 | ---D | M] -- C:\Users\steve\AppData\Roaming\Nokia Suite
[2014/03/02 14:47:11 | 000,000,000 | ---D | M] -- C:\Users\steve\AppData\Roaming\Opera Software
[2014/01/01 18:11:27 | 000,000,000 | ---D | M] -- C:\Users\steve\AppData\Roaming\PC Suite
[2014/03/01 08:42:52 | 000,000,000 | ---D | M] -- C:\Users\steve\AppData\Roaming\SoftGrid Client
[2014/03/02 15:03:18 | 000,000,000 | ---D | M] -- C:\Users\steve\AppData\Roaming\systweak
[2013/01/07 22:23:29 | 000,000,000 | ---D | M] -- C:\Users\steve\AppData\Roaming\TFP
[2012/11/04 18:17:46 | 000,000,000 | ---D | M] -- C:\Users\steve\AppData\Roaming\Toshiba
[2012/11/04 16:58:14 | 000,000,000 | ---D | M] -- C:\Users\steve\AppData\Roaming\TP
========== Purity Check ==========
========== Custom Scans ==========
< %USERPROFILE%\..|smtmp;true;true;true /FP >
< %temp%\smtmp\*.* /s > >
< MD5 for: EXPLORER.ADML >
[2009/07/14 02:30:02 | 000,003,695 | ---- | M] () MD5=7A4C7F3CB156543113596988479CAFCE -- C:\Windows\winsxs\amd64_microsoft-windows-s..ouppolicy.resources_31bf3856ad364e35_6.1.7600.16385_en-us_7ef5713984067904\Explorer.adml
< MD5 for: EXPLORER.ADMX >
[2009/06/10 20:53:55 | 000,003,836 | ---- | M] () MD5=AD131A834808E6AFF4A3918DE05BFCF6 -- C:\Windows\winsxs\amd64_microsoft-windows-shell-grouppolicy_31bf3856ad364e35_6.1.7600.16385_none_71af9b5b0a86e6b7\Explorer.admx
< MD5 for: EXPLORER.EXE >
[2011/02/26 06:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011/02/26 05:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009/07/14 01:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011/02/26 05:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2009/10/31 05:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011/02/26 05:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011/02/25 06:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011/02/25 06:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/02/26 06:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/11/20 12:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2009/08/03 06:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011/02/25 05:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011/02/25 05:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2009/10/31 06:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009/08/03 05:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010/11/20 13:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009/10/31 06:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009/08/03 05:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009/07/14 01:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009/10/31 06:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011/02/26 06:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2009/08/03 06:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe
< MD5 for: EXPLORER.EXE.MUI >
[2009/07/14 02:26:48 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=4B87EEFDC8E253F846A7DFB49A8E6C70 -- C:\Windows\en-US\explorer.exe.mui
[2009/07/14 02:26:48 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=4B87EEFDC8E253F846A7DFB49A8E6C70 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer.resources_31bf3856ad364e35_6.1.7600.16385_en-us_61e778c48d52d19b\explorer.exe.mui
[2009/07/14 02:06:56 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=B9F4B1CA23D60775736059D72BA48526 -- C:\Windows\SysWOW64\en-US\explorer.exe.mui
[2009/07/14 02:06:56 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=B9F4B1CA23D60775736059D72BA48526 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer.resources_31bf3856ad364e35_6.1.7600.16385_en-us_6c3c2316c1b39396\explorer.exe.mui
< MD5 for: EXPLORER.EXE-A80E4F97.PF >
[2014/02/26 16:10:54 | 000,184,682 | ---- | M] () MD5=367214F85F10C925ECD5FF640FA9963C -- C:\Windows\Prefetch\EXPLORER.EXE-A80E4F97.pf
< MD5 for: IEXPLORE.EXE >
[2013/01/09 01:53:45 | 000,763,424 | ---- | M] (Microsoft Corporation) MD5=0100BCF23941C83462E4A70F94C3392E -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16464_none_0d2c5bc980874648\iexplore.exe
[2013/12/16 08:29:13 | 000,804,560 | ---- | M] (Microsoft Corporation) MD5=0685765C0CBE095BA0C6C8790BAE21EF -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_11.2.9600.16428_none_7b0d6f67c2d3f97a\iexplore.exe
[2013/05/17 02:32:12 | 000,770,648 | ---- | M] (Microsoft Corporation) MD5=07DFD28E57879554D054464EE4A5662D -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.16614_none_20d88bb252a3770f\iexplore.exe
[2012/11/14 02:56:04 | 000,757,296 | ---- | M] (Microsoft Corporation) MD5=0D286C0FE561D1A7EB30E83A0FF305B2 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16457_none_178ed6e5b4dd3857\iexplore.exe
[2013/07/26 06:23:39 | 000,775,256 | ---- | M] (Microsoft Corporation) MD5=133CEF30905806A35606652D409EEEBA -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.16660_none_16893df21e3dcd43\iexplore.exe
[2013/08/10 06:31:28 | 000,775,256 | ---- | M] (Microsoft Corporation) MD5=1F3B062444AD6F667B5336E78D5A02B7 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.20794_none_ffb36d2837eafb72\iexplore.exe
[2012/11/01 09:50:21 | 000,748,680 | ---- | M] (Microsoft Corporation) MD5=22CC6CDBA678790046693654C3B212E4 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16450_none_1787d4dfb4e386f6\iexplore.exe
[2012/10/08 08:37:24 | 000,748,704 | ---- | M] (Microsoft Corporation) MD5=270A1342BD5AF95CA25A586B4C2F1522 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16455_none_178cd651b4df05a9\iexplore.exe
[2013/03/29 16:48:18 | 000,770,560 | ---- | M] (Microsoft Corporation) MD5=2859EBC065D2E1CCC94161CE28BAC085 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.16521_none_20e4a040529a2792\iexplore.exe
[2013/02/25 00:58:09 | 000,775,232 | ---- | M] (Microsoft Corporation) MD5=28F93BAFB3EB407E99A7ED3D9DBDE04C -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.20644_none_ffb93ba237e760ce\iexplore.exe
[2013/06/12 04:41:27 | 000,770,648 | ---- | M] (Microsoft Corporation) MD5=2A5F565327BFD679EC5F790DC15BBF25 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.20742_none_0a0343986c500b78\iexplore.exe
[2009/07/14 01:17:29 | 000,673,048 | ---- | M] (Microsoft Corporation) MD5=2C32E3E596CFE660353753EABEFB0540 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_8.0.7600.16385_none_19ba3f8a72d988f3\iexplore.exe
[2012/11/01 09:50:17 | 000,754,824 | ---- | M] (Microsoft Corporation) MD5=2D53C5F71653EF94E7829846405D4ED2 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16450_none_0d332a8d8082c4fb\iexplore.exe
[2013/04/05 05:55:38 | 000,770,624 | ---- | M] (Microsoft Corporation) MD5=2DC6BD1047553611DAEF97C751131A5D -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.20681_none_0a122b746c443b42\iexplore.exe
[2013/06/12 00:23:57 | 000,770,648 | ---- | M] (Microsoft Corporation) MD5=30E7CA4620500FE012EB464F0E1DE91E -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.16635_none_20da757e52a1c35e\iexplore.exe
[2013/08/10 06:10:22 | 000,775,256 | ---- | M] (Microsoft Corporation) MD5=351657C79B62B91E16A95AD23EA3710D -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.16686_none_168ab5d61e3c99b7\iexplore.exe
[2013/08/10 04:18:11 | 000,770,648 | ---- | M] (Microsoft Corporation) MD5=37287D98A1BF5D56AA729CEB9B27C6B1 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.16686_none_20df6028529d5bb2\iexplore.exe
[2013/05/17 01:57:28 | 000,770,648 | ---- | M] (Microsoft Corporation) MD5=3902E280F6117A468D5573343A7AA1F6 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.20719_none_09ffa3426c5372da\iexplore.exe
[2013/10/12 21:42:28 | 000,775,344 | ---- | M] (Microsoft Corporation) MD5=39D0074C59F6D1A62731942C7FA8B60B -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.16736_none_167ae4781e4936f5\iexplore.exe
[2013/10/12 09:49:48 | 000,775,344 | ---- | M] (Microsoft Corporation) MD5=3C8C00380462B1023C9F8EA2A9A7A137 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.20848_none_ffa340aa37f7ff34\iexplore.exe
[2014/02/06 22:24:01 | 000,808,152 | ---- | M] (Microsoft Corporation) MD5=4263F6C131E513CEA1AE82B5B81A4E1A -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
[2014/02/06 22:24:01 | 000,808,152 | ---- | M] (Microsoft Corporation) MD5=4263F6C131E513CEA1AE82B5B81A4E1A -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_11.2.9600.16518_none_85564983f73dbe0f\iexplore.exe
[2013/08/10 05:13:42 | 000,770,648 | ---- | M] (Microsoft Corporation) MD5=48A1306191216997F717C451B8D15139 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.20794_none_0a08177a6c4bbd6d\iexplore.exe
[2012/10/08 12:29:46 | 000,754,848 | ---- | M] (Microsoft Corporation) MD5=49442BA6DCE4B4E3C1CB0AB193FE29AD -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16455_none_0d382bff807e43ae\iexplore.exe
[2012/08/24 17:15:32 | 000,672,872 | ---- | M] (Microsoft Corporation) MD5=4ADB84297505A1627DEEA18529BF4B16 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_8.0.7600.17115_none_1a05d46a72a0e4af\iexplore.exe
[2013/02/21 12:59:57 | 000,775,216 | ---- | M] (Microsoft Corporation) MD5=6554208814632C25C77EE02355EB8E95 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.16540_none_16920d4a1e377ea4\iexplore.exe
[2013/03/29 16:48:03 | 000,775,184 | ---- | M] (Microsoft Corporation) MD5=681B380492ACB571ED6CCC1F37F53343 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.16521_none_168ff5ee1e396597\iexplore.exe
[2013/01/08 22:42:06 | 000,757,280 | ---- | M] (Microsoft Corporation) MD5=698EB1E5F8C66344D97C00B5699E871D -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16464_none_1781061bb4e80843\iexplore.exe
[2013/07/26 03:49:06 | 000,770,648 | ---- | M] (Microsoft Corporation) MD5=7BA1862B8A5698DC5FCFDFF3BC359DE9 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.16660_none_20dde844529e8f3e\iexplore.exe
[2013/02/02 08:09:12 | 000,763,424 | ---- | M] (Microsoft Corporation) MD5=7C2923004FFC497E54F38E835F108EE8 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.20580_none_0d9c579499b8b898\iexplore.exe
[2012/08/24 18:10:19 | 000,696,424 | ---- | M] (Microsoft Corporation) MD5=85275D3D81C23C8A8D3C915888D11C66 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_8.0.7600.17115_none_0fb12a183e4022b4\iexplore.exe
[2010/11/20 13:28:25 | 000,695,056 | ---- | M] (Microsoft Corporation) MD5=86257731DDB311FBC283534CC0091634 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_8.0.7601.17514_none_1196a9003b674a92\iexplore.exe
[2013/10/25 04:45:28 | 000,775,344 | ---- | M] (Microsoft Corporation) MD5=8AA8CFAF04E518C81E0C515585CD6AE4 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.20861_none_ffa5e0b637f57e7b\iexplore.exe
[2013/07/26 05:47:06 | 000,775,256 | ---- | M] (Microsoft Corporation) MD5=8D805B4EEEE0ECF6B604BE284978F135 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.20768_none_ffb0112a37ee15f1\iexplore.exe
[2013/10/25 07:41:14 | 000,775,344 | ---- | M] (Microsoft Corporation) MD5=8E6225096C44271A88FD201C7188BDFC -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.16750_none_167d6dbc1e46cfdd\iexplore.exe
[2013/05/17 03:02:08 | 000,775,256 | ---- | M] (Microsoft Corporation) MD5=8F00471CA24ADF8D2AFAACF856EB70A4 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.20719_none_ffaaf8f037f2b0df\iexplore.exe
[2013/06/12 02:28:00 | 000,775,256 | ---- | M] (Microsoft Corporation) MD5=98C6F2A9A981A54222602B87C6310BDE -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.16635_none_1685cb2c1e410163\iexplore.exe
[2013/10/12 07:16:06 | 000,770,736 | ---- | M] (Microsoft Corporation) MD5=9DFE1678738DD968D7BA5559B52706D1 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.20848_none_09f7eafc6c58c12f\iexplore.exe
[2013/10/25 05:22:15 | 000,770,736 | ---- | M] (Microsoft Corporation) MD5=9ED469260687108F5F8FD544D56ABC54 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.16750_none_20d2180e52a791d8\iexplore.exe
[2013/02/24 23:52:40 | 000,770,624 | ---- | M] (Microsoft Corporation) MD5=A11C5E3E288256C540B7ED8BE3A04B01 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.20644_none_0a0de5f46c4822c9\iexplore.exe
[2013/02/02 04:19:03 | 000,757,280 | ---- | M] (Microsoft Corporation) MD5=A285E1965C115031DA02B777EE9D7689 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.20580_none_17f101e6ce197a93\iexplore.exe
[2013/10/25 01:16:38 | 000,770,736 | ---- | M] (Microsoft Corporation) MD5=A8130AEDCC06FBDEBEC8E34732C01A16 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.20861_none_09fa8b086c564076\iexplore.exe
[2013/02/02 07:37:58 | 000,763,424 | ---- | M] (Microsoft Corporation) MD5=A8EBEBCD9F5C49475194099FCD276992 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16470_none_0d1d8ab58092fcdd\iexplore.exe
[2013/04/05 06:02:26 | 000,770,608 | ---- | M] (Microsoft Corporation) MD5=AAD90795E84E710543C6C7C2F7048E30 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.16576_none_20e92fca5296266a\iexplore.exe
[2012/11/16 03:08:58 | 000,763,424 | ---- | M] (Microsoft Corporation) MD5=AC4957E154F750DF54F36ADC8E3E040D -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.20565_none_0db6f8de99a3ff69\iexplore.exe
[2010/11/20 12:22:51 | 000,673,040 | ---- | M] (Microsoft Corporation) MD5=C613E69C3B191BB02C7A191741A1D024 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_8.0.7601.17514_none_1beb53526fc80c8d\iexplore.exe
[2014/02/06 22:55:10 | 000,806,104 | ---- | M] (Microsoft Corporation) MD5=C6E1178294BDEAB1CACF50427688DF05 -- C:\Program Files\Internet Explorer\iexplore.exe
[2014/02/06 22:55:10 | 000,806,104 | ---- | M] (Microsoft Corporation) MD5=C6E1178294BDEAB1CACF50427688DF05 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_11.2.9600.16518_none_7b019f31c2dcfc14\iexplore.exe
[2012/08/24 17:10:38 | 000,672,872 | ---- | M] (Microsoft Corporation) MD5=C6E8F6DB0FD7B28924D1CBC8AE03ECEE -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_8.0.7600.21313_none_1a8d72878bc04ef2\iexplore.exe
[2013/12/16 08:29:15 | 000,806,096 | ---- | M] (Microsoft Corporation) MD5=C8A8321292A459B0A17FB39A782A5C74 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_11.2.9600.16428_none_856219b9f734bb75\iexplore.exe
[2013/06/12 07:51:43 | 000,775,256 | ---- | M] (Microsoft Corporation) MD5=CA88A25280B1D85ED0BC26B042ABBCCF -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.20742_none_ffae994637ef497d\iexplore.exe
[2013/04/05 07:53:33 | 000,775,232 | ---- | M] (Microsoft Corporation) MD5=CEA304830B4770BDA3572B87D0841848 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.16576_none_169485781e35646f\iexplore.exe
[2012/10/08 08:22:05 | 000,748,704 | ---- | M] (Microsoft Corporation) MD5=CECB15F834FC2B4B150449717ADE18DD -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.20562_none_1808a252ce07755f\iexplore.exe
[2013/09/22 23:54:30 | 000,770,648 | ---- | M] (Microsoft Corporation) MD5=D6B7DDB68436F13C3CAE2B92524F1FEC -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.16721_none_20cf006852aa5f74\iexplore.exe
[2013/10/12 07:44:13 | 000,770,736 | ---- | M] (Microsoft Corporation) MD5=D7D5768B8A697FCBAEE2CFE137070F02 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.16736_none_20cf8eca52a9f8f0\iexplore.exe
[2013/09/23 00:01:39 | 000,770,648 | ---- | M] (Microsoft Corporation) MD5=DB352EBF77E8655E0C46B6923F3C9950 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.20831_none_09f78a2a6c58f471\iexplore.exe
[2013/02/02 04:19:04 | 000,757,296 | ---- | M] (Microsoft Corporation) MD5=DDE5A0DFAF7C6370FB36402D7A746ED3 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16470_none_17723507b4f3bed8\iexplore.exe
[2013/04/05 07:23:03 | 000,775,216 | ---- | M] (Microsoft Corporation) MD5=DE751E18F8DBF7BCCE46989CBA4A9828 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.20681_none_ffbd812237e37947\iexplore.exe
[2012/08/24 18:24:56 | 000,696,424 | ---- | M] (Microsoft Corporation) MD5=E3C361C85ADECFF3A485E4FE17859E0F -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_8.0.7600.21313_none_1038c835575f8cf7\iexplore.exe
[2013/02/21 11:28:11 | 000,770,608 | ---- | M] (Microsoft Corporation) MD5=E4F6125ED5185F8FA37CC4F449B85526 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.16540_none_20e6b79c5298409f\iexplore.exe
[2013/07/26 05:09:39 | 000,770,648 | ---- | M] (Microsoft Corporation) MD5=E70D60B3A350BD09D86CDAD9CF55F36B -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.20768_none_0a04bb7c6c4ed7ec\iexplore.exe
[2013/09/23 01:55:58 | 000,775,256 | ---- | M] (Microsoft Corporation) MD5=E9F843E7E412AE9A507FD5ABBBD06462 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.20831_none_ffa2dfd837f83276\iexplore.exe
[2013/05/17 03:30:45 | 000,775,256 | ---- | M] (Microsoft Corporation) MD5=EDC77CF787FA015205936C9A3228486E -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.16614_none_1683e1601e42b514\iexplore.exe
[2013/01/09 00:51:57 | 000,763,424 | ---- | M] (Microsoft Corporation) MD5=EF1F6F41FB2C9BBB484B21017F380201 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.20573_none_0daa285e99ade8ac\iexplore.exe
[2013/01/08 21:32:42 | 000,757,280 | ---- | M] (Microsoft Corporation) MD5=F05982E56ABD835AA8DF260EEC873E5B -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.20573_none_17fed2b0ce0eaaa7\iexplore.exe
[2009/07/14 01:43:43 | 000,696,600 | ---- | M] (Microsoft Corporation) MD5=F2B0D41E1D08D0B2006DF5AA2E74C81E -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_8.0.7600.16385_none_0f6595383e78c6f8\iexplore.exe
[2012/10/08 11:09:10 | 000,754,824 | ---- | M] (Microsoft Corporation) MD5=F61714ABCF9BF0CEF0A6249AD4FD490B -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.20562_none_0db3f80099a6b364\iexplore.exe
[2012/11/14 02:19:28 | 000,757,280 | ---- | M] (Microsoft Corporation) MD5=F691418EE9A6344AEB5C1B0518FBF8AE -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.20565_none_180ba330ce04c164\iexplore.exe
[2013/09/23 01:25:59 | 000,775,256 | ---- | M] (Microsoft Corporation) MD5=F6A7D9C0BC326F695526069C1DA1E8B7 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.16721_none_167a56161e499d79\iexplore.exe
[2012/11/14 07:11:18 | 000,763,424 | ---- | M] (Microsoft Corporation) MD5=FD0D2E1FAEBAE5031BE2EB8000D973F1 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16457_none_0d3a2c93807c765c\iexplore.exe
< MD5 for: IEXPLORE.EXE.MUI >
[2013/12/16 08:29:16 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=0B33787AB6EE3BB5FDB0C7C52E4E06A6 -- C:\Program Files (x86)\Internet Explorer\en-US\iexplore.exe.mui
[2013/12/16 08:29:13 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=0B33787AB6EE3BB5FDB0C7C52E4E06A6 -- C:\Program Files\Internet Explorer\en-US\iexplore.exe.mui
[2013/12/16 08:29:13 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=0B33787AB6EE3BB5FDB0C7C52E4E06A6 -- C:\Windows\winsxs\amd64_microsoft-windows-i..-optional.resources_31bf3856ad364e35_11.2.9600.16428_en-us_74ba04defa813a61\iexplore.exe.mui
[2013/12/16 08:29:16 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=0B33787AB6EE3BB5FDB0C7C52E4E06A6 -- C:\Windows\winsxs\wow64_microsoft-windows-i..-optional.resources_31bf3856ad364e35_11.2.9600.16428_en-us_7f0eaf312ee1fc5c\iexplore.exe.mui
[2012/11/01 09:50:17 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=17FAE936C452188D05852DE8D1082013 -- C:\Windows\winsxs\amd64_microsoft-windows-i..-optional.resources_31bf3856ad364e35_9.4.8112.16421_en-us_07013012b816cb66\iexplore.exe.mui
[2012/11/01 09:50:21 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=4C71CCB3C8817185E67210856778831F -- C:\Windows\winsxs\wow64_microsoft-windows-i..-optional.resources_31bf3856ad364e35_9.4.8112.16421_en-us_1155da64ec778d61\iexplore.exe.mui
[2013/03/29 16:48:07 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=8EDDC50FD07326E7DF9C4EEA422F0918 -- C:\Windows\winsxs\amd64_microsoft-windows-i..-optional.resources_31bf3856ad364e35_10.2.9200.16521_en-us_103c8b6555e6a67e\iexplore.exe.mui
[2013/03/29 16:48:23 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=8EDDC50FD07326E7DF9C4EEA422F0918 -- C:\Windows\winsxs\wow64_microsoft-windows-i..-optional.resources_31bf3856ad364e35_10.2.9200.16521_en-us_1a9135b78a476879\iexplore.exe.mui
[2009/07/14 02:29:20 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=C29BCFB504E33FEADDFA2D0183CEF62F -- C:\Windows\winsxs\amd64_microsoft-windows-i..-optional.resources_31bf3856ad364e35_8.0.7600.16385_en-us_09122aaf762607df\iexplore.exe.mui
[2009/07/14 02:29:20 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=C29BCFB504E33FEADDFA2D0183CEF62F -- C:\Windows\winsxs\amd64_microsoft-windows-i..-optional.resources_31bf3856ad364e35_8.0.7601.17514_en-us_0b433e7773148b79\iexplore.exe.mui
[2009/07/14 02:05:06 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=FBA4CD95930248053A2C3F43CA70B986 -- C:\Windows\winsxs\wow64_microsoft-windows-i..-optional.resources_31bf3856ad364e35_8.0.7600.16385_en-us_1366d501aa86c9da\iexplore.exe.mui
[2009/07/14 02:05:06 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=FBA4CD95930248053A2C3F43CA70B986 -- C:\Windows\winsxs\wow64_microsoft-windows-i..-optional.resources_31bf3856ad364e35_8.0.7601.17514_en-us_1597e8c9a7754d74\iexplore.exe.mui
< MD5 for: SERVICES >
[2009/06/10 21:00:26 | 000,017,463 | ---- | M] () MD5=D9E1A01B480D961B7CF0509D597A92D6 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.1.7600.16385_none_6079f415110c0210\services
< MD5 for: SERVICES.EXE >
[2009/07/14 01:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\SysNative\services.exe
[2009/07/14 01:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe
< MD5 for: SERVICES.EXE.MUI >
[2009/07/14 02:25:40 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=6507BF0DC2D1F5F32493C288EAA59277 -- C:\Windows\SysNative\en-US\services.exe.mui
[2009/07/14 02:25:40 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=6507BF0DC2D1F5F32493C288EAA59277 -- C:\Windows\winsxs\amd64_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_en-us_c5f238be3fa63468\services.exe.mui
< MD5 for: SERVICES.LNK >
[2009/07/14 04:54:05 | 000,001,288 | ---- | M] () MD5=CA0D9F4743DFF86EBAF09D763139E958 -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2009/07/14 04:54:05 | 000,001,288 | ---- | M] () MD5=CA0D9F4743DFF86EBAF09D763139E958 -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
< MD5 for: SERVICES.MOF >
[2009/06/10 20:44:06 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\SysNative\wbem\services.mof
[2009/06/10 20:44:06 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.mof
< MD5 for: SERVICES.MSC >
[2009/07/14 02:23:30 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysNative\en-US\services.msc
[2009/06/10 20:38:36 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysNative\services.msc
[2009/07/14 02:08:50 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysWOW64\en-US\services.msc
[2009/06/10 21:21:09 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysWOW64\services.msc
[2009/07/14 02:23:30 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\amd64_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.1.7600.16385_en-us_003408aa160fce5b\services.msc
[2009/06/10 20:38:36 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\amd64_microsoft-windows-servicessnapin_31bf3856ad364e35_6.1.7600.16385_none_2b58d44b5f6beb8a\services.msc
[2009/07/14 02:08:50 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.1.7600.16385_en-us_a4156d265db25d25\services.msc
[2009/06/10 21:21:09 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-servicessnapin_31bf3856ad364e35_6.1.7600.16385_none_cf3a38c7a70e7a54\services.msc
< MD5 for: SERVICES.PTXML >
[2009/07/13 20:16:17 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\Windows\SysNative\wdi\perftrack\Services.ptxml
[2009/07/13 20:16:17 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\Services.ptxml
< MD5 for: WINLOGON.ADML >
[2009/07/14 02:25:22 | 000,008,013 | ---- | M] () MD5=CED0EAD8D152B3D0F114698DE2316C5E -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon-adm.resources_31bf3856ad364e35_6.1.7600.16385_en-us_f0f9032ef6930070\WinLogon.adml
< MD5 for: WINLOGON.ADMX >
[2009/06/10 21:04:41 | 000,005,237 | ---- | M] () MD5=89D8F50E186A16C2CED3CF36DBBC0B2C -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon-adm_31bf3856ad364e35_6.1.7600.16385_none_d7024e6992f3424d\WinLogon.admx
< MD5 for: WINLOGON.EXE >
[2010/11/20 13:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010/11/20 13:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009/07/14 01:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009/10/28 07:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009/10/28 06:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe
< MD5 for: WINLOGON.EXE.MUI >
[2010/11/20 13:00:25 | 000,023,040 | ---- | M] (Microsoft Corporation) MD5=34C7D2E30868EDAFB191341D963ABA5F -- C:\Windows\SysNative\en-US\winlogon.exe.mui
[2010/11/20 13:00:25 | 000,023,040 | ---- | M] (Microsoft Corporation) MD5=34C7D2E30868EDAFB191341D963ABA5F -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon.resources_31bf3856ad364e35_6.1.7601.17514_en-us_291e96fa1ab5fc7b\winlogon.exe.mui
[2009/07/14 02:29:52 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=56D03B64B8C483C1D12A8E4577B3B332 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon.resources_31bf3856ad364e35_6.1.7600.16385_en-us_26ed83321dc778e1\winlogon.exe.mui
< MD5 for: WINLOGON.MFL >
[2009/07/14 02:27:22 | 000,001,080 | ---- | M] () MD5=2783ED50691284F7EAE6BE9729337E1A -- C:\Windows\SysNative\wbem\en-US\winlogon.mfl
[2009/07/14 02:27:22 | 000,001,080 | ---- | M] () MD5=2783ED50691284F7EAE6BE9729337E1A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon-mof.resources_31bf3856ad364e35_6.1.7600.16385_en-us_84afd4fd38ffd276\winlogon.mfl
< MD5 for: WINLOGON.MOF >
[2009/07/13 20:30:01 | 000,003,192 | ---- | M] () MD5=DF722B96F32A61783BC310FACF10240B -- C:\Windows\SysNative\wbem\winlogon.mof
[2009/07/13 20:30:01 | 000,003,192 | ---- | M] () MD5=DF722B96F32A61783BC310FACF10240B -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon-mof_31bf3856ad364e35_6.1.7600.16385_none_dc2dbb778f98e40f\winlogon.mof
< %SYSTEMDRIVE%\*.* >
[2014/03/02 08:53:48 | 2312,085,504 | -HS- | M] () -- C:\hiberfil.sys
[2014/03/02 08:53:52 | 3082,780,672 | -HS- | M] () -- C:\pagefile.sys
[2010/06/17 09:57:20 | 000,000,123 | -H-- | M] () -- C:\SWSTAMP.TXT
< %systemroot%\Fonts\*.com >
[2009/07/14 05:32:31 | 000,026,040 | ---- | M] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont
[2009/07/14 05:32:31 | 000,026,489 | ---- | M] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont
[2009/07/14 05:32:31 | 000,029,779 | ---- | M] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont
[2009/07/14 05:32:31 | 000,043,318 | ---- | M] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont
< %systemroot%\Fonts\*.dll >
< %systemroot%\Fonts\*.ini >
[2009/06/10 20:49:50 | 000,000,065 | ---- | M] () -- C:\Windows\Fonts\desktop.ini
< %systemroot%\Fonts\*.ini2 >
< %systemroot%\Fonts\*.exe >
< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
< %systemroot%\REPAIR\*.bak1 >
< %systemroot%\REPAIR\*.ini >
< %systemroot%\system32\*.jpg >
< %systemroot%\*.jpg >
< %systemroot%\*.png >
< %systemroot%\*.scr >
[2009/07/10 11:15:46 | 000,306,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\WLXPGSS.SCR
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
< %systemroot%\*._sy >
< %APPDATA%\Adobe\Update\*.* >
< %ALLUSERSPROFILE%\Favorites\*.* >
< %APPDATA%\Microsoft\*.* >
< %PROGRAMFILES%\*.* >
[2009/07/14 04:54:24 | 000,000,174 | -HS- | M] () -- C:\Program Files (x86)\desktop.ini
< %APPDATA%\Update\*.* >
< %systemroot%\*. /mp /s >
< dir "%systemdrive%\*" /S /A:L /C >
Volume in drive C is WINDOWS
Volume Serial Number is 1C66-D1D2
Directory of C:\
14/07/2009 05:08 <JUNCTION> Documents and Settings [C:\Users]
0 File(s) 0 bytes
Directory of C:\ProgramData
14/07/2009 05:08 <JUNCTION> Application Data [C:\ProgramData]
14/07/2009 05:08 <JUNCTION> Desktop [C:\Users\Public\Desktop]
14/07/2009 05:08 <JUNCTION> Documents [C:\Users\Public\Documents]
14/07/2009 05:08 <JUNCTION> Favorites [C:\Users\Public\Favorites]
14/07/2009 05:08 <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
14/07/2009 05:08 <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users
14/07/2009 05:08 <SYMLINKD> All Users [C:\ProgramData]
14/07/2009 05:08 <JUNCTION> Default User [C:\Users\Default]
0 File(s) 0 bytes
Directory of C:\Users\All Users
14/07/2009 05:08 <JUNCTION> Application Data [C:\ProgramData]
14/07/2009 05:08 <JUNCTION> Desktop [C:\Users\Public\Desktop]
14/07/2009 05:08 <JUNCTION> Documents [C:\Users\Public\Documents]
14/07/2009 05:08 <JUNCTION> Favorites [C:\Users\Public\Favorites]
14/07/2009 05:08 <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
14/07/2009 05:08 <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\Default
14/07/2009 05:08 <JUNCTION> Application Data [C:\Users\Default\AppData\Roaming]
14/07/2009 05:08 <JUNCTION> Cookies [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Cookies]
14/07/2009 05:08 <JUNCTION> Local Settings [C:\Users\Default\AppData\Local]
14/07/2009 05:08 <JUNCTION> My Documents [C:\Users\Default\Documents]
14/07/2009 05:08 <JUNCTION> NetHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
14/07/2009 05:08 <JUNCTION> PrintHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
14/07/2009 05:08 <JUNCTION> Recent [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Recent]
14/07/2009 05:08 <JUNCTION> SendTo [C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo]
14/07/2009 05:08 <JUNCTION> Start Menu [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu]
14/07/2009 05:08 <JUNCTION> Templates [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\Default\AppData\Local
14/07/2009 05:08 <JUNCTION> Application Data [C:\Users\Default\AppData\Local]
14/07/2009 05:08 <JUNCTION> History [C:\Users\Default\AppData\Local\Microsoft\Windows\History]
14/07/2009 05:08 <JUNCTION> Temporary Internet Files [C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\Default\Documents
14/07/2009 05:08 <JUNCTION> My Music [C:\Users\Default\Music]
14/07/2009 05:08 <JUNCTION> My Pictures [C:\Users\Default\Pictures]
14/07/2009 05:08 <JUNCTION> My Videos [C:\Users\Default\Videos]
0 File(s) 0 bytes
Directory of C:\Users\Public\Documents
14/07/2009 05:08 <JUNCTION> My Music [C:\Users\Public\Music]
14/07/2009 05:08 <JUNCTION> My Pictures [C:\Users\Public\Pictures]
14/07/2009 05:08 <JUNCTION> My Videos [C:\Users\Public\Videos]
0 File(s) 0 bytes
Directory of C:\Users\steve
31/10/2012 22:47 <JUNCTION> Application Data [C:\Users\steve\AppData\Roaming]
31/10/2012 22:47 <JUNCTION> Cookies [C:\Users\steve\AppData\Roaming\Microsoft\Windows\Cookies]
31/10/2012 22:47 <JUNCTION> Local Settings [C:\Users\steve\AppData\Local]
31/10/2012 22:47 <JUNCTION> My Documents [C:\Users\steve\Documents]
31/10/2012 22:47 <JUNCTION> NetHood [C:\Users\steve\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
31/10/2012 22:47 <JUNCTION> PrintHood [C:\Users\steve\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
31/10/2012 22:47 <JUNCTION> Recent [C:\Users\steve\AppData\Roaming\Microsoft\Windows\Recent]
31/10/2012 22:47 <JUNCTION> SendTo [C:\Users\steve\AppData\Roaming\Microsoft\Windows\SendTo]
31/10/2012 22:47 <JUNCTION> Start Menu [C:\Users\steve\AppData\Roaming\Microsoft\Windows\Start Menu]
31/10/2012 22:47 <JUNCTION> Templates [C:\Users\steve\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\steve\AppData\Local
31/10/2012 22:47 <JUNCTION> Application Data [C:\Users\steve\AppData\Local]
31/10/2012 22:47 <JUNCTION> History [C:\Users\steve\AppData\Local\Microsoft\Windows\History]
31/10/2012 22:47 <JUNCTION> Temporary Internet Files [C:\Users\steve\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\steve\Documents
31/10/2012 22:47 <JUNCTION> My Music [C:\Users\steve\Music]
31/10/2012 22:47 <JUNCTION> My Pictures [C:\Users\steve\Pictures]
31/10/2012 22:47 <JUNCTION> My Videos [C:\Users\steve\Videos]
0 File(s) 0 bytes
Total Files Listed:
0 File(s) 0 bytes
50 Dir(s) 76,516,683,776 bytes free
< %systemroot%\System32\config\*.sav >
< %PROGRAMFILES%\bak. /s >
< %systemroot%\system32\bak. /s >
< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >
< %systemroot%\system32\config\systemprofile\*.dat /x >
< %systemroot%\*.config >
< %systemroot%\system32\*.db >
< %PROGRAMFILES%\Internet Explorer\*.dat >
< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2012/11/03 19:20:19 | 000,000,221 | -HS- | M] () -- C:\Users\steve\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop.ini
< %USERPROFILE%\Desktop\*.exe >
< %PROGRAMFILES%\Common Files\*.* >
< %systemroot%\*.src >
< %systemroot%\install\*.* >
< %systemroot%\system32\DLL\*.* >
< %systemroot%\system32\HelpFiles\*.* >
< %systemroot%\system32\rundll\*.* >
< %systemroot%\winn32\*.* >
< %systemroot%\Java\*.* >
< %systemroot%\system32\test\*.* >
< %systemroot%\system32\Rundll32\*.* >
< %systemroot%\AppPatch\Custom\*.* >
< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
< End of report >
OTL Extras logfile created on: 3/2/2014 3:43:58 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\steve\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16518)
Locale: 00000409 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
2.87 Gb Total Physical Memory | 1.42 Gb Available Physical Memory | 49.46% Memory free
5.74 Gb Paging File | 3.92 Gb Available in Paging File | 68.33% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 148.81 Gb Total Space | 71.50 Gb Free Space | 48.04% Space Free | Partition Type: NTFS
Drive D: | 148.88 Gb Total Space | 141.97 Gb Free Space | 95.35% Space Free | Partition Type: NTFS
Unable to calculate disk information.
Drive F: | 465.76 Gb Total Space | 282.89 Gb Free Space | 60.74% Space Free | Partition Type: NTFS
Computer Name: STEVE-TOSH | User Name: steve | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = OperaStable] -- Reg Error: Key error. File not found
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = OperaStable] -- Reg Error: Key error. File not found
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Opera\launcher.exe" -noautoupdate "%1"
https [open] -- "C:\Program Files (x86)\Opera\launcher.exe" -noautoupdate "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Opera\launcher.exe" -noautoupdate "%1"
https [open] -- "C:\Program Files (x86)\Opera\launcher.exe" -noautoupdate "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00FF0276-8261-402C-B691-B3617B0FDAFD}" = rport=137 | protocol=17 | dir=out | app=system |
"{048F408D-07EB-4C40-970E-811237835045}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{10620B1A-4185-44CB-B1A3-98F8E7C0CFB4}" = lport=138 | protocol=17 | dir=in | app=system |
"{13384408-5990-4E39-A171-557D154D2D79}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{254398A7-09CE-4E34-A584-9AD062CA9E3B}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{2F2086A5-5001-4B6C-AA80-80BD53C0E2C3}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{413382D5-7388-4DB8-B6DC-E57617DCB583}" = rport=445 | protocol=6 | dir=out | app=system |
"{433C6C0A-E861-4DDF-9708-4D4397D73C35}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{4902F6C9-B7E8-475A-A1AB-E08EA1D2D274}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{59C41332-BF2E-4258-A1BB-8BAD57BF8B17}" = rport=10243 | protocol=6 | dir=out | app=system |
"{748137F6-13DA-43C4-8FF5-C3FA8FC672FE}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{7873FE08-257C-44DC-8A95-B2CF89BB7701}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{789D6A61-9C8E-403F-868E-B7E18926BDF4}" = rport=138 | protocol=17 | dir=out | app=system |
"{7AB5D13A-858B-4608-B5D9-26EEE39F7FB7}" = lport=2869 | protocol=6 | dir=in | app=system |
"{8198CB21-19AD-40BD-81EE-4D14B7833637}" = rport=139 | protocol=6 | dir=out | app=system |
"{9115B157-9B6F-4FBD-9984-9E32CD6E400B}" = lport=139 | protocol=6 | dir=in | app=system |
"{978C6ACA-AA56-4F29-8C0D-CED546D97A00}" = lport=445 | protocol=6 | dir=in | app=system |
"{9BF805EB-9F77-4908-ACEF-21A1BF6B0746}" = lport=10243 | protocol=6 | dir=in | app=system |
"{A06FC6E5-B28F-41F8-AD58-BED3B6173B75}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{A3BB5BAF-1CC6-4FE4-934D-C9E969BD14F6}" = lport=137 | protocol=17 | dir=in | app=system |
"{B64E86A3-6C20-47A0-9351-E1092A5739A9}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E75C037D-1265-4A52-8BC8-99679FD166FA}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{E898692B-15A6-4966-BBF1-A6F8B4B4DF98}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0D2A7303-ACEC-4A87-AEEB-BAC74EE0101F}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{13573273-0E8A-4277-B0F9-3325DB3F9993}" = protocol=6 | dir=in | app=c:\users\steve\appdata\roaming\dropbox\bin\dropbox.exe |
"{14BEF376-D63D-4B4C-AD91-C5BCE3E005A3}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{1804021B-2E5B-4C7D-A730-C80BD3403932}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{1C2C1462-AED4-4911-BAA1-C62CC0084BA7}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{1F83545E-6623-47B8-921D-F98C0556AF47}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{1FD2B639-15E2-4BC2-980A-28B90D0A3245}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{2410EF5A-7109-46A7-A24F-909D0E934A10}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{41ED4FDC-3C59-4995-9212-D1175AA3FFF5}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{47931246-B71D-4603-82A0-A1B22B7A5E91}" = protocol=17 | dir=in | app=c:\users\steve\appdata\roaming\dropbox\bin\dropbox.exe |
"{513FFE01-C6D7-4ACA-AC91-713F30016465}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{5F1EE493-420A-43EB-B514-49952615FE62}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{6E857345-7334-41C4-89AF-89C8362B06C1}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{754645A7-C615-4ECE-ADE3-928A2ACDF14E}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{793C7B9F-EC17-41F8-A56D-223E1F6E588E}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{863D6F12-2D69-4B43-8CB3-8AFD4B4352CB}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{94068A4F-E25E-4704-9AD5-B0924A7552DE}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{97083930-798F-408B-BD71-87B52F8E0E6B}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{9C35BF8C-D165-436F-B949-D4F78777490C}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{A41F9A9B-5D8E-4A0F-BBFA-14A982F195F4}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{AC2C7BBA-5A36-4245-A6A9-A82590A0B536}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{B0C462DA-9340-46BE-B06F-05BA49DAECA3}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C067361E-02DA-4D77-BE96-A0AE21891E83}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{CBE99C52-D14A-42D2-B788-18954116CAF5}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{DD5DC78D-FE71-4EF9-AC05-390528C2F4E8}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E40462E8-74EE-44FD-B55B-8390E12B6BAE}" = protocol=6 | dir=out | app=system |
"{E5A761EF-D6A6-4976-9E72-9C79CD9A06EF}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{EB4DE7AC-EE6A-4BD4-9D88-754310DAA3E1}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{EB6B320D-DAA9-49F4-B35C-133A442F44E9}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"TCP Query User{26128CCD-6536-46D8-9F6F-86924E506CDD}C:\users\steve\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\steve\appdata\roaming\dropbox\bin\dropbox.exe |
"UDP Query User{FF61FABF-046D-4120-87F8-178D087E8F50}C:\users\steve\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\steve\appdata\roaming\dropbox\bin\dropbox.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{2F72F540-1F60-4266-9506-952B21D6640D}" = Apple Mobile Device Support
"{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{680EDA59-9266-44B4-949E-0C24F65DFF82}" = Microsoft_VC100_CRT_SP1_x64
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{76FF0F03-B707-4332-B5D1-A56C8303514E}" = iTunes
"{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{90140000-006D-0409-1000-0000000FF1CE}" = Microsoft Office Click-to-Run 2010
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}" = MSVC90_x64
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"{E65C7D8E-186D-484B-BEA8-DEF0331CE600}" = TRORMCLauncher
"CNXT_AUDIO_HDA" = Conexant HD Audio
"CutePDF Writer Installation" = CutePDF Writer 3.0
"FindRight" = FindRight
"PDF Creator" = PDF Creator
"SynTPDeinstKey" = Synaptics Pointing Device Driver
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02E89EFC-7B07-4D5A-AA03-9EC0902914EE}" = VC 9.0 Runtime
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java 6 Update 17
"{26A24AE4-039D-4CA4-87B4-2F83217051FF}" = Java 7 Update 51
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}" = Apple Application Support
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{90140011-0066-0409-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - English
"{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}" = Toshiba Manuals
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{95140000-00AF-0409-0000-0000000FF1CE}" = Microsoft PowerPoint Viewer
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-A95000000001}" = Adobe Reader 9.5.2
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program
"{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"{D6C75F0B-3BC1-4FC9-B8C5-3F7E8ED059CA}" = Windows Live Photo Gallery
"{DF0C0EB1-6940-4B18-A3AB-014F28A5028C}" = Ableton Live 8
"{E3B64CC5-C011-40C0-92BC-7316CD5E5688}" = Microsoft_VC100_CRT_SP1_x86
"{E87022D3-C8C9-4C76-8E27-BC7F18F9B8FB}" = Google Drive
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Graphics Media Accelerator Driver
"Adobe Flash Player ActiveX" = Adobe Flash Player 12 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 12 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 12.0
"Audacity_is1" = Audacity 2.0.5
"Google Chrome" = Google Chrome
"InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"InstallShield_{E65C7D8E-186D-484B-BEA8-DEF0331CE600}" = TRORMCLauncher
"Mozilla Firefox 27.0.1 (x86 en-US)" = Mozilla Firefox 27.0.1 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"mysearchdial" = Mysearchdial
"Office14.Click2Run" = Microsoft Office Click-to-Run 2010
"weDownload Manager Pro" = weDownload Manager Pro
"WinLiveSuite_Wave3" = Windows Live Essentials
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Digital Sites" = Update for PDF Creator
"Dropbox" = Dropbox
"PDF Creator Packages" = PDF Creator Packages
"PDF Creator Packages 95" = PDF Creator Packages 95
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 3/2/2014 5:43:36 AM | Computer Name = steve-TOSH | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 3/2/2014 5:43:36 AM | Computer Name = steve-TOSH | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 9282
Error - 3/2/2014 5:43:36 AM | Computer Name = steve-TOSH | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 9282
Error - 3/2/2014 8:36:30 AM | Computer Name = steve-TOSH | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 3/2/2014 8:36:30 AM | Computer Name = steve-TOSH | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 1202
Error - 3/2/2014 8:36:30 AM | Computer Name = steve-TOSH | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 1202
Error - 3/2/2014 9:33:00 AM | Computer Name = steve-TOSH | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 3/2/2014 9:33:00 AM | Computer Name = steve-TOSH | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 3391025
Error - 3/2/2014 9:33:00 AM | Computer Name = steve-TOSH | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 3391025
Error - 3/2/2014 11:00:46 AM | Computer Name = steve-TOSH | Source = Application Error | ID = 1000
Description = Faulting application name: plugin-container.exe, version: 27.0.1.5156,
time stamp: 0x52fc0fcf Faulting module name: mozalloc.dll, version: 27.0.1.5156,
time stamp: 0x52fbe972 Exception code: 0x80000003 Fault offset: 0x0000119c Faulting
process id: 0x1b68 Faulting application start time: 0x01cf36282f92a4a9 Faulting application
path: C:\PROGRA~2\MOZILL~1\plugin-container.exe Faulting module path: C:\PROGRA~2\MOZILL~1\mozalloc.dll
Report
Id: 6ec0a0e3-a21b-11e3-a0ed-00266c7c64f6
[ System Events ]
Error - 2/17/2014 2:08:39 PM | Computer Name = steve-TOSH | Source = Microsoft-Windows-Bits-Client | ID = 16398
Description = A new BITS job could not be created. The current job count for the
user steve-TOSH\steve (60) is equal to or greater than the job limit (60) specified
through group policy. To correct the problem, complete or cancel the BITS jobs
that haven't made progress by looking at the error, and restart the BITS service.
If this error recurs, contact your system administrator and increate the per-user
and per-computer Group Policy job limits.
Error - 2/17/2014 3:42:03 PM | Computer Name = steve-TOSH | Source = DCOM | ID = 10010
Description =
Error - 2/17/2014 4:40:34 PM | Computer Name = steve-TOSH | Source = DCOM | ID = 10010
Description =
Error - 2/17/2014 4:40:36 PM | Computer Name = steve-TOSH | Source = DCOM | ID = 10010
Description =
Error - 2/17/2014 4:40:58 PM | Computer Name = steve-TOSH | Source = Microsoft-Windows-Bits-Client | ID = 16398
Description = A new BITS job could not be created. The current job count for the
user steve-TOSH\steve (60) is equal to or greater than the job limit (60) specified
through group policy. To correct the problem, complete or cancel the BITS jobs
that haven't made progress by looking at the error, and restart the BITS service.
If this error recurs, contact your system administrator and increate the per-user
and per-computer Group Policy job limits.
Error - 2/22/2014 5:39:45 AM | Computer Name = steve-TOSH | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR1.
Error - 2/22/2014 5:39:46 AM | Computer Name = steve-TOSH | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR1.
Error - 2/22/2014 5:39:46 AM | Computer Name = steve-TOSH | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR1.
Error - 2/25/2014 5:16:37 AM | Computer Name = steve-TOSH | Source = DCOM | ID = 10010
Description =
Error - 3/2/2014 10:57:44 AM | Computer Name = steve-TOSH | Source = Service Control Manager | ID = 7031
Description = The Update FindRight service terminated unexpectedly. It has done
this 1 time(s). The following corrective action will be taken in 5000 milliseconds:
Restart the service.
< End of report >
-----------------------------------------------------------------------------------------------
Hijack this report
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:18:19, on 02/03/2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16518)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Users\steve\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\cvh.exe
C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\OfficeVirt.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_70.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_70.exe
C:\Users\steve\Downloads\HiJackThis(1).exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://feed.snap.do/...q={searchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://mozilla%20firefox/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft..../?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.mysearc...=1085628055&ir=
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://feed.snap.do/...q={searchTerms}
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://feed.snap.do/...q={searchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: FindRight - {2c774641-5504-46a8-b63f-6715ae3fe376} - C:\Program Files (x86)\FindRight\FindRightbho.dll
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: mysearchdial Helper Object - {EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD} - C:\PROGRA~2\MYSEAR~1\1821~1.0\bh\mysearchdial.dll
O3 - Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - (no file)
O3 - Toolbar: mysearchdial Toolbar - {3004627E-F8E9-4E8B-909D-316753CBA923} - C:\PROGRA~2\MYSEAR~1\1821~1.0\mysearchdialTlbr.dll
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\RunOnce: [Del21469107] cmd.exe /Q /D /c del "C:\Users\steve\AppData\Local\Temp\0.del"
O4 - HKLM\..\RunOnce: [Del21980962] cmd.exe /Q /D /c del "C:\Users\steve\AppData\Local\Temp\0.del"
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
O4 - HKCU\..\RunOnce: [Del21469107] cmd.exe /Q /D /c del "C:\Users\steve\AppData\Local\Temp\0.del"
O4 - HKCU\..\RunOnce: [Del21980962] cmd.exe /Q /D /c del "C:\Users\steve\AppData\Local\Temp\0.del"
O4 - Startup: Dropbox.lnk = steve\AppData\Roaming\Dropbox\bin\Dropbox.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://www.samsungsetup.com
O20 - AppInit_DLLs: c:\progra~3\browse~1\261040~1.25\{c16c1~1\browse~1.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TOSHIBA HDD SSD Alert Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Update FindRight - Unknown owner - C:\Program Files (x86)\FindRight\updateFindRight.exe
O23 - Service: Util FindRight - Unknown owner - C:\Program Files (x86)\FindRight\bin\utilFindRight.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 9132 bytes
---------------------------------------------------------------------------------------------
DDS reports
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.16518 BrowserJavaVersion: 10.51.2
Run by steve at 16:21:36 on 2014-03-02
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.2940.1094 [GMT 0:00]
.
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\rundll32.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\TOSHIBA\Registration\ToshibaReminder.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Users\steve\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\cvh.exe
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\OfficeVirt.exe
C:\Program Files (x86)\FindRight\updateFindRight.exe
C:\Program Files (x86)\FindRight\FindRight.FirstRun.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_70.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_70.exe
C:\Program Files (x86)\FindRight\bin\utilFindRight.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://mozilla%20firefox/
uSearch Bar = Preserve
uSearch Page = hxxp://feed.snap.do/?publisher=SnapDoForPartners&dpid=SnapDoForPartners&co=GB&userid=ee5ad2e2-b383-4d7f-85ba-ea61324fe079&searchtype=ds&q={searchTerms}
mStart Page = hxxp://start.mysearchdial.com/?f=1&a=dsites0301&cd=2XzuyEtN2Y1L1QzutC0CyCyDzy0DtC0C0E0B0F0F0DtC0DtBtN0D0Tzu0SyBzytBtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R&cr=1085628055&ir=
uSearchAssistant = hxxp://feed.snap.do/?publisher=SnapDoForPartners&dpid=SnapDoForPartners&co=GB&userid=ee5ad2e2-b383-4d7f-85ba-ea61324fe079&searchtype=ds&q={searchTerms}
mWinlogon: Userinit = userinit.exe
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: FindRight: {2c774641-5504-46a8-b63f-6715ae3fe376} - C:\Program Files (x86)\FindRight\FindRightbho.dll
BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: mysearchdial Helper Object: {EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD} - C:\Program Files (x86)\Mysearchdial\1.8.21.0\bh\mysearchdial.dll
TB: <No Name>: {ae07101b-46d4-4a98-af68-0333ea26e113} - LocalServer32 - <no file>
TB: mysearchdial Toolbar: {3004627E-F8E9-4E8B-909D-316753CBA923} - C:\Program Files (x86)\Mysearchdial\1.8.21.0\mysearchdialTlbr.dll
uRun: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
uRunOnce: [Del21469107] cmd.exe /Q /D /c del "C:\Users\steve\AppData\Local\Temp\0.del"
uRunOnce: [Del21980962] cmd.exe /Q /D /c del "C:\Users\steve\AppData\Local\Temp\0.del"
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRunOnce: [Del21469107] cmd.exe /Q /D /c del "C:\Users\steve\AppData\Local\Temp\0.del"
mRunOnce: [Del21980962] cmd.exe /Q /D /c del "C:\Users\steve\AppData\Local\Temp\0.del"
StartupFolder: C:\Users\steve\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\steve\AppData\Roaming\Dropbox\bin\Dropbox.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
TCP: NameServer = 194.168.4.100 194.168.8.100
TCP: Interfaces\{7BC6162B-8FA6-4F02-9D16-FCC1846E815F} : DHCPNameServer = 194.168.4.100 194.168.8.100
AppInit_DLLs= c:\progra~3\browse~1\261040~1.25\{c16c1~1\browse~1.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-mStart Page = hxxp://start.mysearchdial.com/?f=1&a=dsites0301&cd=2XzuyEtN2Y1L1QzutC0CyCyDzy0DtC0C0E0B0F0F0DtC0DtBtN0D0Tzu0SyBzytBtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R&cr=1085628055&ir=
x64-TB: <No Name>: {ae07101b-46d4-4a98-af68-0333ea26e113} - LocalServer32 - <no file>
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [cAudioFilterAgent] C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe
x64-Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe /t
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe
x64-Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe
x64-Run: [Toshiba Registration] C:\Program Files\Toshiba\Registration\ToshibaReminder.exe
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\steve\AppData\Roaming\Mozilla\Firefox\Profiles\xa5ui7qh.default-1388601918661\
FF - prefs.js: browser.search.selectedEngine - Mysearchdial
FF - prefs.js: browser.startup.homepage - hxxp://start.mysearchdial.com/?f=1&a=dsites0301&cd=2XzuyEtN2Y1L1QzutC0CyCyDzy0DtC0C0E0B0F0F0DtC0DtBtN0D0Tzu0SyBzytBtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R&cr=1085628055&ir=
FF - prefs.js: keyword.URL -
FF - plugin: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1207148.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll
.
---- FIREFOX POLICIES ----
.
.
.
.
.
.
FF - user.js: extensions.mysearchdial.hmpg - true
FF - user.js: extensions.mysearchdial.hmpgUrl - hxxp://start.mysearchdial.com/?f=1&a=dsites0301&cd=2XzuyEtN2Y1L1QzutC0CyCyDzy0DtC0C0E0B0F0F0DtC0DtBtN0D0Tzu0SyBzytBtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R&cr=1085628055&ir=
FF - user.js: extensions.mysearchdial.dfltSrch - true
FF - user.js: extensions.mysearchdial.srchPrvdr - Mysearchdial
FF - user.js: extensions.mysearchdial.dnsErr - true
FF - user.js: extensions.mysearchdial_i.newTab - false
FF - user.js: extensions.mysearchdial.newTabUrl - hxxp://start.mysearchdial.com/?f=2&a=dsites0301&cd=2XzuyEtN2Y1L1QzutC0CyCyDzy0DtC0C0E0B0F0F0DtC0DtBtN0D0Tzu0SyBzytBtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R&cr=1085628055&ir=
FF - user.js: extensions.mysearchdial.tlbrSrchUrl - hxxp://start.mysearchdial.com/?f=3&a=dsites0301&cd=2XzuyEtN2Y1L1QzutC0CyCyDzy0DtC0C0E0B0F0F0DtC0DtBtN0D0Tzu0SyBzytBtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R&cr=1085628055&ir=&q=
FF - user.js: extensions.mysearchdial.id - 1C659D1CEBFFD1D2
FF - user.js: extensions.mysearchdial.instlDay - 16131
FF - user.js: extensions.mysearchdial.vrsn - 1.8.21.0
FF - user.js: extensions.mysearchdial.vrsni - 1.8.21.0
FF - user.js: extensions.mysearchdial_i.vrsnTs - 1.8.21.015:0:27
FF - user.js: extensions.mysearchdial.prtnrId - mysearchdial
FF - user.js: extensions.mysearchdial.prdct - mysearchdial
FF - user.js: extensions.mysearchdial.aflt - dsites0301
FF - user.js: extensions.mysearchdial_i.smplGrp - none
FF - user.js: extensions.mysearchdial.tlbrId - base
FF - user.js: extensions.mysearchdial.instlRef -
FF - user.js: extensions.mysearchdial.dfltLng -
FF - user.js: extensions.mysearchdial.appId - {CA5CAA63-B27C-4963-9BEC-CB16A36D56F8}
FF - user.js: extensions.mysearchdial.excTlbr - false
FF - user.js: extensions.mysearchdial_i.hmpg - true
FF - user.js: extensions.mysearchdial.cr - 1085628055
FF - user.js: extensions.mysearchdial.cd - 2XzuyEtN2Y1L1QzutC0CyCyDzy0DtC0C0E0B0F0F0DtC0DtBtN0D0Tzu0SyBzytBtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R
FF - user.js: extensions.mysearchdial.AL - 2
FF - user.js: extensions.irmysearch.aflt - dsites0301
FF - user.js: extensions.irmysearch.instlRef -
FF - user.js: extensions.irmysearch.cr - 1085628055
FF - user.js: extensions.irmysearch.cd - 2XzuyEtN2Y1L1QzutC0CyCyDzy0DtC0C0E0B0F0F0DtC0DtBtN0D0Tzu0SyBzytBtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R
.
user_pref(extensions.autoDisableScopes,14);
============= SERVICES / DRIVERS ===============
.
R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2013-4-22 822504]
R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2013-6-26 523944]
R2 Update FindRight;Update FindRight;C:\Program Files (x86)\FindRight\updateFindRight.exe [2014-2-26 111904]
R2 Util FindRight;Util FindRight;C:\Program Files (x86)\FindRight\bin\utilFindRight.exe [2014-3-2 111904]
R3 FwLnk;FwLnk Driver;C:\Windows\System32\drivers\FwLnk.sys [2010-4-8 9216]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\Windows\System32\drivers\L1C62x64.sys [2010-3-4 75816]
R3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2013-6-26 767144]
R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2013-6-26 273576]
R3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2013-6-26 28840]
R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2013-6-26 23208]
R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-6-26 207528]
R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-2-5 137560]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-2-12 111616]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2010-4-8 232992]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-11-2 59392]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-11-1 1255736]
S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2008-5-6 14464]
.
=============== Created Last 30 ================
.
2014-03-02 15:24:28 -------- d-----w- C:\Users\steve\AppData\Local\CUSTPDF Writer
2014-03-02 15:12:40 -------- d-----w- C:\Users\steve\AppData\Local\CutePDF Writer
2014-03-02 15:00:50 -------- d-----w- C:\Users\steve\AppData\Roaming\0D0S1L2Z1P1B0T1P1B2Z
2014-03-02 15:00:37 -------- d-----w- C:\Program Files (x86)\FindRight
2014-03-02 14:56:57 75888 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{5D1A2D9B-70A2-4E9B-82C2-42570A876A61}\offreg.dll
2014-03-02 14:52:04 -------- d-----w- C:\Users\steve\AppData\Roaming\0D0S1L2Z1P1B
2014-03-02 14:51:11 20312 ----a-w- C:\Windows\System32\roboot64.exe
2014-03-02 14:51:11 -------- d-----w- C:\Users\steve\AppData\Roaming\mysearchdial
2014-03-02 14:51:09 -------- d-----w- C:\Users\steve\AppData\Roaming\systweak
2014-03-02 14:51:09 -------- d-----w- C:\Users\steve\AppData\Roaming\DigitalSites
2014-03-02 14:51:06 -------- d-----w- C:\Program Files (x86)\Mysearchdial
2014-03-02 14:51:05 87552 ----a-w- C:\Windows\System32\custmon64i.dll
2014-03-02 14:51:05 -------- d-----w- C:\Program Files\PDFCreator
2014-03-02 14:47:11 -------- d-----w- C:\Users\steve\AppData\Roaming\Opera Software
2014-03-02 14:47:11 -------- d-----w- C:\Users\steve\AppData\Local\Opera Software
2014-03-02 14:46:52 -------- d-----w- C:\Program Files (x86)\GPLGS
2014-03-02 14:46:36 87600 ----a-w- C:\Windows\System32\cpwmon64.dll
2014-03-02 14:46:35 -------- d-----w- C:\Program Files (x86)\Acro Software
2014-02-28 07:45:13 10536864 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{5D1A2D9B-70A2-4E9B-82C2-42570A876A61}\mpengine.dll
2014-02-25 09:17:57 -------- d-----w- C:\Windows\Migration
2014-02-17 20:45:00 -------- d-----w- C:\ProgramData\Oracle
2014-02-17 20:44:34 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2014-02-12 09:27:19 548864 ----a-w- C:\Windows\System32\vbscript.dll
2014-02-12 09:27:19 454656 ----a-w- C:\Windows\SysWow64\vbscript.dll
2014-02-12 09:13:16 2048 ----a-w- C:\Windows\SysWow64\msxml3r.dll
2014-02-08 23:22:29 -------- d-----w- C:\Program Files (x86)\Audacity
2014-02-08 23:22:15 -------- d-----w- C:\Users\steve\AppData\Local\Programs
.
==================== Find3M ====================
.
2014-02-22 12:35:17 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-02-22 12:35:17 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-02-06 11:30:46 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2014-02-06 11:30:12 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2014-02-06 11:07:39 66048 ----a-w- C:\Windows\System32\iesetup.dll
2014-02-06 11:06:47 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2014-02-06 10:49:03 139264 ----a-w- C:\Windows\System32\ieUnatt.exe
2014-02-06 10:48:45 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe
2014-02-06 10:48:11 708608 ----a-w- C:\Windows\System32\jscript9diag.dll
2014-02-06 10:20:26 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-02-06 10:11:37 5768704 ----a-w- C:\Windows\System32\jscript9.dll
2014-02-06 10:01:36 61952 ----a-w- C:\Windows\SysWow64\iesetup.dll
2014-02-06 10:00:46 51200 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2014-02-06 09:50:32 2041856 ----a-w- C:\Windows\System32\inetcpl.cpl
2014-02-06 09:47:22 112128 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2014-02-06 09:46:27 553472 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2014-02-06 09:25:36 4244480 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-02-06 09:24:52 2334208 ----a-w- C:\Windows\System32\wininet.dll
2014-02-06 09:09:30 1964032 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2014-02-06 08:41:35 1820160 ----a-w- C:\Windows\SysWow64\wininet.dll
2013-12-24 23:09:41 1987584 ----a-w- C:\Windows\SysWow64\d3d10warp.dll
2013-12-24 22:48:32 2565120 ----a-w- C:\Windows\System32\d3d10warp.dll
2013-12-18 06:13:56 270496 ------w- C:\Windows\System32\MpSigStub.exe
2013-12-06 02:30:08 2048 ----a-w- C:\Windows\System32\msxml3r.dll
2013-12-06 02:30:08 1882112 ----a-w- C:\Windows\System32\msxml3.dll
2013-12-06 02:02:08 1237504 ----a-w- C:\Windows\SysWow64\msxml3.dll
2013-12-04 02:27:33 485888 ----a-w- C:\Windows\System32\secproc_isv.dll
2013-12-04 02:27:33 123392 ----a-w- C:\Windows\System32\secproc_ssp_isv.dll
2013-12-04 02:27:33 123392 ----a-w- C:\Windows\System32\secproc_ssp.dll
2013-12-04 02:27:16 488448 ----a-w- C:\Windows\System32\secproc.dll
2013-12-04 02:26:32 528384 ----a-w- C:\Windows\System32\msdrm.dll
2013-12-04 02:16:51 658432 ----a-w- C:\Windows\System32\RMActivate_isv.exe
2013-12-04 02:16:51 626176 ----a-w- C:\Windows\System32\RMActivate.exe
2013-12-04 02:16:50 552960 ----a-w- C:\Windows\System32\RMActivate_ssp_isv.exe
2013-12-04 02:16:48 553984 ----a-w- C:\Windows\System32\RMActivate_ssp.exe
2013-12-04 02:03:20 87040 ----a-w- C:\Windows\SysWow64\secproc_ssp_isv.dll
2013-12-04 02:03:20 87040 ----a-w- C:\Windows\SysWow64\secproc_ssp.dll
2013-12-04 02:03:20 423936 ----a-w- C:\Windows\SysWow64\secproc_isv.dll
2013-12-04 02:03:08 428032 ----a-w- C:\Windows\SysWow64\secproc.dll
2013-12-04 02:02:06 390144 ----a-w- C:\Windows\SysWow64\msdrm.dll
2013-12-04 01:54:14 510976 ----a-w- C:\Windows\SysWow64\RMActivate_ssp.exe
2013-12-04 01:54:10 594944 ----a-w- C:\Windows\SysWow64\RMActivate_isv.exe
2013-12-04 01:54:09 572416 ----a-w- C:\Windows\SysWow64\RMActivate.exe
2013-12-04 01:54:06 508928 ----a-w- C:\Windows\SysWow64\RMActivate_ssp_isv.exe
.
============= FINISH: 16:21:56.03 ===============
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 31/10/2012 22:47:16
System Uptime: 02/03/2014 08:53:42 (8 hours ago)
.
Motherboard: TOSHIBA | | Portable PC
Processor: Pentium® Dual-Core CPU T4500 @ 2.30GHz | CPU | 2300/800mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 149 GiB total, 71.264 GiB free.
D: is FIXED (NTFS) - 149 GiB total, 141.968 GiB free.
E: is CDROM (CDFS)
F: is FIXED (NTFS) - 466 GiB total, 282.894 GiB free.
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP169: 22/02/2014 09:39:17 - Windows Update
RP170: 25/02/2014 09:16:13 - Windows Update
RP171: 26/02/2014 10:05:21 - Windows Update
RP172: 02/03/2014 15:01:07 - Removed Nokia Connectivity Cable Driver
RP173: 02/03/2014 15:02:39 - Removed PC Connectivity Solution
RP174: 02/03/2014 15:45:42 - OTL Restore Point - 3/2/2014 3:45:42 PM
.
==== Installed Programs ======================
.
Ableton Live 8
Adobe Flash Player 12 ActiveX
Adobe Flash Player 12 Plugin
Adobe Reader 9.5.2
Adobe Shockwave Player 12.0
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver
Atheros Driver Installation Program
Audacity 2.0.5
Bonjour
Conexant HD Audio
CutePDF Writer 3.0
Dropbox
FindRight
Google Chrome
Google Drive
Google Update Helper
ImagXpress
Intel® Graphics Media Accelerator Driver
Intel® Matrix Storage Manager
iTunes
Java 7 Update 51
Java Auto Updater
Java 6 Update 17
Microsoft .NET Framework 4.5.1
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Office 2010
Microsoft Office Click-to-Run 2010
Microsoft Office Starter 2010 - English
Microsoft PowerPoint Viewer
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft_VC100_CRT_SP1_x64
Microsoft_VC100_CRT_SP1_x86
Mozilla Firefox 27.0.1 (x86 en-US)
Mozilla Maintenance Service
MSVC80_x64_v2
MSVC80_x86_v2
MSVC90_x64
MSVC90_x86
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Mysearchdial
neroxml
PDF Creator
PDF Creator Packages
PDF Creator Packages 95
PlayReady PC Runtime amd64
Realtek USB 2.0 Card Reader
Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)
Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)
swMSM
Synaptics Pointing Device Driver
TOSHIBA HDD/SSD Alert
Toshiba Manuals
TRORMCLauncher
Update for PDF Creator
VC 9.0 Runtime
weDownload Manager Pro
Windows Live Communications Platform
Windows Live Essentials
Windows Live Photo Gallery
Windows Live Upload Tool
.
==== Event Viewer Messages From Past Week ========
.
02/03/2014 14:57:44, Error: Service Control Manager [7031] - The Update FindRight service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
.
==== End Of File ===========================