User User name Password  
   
Sunday 22.12.2024 / 05:59
Search AfterDawn Forums:        In English   Suomeksi   På svenska
afterdawn.com > forums > software, operating systems and more > windows - general discussion > 'search' is coming up
Show topics
 
Forums
Forums
'search' is coming up
  Jump to:
 
Posted Message
Heather59
Junior Member
_
23. December 2013 @ 12:01 _ Link to this message    Send private message to this user   
I know I've done something wrong;shut off something I shouldn't have, but I can't find my files.My START menu documents and pictures are EMPTY. When I go to search and copy and paste a file name, it STILL says no item found, even tho I copied it OFF the file in 'my computer'
This was prompted by the fact that I just uploaded 14 video's and pic to my comp from my camera and they VANISHED.. causing me to start a frantic search only to find my search isn't working.


work smart..not hard.

This message has been edited since posting. Last time this message was edited on 23. December 2013 @ 12:03

Advertisement
_
__
Senior Member
_
23. December 2013 @ 15:07 _ Link to this message    Send private message to this user   
Try this
http://windows.microsoft.com/en-us/wind...files=windows-7

This might fix it if a setting was changed.

Playstation 2-Free McBoot,HDloader 8.0c,Open PS2 Loader 0.7,80gb Maxtor HDD,SMS Media Player,PGen,SNES Station- Installed
GameCube-SDload,SD Card Adapter,BBA Adapter,2 Color Case,GnuboyGX,MPlayer- Installed
Heather59
Junior Member
_
25. December 2013 @ 21:02 _ Link to this message    Send private message to this user   
Originally posted by keebles:
Try this
http://windows.microsoft.com/en-us/wind...files=windows-7

This might fix it if a setting was changed.
Open Folder Options by clicking the Start button Picture of the Start button, clicking Control Panel, clicking *Appearance and Personalization,*

doesn't exist so I can't get to folder options

work smart..not hard.
scorpNZ
AfterDawn Addict

4 product reviews
_
25. December 2013 @ 21:28 _ Link to this message    Send private message to this user   
right click on desktop,personalize is at the bottom clik it,if the menu bar isn't there left clik on organise then scroll to layout & left clik menu bar so a tick appears,you'll now have menu bar back like in xp

This message has been edited since posting. Last time this message was edited on 25. December 2013 @ 21:29

Heather59
Junior Member
_
28. December 2013 @ 12:59 _ Link to this message    Send private message to this user   
Originally posted by scorpNZ:
right click on desktop,personalize is at the bottom clik it,if the menu bar isn't there left clik on organise then scroll to layout & left clik menu bar so a tick appears,you'll now have menu bar back like in xp
I took a pic of my desktop but I can't get it to post on here so you can see what I do not have.

work smart..not hard.
ddp
Moderator
_
28. December 2013 @ 14:44 _ Link to this message    Send private message to this user   
try system restore to before this problem started.
Heather59
Junior Member
_
4. January 2014 @ 18:19 _ Link to this message    Send private message to this user   
Originally posted by ddp:
try system restore to before this problem started.
Nothing has fixed this problem. And since I restored genuine status to my computer, it has been freezing all the time. It won't switch between tabs. In my picture, it often won't switch to the next line of folder, or it shows the folder as being open..mostly just shows the contents of the previous folder I had clicked on. This is driving me crazy and I blame NSA spying..computer is NOT responding to mouse clicks and I do NOT have a wireless mouse.I can't click and drag to highlight things. I get no cursor half the time. I have installed all the updates I was missing and NOTHING is working properly. HELP!!!

work smart..not hard.

This message has been edited since posting. Last time this message was edited on 4. January 2014 @ 22:09

ddp
Moderator
_
4. January 2014 @ 21:40 _ Link to this message    Send private message to this user   
do properties on those folders to see if the missing files are still there but hidden from sight.
Advertisement
_
__
 
_
Heather59
Junior Member
_
5. January 2014 @ 15:55 _ Link to this message    Send private message to this user   
Originally posted by ddp:
do properties on those folders to see if the missing files are still there but hidden from sight.
It flashes the properties box for a split second and vanishes.

OTL logfile created on: 1/4/2014 10:19:29 PM - Run 5
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Administrator\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16428)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

4.00 Gb Total Physical Memory | 2.50 Gb Available Physical Memory | 62.61% Memory free
7.99 Gb Paging File | 6.52 Gb Available in Paging File | 81.50% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 265.66 Gb Total Space | 133.37 Gb Free Space | 50.20% Space Free | Partition Type: NTFS
Drive R: | 200.00 Gb Total Space | 66.99 Gb Free Space | 33.49% Space Free | Partition Type: NTFS

Computer Name: HEATHERPC | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2013/11/14 22:21:18 | 003,568,312 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2013/11/14 22:21:18 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2013/10/09 08:16:55 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Administrator\Desktop\OTL.exe
PRC - [2013/07/02 08:16:32 | 000,507,264 | ---- | M] (Oracle Corporation) -- C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
PRC - [2013/04/04 14:50:32 | 000,887,432 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
PRC - [2013/01/18 07:14:20 | 000,383,264 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012/04/09 10:20:30 | 003,063,968 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2013/11/14 22:21:22 | 019,336,120 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll


[color=#E56717]========== Services (SafeList) ==========[/color]

SRV:64bit: - [2013/11/26 04:18:09 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2013/11/14 22:21:18 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2013/05/27 00:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/13 20:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2013/12/20 19:45:58 | 000,477,960 | ---- | M] (BitRaider, LLC) [On_Demand | Stopped] -- C:\ProgramData\BitRaider\BRSptSvc.exe -- (BRSptSvc)
SRV - [2013/12/20 08:48:18 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/12/11 04:28:26 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/09/05 09:34:30 | 000,171,680 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/02/25 23:32:22 | 001,260,320 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2013/01/18 07:14:20 | 000,383,264 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012/04/09 10:20:30 | 003,063,968 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:64bit: - [2013/11/14 22:21:24 | 001,032,416 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2013/11/14 22:21:24 | 000,409,832 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2013/11/14 22:21:24 | 000,205,320 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2013/11/14 22:21:24 | 000,092,544 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2013/11/14 22:21:24 | 000,084,328 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2013/11/14 22:21:24 | 000,065,776 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2013/11/14 22:21:24 | 000,065,264 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2013/11/14 22:21:24 | 000,038,984 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2012/03/01 01:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/03/11 01:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 01:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 08:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 06:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 06:03:42 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2010/01/21 23:15:15 | 000,314,016 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\atksgt.sys -- (atksgt)
DRV:64bit: - [2010/01/21 23:15:15 | 000,043,680 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\lirsgt.sys -- (lirsgt)
DRV:64bit: - [2009/09/11 17:04:50 | 006,177,472 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 15:35:20 | 000,278,016 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1e6032e.sys -- (e1express)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2013/12/21 07:54:09 | 000,075,048 | ---- | M] (BitRaider) [File_System | On_Demand | Stopped] -- C:\ProgramData\BitRaider\BRDriver64.sys -- (BRDriver64)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch =
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-1224842166-2811445709-100843145-500\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKU\S-1-5-21-1224842166-2811445709-100843145-500\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-1224842166-2811445709-100843145-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-21-1224842166-2811445709-100843145-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKU\S-1-5-21-1224842166-2811445709-100843145-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 88 E9 6E 8E 0E 9B CA 01 [binary data]
IE - HKU\S-1-5-21-1224842166-2811445709-100843145-500\..\SearchScopes,DefaultScope = {4AD98E64-94D5-4189-BEAC-0FB886AE6B0E}
IE - HKU\S-1-5-21-1224842166-2811445709-100843145-500\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer...Box&FORM=IE11SR
IE - HKU\S-1-5-21-1224842166-2811445709-100843145-500\..\SearchScopes\{4AD98E64-94D5-4189-BEAC-0FB886AE6B0E}: "URL" = http://www.google.com/search?q={searchT...startPage}&rlz=
IE - HKU\S-1-5-21-1224842166-2811445709-100843145-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.intellicast.com/Local/Weather.aspx|https://www.google.com/"
FF - prefs.js..extensions.enabledAddons: socialfixer%40mattkruse.com:7.801
FF - prefs.js..extensions.enabledAddons: wrc%40avast.com:9.0.2006.53
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:26.0
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.40.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.40.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.652: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.652: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Administrator\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Administrator\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F53C93F1-07D5-430c-86D4-C9531B27DFAF}: C:\Program Files (x86)\AVG\AVG2012\Firefox\DoNotTrack\
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013/12/05 09:27:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/12/20 08:48:15 | 000,000,000 | ---D | M]

[2012/03/14 08:28:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Administrator\AppData\Roaming\mozilla\Extensions
[2013/11/13 09:42:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Administrator\AppData\Roaming\mozilla\Firefox\Profiles\loaul1ak.default\extensions
[2013/09/12 18:25:24 | 000,161,656 | ---- | M] () (No name found) -- C:\Users\Administrator\AppData\Roaming\mozilla\firefox\profiles\loaul1ak.default\extensions\socialfixer@mattkruse.com.xpi
[2013/12/20 08:48:14 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013/12/20 08:48:14 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013/12/20 08:48:14 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013/12/20 08:48:14 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013/12/20 08:48:18 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013/12/05 09:27:41 | 000,000,000 | ---D | M] (avast! Online Security) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF

[color=#E56717]========== Chrome ==========[/color]

CHR - default_search_provider: dosearches (Enabled)
CHR - default_search_provider: search_url = http://search.dosearches.com/web/?utm_s...q={searchTerms}
CHR - default_search_provider: suggest_url = ,
CHR - Extension: Skype Click to Call = C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.9.0.12585_2\
CHR - Extension: Google Wallet = C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0\

O1 HOSTS File: ([2013/10/07 22:33:56 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKU\S-1-5-21-1224842166-2811445709-100843145-500..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe File not found
O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1224842166-2811445709-100843145-500\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1224842166-2811445709-100843145-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html File not found
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html File not found
O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - Reg Error: Key error. File not found
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.adobe.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 216.170.153.146
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8E2B0B62-940A-4970-A657-2BE2F145CCAF}: DhcpNameServer = 192.168.0.1 216.170.153.146
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/12/08 15:08:23 | 000,149,632 | ---- | M] () - C:\AUTO.pat -- [ NTFS ]
O32 - AutoRun File - [2010/12/08 15:08:23 | 000,299,196 | ---- | M] () - C:\AUTO.pst -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2013/12/30 05:00:47 | 000,574,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013/12/30 05:00:47 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2013/12/30 05:00:46 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013/12/30 05:00:45 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013/12/30 05:00:45 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013/12/30 05:00:45 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2013/12/30 05:00:45 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013/12/30 05:00:45 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2013/12/30 05:00:45 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013/12/30 05:00:44 | 000,817,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2013/12/30 05:00:44 | 000,708,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2013/12/30 05:00:44 | 000,553,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2013/12/30 05:00:43 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2013/12/30 05:00:41 | 001,995,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013/12/30 05:00:41 | 001,928,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013/12/30 05:00:38 | 005,769,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013/12/29 09:22:21 | 000,028,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEUDINIT.EXE
[2013/12/29 09:20:48 | 000,940,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2013/12/29 09:20:48 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll
[2013/12/29 09:20:39 | 001,051,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2013/12/29 09:20:39 | 000,645,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jsIntl.dll
[2013/12/29 09:20:39 | 000,616,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2013/12/29 09:20:39 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2013/12/29 09:20:39 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll
[2013/12/29 09:20:39 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013/12/29 09:20:39 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2013/12/29 09:20:39 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2013/12/29 09:20:39 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2013/12/29 09:20:39 | 000,083,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2013/12/29 09:20:39 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013/12/29 09:20:39 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013/12/29 09:20:39 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2013/12/29 09:20:39 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2013/12/29 09:20:39 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013/12/29 09:20:39 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2013/12/29 09:20:39 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2013/12/29 09:20:39 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013/12/29 09:20:39 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2013/12/29 09:20:38 | 001,228,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2013/12/29 09:20:38 | 000,942,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jsIntl.dll
[2013/12/29 09:20:38 | 000,774,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013/12/29 09:20:38 | 000,626,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013/12/29 09:20:38 | 000,616,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2013/12/29 09:20:38 | 000,610,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013/12/29 09:20:38 | 000,548,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013/12/29 09:20:38 | 000,453,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2013/12/29 09:20:38 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2013/12/29 09:20:38 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2013/12/29 09:20:38 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2013/12/29 09:20:38 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013/12/29 09:20:38 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2013/12/29 09:20:38 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2013/12/29 09:20:38 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2013/12/29 09:20:38 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2013/12/29 09:20:38 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2013/12/29 09:20:38 | 000,131,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2013/12/29 09:20:38 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2013/12/29 09:20:38 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2013/12/29 09:20:38 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013/12/29 09:20:38 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2013/12/29 09:20:38 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013/12/29 09:20:38 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2013/12/29 09:20:38 | 000,090,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2013/12/29 09:20:38 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013/12/29 09:20:38 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013/12/29 09:20:38 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013/12/29 09:20:38 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2013/12/29 09:20:38 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2013/12/29 09:20:38 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2013/12/29 09:20:38 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2013/12/29 09:20:38 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2013/12/29 09:20:38 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2013/12/29 09:20:38 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2013/12/29 09:20:38 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2013/12/29 09:20:38 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2013/12/29 09:20:38 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2013/12/29 09:20:38 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2013/12/29 09:20:38 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2013/12/29 09:20:38 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2013/12/29 09:20:38 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2013/12/29 09:20:38 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2013/12/29 09:19:41 | 005,549,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2013/12/29 09:19:41 | 003,969,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2013/12/29 09:19:41 | 003,914,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2013/12/29 09:19:41 | 001,732,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2013/12/29 09:19:41 | 000,878,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\advapi32.dll
[2013/12/29 09:19:41 | 000,859,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdh.dll
[2013/12/29 09:19:41 | 000,619,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdh.dll
[2013/12/29 09:19:41 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2013/12/29 09:19:41 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2013/12/29 09:19:41 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2013/12/29 09:19:41 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2013/12/29 09:19:41 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2013/12/29 09:19:41 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2013/12/29 09:19:41 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2013/12/29 09:19:41 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2013/12/29 09:19:41 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2013/12/29 09:16:33 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\MRT
[2013/12/29 05:31:16 | 003,928,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2013/12/29 05:31:16 | 002,776,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msmpeg2vdec.dll
[2013/12/29 05:31:16 | 002,565,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2013/12/29 05:31:16 | 002,284,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msmpeg2vdec.dll
[2013/12/29 05:31:16 | 001,682,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2013/12/29 05:31:16 | 001,643,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2013/12/29 05:31:16 | 001,424,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll
[2013/12/29 05:31:16 | 001,238,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10.dll
[2013/12/29 05:31:16 | 001,158,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2013/12/29 05:31:16 | 000,648,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2013/12/29 05:31:16 | 000,522,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2013/12/29 05:31:16 | 000,465,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll
[2013/12/29 05:31:16 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll
[2013/12/29 05:31:16 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2013/12/29 05:31:16 | 000,363,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll
[2013/12/29 05:31:16 | 000,333,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll
[2013/12/29 05:31:16 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10core.dll
[2013/12/29 05:31:16 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecsExt.dll
[2013/12/29 05:31:16 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIAnimation.dll
[2013/12/29 05:31:16 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2013/12/29 05:31:16 | 000,187,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAnimation.dll
[2013/12/29 05:31:16 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013/12/29 05:31:16 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013/12/29 05:31:16 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013/12/29 05:31:16 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013/12/29 05:31:16 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013/12/29 05:31:16 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013/12/29 05:31:16 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013/12/29 05:31:16 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013/12/29 05:31:16 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
[2013/12/29 05:31:16 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-user32-l1-1-0.dll
[2013/12/29 05:31:16 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013/12/29 05:31:16 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013/12/29 05:31:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
[2013/12/29 05:31:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-version-l1-1-0.dll
[2013/12/29 05:31:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013/12/29 05:31:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013/12/29 05:31:16 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013/12/29 05:31:16 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013/12/29 05:29:07 | 001,887,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll
[2013/12/29 05:29:07 | 001,505,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll
[2013/12/28 13:42:15 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\comctl32.dll
[2013/12/28 13:42:07 | 000,224,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2013/12/28 13:41:53 | 001,474,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2013/12/28 13:41:53 | 000,139,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2013/12/28 13:41:49 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll
[2013/12/28 13:41:33 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\portcls.sys
[2013/12/28 13:41:33 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\drmk.sys
[2013/12/28 13:41:30 | 000,368,128 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2013/12/28 13:41:30 | 000,295,424 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2013/12/28 13:41:29 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll
[2013/12/28 13:41:29 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll
[2013/12/28 13:41:29 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2013/12/28 13:41:29 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lpk.dll
[2013/12/28 13:41:29 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2013/12/28 13:41:29 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dciman32.dll
[2013/12/28 13:41:28 | 001,447,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2013/12/28 13:41:28 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2013/12/28 13:41:27 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2013/12/28 13:41:27 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2013/12/28 13:41:27 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2013/12/28 13:41:24 | 001,161,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2013/12/28 13:41:24 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2013/12/28 13:41:24 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2013/12/28 13:41:24 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2013/12/28 13:41:24 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\smss.exe
[2013/12/28 13:41:24 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2013/12/28 13:41:23 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2013/12/28 13:41:23 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2013/12/28 13:41:23 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2013/12/28 13:41:23 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2013/12/28 13:41:23 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2013/12/28 13:41:23 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2013/12/28 13:41:23 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2013/12/28 13:41:23 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2013/12/28 13:41:23 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2013/12/28 13:41:23 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2013/12/28 13:41:23 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2013/12/28 13:41:23 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2013/12/28 13:41:23 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2013/12/28 13:41:23 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2013/12/28 13:41:23 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2013/12/28 13:41:23 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2013/12/28 13:41:23 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2013/12/28 13:41:23 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2013/12/28 13:41:23 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2013/12/28 13:41:23 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2013/12/28 13:41:23 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/12/28 13:41:23 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2013/12/28 13:41:23 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2013/12/28 13:41:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2013/12/28 13:41:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2013/12/28 13:41:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013/12/28 13:41:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2013/12/28 13:41:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2013/12/28 13:41:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2013/12/28 13:41:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2013/12/28 13:41:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2013/12/28 13:41:22 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\apisetschema.dll
[2013/12/28 13:41:22 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\apisetschema.dll
[2013/12/28 13:41:22 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2013/12/28 13:41:22 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2013/12/28 13:41:22 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2013/12/28 13:41:22 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013/12/28 13:41:22 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2013/12/28 13:41:22 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2013/12/28 13:41:22 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/12/28 13:41:22 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2013/12/28 13:41:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2013/12/28 13:41:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2013/12/28 13:41:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2013/12/28 13:41:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2013/12/28 13:41:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2013/12/28 13:41:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2013/12/28 13:41:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2013/12/28 13:41:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2013/12/28 13:41:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2013/12/28 13:41:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2013/12/28 13:41:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2013/12/28 13:41:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2013/12/28 13:41:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2013/12/28 13:41:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2013/12/28 13:41:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2013/12/28 13:41:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2013/12/28 13:41:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2013/12/28 13:41:15 | 001,888,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVDECOD.DLL
[2013/12/28 13:41:15 | 001,620,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVDECOD.DLL
[2013/12/28 13:41:12 | 000,054,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdfLdr.sys
[2013/12/28 13:41:12 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wdfres.dll
[2013/12/28 13:41:08 | 001,217,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rpcrt4.dll
[2013/12/28 13:41:01 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidclass.sys
[2013/12/28 13:41:01 | 000,032,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidparse.sys
[2013/12/28 13:41:00 | 000,624,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qedit.dll
[2013/12/28 13:41:00 | 000,509,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qedit.dll
[2013/12/28 13:40:59 | 001,111,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorets.dll
[2013/12/28 13:40:43 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shdocvw.dll
[2013/12/28 13:40:38 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2013/12/28 13:40:38 | 000,492,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll
[2013/12/28 13:40:36 | 000,404,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gdi32.dll
[2013/12/28 13:40:31 | 000,124,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationCFFRasterizerNative_v0300.dll
[2013/12/28 13:40:31 | 000,102,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
[2013/12/28 13:40:27 | 001,192,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certutil.exe
[2013/12/28 13:40:27 | 000,903,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certutil.exe
[2013/12/28 13:40:26 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certenc.dll
[2013/12/28 13:40:26 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certenc.dll
[2013/12/28 13:40:16 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scrrun.dll
[2013/12/28 13:40:16 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\scrrun.dll
[2013/12/28 13:40:16 | 000,156,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cscript.exe
[2013/12/28 13:40:16 | 000,150,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wshom.ocx
[2013/12/28 13:40:16 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cscript.exe
[2013/12/28 13:40:16 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wshom.ocx
[2013/12/28 13:40:06 | 000,830,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\nshwfp.dll
[2013/12/28 13:40:06 | 000,656,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\nshwfp.dll
[2013/12/28 13:40:06 | 000,324,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FWPUCLNT.DLL
[2013/12/28 13:40:06 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\FWPUCLNT.DLL
[2013/12/26 15:58:58 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Documents\Star Wars - The Old Republic
[2013/12/21 07:54:15 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\SWTOR
[2013/12/21 07:54:14 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Documents\HeroBlade Logs
[2013/12/20 19:45:57 | 000,000,000 | ---D | C] -- C:\ProgramData\BitRaider
[2013/12/20 19:45:56 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\BitRaider
[2013/12/20 19:45:38 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\SWTORPerf
[2013/12/20 19:43:49 | 004,991,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_38.dll
[2013/12/20 19:43:49 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_38.dll
[2013/12/20 19:43:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA
[2013/12/20 19:43:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\BioWare
[2013/12/20 08:48:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2014/01/04 22:17:24 | 000,001,116 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/01/04 22:14:59 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/01/04 22:14:00 | 000,000,940 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1224842166-2811445709-100843145-500UA.job
[2014/01/04 21:28:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/01/04 16:38:09 | 000,792,550 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/01/04 16:38:09 | 000,669,048 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/01/04 16:38:09 | 000,125,234 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/01/04 16:37:15 | 000,014,224 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/01/04 16:37:15 | 000,014,224 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/01/04 16:32:36 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/01/04 16:31:53 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/01/04 16:31:48 | 3219,787,776 | -HS- | M] () -- C:\hiberfil.sys
[2014/01/03 23:14:00 | 000,000,888 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1224842166-2811445709-100843145-500Core.job
[2014/01/03 11:49:18 | 000,001,997 | ---- | M] () -- C:\Users\Administrator\Documents\Solar panel kit Thunderbolt Magnum Solar - item#68751.rtf
[2013/12/29 18:46:21 | 000,000,136 | ---- | M] () -- C:\Users\Administrator\Desktop\STAR WARS? The Old Republic? - Shortcut.lnk
[2013/12/29 09:20:48 | 000,940,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2013/12/29 09:20:48 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll
[2013/12/29 09:20:39 | 001,051,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2013/12/29 09:20:39 | 000,645,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jsIntl.dll
[2013/12/29 09:20:39 | 000,616,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2013/12/29 09:20:39 | 000,337,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2013/12/29 09:20:39 | 000,235,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll
[2013/12/29 09:20:39 | 000,233,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013/12/29 09:20:39 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2013/12/29 09:20:39 | 000,151,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2013/12/29 09:20:39 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2013/12/29 09:20:39 | 000,083,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2013/12/29 09:20:39 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013/12/29 09:20:39 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013/12/29 09:20:39 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2013/12/29 09:20:39 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2013/12/29 09:20:39 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013/12/29 09:20:39 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2013/12/29 09:20:39 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2013/12/29 09:20:39 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013/12/29 09:20:39 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2013/12/29 09:20:39 | 000,016,284 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2013/12/29 09:20:38 | 001,228,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2013/12/29 09:20:38 | 000,942,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jsIntl.dll
[2013/12/29 09:20:38 | 000,774,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013/12/29 09:20:38 | 000,626,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013/12/29 09:20:38 | 000,616,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2013/12/29 09:20:38 | 000,610,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013/12/29 09:20:38 | 000,548,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013/12/29 09:20:38 | 000,453,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2013/12/29 09:20:38 | 000,413,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2013/12/29 09:20:38 | 000,296,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2013/12/29 09:20:38 | 000,247,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2013/12/29 09:20:38 | 000,235,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013/12/29 09:20:38 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2013/12/29 09:20:38 | 000,167,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2013/12/29 09:20:38 | 000,147,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2013/12/29 09:20:38 | 000,143,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2013/12/29 09:20:38 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2013/12/29 09:20:38 | 000,131,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2013/12/29 09:20:38 | 000,127,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2013/12/29 09:20:38 | 000,116,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2013/12/29 09:20:38 | 000,112,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013/12/29 09:20:38 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2013/12/29 09:20:38 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013/12/29 09:20:38 | 000,101,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2013/12/29 09:20:38 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2013/12/29 09:20:38 | 000,086,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013/12/29 09:20:38 | 000,086,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013/12/29 09:20:38 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013/12/29 09:20:38 | 000,083,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2013/12/29 09:20:38 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2013/12/29 09:20:38 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2013/12/29 09:20:38 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2013/12/29 09:20:38 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2013/12/29 09:20:38 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2013/12/29 09:20:38 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2013/12/29 09:20:38 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2013/12/29 09:20:38 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2013/12/29 09:20:38 | 000,048,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2013/12/29 09:20:38 | 000,040,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2013/12/29 09:20:38 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2013/12/29 09:20:38 | 000,016,284 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2013/12/29 09:20:38 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2013/12/29 09:20:38 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2013/12/29 09:20:38 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2013/12/29 09:19:41 | 005,549,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2013/12/29 09:19:41 | 003,969,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2013/12/29 09:19:41 | 003,914,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2013/12/29 09:19:41 | 001,732,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2013/12/29 09:19:41 | 000,878,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\advapi32.dll
[2013/12/29 09:19:41 | 000,859,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdh.dll
[2013/12/29 09:19:41 | 000,619,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdh.dll
[2013/12/29 09:19:41 | 000,362,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2013/12/29 09:19:41 | 000,243,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2013/12/29 09:19:41 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2013/12/29 09:19:41 | 000,016,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2013/12/29 09:19:41 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2013/12/29 09:19:41 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2013/12/29 09:19:41 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2013/12/29 09:19:41 | 000,005,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2013/12/29 09:19:41 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2013/12/29 06:19:08 | 000,314,216 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/12/29 05:56:56 | 000,785,930 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013/12/29 05:31:16 | 003,928,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2013/12/29 05:31:16 | 002,776,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msmpeg2vdec.dll
[2013/12/29 05:31:16 | 002,565,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2013/12/29 05:31:16 | 002,284,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msmpeg2vdec.dll
[2013/12/29 05:31:16 | 001,682,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2013/12/29 05:31:16 | 001,643,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2013/12/29 05:31:16 | 001,424,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll
[2013/12/29 05:31:16 | 001,238,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10.dll
[2013/12/29 05:31:16 | 001,158,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2013/12/29 05:31:16 | 000,648,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2013/12/29 05:31:16 | 000,522,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2013/12/29 05:31:16 | 000,465,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll
[2013/12/29 05:31:16 | 000,417,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll
[2013/12/29 05:31:16 | 000,364,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2013/12/29 05:31:16 | 000,363,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll
[2013/12/29 05:31:16 | 000,333,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll
[2013/12/29 05:31:16 | 000,296,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10core.dll
[2013/12/29 05:31:16 | 000,245,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecsExt.dll
[2013/12/29 05:31:16 | 000,221,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\UIAnimation.dll
[2013/12/29 05:31:16 | 000,194,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2013/12/29 05:31:16 | 000,187,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAnimation.dll
[2013/12/29 05:31:16 | 000,010,752 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013/12/29 05:31:16 | 000,010,752 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013/12/29 05:31:16 | 000,009,728 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013/12/29 05:31:16 | 000,009,728 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013/12/29 05:31:16 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013/12/29 05:31:16 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013/12/29 05:31:16 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013/12/29 05:31:16 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013/12/29 05:31:16 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
[2013/12/29 05:31:16 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-user32-l1-1-0.dll
[2013/12/29 05:31:16 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013/12/29 05:31:16 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013/12/29 05:31:16 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
[2013/12/29 05:31:16 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-version-l1-1-0.dll
[2013/12/29 05:31:16 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013/12/29 05:31:16 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013/12/29 05:31:16 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013/12/29 05:31:16 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013/12/29 05:29:07 | 001,887,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll
[2013/12/29 05:29:07 | 001,505,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll
[2013/12/28 13:04:36 | 454,572,908 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2013/12/28 12:55:54 | 000,127,930 | ---- | M] () -- C:\Users\Administrator\Documents\screenshot1.JPG
[2013/12/24 23:24:47 | 000,012,391 | ---- | M] () -- C:\Users\Administrator\Documents\Herbology chart.ods
[2013/12/20 19:48:04 | 000,000,224 | ---- | M] () -- C:\Users\Administrator\Documents\Speech Theropy.rtf
[2013/12/20 18:45:51 | 000,001,161 | ---- | M] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2013/12/14 20:42:00 | 000,000,599 | ---- | M] () -- C:\Users\Administrator\Documents\Rabbit Pot Pie.rtf
[2013/12/12 20:00:05 | 000,002,526 | ---- | M] () -- C:\Users\Administrator\Documents\How to tan a hide.rtf
[2013/12/11 04:28:26 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013/12/11 04:28:26 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013/12/10 09:50:24 | 000,001,140 | ---- | M] () -- C:\Users\Administrator\Documents\Natural De-Skunking.rtf
[2013/12/09 18:22:32 | 000,000,494 | ---- | M] () -- C:\Users\Administrator\Documents\Facial cleaner.rtf
[2013/12/09 18:12:25 | 000,000,838 | ---- | M] () -- C:\Users\Administrator\Documents\Deodorant.rtf
[2013/12/07 22:46:40 | 000,001,927 | ---- | M] () -- C:\Users\Administrator\Documents\Grant proposal.rtf

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2014/01/03 11:49:18 | 000,001,997 | ---- | C] () -- C:\Users\Administrator\Documents\Solar panel kit Thunderbolt Magnum Solar - item#68751.rtf
[2013/12/29 18:46:21 | 000,000,136 | ---- | C] () -- C:\Users\Administrator\Desktop\STAR WARS? The Old Republic? - Shortcut.lnk
[2013/12/29 09:20:39 | 000,016,284 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2013/12/29 09:20:38 | 000,016,284 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2013/12/28 13:41:12 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2013/12/28 12:55:37 | 000,127,930 | ---- | C] () -- C:\Users\Administrator\Documents\screenshot1.JPG
[2013/12/24 23:24:46 | 000,012,391 | ---- | C] () -- C:\Users\Administrator\Documents\Herbology chart.ods
[2013/12/15 17:55:43 | 000,000,224 | ---- | C] () -- C:\Users\Administrator\Documents\Speech Theropy.rtf
[2013/12/14 20:42:00 | 000,000,599 | ---- | C] () -- C:\Users\Administrator\Documents\Rabbit Pot Pie.rtf
[2013/12/12 20:00:04 | 000,002,526 | ---- | C] () -- C:\Users\Administrator\Documents\How to tan a hide.rtf
[2013/12/10 09:50:24 | 000,001,140 | ---- | C] () -- C:\Users\Administrator\Documents\Natural De-Skunking.rtf
[2013/12/09 18:22:16 | 000,000,494 | ---- | C] () -- C:\Users\Administrator\Documents\Facial cleaner.rtf
[2013/12/09 18:12:24 | 000,000,838 | ---- | C] () -- C:\Users\Administrator\Documents\Deodorant.rtf
[2013/09/09 18:22:50 | 000,003,740 | ---- | C] () -- C:\Program Files (x86)\Mozilla Firefoxsafeguard-secure-search.xml
[2013/06/11 13:37:55 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2013/06/11 13:37:55 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2013/06/11 13:37:55 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2013/06/11 13:37:55 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2013/06/11 13:37:55 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011/09/22 12:52:01 | 000,070,249 | ---- | C] () -- C:\Users\Administrator\2011 Application Free.Reduced Lunch.pdf
[2011/09/22 12:38:45 | 000,176,921 | ---- | C] () -- C:\Users\Administrator\Student and LC Check List.pdf
[2011/09/22 12:38:05 | 000,318,832 | ---- | C] () -- C:\Users\Administrator\Creating a Student Account.pdf
[2011/09/22 12:37:59 | 000,349,453 | ---- | C] () -- C:\Users\Administrator\How to Kmail a Specific Teacher.pdf
[2011/09/22 12:37:21 | 000,164,791 | ---- | C] () -- C:\Users\Administrator\Progress Hours Guidelines 2011-12.pdf
[2011/09/22 12:37:01 | 000,189,197 | ---- | C] () -- C:\Users\Administrator\Logging Attendance.pdf
[2010/03/21 20:05:29 | 000,003,974 | ---- | C] () -- C:\Users\Administrator\.recently-used.xbel
[2010/01/21 23:03:23 | 000,007,616 | ---- | C] () -- C:\Users\Administrator\AppData\Local\Resmon.ResmonCfg

[color=#E56717]========== ZeroAccess Check ==========[/color]

[2009/07/13 23:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/07/25 21:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/25 20:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 20:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 07:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 20:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

< End of report >

OTL Extras logfile created on: 1/4/2014 10:19:29 PM - Run 5
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Administrator\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16428)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

4.00 Gb Total Physical Memory | 2.50 Gb Available Physical Memory | 62.61% Memory free
7.99 Gb Paging File | 6.52 Gb Available in Paging File | 81.50% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 265.66 Gb Total Space | 133.37 Gb Free Space | 50.20% Space Free | Partition Type: NTFS
Drive R: | 200.00 Gb Total Space | 66.99 Gb Free Space | 33.49% Space Free | Partition Type: NTFS

Computer Name: HEATHERPC | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-1224842166-2811445709-100843145-500\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[color=#E56717]========== Shell Spawning ==========[/color]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

[color=#E56717]========== Security Center Settings ==========[/color]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[color=#E56717]========== System Restore Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[color=#E56717]========== Firewall Settings ==========[/color]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[color=#E56717]========== Authorized Applications List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02109923-58DE-436D-99FF-1C6DD6DCEB2D}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{04C551AF-F1EC-4FA1-8D32-1E8A952E3B11}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{1D3C15FD-83BD-4A52-A91C-23F554087069}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{21C3F113-25C0-4EF0-9677-2D6FC3899A39}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{296DDE05-E3D3-4B37-B5A6-5BEB77E8E1FF}" = lport=10243 | protocol=6 | dir=in | app=system |
"{2DD6F556-97A1-43CE-A99F-A68D729FB428}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{2EA41563-AA5A-4568-8311-16BCAA54E556}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{3B893F0D-45C7-45BC-8565-E4D8E588D879}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{3BEBCE02-90E6-49C2-AB8E-D0E133F973C4}" = rport=445 | protocol=6 | dir=out | app=system |
"{3EAC3896-AB20-408A-B67F-FCD282957212}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{3FBDCD98-6359-43BC-8966-6AC5360C751B}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{41FDEC60-1232-4C72-AFA7-38E9E76C6F9E}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{4E4A9301-16EE-4A5E-AFC0-4E1F563A61BF}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{544C6F0B-BB87-432E-ADED-420D13C3CF08}" = rport=138 | protocol=17 | dir=out | app=system |
"{58A192BB-67A4-4AEE-B875-C0CDA81E4E2B}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |
"{5AEAFD0F-EFF7-4399-B4DB-D7236F445CD1}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{6D99F18E-E6E9-4872-A377-A1D526D8E516}" = lport=445 | protocol=6 | dir=in | app=system |
"{782F927A-1613-4631-9190-154E2545688B}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{7A0A307E-7CEC-42D2-9D8F-DF075DFB74DA}" = rport=137 | protocol=17 | dir=out | app=system |
"{88381AFE-21D5-44F7-9B09-0ACCE6C3F4A5}" = lport=2869 | protocol=6 | dir=in | app=system |
"{8AD6B1F2-34BF-43A9-809D-EE7ECA4C05E1}" = lport=137 | protocol=17 | dir=in | app=system |
"{8D6326E2-C029-4F58-8CDF-06FC3251BE58}" = lport=139 | protocol=6 | dir=in | app=system |
"{8EBF65DD-2B6A-4005-9D74-B7BC6D054773}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{91203BDD-77BA-4939-A9DB-556F1A9F5DEA}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{A9AB3E78-5AA2-48B4-982A-9D689C8F22CB}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B078800F-29A5-42ED-8248-77313FE6C9E4}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{B4C2AC26-7480-4373-83DC-78B5B14016F5}" = rport=139 | protocol=6 | dir=out | app=system |
"{CB1F74EC-0FED-4478-9607-229EB472B727}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{D11369EC-51CF-4002-9BB9-EE281CD4D2E5}" = rport=10243 | protocol=6 | dir=out | app=system |
"{DA8E7325-DDA2-4C7B-A685-F6559E446910}" = lport=138 | protocol=17 | dir=in | app=system |
"{EEE4E301-CE29-4C52-AC30-7770BEFF820C}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{F7E7FAD8-7360-4935-B119-9702984957AE}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

[color=#E56717]========== Vista Active Application Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00311F48-0F29-488F-8C3B-D8648ED5B8F1}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{0408E68F-5B84-4FD5-A49A-7A30B8F656C8}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{04D6EC3C-DFDF-417A-86F7-DB603D0C3114}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{08D93482-047A-496E-B19B-8581EF1E8FF2}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{098D0CC5-C454-4B56-9968-D47375FF2F6B}" = protocol=6 | dir=in | app=c:\windows\syswow64\arfc\wrtc.exe |
"{0AC43648-D635-49D6-9A04-AC09668D7698}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{0B558FDA-3ED4-49F4-8BEC-F6125F84A329}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{0BC53665-FEFF-4D87-89D4-8085554906D8}" = protocol=17 | dir=in | app=c:\windows\system32\dmwu.exe |
"{0CF63E0B-8161-47D7-A6B8-FCDC89A45540}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{0EC91F12-DDFD-42E0-9049-490C8F1B7F50}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{104CD85C-ED0C-4635-A9A0-2B2C02392CA4}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{10EEAB44-3FB5-4546-8F4D-6B662040E271}" = protocol=17 | dir=in | app=c:\program files (x86)\pinnacle\videospin\programs\rm.exe |
"{1277EADC-BC10-4311-BCE1-A523BB6E5FA1}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{12C0DE8F-7F77-45A3-AE45-3FBE9042DCEC}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{14174ECC-7EA3-4A1B-95DE-36089B84A920}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{1474766B-FA9C-47AB-8436-892E79C2F0BF}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{14C87901-7B5F-4B45-B817-DDE0E2FC6043}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{16FD6CFF-9A27-4474-98DB-665AD42EE260}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{18D10E0E-A629-4B6B-8438-BAB97290F472}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{19FD5AA3-521D-4117-8B7F-CB50F87DF1EB}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{20A40D95-2BBE-4DDE-AA0F-C2975794750A}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{228B0EE6-2D47-4C8F-B09C-11DA7E9DD6A6}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{23602F4D-5DF3-439E-82E1-75678C205C62}" = protocol=6 | dir=in | app=c:\program files (x86)\pinnacle\videospin\programs\rm.exe |
"{2496A364-E9AE-4967-8912-324E9FFC8BAC}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{24FDC758-0F07-41FB-9ED0-83C92BBF9798}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{28FC52AE-8D12-4B3C-8637-BF69F91333FD}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{2952C625-8D4E-44D4-8C51-F3D64E6F18A3}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{2A98A467-D1D5-4D42-96B6-A6D59745F9E4}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{2AF5D644-C2C7-4B41-A699-CFABD4C0886A}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{2CB99F0C-AEDF-49D1-98B5-B12720325EFD}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{2E7C2F63-4C81-42B5-9F4D-329D254FA816}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{31E2B3FA-2F3B-42AE-9031-39B0D7B9F489}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{3329FB89-E472-446A-9834-B76074720973}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{381609CE-9224-4731-B63C-99147B00F0D5}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{38940A29-65AC-4309-8F0F-C470EA8E98D9}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{3A119B52-6641-40C5-9250-44E0A5CA31A7}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{3AEC39A4-C52A-4E25-B15B-5E4A0D0C9502}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{3B5A42EE-1423-4FE1-9AD6-178D9C01C65E}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\bioware\star wars - the old republic\launcher.exe |
"{3B936A4D-70FE-40F9-9EA3-AD6F7F871809}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{3DA3F282-D4F4-4243-A23C-E23952092F02}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{40BB3EF8-E0E7-481D-A010-C23990311C93}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{41E8B170-DFFC-454C-9CFF-2C7E22971EB8}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{42C60383-4B87-4251-91F4-18A94593512E}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{4331AB8D-40FB-41AE-AEAA-A90D87C2F121}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgmfapx.exe |
"{46C9A6B9-42DD-4E13-AF03-0F9CC7C13DD1}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{472BD21F-430D-4ABC-82A6-E8C338BB9091}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{47E2DBF7-BCEE-43B4-BF60-BAE3F5356CE6}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{493F3844-E423-4F17-B42C-1BED80F15B2E}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{494FDB24-D4AD-4588-8530-651E7A5DBCC4}" = protocol=6 | dir=in | app=c:\program files (x86)\pinnacle\videospin\programs\videospin.exe |
"{4AD8ACF5-2367-4F09-AB36-0522F3D2A98C}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{4FCA9B9C-5B8B-4107-A0B2-08F4B53C4190}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{553A812A-53FB-4CE9-AA15-9BB558B72340}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{55A3E1DA-59DC-40D7-B5B7-BF379B56D4EE}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{56186BAB-E98C-4283-8FF4-3F8B81098673}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{56426541-6346-4775-88C8-019A29A81E3D}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{581BB415-4596-45DE-B3ED-11AD05AB8F63}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\bioware\star wars - the old republic\launcher.exe |
"{59DCF8A9-8678-4DD9-850B-75B38745B467}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{5DD658B6-61C5-485E-B520-99A260D45565}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{5E2740FB-0851-4226-B44D-92AAFAB7313F}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{629A74DD-A90E-422F-A071-018401BCF3A4}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{645F4D2E-269E-42A4-B8BC-6008795F73C6}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{6994F34D-EB6D-4302-96C4-392C926E4AA1}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{6C7D6119-C9B4-4B17-AD9D-B52B1B771392}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{6D5E9F76-E9F8-41E6-966E-262787127F87}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{6DB3BF43-3B70-487D-8BD3-513F90446D48}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{6E7E7A67-43B7-41E9-B498-42A8A098BF55}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgmfapx.exe |
"{745188ED-E5ED-4EA6-B3D4-C74B243B94D6}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{752E9BFE-EC43-453F-9799-BF17FE4BBDD8}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{75993784-FD3C-41F1-B94C-15DD585A101C}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{770F4358-C2BC-4BFE-BD8E-179262D625E8}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\bioware\star wars - the old republic\launcher.exe |
"{79ACCB2A-C3D2-4519-B964-1AE5D186731D}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{7D284FB7-EAAA-4E7D-B807-3AD5E6B59621}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{7F61BB87-8A88-47FB-8A0D-05F0078EE8D4}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{812C87E0-0290-466C-8C32-DDD59D0FA250}" = protocol=17 | dir=in | app=c:\windows\syswow64\arfc\wrtc.exe |
"{83586608-9402-4AF5-ABE9-A2D8A6E4D0E5}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{83C70BFC-6935-4C1C-AB8E-EE0907ACC97E}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{83CDBE8E-D964-4C56-B1A6-07DEE8BCA7C4}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{845FD6AD-AE20-4E76-B8B2-41CDC9EC7826}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{8626B8CB-8CD8-4792-A39C-FE5D6EABCED3}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{874D639B-D876-4D1E-91CA-B72868813AC2}" = protocol=6 | dir=out | app=system |
"{877E6A9C-6D1A-4C11-B8BA-666419921E59}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{89777727-4B2E-43A5-AB4E-7D69873AEDBA}" = protocol=17 | dir=in | app=c:\program files (x86)\ventrilo\ventrilo.exe |
"{8C0E317F-C29B-43D6-B206-A5346A9E0118}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{8C697BA1-B55D-4AFE-B534-4E096B6D4DA5}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{8FFA4002-75F3-4C5F-BBCA-0B659B2A052D}" = protocol=17 | dir=in | app=c:\program files (x86)\pinnacle\videospin\programs\videospin.exe |
"{91FA20F8-1720-49CF-8B50-B7FA1171776F}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{92811427-FC93-418C-A6CB-5AE7E3287848}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{92CBCB8D-A58A-40AA-AF7B-65B22C28000B}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{9349092F-74E4-46AC-B3DF-FC4D647D8F1F}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{9539FFAC-6BA1-459C-B82E-B0F63EE5A9C9}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{9548D6C9-91ED-4D1A-8A5A-732A60988442}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{977FA503-4BA5-4DEA-B182-897A2D3F7762}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{97AE8968-DDEE-4446-AF88-058AAA43C64D}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{97E72EF4-70F7-4B4B-8347-3940B2B04B2E}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{9A342156-B72E-4324-A74C-DC5DD9529ECC}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{9B05355E-1802-4EB7-A38C-634BCA293C50}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{9BF2E0E9-4679-48C4-AF61-12EC0E6B964D}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{9C8A57E6-B5FA-47E2-BF61-935E2FF02067}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{A127AC3E-077E-4943-B32E-A9F0A3E51929}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{A3484B5C-9035-4D89-B4CE-0B6D4A2E6822}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{A72A86E5-FC5D-4524-8A71-6191B9F999FA}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{A78AF983-0C55-4F79-AEF0-37BD19267F5F}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{A8A27C97-C374-4052-BC4D-A91116B46E6B}" = protocol=17 | dir=in | app=c:\program files (x86)\pinnacle\videospin\programs\umi.exe |
"{A932002F-7F95-4451-BF44-70501FE751E6}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{A9BB6C83-F497-44C7-9706-6C45CB9419CD}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{B0A00A4A-98AF-479F-A60E-BF78E5900747}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B1BCB113-EAEE-48EB-878B-E617CF367039}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{B2CD3F33-6D33-4173-94E7-9701EBF4D020}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{B370784D-EDB8-4DB5-8F43-BB6907ABA93E}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{B39E4FC6-2F10-45F4-9038-6241CE6B1FE0}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{B414A20A-952C-449F-A094-98D82671D2E2}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{B8A3BE06-8D51-4E8C-B217-1DCB9B7E9134}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{B8ED47A1-B515-444A-8E50-7BC27B8C2AD4}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\bioware\star wars - the old republic\launcher.exe |
"{BA23ED01-CB99-4643-8117-16087874DD3C}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{BEC0A3EF-A18D-45FA-B8AD-0ABDCC7CFFE6}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{BF3E7038-B4AD-4AD0-8BF7-777D2652C65B}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{C13DEF69-1C49-4C49-95E2-066F8B8CC68F}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{C1F1BEF2-B36D-400A-AD00-CF33ECB9F84D}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{C454A1FB-0942-43DA-AC46-CAFD3396C5D1}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{C563A4E2-B99B-468B-9DEE-FB8402CB82A4}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{C69F6E37-D1FD-48A4-B994-7560838BD72D}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{CA7BAACB-1DB2-4251-AC1D-C44C660181EF}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{CAF18376-20C9-4A1B-AB3A-85A60D877CA9}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{CBBF97A8-D882-4E17-BBC4-BC9156111481}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{D059E87B-D188-44A2-AE76-B5E5A63C6CA2}" = protocol=6 | dir=in | app=c:\windows\system32\dmwu.exe |
"{D23F8664-DB14-4685-99E9-455AB57F5F6B}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{D24917D9-BD42-4CAF-BBCB-CE7B22B3EA3A}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{D2D67EF8-C8FD-471F-B44F-B378EBDEFD78}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{D367154C-62CA-4A86-BD04-986431A491AF}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{D3BA2A03-BBDF-4AFA-9A18-0EF8E016C1B2}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D44436BF-CF2E-4027-A2E2-00189BAFFF65}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{D65C7866-91A4-40F6-8440-9D213167241F}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{D6D8519B-6550-42BF-A8D9-ACD187E4E089}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{D9C62700-3E99-4705-8175-8D7F6D506A54}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{DA6DAA1C-8EF4-4F74-9D26-5729392A9E59}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{DB3B50FE-33D8-4DB1-A298-931E80D7139C}" = protocol=6 | dir=in | app=c:\program files (x86)\ventrilo\ventrilo.exe |
"{DCC7FDE4-10D5-49D6-9C6A-CD0477C3E48D}" = protocol=6 | dir=in | app=c:\program files (x86)\pinnacle\videospin\programs\umi.exe |
"{DDDB42EB-3402-4CE0-B135-D1667D27D8F9}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{DE69BFBA-C195-448D-BA58-01C96C855408}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{E29F3C5D-0A90-43DB-8226-45BC27C1F98A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E3A9F768-D423-40F9-BECD-78A7DB887B98}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{E4BD17C6-045D-441D-AB32-75EF7E754742}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{E7642C57-68C8-494D-B6F1-49FB326787E6}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{E7EB89A0-8477-4574-91B1-4958D9CE8444}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{E88CAC5B-23BF-4816-9F4D-C37367C3A57C}" = protocol=6 | dir=in | app=c:\programdata\esafe\egdpsvc.exe |
"{E9C7D95A-0F44-480A-BF48-4B6AE48D5156}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{E9E2A5FF-48BB-4890-A2F2-A6982A70FEB4}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{EAFB3E86-8026-40DA-BFEC-FE3E05258632}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{EBC0D362-AE58-48D5-B25F-9023D3FB0054}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{EE311C9B-B13A-4CE4-B110-26683A4F4E6A}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{EFA59528-040C-416C-A2EB-8A01B4A45E24}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{F075781E-BB22-47C6-B021-5FD16161F42F}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{F0D1A1CE-4718-417B-AC9C-4E7B0CB9FCB5}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{F0F9E34F-EB8F-4215-ACE3-9471A8AE98BB}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{F4B26AC3-0ECF-419D-B758-0BC4E797D9C3}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{F656EA24-FDD9-48E0-BA1F-1024D4BC6C15}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{F7A14DFD-2E65-4832-BDC2-166239565309}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{F9852E3F-B21A-4139-86A4-708CDD6AB8AB}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{FB5D52DF-4EC4-4177-9FAE-3CA2B7437FD4}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{FB7DF6E2-709E-4978-A092-777FA9F75251}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"TCP Query User{1B7F224C-C0A2-44EE-922A-D44B04250C2F}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"TCP Query User{ACBFBD4B-9672-4760-817F-E75ED880DDE9}C:\program files (x86)\turbine\the lord of the rings online\lotroclient.exe" = protocol=6 | dir=in | app=c:\program files (x86)\turbine\the lord of the rings online\lotroclient.exe |
"TCP Query User{EBF520A1-D2C6-436B-BC4B-F7FAB1EE5B11}C:\program files (x86)\turbine\the lord of the rings online\lotroclient.exe" = protocol=6 | dir=in | app=c:\program files (x86)\turbine\the lord of the rings online\lotroclient.exe |
"UDP Query User{5DDE8B11-E298-4964-B616-A9213A2EF60A}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"UDP Query User{A4D17D4A-B5B4-4939-B113-40969E46F370}C:\program files (x86)\turbine\the lord of the rings online\lotroclient.exe" = protocol=17 | dir=in | app=c:\program files (x86)\turbine\the lord of the rings online\lotroclient.exe |
"UDP Query User{D88F583E-B15E-49D0-9152-7C5FDF9A5E64}C:\program files (x86)\turbine\the lord of the rings online\lotroclient.exe" = protocol=17 | dir=in | app=c:\program files (x86)\turbine\the lord of the rings online\lotroclient.exe |

[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{21B133D6-5979-47F0-BE1C-F6A6B304693F}" = Visual Studio 2010 x64 Redistributables
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{4FF9E8AA-D554-4CE7-89F9-B69DAA5A1E98}" = AVG 2013
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 311.06
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 311.06
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 311.06
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.11.3
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"AVG" = AVG 2013
"Defraggler" = Defraggler
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"WinRAR archiver" = WinRAR archiver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02F5BEE7-0AB6-4E42-9BF8-2588AAECC7F2}" = EZ Fonts
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83217040FF}" = Java 7 Update 40
"{2FDBBCEA-62DB-45F4-B6E5-0E1FB2A1F29D}" = Visual C++ 8.0 Runtime Setup Package (x64)
"{3B11D799-48E0-48ED-BFD7-EA655676D8BB}" = Star Wars: The Old Republic
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype? 6.11
"{6421F085-1FAA-DE13-D02A-CFB412C522A4}" = Acrobat.com
"{6ADD0603-16EF-400D-9F9E-486432835002}" = OpenOffice.org 3.2
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo Client
"{7A25D130-4EC8-11E1-BEA4-B8AC6F97B88E}" = Google Earth
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A2433A63-5F5D-40E5-B529-9123C2B3E734}" = 1701 A.D.
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{B3DAF54F-DB25-4586-9EF1-96D24BB14088}" = Windows Movie Maker 2.6
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{E10DB5DA-E576-40EA-A7FC-1CB2A7B283A6}" = NVIDIA PhysX
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"{FEB15887-0932-4D2D-BB85-6AC03FBF1AA8}" = Pinnacle VideoSpin
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"12bbe590-c890-11d9-9669-0800200c9a66_is1" = The Lord of the Rings Online? v03.04.04.8012
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Amazon Kindle" = Amazon Kindle
"ATITool" = ATITool Overclocking Utility
"avast" = avast! Free Antivirus
"AVG SafeGuard toolbar" = AVG SafeGuard toolbar
"BitRaider Web Client" = BitRaider Web Client
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"DMUninstaller" = DMUninstaller
"ffdshow_is1" = ffdshow [rev 2527] [2008-12-19]
"fileopenerpro" = File Opener Pro
"HaaliMkx" = Haali Media Splitter
"Legacy 7.0" = Legacy 7.0
"LegacyChart7_is1" = Legacy Charting 7.0
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Mozilla Firefox 26.0 (x86 en-US)" = Mozilla Firefox 26.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Network Play System (Patching)" = Network Play System (Patching)
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"SumatraPDF" = SumatraPDF
"swtor_swtor" = Star Wars The Old Republic
"VideoPlayer" = VideoPlayer v2.0.6
"YTdetect" = Yahoo! Detect

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-21-1224842166-2811445709-100843145-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome

[color=#E56717]========== Last 20 Event Log Errors ==========[/color]

[ Application Events ]
Error - 12/29/2013 1:30:55 AM | Computer Name = HeatherPC | Source = SideBySide | ID = 16842815
Description = Activation context generation failed for "c:\Program Files (x86)\Common
Files\Adobe AIR\Versions\1.0\Adobe AIR.dll".Error in manifest or policy file "c:\Program
Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" on line 3. The value
"MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute
"version" in element "assemblyIdentity" is invalid.

Error - 12/30/2013 1:31:03 AM | Computer Name = HeatherPC | Source = SideBySide | ID = 16842815
Description = Activation context generation failed for "c:\Program Files (x86)\Common
Files\Adobe AIR\Versions\1.0\Adobe AIR.dll".Error in manifest or policy file "c:\Program
Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" on line 3. The value
"MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute
"version" in element "assemblyIdentity" is invalid.

Error - 12/30/2013 9:49:46 AM | Computer Name = HeatherPC | Source = Application Error | ID = 1000
Description = Faulting application name: jucheck.exe, version: 2.1.9.8, time stamp:
0x51d2fcc9 Faulting module name: ole32.DLL, version: 6.1.7601.17514, time stamp:
0x4ce7b96f Exception code: 0xc000001d Fault offset: 0x00048611 Faulting process id:
0x778 Faulting application start time: 0x01cf0564aecb0236 Faulting application path:
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe Faulting module
path: C:\Windows\syswow64\ole32.DLL Report Id: 3ddeef4d-7159-11e3-81db-0024e801788c

Error - 12/30/2013 9:49:46 AM | Computer Name = HeatherPC | Source = Application Error | ID = 1005
Description = Windows cannot access the file for one of the following reasons: there
is a problem with the network connection, the disk that the file is stored on,
or the storage drivers installed on this computer; or the disk is missing. Windows
closed the program Java(TM) Update Checker because of this error. Program: Java(TM)
Update Checker File: The error value is listed in the Additional Data section. User
Action 1. Open the file again. This situation might be a temporary problem that corrects
itself when the program runs again. 2. If the file still cannot be accessed and -
It is on the network, your network administrator should verify that there is not
a problem with the network and that the server can be contacted. - It is on a removable
disk, for example, a floppy disk or CD-ROM, verify that the disk is fully inserted
into the computer. 3. Check and repair the file system by running CHKDSK. To run
CHKDSK, click Start, click Run, type CMD, and then click OK. At the command prompt,
type CHKDSK /F, and then press ENTER. 4. If the problem persists, restore the file
from a backup copy. 5. Determine whether other files on the same disk can be opened.
If not, the disk might be damaged. If it is a hard disk, contact your administrator
or computer hardware vendor for further assistance. Additional Data Error value: 00000000
Disk
type: 0

Error - 12/30/2013 6:18:28 PM | Computer Name = HeatherPC | Source = MsiInstaller | ID = 11720
Description =

Error - 12/31/2013 1:30:42 AM | Computer Name = HeatherPC | Source = SideBySide | ID = 16842815
Description = Activation context generation failed for "c:\Program Files (x86)\Common
Files\Adobe AIR\Versions\1.0\Adobe AIR.dll".Error in manifest or policy file "c:\Program
Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" on line 3. The value
"MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute
"version" in element "assemblyIdentity" is invalid.

Error - 1/1/2014 1:30:49 AM | Computer Name = HeatherPC | Source = SideBySide | ID = 16842815
Description = Activation context generation failed for "c:\Program Files (x86)\Common
Files\Adobe AIR\Versions\1.0\Adobe AIR.dll".Error in manifest or policy file "c:\Program
Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" on line 3. The value
"MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute
"version" in element "assemblyIdentity" is invalid.

Error - 1/4/2014 1:30:51 AM | Computer Name = HeatherPC | Source = SideBySide | ID = 16842815
Description = Activation context generation failed for "c:\Program Files (x86)\Common
Files\Adobe AIR\Versions\1.0\Adobe AIR.dll".Error in manifest or policy file "c:\Program
Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" on line 3. The value
"MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute
"version" in element "assemblyIdentity" is invalid.

Error - 1/4/2014 5:33:24 PM | Computer Name = HeatherPC | Source = ESENT | ID = 494
Description = taskhost (2328) WebCacheLocal: Database recovery failed with error
-1216 because it encountered references to a database, 'C:\Users\Administrator\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat',
which is no longer present. The database was not brought to a Clean Shutdown state
before it was removed (or possibly moved or renamed). The database engine will
not permit recovery to complete for this instance until the missing database is
re-instated. If the database is truly no longer available and no longer required,
procedures for recovering from this error are available in the Microsoft Knowledge
Base or by following the "more information" link at the bottom of this message.

Error - 1/4/2014 5:33:24 PM | Computer Name = HeatherPC | Source = ESENT | ID = 454
Description = taskhost (2328) WebCacheLocal: Database recovery/restore failed with
unexpected error -1216.

[ System Events ]
Error - 12/29/2013 10:38:33 AM | Computer Name = HeatherPC | Source = Service Control Manager | ID = 7000
Description = The NVIDIA Update Service Daemon service failed to start due to the
following error: %%1069

Error - 12/30/2013 6:18:02 AM | Computer Name = HeatherPC | Source = Service Control Manager | ID = 7000
Description = The Util SaltarSmart service failed to start due to the following
error: %%2

Error - 12/30/2013 6:18:08 AM | Computer Name = HeatherPC | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
Lbd SBRE

Error - 12/30/2013 6:20:09 AM | Computer Name = HeatherPC | Source = Service Control Manager | ID = 7038
Description = The nvUpdatusService service was unable to log on as .\UpdatusUser
with the currently configured password due to the following error: %%1330 To ensure
that the service is configured properly, use the Services snap-in in Microsoft
Management Console (MMC).

Error - 12/30/2013 6:20:09 AM | Computer Name = HeatherPC | Source = Service Control Manager | ID = 7000
Description = The NVIDIA Update Service Daemon service failed to start due to the
following error: %%1069

Error - 1/4/2014 5:31:54 PM | Computer Name = HeatherPC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 4:30:37 PM on ?1/?4/?2014 was unexpected.

Error - 1/4/2014 5:32:12 PM | Computer Name = HeatherPC | Source = Service Control Manager | ID = 7000
Description = The Util SaltarSmart service failed to start due to the following
error: %%2

Error - 1/4/2014 5:32:29 PM | Computer Name = HeatherPC | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
Lbd SBRE

Error - 1/4/2014 5:34:30 PM | Computer Name = HeatherPC | Source = Service Control Manager | ID = 7038
Description = The nvUpdatusService service was unable to log on as .\UpdatusUser
with the currently configured password due to the following error: %%1330 To ensure
that the service is configured properly, use the Services snap-in in Microsoft
Management Console (MMC).

Error - 1/4/2014 5:34:30 PM | Computer Name = HeatherPC | Source = Service Control Manager | ID = 7000
Description = The NVIDIA Update Service Daemon service failed to start due to the
following error: %%1069


< End of report >

work smart..not hard.
afterdawn.com > forums > software, operating systems and more > windows - general discussion > 'search' is coming up
 

Digital video: AfterDawn.com | AfterDawn Forums
Music: MP3Lizard.com
Gaming: Blasteroids.com | Blasteroids Forums | Compare game prices
Software: Software downloads
Blogs: User profile pages
RSS feeds: AfterDawn.com News | Software updates | AfterDawn Forums
International: AfterDawn in Finnish | AfterDawn in Swedish | AfterDawn in Norwegian | download.fi
Navigate: Search | Site map
About us: About AfterDawn Ltd | Advertise on our sites | Rules, Restrictions, Legal disclaimer & Privacy policy
Contact us: Send feedback | Contact our media sales team
 
  © 1999-2024 by AfterDawn Ltd.

  IDG TechNetwork