[code]
OTS logfile created on: 11/4/2011 5:10:33 PM - Run 1
OTS by OldTimer - Version 3.1.46.0     Folder = C:\Users\Chris Reaper\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
4.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 41.00% Memory free
8.00 Gb Paging File | 5.00 Gb Available in Paging File | 67.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 283.44 Gb Total Space | 99.48 Gb Free Space | 35.10% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: CHRISREAPER-PC
Current User Name: Chris Reaper
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
 
[Processes - Safe List]
ots.exe -> C:\Users\Chris Reaper\Desktop\OTS.exe -> [2011/11/04 17:08:35 | 000,646,144 | ---- | M] (OldTimer Tools)
sched.exe -> C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -> [2011/10/11 09:29:38 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG)
avwebgrd.exe -> C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe -> [2011/10/11 09:29:05 | 000,463,824 | ---- | M] (Avira Operations GmbH & Co. KG)
avmailc.exe -> C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe -> [2011/10/11 09:28:56 | 000,342,480 | ---- | M] (Avira Operations GmbH & Co. KG)
avguard.exe -> C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -> [2011/10/11 09:28:54 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG)
avgnt.exe -> C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe -> [2011/10/11 09:28:53 | 000,258,512 | ---- | M] (Avira Operations GmbH & Co. KG)
mbamgui.exe -> C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe -> [2011/08/31 17:00:48 | 000,449,608 | ---- | M] (Malwarebytes Corporation)
mbamservice.exe -> C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -> [2011/08/31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation)
armsvc.exe -> C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -> [2011/06/06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated)
pencommservice.exe -> C:\Program Files (x86)\Common Files\Livescribe\PenComm\PenCommService.exe -> [2011/05/19 20:04:08 | 000,468,992 | ---- | M] (Livescribe)
tomtomhomeservice.exe -> C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe -> [2011/04/22 08:21:10 | 000,092,592 | ---- | M] (TomTom)
bndaemon.exe -> C:\Program Files (x86)\Bradford Networks\Persistent Agent\bndaemon.exe -> [2011/03/07 22:11:40 | 003,079,960 | ---- | M] (Bradford Networks)
lxrsii1s.exe -> C:\Windows\SysWOW64\LxrSII1s.exe -> [2009/12/30 13:21:02 | 000,065,536 | ---- | M] (Lexar Media, Inc.)
nvcsvcmgr.exe -> C:\Program Files (x86)\Nortel\Nortel VPN Client\NvcSvcMgr.exe -> [2009/10/05 09:19:46 | 000,615,704 | ---- | M] (Nortel Networks)
asscrpro.exe -> C:\Windows\AsScrPro.exe -> [2009/10/04 23:59:16 | 003,054,136 | ---- | M] (ASUS)
wcourier.exe -> C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe -> [2009/07/24 13:32:50 | 001,593,344 | ---- | M] ()
fastbootagent.exe -> C:\Windows\SysWOW64\Fast Boot\FastBootAgent.exe -> [2009/07/23 20:13:38 | 000,306,232 | ---- | M] (ASUSTeK Computer Inc.)
controldeckstartup.exe -> C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe -> [2009/07/22 20:58:46 | 000,017,976 | ---- | M] ()
hcontrol.exe -> C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe -> [2009/07/16 13:07:54 | 000,178,744 | ---- | M] (ASUS)
adsmtray.exe -> C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe -> [2009/06/24 15:30:18 | 000,272,952 | ---- | M] (ASUSTek Computer Inc.)
atkosd.exe -> C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe -> [2009/06/19 13:29:26 | 002,488,888 | ---- | M] (ASUS)
asldrsrv.exe -> C:\Program Files (x86)\ASUS\ATK Hotkey\AsLdrSrv.exe -> [2009/06/15 20:30:42 | 000,084,536 | ---- | M] (ASUS)
cnrpc.exe -> C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CNRpc.exe -> [2009/06/11 18:13:40 | 000,158,584 | ---- | M] ()
cinemanowsvc.exe -> C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe -> [2009/06/11 18:13:40 | 000,127,352 | ---- | M] (CinemaNow, Inc.)
cinemanowshell.exe -> C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowShell.exe -> [2009/06/11 18:13:30 | 002,088,296 | ---- | M] (CinemaNow Inc.)
sensorsrv.exe -> C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe -> [2009/05/18 18:58:38 | 000,305,720 | ---- | M] (ASUS)
wdc.exe -> C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe -> [2008/12/22 20:15:34 | 000,174,648 | ---- | M] (ASUS)
brpjp04a.exe -> C:\Program Files (x86)\Brownie\brpjp04a.exe -> [2008/10/17 16:52:16 | 000,099,632 | ---- | M] (brother)
kbfiltr.exe -> C:\Program Files (x86)\ASUS\ATK Hotkey\KBFiltr.exe -> [2008/08/14 00:00:08 | 000,113,208 | ---- | M] (ASUS)
atouch64.exe -> C:\Program Files (x86)\ASUS\ATK Hotkey\Atouch64.exe -> [2008/08/13 23:59:56 | 000,301,624 | ---- | M] ()
ctskmstr.exe -> C:\Program Files (x86)\PharosSystems\Core\CTskMstr.exe -> [2008/05/16 23:12:54 | 000,290,816 | ---- | M] (Pharos Systems International)
adsmsrv.exe -> C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe -> [2008/03/31 05:55:48 | 000,225,280 | ---- | M] (ASUSTek Computer Inc.)
alu.exe -> C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe -> [2007/11/30 14:20:44 | 000,051,768 | ---- | M] ()
gfnexsrv.exe -> C:\Program Files\ATKGFNEX\GFNEXSrv.exe -> [2007/08/08 03:08:40 | 000,094,208 | ---- | M] ()
devsvc.exe -> C:\Program Files (x86)\Common Files\InterVideo\DeviceService\DevSvc.exe -> [2007/03/06 10:35:02 | 000,198,168 | ---- | M] (InterVideo Inc.)
ioctlsvc.exe -> C:\Windows\SysWOW64\IoctlSvc.exe -> [2006/12/19 11:30:26 | 000,081,920 | ---- | M] (Prolific Technology Inc.)
 
[Modules - No Company Name]
presentationframework.aero.ni.dll -> C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\07cdef1a740151932dcf161f3306bd9c\PresentationFramework.Aero.ni.dll -> [2011/10/14 09:13:15 | 000,368,128 | ---- | M] ()
presentationframework.ni.dll -> C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\70e2ca33ffa52c743285dc5b4910a229\PresentationFramework.ni.dll -> [2011/10/14 09:12:34 | 014,339,072 | ---- | M] ()
presentationcore.ni.dll -> C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\7c94a121334aeca7553c7f01290740f0\PresentationCore.ni.dll -> [2011/10/14 09:11:59 | 012,234,752 | ---- | M] ()
windowsbase.ni.dll -> C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\d7a64c28cf0c90e6c48af4f7d6f9ed41\WindowsBase.ni.dll -> [2011/10/14 09:11:45 | 003,347,968 | ---- | M] ()
system.ni.dll -> C:\Windows\assembly\NativeImages_v2.0.50727_32\System\abab08afa60a6f06bdde0fcc9649c379\System.ni.dll -> [2011/10/14 09:11:30 | 007,963,648 | ---- | M] ()
mscorlib.ni.dll -> C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a1a82db68b3badc7c27ea1f6579d22c5\mscorlib.ni.dll -> [2011/10/14 09:11:22 | 011,490,304 | ---- | M] ()
zlib1.dll -> C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll -> [2011/06/24 22:56:36 | 000,087,328 | ---- | M] ()
libxml2.dll -> C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll -> [2011/06/24 22:56:14 | 001,241,888 | ---- | M] ()
office.odf -> C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF -> [2011/03/17 00:11:16 | 004,297,568 | ---- | M] ()
grooveintlresource.dll -> C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll -> [2010/10/20 15:45:26 | 008,801,120 | ---- | M] ()
wcourier.exe -> C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe -> [2009/07/24 13:32:50 | 001,593,344 | ---- | M] ()
controldeckstartup.exe -> C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe -> [2009/07/22 20:58:46 | 000,017,976 | ---- | M] ()
cnrpc.exe -> C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CNRpc.exe -> [2009/06/11 18:13:40 | 000,158,584 | ---- | M] ()
alu.exe -> C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe -> [2007/11/30 14:20:44 | 000,051,768 | ---- | M] ()
overlayiconshlext.dll -> C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt.dll -> [2007/06/15 13:28:36 | 000,147,456 | ---- | M] ()
overlayiconshlext1.dll -> C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll -> [2007/06/01 20:08:18 | 000,143,360 | ---- | M] ()
 
[Win32 Services - Safe List]
64bit-(cmdAgent)  [Auto | Running] -> C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -> [2011/10/07 13:47:14 | 002,663,568 | ---- | M] (COMODO)
64bit-(NisSrv)  [On_Demand | Running] -> c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -> [2011/04/27 17:21:18 | 000,288,272 | ---- | M] (Microsoft Corporation)
64bit-(MsMpSvc)  [Auto | Running] -> c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -> [2011/04/27 17:21:18 | 000,012,784 | ---- | M] (Microsoft Corporation)
64bit-(wlcrasvc)  [Disabled | Stopped] -> C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -> [2010/09/22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation)
64bit-(AFBAgent)  [Auto | Running] -> C:\Windows\SysNative\FBAgent.exe -> [2009/09/15 16:21:58 | 000,359,552 | ---- | M] (ASUSTeK Computer Inc.)
64bit-(WinDefend)  [On_Demand | Stopped] -> C:\Program Files\Windows Defender\MpSvc.dll -> [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation)
64bit-(ATKGFNEXSrv)  [Auto | Running] -> C:\Program Files\ATKGFNEX\GFNEXSrv.exe -> [2007/08/08 03:08:40 | 000,094,208 | ---- | M] ()
(AntiVirSchedulerService) Avira Scheduler [Auto | Running] -> C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -> [2011/10/11 09:29:38 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG)
(AntiVirWebService) Avira Web Protection [Auto | Running] -> C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE -> [2011/10/11 09:29:05 | 000,463,824 | ---- | M] (Avira Operations GmbH & Co. KG)
(AntiVirMailService) Avira Mail Protection [Auto | Running] -> C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe -> [2011/10/11 09:28:56 | 000,342,480 | ---- | M] (Avira Operations GmbH & Co. KG)
(AntiVirService) Avira Realtime Protection [Auto | Running] -> C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -> [2011/10/11 09:28:54 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG)
(MBAMService) MBAMService [Auto | Running] -> C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -> [2011/08/31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation)
(AdobeARMservice) Adobe Acrobat Update Service [Auto | Running] -> C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -> [2011/06/06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated)
(PenCommService) Livescribe Pulse Smartpen Service [Auto | Running] -> C:\Program Files (x86)\Common Files\Livescribe\PenComm\PenCommService.exe -> [2011/05/19 20:04:08 | 000,468,992 | ---- | M] (Livescribe)
(TomTomHOMEService) TomTomHOMEService [Auto | Running] -> C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe -> [2011/04/22 08:21:10 | 000,092,592 | ---- | M] (TomTom)
(BNPagent) Bradford Persistent Agent Service [Auto | Running] -> C:\Program Files (x86)\Bradford Networks\Persistent Agent\bndaemon.exe -> [2011/03/07 22:11:40 | 003,079,960 | ---- | M] (Bradford Networks)
(clr_optimization_v4.0.30319_32) Microsoft .NET Framework NGEN v4.0.30319_X86 [Auto | Stopped] -> C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -> [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation)
(LxrSII1s) Lexar Secure II [Auto | Running] -> C:\Windows\SysWOW64\LxrSII1s.exe -> [2009/12/30 13:21:02 | 000,065,536 | ---- | M] (Lexar Media, Inc.)
(NvcSvcMgr) Nortel VPN Client [Auto | Running] -> C:\Program Files (x86)\Nortel\Nortel VPN Client\NvcSvcMgr.exe -> [2009/10/05 09:19:46 | 000,615,704 | ---- | M] (Nortel Networks)
(FastBootAgent) FastBootAgent [Auto | Running] -> C:\Windows\SysWOW64\Fast Boot\FastBootAgent.exe -> [2009/07/23 20:13:38 | 000,306,232 | ---- | M] (ASUSTeK Computer Inc.)
(ASLDRService) ASLDR Service [Auto | Running] -> C:\Program Files (x86)\ASUS\ATK Hotkey\AsLdrSrv.exe -> [2009/06/15 20:30:42 | 000,084,536 | ---- | M] (ASUS)
(CinemaNow Service) CinemaNow Service [Auto | Running] -> C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe -> [2009/06/11 18:13:40 | 000,127,352 | ---- | M] (CinemaNow, Inc.)
(clr_optimization_v2.0.50727_32) Microsoft .NET Framework NGEN v2.0.50727_X86 [Disabled | Stopped] -> C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -> [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation)
(Pharos Systems ComTaskMaster) Pharos Systems ComTaskMaster [Auto | Running] -> C:\Program Files (x86)\PharosSystems\Core\CTskMstr.exe -> [2008/05/16 23:12:54 | 000,290,816 | ---- | M] (Pharos Systems International)
(ADSMService) ADSM Service [On_Demand | Running] -> C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe -> [2008/03/31 05:55:48 | 000,225,280 | ---- | M] (ASUSTek Computer Inc.)
(Capture Device Service) Capture Device Service [Auto | Running] -> C:\Program Files (x86)\Common Files\InterVideo\DeviceService\DevSvc.exe -> [2007/03/06 10:35:02 | 000,198,168 | ---- | M] (InterVideo Inc.)
(PLFlash DeviceIoControl Service) PLFlash DeviceIoControl Service [Auto | Running] -> C:\Windows\SysWOW64\IoctlSvc.exe -> [2006/12/19 11:30:26 | 000,081,920 | ---- | M] (Prolific Technology Inc.)
 
[Driver Services - Safe List]
64bit-(avkmgr) avkmgr [Kernel | System | Running] -> C:\Windows\SysNative\drivers\avkmgr.sys -> [2011/10/11 09:29:53 | 000,027,760 | ---- | M] (Avira GmbH)
64bit-(avipbb) avipbb [Kernel | System | Running] -> C:\Windows\SysNative\drivers\avipbb.sys -> [2011/10/11 09:29:52 | 000,130,760 | ---- | M] (Avira GmbH)
64bit-(avgntflt) avgntflt [File_System | Auto | Running] -> C:\Windows\SysNative\drivers\avgntflt.sys -> [2011/10/11 09:29:52 | 000,097,312 | ---- | M] (Avira GmbH)
64bit-(MBAMProtector) MBAMProtector [File_System | On_Demand | Running] -> C:\Windows\SysNative\drivers\mbam.sys -> [2011/08/31 17:00:50 | 000,025,416 | ---- | M] (Malwarebytes Corporation)
64bit-(PulseUsb) Livescribe Smartpen USB Driver [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\PulseUsb.sys -> [2011/05/19 20:04:40 | 000,026,112 | ---- | M] (Windows (R) Win 7 DDK provider)
64bit-(USBAAPL64) Apple Mobile USB Driver [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\usbaapl64.sys -> [2011/05/10 08:06:08 | 000,051,712 | ---- | M] (Apple, Inc.)
64bit-(NisDrv) Microsoft Network Inspection System [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\NisDrvWFP.sys -> [2011/04/27 15:25:24 | 000,084,864 | ---- | M] (Microsoft Corporation)
64bit-(amdsata) amdsata [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\amdsata.sys -> [2011/03/11 02:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices)
64bit-(amdxata) amdxata [Kernel | Boot | Running] -> C:\Windows\SysNative\drivers\amdxata.sys -> [2011/03/11 02:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices)
64bit-(RimUsb) BlackBerry Smartphone [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\RimUsb_AMD64.sys -> [2011/02/16 18:23:46 | 000,074,240 | ---- | M] (Research In Motion Limited)
64bit-(igfx) igfx [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\igdkmd64.sys -> [2011/02/11 19:16:38 | 010,628,640 | ---- | M] (Intel Corporation)
64bit-(HpSAMD) HpSAMD [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\HpSAMD.sys -> [2010/11/20 09:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company)
64bit-(TsUsbFlt) TsUsbFlt [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\TsUsbFlt.sys -> [2010/11/20 07:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation)
64bit-(fssfltr) fssfltr [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\fssfltr.sys -> [2010/09/23 00:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation)
64bit-(ivusb) Initio Driver for USB Default Controller [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\ivusb.sys -> [2010/07/29 00:25:10 | 000,029,720 | ---- | M] (Initio Corporation)
64bit-(athr) Atheros Extensible Wireless LAN device driver [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\athrx.sys -> [2010/07/08 09:03:48 | 002,228,736 | ---- | M] (Atheros Communications, Inc.)
64bit-(LxrSII1d) Secure II Driver [Kernel | Auto | Running] -> C:\Windows\SysNative\drivers\LxrSII1d.sys -> [2009/12/30 10:32:04 | 000,063,064 | ---- | M] (Lexar Media, Inc.)
64bit-(pcouffin) VSO Software pcouffin [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\pcouffin.sys -> [2009/11/22 03:21:47 | 000,082,816 | ---- | M] (VSO Software)
64bit-(BTATH_A2DP) Bluetooth A2DP Audio Driver [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\btath_a2dp.sys -> [2009/10/23 11:04:24 | 000,329,728 | ---- | M] (Atheros)
64bit-(BtFilter) BtFilter [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\btfilter.sys -> [2009/10/22 08:49:28 | 000,057,344 | ---- | M] (Atheros)
64bit-(BTATH_HCRP) Bluetooth HCRP Server driver [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\btath_hcrp.sys -> [2009/10/22 08:46:22 | 000,240,128 | ---- | M] (Atheros)
64bit-(AthBTPort) Atheros Virtual Bluetooth Class [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\btath_flt.sys -> [2009/10/21 12:58:14 | 000,031,744 | ---- | M] (Atheros)
64bit-(BTATH_RCP) Bluetooth AVRCP Device [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\btath_rcp.sys -> [2009/10/21 08:42:38 | 000,126,976 | ---- | M] (Atheros)
64bit-(BTATH_BUS) Atheros Bluetooth Bus [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\btath_bus.sys -> [2009/10/20 10:51:28 | 000,025,088 | ---- | M] (Atheros)
64bit-(nvcwfpco) nvcwfpco [Kernel | Auto | Running] -> C:\Windows\SysNative\drivers\nvcwfpco.sys -> [2009/10/05 09:19:48 | 000,077,832 | ---- | M] (Nortel Networks Corporation)
64bit-(NT_NvcA) Nortel VPN Adapter [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\ntnvca.sys -> [2009/10/05 09:19:43 | 000,044,040 | ---- | M] (Nortel Networks)
64bit-(AsDsm) AsDsm [File_System | Boot | Running] -> C:\Windows\SysNative\drivers\AsDsm.sys -> [2009/10/04 23:59:10 | 000,035,384 | ---- | M] (ASUSTek Computer Inc)
64bit-(TIEHDUSB) TI Core USB Driver [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\tiehdusb.sys -> [2009/09/03 17:30:20 | 000,128,512 | ---- | M] (Texas Instruments)
64bit-(L1E) NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\L1E62x64.sys -> [2009/08/23 06:08:10 | 000,056,320 | ---- | M] (Atheros Communications, Inc.)
64bit-(BthAvrcp) Bluetooth AVRCP Profile [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\BthAvrcp.sys -> [2009/08/13 08:38:24 | 000,029,184 | ---- | M] (CSR, plc)
64bit-(AthDfu) Atheros Valkyrie USB BootROM [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\AthDfu.sys -> [2009/07/25 15:23:56 | 000,047,616 | ---- | M] (Windows (R) Codename Longhorn DDK provider)
64bit-(kbfiltr) Keyboard Filter [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\kbfiltr.sys -> [2009/07/20 05:29:39 | 000,015,416 | ---- | M] ( )
64bit-(amdsbs) amdsbs [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\amdsbs.sys -> [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.)
64bit-(LSI_SAS2) LSI_SAS2 [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\lsi_sas2.sys -> [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation)
64bit-(stexstor) stexstor [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\stexstor.sys -> [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology)
64bit-(ROOTMODEM) Microsoft Legacy Modem Driver [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\rootmdm.sys -> [2009/07/13 20:10:47 | 000,011,264 | ---- | M] (Microsoft Corporation)
64bit-(VIAHdAudAddService) VIA High Definition Audio Driver Service [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\viahduaa.sys -> [2009/07/09 04:11:31 | 001,222,144 | ---- | M] (VIA Technologies, Inc.)
64bit-(ETD) ELAN PS/2 Port Input Device [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\ETD.sys -> [2009/07/08 23:11:41 | 000,140,800 | ---- | M] (ELAN Microelectronic Corp.)
64bit-(lullaby) lullaby [File_System | Boot | Running] -> C:\Windows\SysNative\drivers\lullaby.sys -> [2009/06/18 15:18:10 | 000,015,928 | ---- | M] (Windows (R) Win 7 DDK provider)
64bit-(SiSGbeLH) SiS191/SiS190 Ethernet Device NDIS 6.0 Driver [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\SiSG664.sys -> [2009/06/10 16:35:57 | 000,056,832 | ---- | M] (Silicon Integrated Systems Corp.)
64bit-(ebdrv) Broadcom NetXtreme II 10 GigE VBD [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\evbda.sys -> [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation)
64bit-(b06bdrv) Broadcom NetXtreme II VBD [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\bxvbda.sys -> [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation)
64bit-(b57nd60a) Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0 [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\b57nd60a.sys -> [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation)
64bit-(hcw85cir) Hauppauge Consumer Infrared Receiver [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\hcw85cir.sys -> [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.)
64bit-(iaStor) Intel AHCI Controller [Kernel | Boot | Running] -> C:\Windows\SysNative\drivers\iaStor.sys -> [2009/06/04 06:54:35 | 000,408,600 | ---- | M] (Intel Corporation)
64bit-(AmUStor) AM USB Stroage Driver [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\AmUStor.sys -> [2009/05/26 09:32:37 | 000,040,448 | ---- | M] (Alcor Micro, Corp.)
64bit-(SNP2UVC) USB2.0 PC Camera (SNP2UVC) [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\snp2uvc.sys -> [2009/05/20 04:11:05 | 001,799,680 | ---- | M] ()
64bit-(PxHlpa64) PxHlpa64 [Kernel | Boot | Running] -> C:\Windows\SysNative\drivers\PxHlpa64.sys -> [2009/05/20 03:00:00 | 000,055,280 | ---- | M] (Sonic Solutions)
64bit-(GEARAspiWDM) GEAR ASPI Filter Driver [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\GEARAspiWDM.sys -> [2009/05/18 18:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.)
64bit-(MTsensor) ATK0100 ACPI UTILITY [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\ATK64AMD.sys -> [2009/05/12 21:07:19 | 000,015,928 | ---- | M] (ASUS)
64bit-(RimVSerPort) RIM Virtual Serial Port v2 [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\RimSerial_AMD64.sys -> [2009/01/09 17:02:08 | 000,031,744 | ---- | M] (Research in Motion Ltd)
64bit-(adfs) adfs [Kernel | Auto | Running] -> C:\Windows\SysNative\drivers\adfs.sys -> [2008/06/27 11:51:10 | 000,088,632 | ---- | M] (Adobe Systems, Inc.)
64bit-(WimFltr) WimFltr [File_System | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\WimFltr.sys -> [2008/05/23 20:27:28 | 000,154,168 | ---- | M] (Microsoft Corporation)
64bit-(WDC_SAM) WD SCSI Pass Thru driver [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\wdcsam64.sys -> [2008/05/06 16:06:00 | 000,014,464 | ---- | M] (Western Digital Technologies)
64bit-(ManyCam) ManyCam Virtual Webcam, WDM Video Capture Driver [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\ManyCam_x64.sys -> [2008/03/13 03:46:00 | 000,027,136 | ---- | M] (ManyCam LLC.)
64bit-(ASMMAP64) ASMMAP64 [Kernel | Auto | Running] -> C:\Program Files\ATKGFNEX\ASMMAP64.sys -> [2007/07/24 14:11:32 | 000,014,904 | ---- | M] ()
64bit-(MarvinBus) Pinnacle Marvin Bus 64 [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\MarvinBus64.sys -> [2005/09/23 22:18:34 | 000,261,120 | ---- | M] (Pinnacle Systems GmbH)
(WIMMount) WIMMount [File_System | On_Demand | Stopped] -> C:\Windows\SysWOW64\drivers\wimmount.sys -> [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation)
 
[Registry - Safe List]
< 64bit-Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> -> 
< Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> -> 
< Internet Explorer Settings [HKEY_CURRENT_USER\] > -> -> 
HKEY_CURRENT_USER\: Main\\"Start Page" -> my.daemon-search.com -> 
HKEY_CURRENT_USER\: "ProxyEnable" -> 0 -> 
HKEY_CURRENT_USER\: "ProxyOverride" -> *.local -> 
< FireFox Settings [Prefs.js] > -> C:\Users\Chris Reaper\AppData\Roaming\Mozilla\FireFox\Profiles\n5hn24af.default\prefs.js -> 
browser.search.defaultenginename -> "AIM Search" ->
browser.search.defaulturl -> "http://aim.search.aol.com/search/search?query={searchTerms}&invocationType=tb50-ff-aim-chromesbox-en-us" ->
browser.search.selectedEngine -> "DAEMON Search" ->
browser.search.useDBForOrder -> true ->
browser.startup.homepage -> "http://www.google.com/" ->
extensions.enabledItems -> {c2f863cd-0429-48c7-bb54-db756a951760}:5.96.10.6760 ->
extensions.enabledItems -> {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.6 ->
extensions.enabledItems -> {6AC85730-7D0F-4de0-B3FA-21142DD85326}:2.5.5 ->
extensions.enabledItems -> {F8A55C97-3DB6-4961-A81D-0DE0080E53CB}:0.9.5 ->
extensions.enabledItems -> fbdislike@doweb.fr:1.2.3 ->
extensions.enabledItems -> {a7c6cf7f-112c-4500-a7ea-39801a327e5f}:1.0.10 ->
extensions.enabledItems -> {258735dc-6743-4805-95fc-f95941fffdad}:1.3.6 ->
extensions.enabledItems -> {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.9.2 ->
extensions.enabledItems -> {9AA46F4F-4DC7-4c06-97AF-5035170634FE}:4.01 ->
extensions.enabledItems -> isreaditlater@ideashower.com:2.1.1 ->
extensions.enabledItems -> {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20110323 ->
extensions.enabledItems -> {3EC9C995-8072-4fc0-953E-4F30620D17F3}:2.0.0.4 ->
extensions.enabledItems -> {c45c406e-ab73-11d8-be73-000a95be3b12}:1.1.9 ->
extensions.enabledItems -> {5e5ab302-7f65-44cd-8211-c1d4caaccea3}:3.3.3.2 ->
extensions.enabledItems -> {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 ->
extensions.enabledItems -> {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1 ->
extensions.enabledItems -> {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 ->
extensions.enabledItems -> {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.1.94 ->
extensions.enabledItems -> {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.1.94 ->
extensions.enabledItems -> engine@conduit.com:3.3.3.2 ->
extensions.enabledItems -> {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23 ->
extensions.enabledItems -> {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24 ->
keyword.URL -> "http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2706&invocationType=tb50-ff-aim-ab-en-us&query=" ->
< FireFox Settings [User.js] > -> C:\Users\Chris Reaper\AppData\Roaming\Mozilla\FireFox\Profiles\n5hn24af.default\user.js -> 
< FireFox Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla
HKLM\software\mozilla\Firefox\Extensions ->  -> 
HKLM\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video [C:\PROGRAM FILES (X86)\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\HTML5VIDEO] -> [2011/05/01 21:07:26 | 000,000,000 | ---D | M]
HKLM\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa [C:\PROGRAM FILES (X86)\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\WPA] -> [2011/05/01 21:07:26 | 000,000,000 | ---D | M]
HKLM\software\mozilla\Mozilla Firefox 7.0.1\extensions ->  -> 
HKLM\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components -> C:\Program Files (x86)\Mozilla Firefox\components [C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\COMPONENTS] -> [2011/10/28 13:53:58 | 000,000,000 | ---D | M]
HKLM\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins -> C:\Program Files (x86)\Mozilla Firefox\plugins [C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\PLUGINS] -> [2011/10/28 13:53:58 | 000,000,000 | ---D | M]
HKLM\software\mozilla\Mozilla Thunderbird 7.0.1\extensions ->  -> 
HKLM\software\mozilla\Mozilla Thunderbird 7.0.1\extensions\\Components -> C:\Program Files (x86)\Mozilla Thunderbird\components [C:\PROGRAM FILES (X86)\MOZILLA THUNDERBIRD\COMPONENTS] -> [2011/10/28 13:53:58 | 000,000,000 | ---D | M]
HKLM\software\mozilla\Mozilla Thunderbird 7.0.1\extensions\\Plugins -> C:\Program Files (x86)\Mozilla Thunderbird\plugins [C:\PROGRAM FILES (X86)\MOZILLA THUNDERBIRD\PLUGINS] -> [2011/10/28 13:53:58 | 000,000,000 | ---D | M]
< FireFox Extensions [User Folders] > -> 
  -> C:\Users\Chris Reaper\AppData\Roaming\Mozilla\Extensions -> [2011/02/04 16:07:18 | 000,000,000 | ---D | M]
No name found   -> C:\Users\Chris Reaper\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6} -> [2010/01/19 23:45:46 | 000,000,000 | ---D | M]
  -> C:\Users\Chris Reaper\AppData\Roaming\Mozilla\Extensions\home2@tomtom.com -> [2011/02/04 16:07:18 | 000,000,000 | ---D | M]
  -> C:\Users\Chris Reaper\AppData\Roaming\Mozilla\Extensions\mozswing@mozswing.org -> [2009/11/28 20:19:39 | 000,000,000 | ---D | M]
  -> C:\Users\Chris Reaper\AppData\Roaming\Mozilla\Firefox\Profiles\n5hn24af.default\extensions -> [2011/10/27 21:25:58 | 000,000,000 | ---D | M]
Flash Game Maximizer   -> C:\Users\Chris Reaper\AppData\Roaming\Mozilla\Firefox\Profiles\n5hn24af.default\extensions\{258735dc-6743-4805-95fc-f95941fffdad} -> [2010/01/25 22:31:21 | 000,000,000 | ---D | M]
WeatherBug   -> C:\Users\Chris Reaper\AppData\Roaming\Mozilla\Firefox\Profiles\n5hn24af.default\extensions\{3EC9C995-8072-4fc0-953E-4F30620D17F3} -> [2010/01/01 13:14:12 | 000,000,000 | ---D | M]
ColorZilla   -> C:\Users\Chris Reaper\AppData\Roaming\Mozilla\Firefox\Profiles\n5hn24af.default\extensions\{6AC85730-7D0F-4de0-B3FA-21142DD85326} -> [2011/10/04 10:45:49 | 000,000,000 | ---D | M]
WOT   -> C:\Users\Chris Reaper\AppData\Roaming\Mozilla\Firefox\Profiles\n5hn24af.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} -> [2011/07/10 06:52:22 | 000,000,000 | ---D | M]
"Free YouTube Download (Free Studio) Menu"   -> C:\Users\Chris Reaper\AppData\Roaming\Mozilla\Firefox\Profiles\n5hn24af.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} -> [2010/05/14 21:03:10 | 000,000,000 | ---D | M]
Web Developer   -> C:\Users\Chris Reaper\AppData\Roaming\Mozilla\Firefox\Profiles\n5hn24af.default\extensions\{c45c406e-ab73-11d8-be73-000a95be3b12} -> [2011/01/07 18:46:53 | 000,000,000 | ---D | M]
Greasemonkey   -> C:\Users\Chris Reaper\AppData\Roaming\Mozilla\Firefox\Profiles\n5hn24af.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781} -> [2011/10/11 12:49:55 | 000,000,000 | ---D | M]
Download Manager Tweak   -> C:\Users\Chris Reaper\AppData\Roaming\Mozilla\Firefox\Profiles\n5hn24af.default\extensions\{F8A55C97-3DB6-4961-A81D-0DE0080E53CB} -> [2010/12/09 15:41:21 | 000,000,000 | ---D | M]
  -> C:\Users\Chris Reaper\AppData\Roaming\Mozilla\Firefox\Profiles\n5hn24af.default\extensions\engine@conduit.com -> [2011/03/21 21:03:30 | 000,000,000 | ---D | M]
  -> C:\Users\Chris Reaper\AppData\Roaming\Mozilla\Firefox\Profiles\n5hn24af.default\extensions\fbdislike@doweb.fr -> [2011/10/04 09:17:34 | 000,000,000 | ---D | M]
< FireFox SearchPlugins [User Folders] > -> 
 aim-search.xml -> C:\Users\Chris Reaper\AppData\Roaming\Mozilla\FireFox\Profiles\n5hn24af.default\searchplugins\aim-search.xml -> [2009/12/14 20:37:07 | 000,004,554 | ---- | M] ()
 daemon-search.xml -> C:\Users\Chris Reaper\AppData\Roaming\Mozilla\FireFox\Profiles\n5hn24af.default\searchplugins\daemon-search.xml -> [2011/02/08 23:36:43 | 000,002,059 | ---- | M] ()
< FireFox Extensions [Program Folders] > -> 
  -> C:\Program Files (x86)\Mozilla Firefox\extensions -> [2011/10/14 08:56:39 | 000,000,000 | ---D | M]
Skype Click to Call   -> C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} -> [2011/10/15 00:13:55 | 000,000,000 | ---D | M]
Java Console   -> C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} -> [2010/04/29 21:18:05 | 000,000,000 | ---D | M]
Java Console   -> C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} -> [2010/11/03 18:41:30 | 000,000,000 | ---D | M]
Java Console   -> C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} -> [2011/02/15 00:07:22 | 000,000,000 | ---D | M]
Java Console   -> C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} -> [2011/02/16 15:49:34 | 000,000,000 | ---D | M]
Java Console   -> C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} -> [2011/09/11 12:56:20 | 000,000,000 | ---D | M]
Java Console   -> C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} -> [2011/10/14 08:56:39 | 000,000,000 | ---D | M]
No name found -> C:\USERS\CHRIS REAPER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N5HN24AF.DEFAULT\EXTENSIONS\{9AA46F4F-4DC7-4C06-97AF-5035170634FE}.XPI -> ()
No name found -> C:\USERS\CHRIS REAPER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N5HN24AF.DEFAULT\EXTENSIONS\{A7C6CF7F-112C-4500-A7EA-39801A327E5F}.XPI -> ()
No name found -> C:\USERS\CHRIS REAPER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N5HN24AF.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI -> ()
No name found -> C:\USERS\CHRIS REAPER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N5HN24AF.DEFAULT\EXTENSIONS\ISREADITLATER@IDEASHOWER.COM.XPI -> ()
< HOSTS File > ([2011/10/16 19:57:42 | 000,000,027 | ---- | M] - 1 lines) -> C:\Windows\SysNative\Drivers\etc\hosts -> 
Reset Hosts
127.0.0.1       localhost
< 64bit-BHO's [HKEY_LOCAL_MACHINE] > -> 64bit-HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ -> 
{DBC80044-A445-435b-BC74-9C25C1C588A9} [HKLM] -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [Java(tm) Plug-In 2 SSV Helper] -> [2011/08/23 11:33:02 | 000,075,656 | ---- | M] (Oracle Corporation)
< BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ -> 
{326E768D-4182-46FD-9C16-1449A49795F4} [HKLM] -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [DivX Plus Web Player HTML5 <video>] -> [2011/02/07 20:17:52 | 003,118,976 | ---- | M] (DivX, LLC)
{593DDEC6-7468-4cdd-90E1-42DADAA222E9} [HKLM] -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [DivX HiQ] -> [2011/02/07 20:17:52 | 003,118,976 | ---- | M] (DivX, LLC)
{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} [HKLM] -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [Skype Browser Helper] -> [2011/10/10 11:09:16 | 003,834,016 | ---- | M] (Skype Technologies S.A.)
{d2ce3e00-f94a-4740-988e-03dc2f38c34f} [HKLM] -> C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2291.0\npwinext.dll [Bing Bar BHO] -> [2010/08/24 16:11:42 | 000,612,616 | ---- | M] (Microsoft Corporation)
< 64bit-Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar -> 
"{32099AAC-C132-4136-9E9A-4E364A424E17}" [HKLM] -> Reg Error: Key error. [DAEMON Tools Toolbar] -> File not found
< Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar -> 
"{8dcb7100-df86-4384-8842-8fa844297b3f}" [HKLM] -> C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2291.0\npwinext.dll [@C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2291.0\npwinext.dll,-100] -> [2010/08/24 16:11:42 | 000,612,616 | ---- | M] (Microsoft Corporation)
"Locked" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
< Internet Explorer ToolBars [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ -> 
WebBrowser\\"{32099AAC-C132-4136-9E9A-4E364A424E17}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
< 64bit-Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> 
"COMODO Internet Security" -> C:\Program Files\COMODO\COMODO Internet Security\cfp.exe ["C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h] -> [2011/10/20 07:58:42 | 009,264,456 | ---- | M] (COMODO)
"HotKeysCmds" -> C:\Windows\SysNative\hkcmd.exe [C:\Windows\system32\hkcmd.exe] -> [2011/02/11 19:25:38 | 000,386,584 | ---- | M] (Intel Corporation)
"IgfxTray" -> C:\Windows\SysNative\igfxtray.exe [C:\Windows\system32\igfxtray.exe] -> [2011/02/11 19:25:56 | 000,162,328 | ---- | M] (Intel Corporation)
"Persistence" -> C:\Windows\SysNative\igfxpers.exe [C:\Windows\system32\igfxpers.exe] -> [2011/02/11 19:25:46 | 000,417,304 | ---- | M] (Intel Corporation)
< Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> 
"APSDaemon" -> C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe ["C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"] -> [2011/09/27 07:22:28 | 000,059,240 | ---- | M] (Apple Inc.)
"avgnt" -> C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe ["C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min] -> [2011/10/11 09:28:53 | 000,258,512 | ---- | M] (Avira Operations GmbH & Co. KG)
"BrStsWnd" -> C:\Program Files (x86)\Brownie\BrstsW64.exe [C:\Program Files (x86)\Brownie\BrstsW64.exe Autorun] -> [2009/08/19 14:41:26 | 003,695,928 | ---- | M] (brother)
"Malwarebytes' Anti-Malware" -> C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe ["C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray] -> [2011/08/31 17:00:48 | 000,449,608 | ---- | M] (Malwarebytes Corporation)
< Software Policy Settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer -> 
< Software Policy Settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\Internet Explorer -> 
< CurrentVersion Policy Settings - Explorer [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"AllowLegacyWebView" ->  [1] -> File not found
\\"AllowUnhashedWebView" ->  [1] -> File not found
\\"NoDrives" ->  [0] -> File not found
< CurrentVersion Policy Settings - System [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System
\\"ConsentPromptBehaviorAdmin" ->  [0] -> File not found
\\"ConsentPromptBehaviorUser" ->  [3] -> File not found
\\"EnableLUA" ->  [0] -> File not found
\\"PromptOnSecureDesktop" ->  [0] -> File not found
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats
< CurrentVersion Policy Settings - Explorer [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDriveTypeAutoRun" ->  [145] -> File not found
\\"NoDrives" ->  [0] -> File not found
< CurrentVersion Policy Settings - System [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> 
< 64bit-Internet Explorer Menu Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\ -> 
Free YouTube to MP3 Converter -> C:\Users\Chris Reaper\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm [C:\Users\Chris Reaper\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm] -> [2011/11/01 21:15:45 | 000,000,273 | ---- | M] ()
< Internet Explorer Menu Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\ -> 
E&xport to Microsoft Excel ->  [res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000] -> File not found
Free YouTube to MP3 Converter -> C:\Users\Chris Reaper\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm [C:\Users\Chris Reaper\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm] -> [2011/11/01 21:15:45 | 000,000,273 | ---- | M] ()
Se&nd to OneNote ->  [res:///105] -> File not found
< Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ -> 
{898EA8C8-E7FF-479B-8935-AEC46303B9E5}:{898EA8C8-E7FF-479B-8935-AEC46303B9E5} [HKLM] -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [Button: Skype Click to Call] -> [2011/10/10 11:09:16 | 003,834,016 | ---- | M] (Skype Technologies S.A.)
{898EA8C8-E7FF-479B-8935-AEC46303B9E5}:{898EA8C8-E7FF-479B-8935-AEC46303B9E5} [HKLM] -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [Menu: Skype Click to Call] -> [2011/10/10 11:09:16 | 003,834,016 | ---- | M] (Skype Technologies S.A.)
< 64bit-Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ -> 
PluginsPageFriendlyName -> Microsoft ActiveX Gallery -> 
PluginsPage -> http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s -> 
< Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ -> 
< 64bit-Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix
"" -> http://
< Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix
"" -> http://
< 64bit-Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 7430 domain(s) found. -> 
< 64bit-Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 36 range(s) found. -> 
< Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 7430 domain(s) found. -> 
< Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 36 range(s) found. -> 
< Trusted Sites Domains [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 7431 domain(s) found. -> 
cinemanow.com .[http] -> Trusted sites -> 
cinemanow.com .[https] -> Trusted sites -> 
< Trusted Sites Ranges [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 36 range(s) found. -> 
< 64bit-Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ -> 
{8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> http://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab [Java Plug-in 10.0.0] -> 
{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab [Java Plug-in 1.7.0] -> 
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab [Reg Error: Key error.] -> 
< Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ -> 
{8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab [Java Plug-in 1.6.0_27] -> 
{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab [Java Plug-in 1.6.0_27] -> 
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab [Java Plug-in 1.6.0_27] -> 
{D27CDB6E-AE6D-11CF-96B8-444553540000} [HKLM] -> http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab [Shockwave Flash Object] -> 
< Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\ -> 
DhcpNameServer -> 10.8.1.231 10.8.1.237 -> 
< Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ -> 
{ECA166F0-A4A0-4C34-B335-E573B8A0C591}\\DhcpNameServer -> 10.8.1.231 10.8.1.237   (Atheros AR9285 Wireless Network Adapter) -> 
< 64bit-AppInit_DLLs [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs -> 
64bit-*AppInit_DLLs* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls -> 
C:\Windows\System32\guard64.dll -> C:\Windows\SysNative\guard64.dll -> [2011/10/07 13:47:08 | 000,388,280 | ---- | M] (COMODO)
C:\Windows\system32\guard64.dll -> C:\Windows\SysNative\guard64.dll -> [2011/10/07 13:47:08 | 000,388,280 | ---- | M] (COMODO)
*MultiFile Done* -> -> 
< AppInit_DLLs [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs -> 
*AppInit_DLLs* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls -> 
C:\Windows\SysWOW64\guard32.dll -> C:\Windows\SysWOW64\guard32.dll -> [2011/10/07 13:47:10 | 000,300,200 | ---- | M] (COMODO)
*MultiFile Done* -> -> 
< 64bit-Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> 
64bit-*Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell -> 
Explorer.exe -> C:\Windows\explorer.exe -> [2011/02/25 02:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation)
*MultiFile Done* -> -> 
64bit-*UserInit* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit -> 
C:\Windows\system32\userinit.exe -> C:\Windows\SysNative\userinit.exe -> [2010/11/20 09:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation)
*MultiFile Done* -> -> 
64bit-*VMApplet* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet -> 
SystemPropertiesPerformance.exe -> C:\Windows\SysNative\SystemPropertiesPerformance.exe -> [2009/07/13 21:39:47 | 000,082,432 | ---- | M] (Microsoft Corporation)
/pagefile ->  -> File not found
*MultiFile Done* -> -> 
< Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> 
*Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell -> 
Explorer.exe -> C:\Windows\SysWow64\explorer.exe -> [2011/02/25 01:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation)
*MultiFile Done* -> -> 
*UserInit* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit -> 
C:\Windows\system32\userinit.exe -> C:\Windows\SysWOW64\userinit.exe -> [2010/11/20 08:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation)
*MultiFile Done* -> -> 
*VMApplet* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet -> 
/pagefile ->  -> File not found
*MultiFile Done* -> -> 
< 64bit-Winlogon\Notify settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ -> 
igfxcui -> C:\Windows\SysNative\igfxdev.dll -> [2011/02/11 18:45:30 | 000,272,896 | ---- | M] (Intel Corporation)
< Vista Active Firewall Rules > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules -> 
{013D8FC2-AB9A-4970-BEE1-53294408F43E} -> lport=rpc-epmap | profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-28539 | svc=rpcss | 
{0233FA5B-E694-49F4-9864-ECF2B6532671} -> lport=808 | protocol=6 | dir=in | action=allow | name=@c:\windows\microsoft.net\framework64\v4.0.30319\\servicemodelevents.dll,-2000 | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe | svc=nettcpactivator | 
{03EF1FEC-FF31-4995-A0BC-C107529FEA74} -> lport=1900 | profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-30820 | app=%systemroot%\system32\svchost.exe | svc=ssdpsrv | 
{121EE8A4-C579-4A9B-BCC1-F51B7AA39E59} -> rport=5355 | profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-28550 | app=%systemroot%\system32\svchost.exe | svc=dnscache | 
{14257FA7-8316-4364-963A-CD8A75ADC52F} -> lport=3390 | profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-30793 | app=system | 
{1ABCD21B-7EB8-4610-AC8A-F2AEBDE970A2} -> lport=rpc | profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-28535 | app=%systemroot%\system32\spoolsv.exe | svc=spooler | 
{24D616D1-0B47-42AF-A18E-37F1300E809D} -> lport=3702 | profile=public | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-32809 | app=%systemroot%\system32\svchost.exe | svc=fdrespub | 
{259D6CDA-C42C-43C3-B71A-70197A1CAF29} -> lport=67 | profile=domain | protocol=17 | dir=in | action=allow | name=@hnetcfg.dll,-144 | app=%systemroot%\system32\svchost.exe | svc=sharedaccess | 
{2AEA6013-433A-4C2D-BD4C-BD7865328C85} -> rport=1900 | profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-30757 | app=%systemroot%\system32\svchost.exe | svc=ssdpsrv | 
{2CD4DBA5-23EE-48FE-A453-66A98DB14D8B} -> lport=10243 | profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-31285 | app=system | 
{2FA1504B-2C5B-4C40-8551-6C2B41F727A3} -> lport=1900 | profile=domain | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-30820 | app=%systemroot%\system32\svchost.exe | svc=ssdpsrv | 
{33669885-D2C4-4D8D-8EBE-047DC86B6F68} -> lport=10244 | profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-30785 | app=system | 
{34158388-D7AF-4577-A434-7B708E57479B} -> rport=2177 | profile=domain | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-30773 | app=%systemroot%\system32\svchost.exe | svc=qwave | 
{3A0AC9F8-6390-46EF-A024-A1235F94712C} -> rport=3702 | profile=public | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-32789 | app=%systemroot%\system32\svchost.exe | svc=fdphost | 
{3CC35FDC-F3FE-43FC-8BB5-FBF83E543BBE} -> lport=5355 | profile=public | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-28548 | app=%systemroot%\system32\svchost.exe | svc=dnscache | 
{4237BEE7-06EE-40E6-9602-01D90EF6A7DB} -> rport=5355 | profile=public | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-32805 | app=%systemroot%\system32\svchost.exe | svc=dnscache | 
{492E4867-8FE7-4550-905C-31452B95DA9A} -> rport=2177 | profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-30773 | app=%systemroot%\system32\svchost.exe | svc=qwave | 
{4B05781B-7D81-4303-8D4E-B6EE4E932992} -> rport=137 | profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-28523 | app=system | 
{4B2662CA-5DE4-4268-9B58-941BE50EB519} -> lport=1900 | profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-30753 | app=%systemroot%\system32\svchost.exe | svc=ssdpsrv | 
{56ECA5FD-EC05-4BDC-A849-878A142BC18B} -> lport=445 | profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-28511 | app=system | 
{5A7DD7D1-103C-4CAF-83F5-A27D19024556} -> lport=2869 | protocol=6 | dir=in | action=allow | name=windows live communications platform (upnp) | 
{5E334F9E-04A5-4515-A31A-5D3ABE9C2CE6} -> rport=5355 | profile=public | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-28550 | app=%systemroot%\system32\svchost.exe | svc=dnscache | 
{60F645E5-717D-4130-B37B-1AAE704D40BE} -> rport=2177 | profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-31257 | app=%systemroot%\system32\svchost.exe | svc=qwave | 
{684128D3-308B-444E-9216-2A2869FC2C04} -> lport=2177 | profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-30769 | app=%systemroot%\system32\svchost.exe | svc=qwave | 
{6F7ABED3-571D-4EE6-A5CC-1C28FB3796BA} -> lport=1900 | protocol=17 | dir=in | action=allow | name=windows live communications platform (ssdp) | 
{7062348D-FF61-4432-A651-4D8733CA4E68} -> lport=138 | profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-28527 | app=system | 
{7203459A-9120-4127-B7EA-652810800681} -> lport=4482 | profile=public | protocol=6 | dir=in | action=allow | name=blackberry desktop software wireless music sync data transfer | 
{75616670-39AF-43A1-AF14-0D28B6BD5FE6} -> lport=137 | profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-28519 | app=system | 
{767C431A-4E34-41A0-A8EA-F41BC14CD700} -> lport=4482 | profile=private | protocol=17 | dir=in | action=allow | name=blackberry desktop software wireless music sync discovery | 
{78FBE5C0-7F4B-492C-9E71-8C1A1DE26B9E} -> rport=3702 | profile=public | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-32811 | app=%systemroot%\system32\svchost.exe | svc=fdrespub | 
{7A423EB7-E229-4DAF-B12E-3F4A1C9EE367} -> lport=2177 | profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-30777 | app=%systemroot%\system32\svchost.exe | svc=qwave | 
{7DD7867E-19F2-48F6-BC65-D6B9A6F9202B} -> rport=139 | profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-28507 | app=system | 
{7F5F57E1-B233-4CC3-BD31-25C90939AAE4} -> rport=2177 | profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-30781 | app=%systemroot%\system32\svchost.exe | svc=qwave | 
{889D5229-E31B-4539-AA24-3731C2674C16} -> lport=4482 | profile=public | protocol=17 | dir=in | action=allow | name=blackberry desktop software wireless music sync discovery | 
{8C519561-A394-47B0-9FC9-56B9BCB5614B} -> lport=547 | profile=domain | protocol=17 | dir=in | action=allow | name=@hnetcfg.dll,-142 | app=%systemroot%\system32\svchost.exe | svc=sharedaccess | 
{8C66A511-C873-4A61-949C-54FF2F7554E4} -> lport=4481 | profile=public | protocol=17 | dir=in | action=allow | name=blackberry desktop software wireless music sync discovery | 
{8E038543-C18E-4B03-A0FF-032FB2DF9AA6} -> lport=2177 | profile=domain | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-30777 | app=%systemroot%\system32\svchost.exe | svc=qwave | 
{9097F365-E0C3-4524-BC70-0BBC31F24179} -> lport=1900 | profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-31269 | app=%systemroot%\system32\svchost.exe | svc=ssdpsrv | 
{99699900-2399-4789-92BD-55C6472ACEA2} -> lport=5355 | profile=public | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-32801 | app=%systemroot%\system32\svchost.exe | svc=dnscache | 
{9EAFB950-C84B-411B-B430-79215C45A1BF} -> lport=139 | profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-28503 | app=system | 
{9F9DF81D-71AF-40B4-9D65-68A1EA50A1A2} -> rport=10243 | profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31289 | app=system | 
{A249950C-27BD-40C9-A989-3A759586B298} -> lport=2869 | profile=domain | protocol=6 | dir=in | action=allow | name=@hnetcfg.dll,-146 | app=system | 
{A31BEC31-8D39-46B9-8226-5FA2E7229759} -> lport=4481 | profile=private | protocol=6 | dir=in | action=allow | name=blackberry desktop software wireless music sync data transfer | 
{A4447588-589F-444A-AA1A-C8248756A349} -> lport=2177 | profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-31253 | app=%systemroot%\system32\svchost.exe | svc=qwave | 
{A46C26C6-5536-4C84-A9D8-A9A1206512E4} -> lport=2177 | profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-31261 | app=%systemroot%\system32\svchost.exe | svc=qwave | 
{AA73AF4D-7E4A-4550-AAAE-44062382EE02} -> lport=2177 | profile=domain | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-30769 | app=%systemroot%\system32\svchost.exe | svc=qwave | 
{B15ED2E3-6171-4994-AC9B-19324EF9BFF5} -> lport=3702 | profile=public | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-32785 | app=%systemroot%\system32\svchost.exe | svc=fdphost | 
{B1F0AEAE-DA5A-4F02-96B8-85CED9E22261} -> lport=10244 | profile=domain | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-30785 | app=system | 
{B5B370E4-DB06-4001-A312-357D5A844528} -> lport=6004 | profile=public | protocol=17 | dir=in | action=allow | name=microsoft office outlook | app=c:\program files\microsoft office\office14\outlook.exe | 
{B66AC758-7960-4A84-80FB-2D41809E9B84} -> lport=1900 | profile=public | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-32753 | app=%systemroot%\system32\svchost.exe | svc=ssdpsrv | 
{B76D3DFE-CFBE-4B97-BF56-F8C182B6BC37} -> rport=1900 | profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-31273 | app=%systemroot%\system32\svchost.exe | svc=ssdpsrv | 
{B8E205BC-E747-455D-9691-DB7C1DB016AC} -> lport=1900 | protocol=17 | dir=in | action=allow | name=windows live messenger (ssdp-in) | app=svchost.exe | svc=ssdpsrv | 
{BA386E55-24D1-4690-B7CC-393B905BB608} -> lport=7777 | profile=domain | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-30801 | app=%systemroot%\ehome\ehshell.exe | 
{BA6E5D2E-4689-4F40-966E-49F0AD545DB6} -> rport=2177 | profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31265 | app=%systemroot%\system32\svchost.exe | svc=qwave | 
{C1AEFE93-F31F-461C-ACC7-4A4A02D2C296} -> lport=53 | profile=domain | protocol=17 | dir=in | action=allow | name=@hnetcfg.dll,-143 | app=%systemroot%\system32\svchost.exe | svc=sharedaccess | 
{C7D978DD-D4F3-4F54-896D-1F34A39FF87A} -> lport=554 | profile=domain | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-30761 | app=%systemroot%\ehome\ehshell.exe | 
{C8ADA7DB-38DF-4E2F-B07D-1FD60EA24453} -> lport=2869 | profile=domain | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-30814 | app=system | 
{C90C292F-8CBE-4376-8D62-E6D432248659} -> rport=138 | profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-28531 | app=system | 
{D36D7033-060D-4D31-88CA-E8B892F0089D} -> rport=1900 | profile=public | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-32757 | app=%systemroot%\system32\svchost.exe | svc=ssdpsrv | 
{D3F03EAC-FA84-4BB6-98A1-BA8DCA4DFAD6} -> lport=68 | profile=domain | protocol=17 | dir=in | action=allow | name=@hnetcfg.dll,-145 | app=%systemroot%\system32\svchost.exe | svc=sharedaccess | 
{D60FAD53-D502-42DB-AF81-8F0993C95890} -> lport=3390 | profile=domain | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-30793 | app=system | 
{D8491419-37D3-425A-8978-5057F3067689} -> lport=1900 | profile=domain | protocol=17 | dir=in | action=allow | name=@hnetcfg.dll,-147 | app=%systemroot%\system32\svchost.exe | svc=ssdpsrv | 
{D91C2C94-AA9F-4C7C-9A00-EEAE675AA43A} -> lport=7777 | profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-30801 | app=%systemroot%\ehome\ehshell.exe | 
{DAC98F68-3D7E-4BA5-8D7B-CD5FD0CD809B} -> rport=2869 | profile=domain | protocol=6 | dir=out | action=allow | name=@hnetcfg.dll,-152 | app=system | 
{E083DD3E-CA8A-430D-9254-C7049C1D00AF} -> lport=4481 | profile=public | protocol=6 | dir=in | action=allow | name=blackberry desktop software wireless music sync data transfer | 
{E1155920-B5AA-440D-A230-060E03AF7B47} -> lport=4481 | profile=private | protocol=17 | dir=in | action=allow | name=blackberry desktop software wireless music sync discovery | 
{E464949A-AFEC-4E6B-AD96-B8ED2B713278} -> rport=445 | profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-28515 | app=system | 
{E60C0D34-E82F-4FFD-B1AD-417A0CE4EE82} -> rport=2177 | profile=domain | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-30781 | app=%systemroot%\system32\svchost.exe | svc=qwave | 
{E7B612B4-063B-490D-8D05-B3ADBB635986} -> rport=1900 | profile=domain | protocol=17 | dir=out | action=allow | name=@hnetcfg.dll,-150 | app=%systemroot%\system32\svchost.exe | svc=ssdpsrv | 
{E8159EEE-EE68-4829-95BA-47705174D955} -> lport=554 | profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-30761 | app=%systemroot%\ehome\ehshell.exe | 
{EAA400A7-383D-4CF6-8597-5F0D75DB8532} -> lport=2869 | profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-30814 | app=system | 
{EBFC8984-AC32-4F04-81DB-51FFEF173475} -> lport=2869 | profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-31277 | app=system | 
{ECA55281-AF28-450A-9436-0EB4B0E4A56C} -> lport=4482 | profile=private | protocol=6 | dir=in | action=allow | name=blackberry desktop software wireless music sync data transfer | 
{ED6E5BB4-2ACB-4199-A656-2A7C89D926AA} -> lport=5355 | profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-28548 | app=%systemroot%\system32\svchost.exe | svc=dnscache | 
{F2DFF457-EE29-4FAD-B738-ED29E5450DA1} -> rport=1900 | profile=domain | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-30757 | app=%systemroot%\system32\svchost.exe | svc=ssdpsrv | 
{F2EFB545-DCFA-418C-B1B3-354D8D56D79A} -> lport=1900 | profile=domain | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-30753 | app=%systemroot%\system32\svchost.exe | svc=ssdpsrv | 
{F99E633D-F790-4B1F-9252-5CB2DE7970A9} -> lport=2869 | protocol=6 | dir=in | action=allow | name=windows live messenger (upnp-in) | app=system | 
< Vista Active Application Exception Rules > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules -> 
{06376A86-621E-49E7-962F-7E92A14A5B00} -> profile=domain | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-30765 | app=%systemroot%\ehome\ehshell.exe | 
{08D531E8-89FA-40EC-924E-02C258259F1B} -> dir=in | action=allow | name=windows live sync | app=c:\program files (x86)\windows live\sync\windowslivesync.exe | 
{0CD21134-AE01-42F0-89B2-9985A95073D5} -> profile=public | protocol=6 | dir=in | action=allow | name=bonjour service | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
{11352D94-A8BB-4F03-A189-2EE3DFEB6F32} -> profile=private | protocol=6 | dir=in | action=allow | name=studio | app=c:\program files (x86)\pinnacle\studio 14\programs\studio.exe | 
{1259BC6C-C625-4B9D-B5DB-E686EA0F2825} -> profile=private | protocol=1 | dir=out | action=allow | name=@firewallapi.dll,-28544 | 
{16251E8B-CB06-40DE-B1C4-4E5501028617} -> profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-30765 | app=%systemroot%\ehome\ehshell.exe | 
{184EFEA0-ED7A-4FA4-A9F3-11E4CE1DF896} -> profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-31024 | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
{194A61AD-73B7-44C7-9B8F-75B79B01655A} -> profile=public | protocol=17 | dir=in | action=allow | name=hp network communicator | app=c:\program files\hp\hp photosmart plus b210 series\bin\hpnetworkcommunicator.exe | 
{1D33AB91-A3F7-4355-AE77-668BF578FFA7} -> profile=private | protocol=58 | dir=in | action=allow | name=@firewallapi.dll,-28545 | 
{201A5417-9499-4E80-B92B-8EB96D8320FF} -> dir=in | action=allow | name=windows live mesh | app=c:\program files (x86)\windows live\mesh\moe.exe | 
{24472B4E-3EE3-4E97-9696-D1C9B7A83C41} -> profile=public | protocol=6 | dir=in | action=allow | name=bradford persistent agent | app=c:\program files (x86)\bradford networks\persistent agent\bndaemon.exe | 
{287DD4C9-4306-4513-A7E8-BCDAF9FB13F8} -> profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-30805 | app=%systemroot%\ehome\ehshell.exe | 
{2A126BB6-5FDC-4ACD-BBD4-C36423136187} -> dir=in | action=allow | name=skype | app=c:\program files (x86)\skype\phone\skype.exe | 
{2F87C77D-A491-4D56-A983-FECF85F11C91} -> profile=public | protocol=6 | dir=in | action=allow | name=bonjour service | app=c:\program files\bonjour\mdnsresponder.exe | 
{35BFC36C-0269-453D-BFB9-58513AA6958F} -> profile=domain | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-30805 | app=%systemroot%\ehome\ehshell.exe | 
{370B321B-B9BE-4B9B-8F6D-5EB24B1CC561} -> profile=public | protocol=6 | dir=in | action=allow | name=microsoft sharepoint workspace | app=c:\program files\microsoft office\office14\groove.exe | 
{3EA7838D-ABD9-4E29-B87C-3B0184BDECA6} -> dir=in | action=allow | name=webkit | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe | 
{43684408-6590-422E-A243-75A4D7714209} -> profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-31007 | app=%programfiles%\windows media player\wmplayer.exe | 
{467FF5E7-14EC-4996-A418-2B695BD289F5} -> profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31281 | app=system | 
{48F76E9E-C081-42A8-BE6D-C00C1C0713F2} -> profile=private | protocol=17 | dir=in | action=allow | name=render manager | app=c:\program files (x86)\pinnacle\studio 14\programs\rm.exe | 
{533E2DA4-5583-4412-9F87-0ECF5A1750E4} -> profile=private | protocol=17 | dir=in | action=allow | name=cinemanow media manager | app=c:\program files (x86)\cinemanow\cinemanow media manager\cinemanowshell.exe | 
{537676FC-086A-429C-94E2-67D699C68D01} -> profile=public | protocol=6 | dir=in | action=allow | name=hp device setup | app=c:\program files\hp\hp photosmart plus b210 series\bin\devicesetup.exe | 
{53C0E7F2-B7E4-4513-823C-FB80BA0791AB} -> dir=in | action=allow | name=itunes | app=c:\program files (x86)\itunes\itunes.exe | 
{543F4594-2116-4BDC-A6C4-A12A5AD01969} -> profile=domain | dir=out | action=allow | name=@hnetcfg.dll,-151 | app=%systemroot%\system32\svchost.exe | svc=sharedaccess | 
{55E816FE-4827-4C9F-AB81-AAC62227856E} -> profile=public | protocol=17 | dir=in | action=allow | name=microsoft onenote | app=c:\program files\microsoft office\office14\onenote.exe | 
{587C916F-B983-49AC-A5BD-C5F5C5F23B78} -> dir=in | action=allow | name=pharos com task master | app=c:\program files (x86)\pharossystems\core\ctskmstr.exe | 
{59C9D2B9-20C1-43FD-BB88-75EA2CACDF62} -> profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-30812 | app=%systemroot%\ehome\mcx2prov.exe | 
{5C3FB96D-E70D-420D-8F95-ADAB4EE8879A} -> profile=private | protocol=17 | dir=in | action=allow | name=umi | app=c:\program files (x86)\pinnacle\studio 14\programs\umi.exe | 
{62B1C731-2C73-44BD-B5FB-2A1660F787C8} -> dir=in | action=allow | name=skype | app=c:\program files (x86)\skype\phone\skype.exe | 
{641BE6FF-C1D9-42D9-8F7E-F14D4B3D97F7} -> profile=domain | protocol=58 | dir=in | action=allow | name=@hnetcfg.dll,-148 | 
{64708155-0FC5-41B1-8C23-00E1DB91BA55} -> dir=in | action=allow | name=windows live messenger | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | 
{69D1A785-B4F2-4910-B1DB-92F101D916F0} -> profile=public | protocol=17 | dir=in | action=allow | name=blackberry desktop software | app=c:\program files (x86)\research in motion\blackberry desktop\rim.desktop.exe | 
{6BE081D5-E30A-46AB-9DA8-61D8407FF540} -> dir=in | action=allow | name=skype | app=c:\program files (x86)\skype\phone\skype.exe | 
{6FC48050-4B56-4D0C-8CCC-AD5C935428E4} -> profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-31305 | app=%programfiles%\windows media player\wmpnetwk.exe | 
{70C8E00C-6A64-4399-B196-7C8BB9F0D22B} -> dir=in | action=allow | name=skype | app=c:\program files (x86)\skype\phone\skype.exe | 
{72F91350-830A-46DA-A2C4-1D47A89562C5} -> profile=public | protocol=6 | dir=in | action=allow | name=cinemanow media manager | app=c:\program files (x86)\cinemanow\cinemanow media manager\cinemanowshell.exe | 
{7467E192-9534-4D85-881A-032B80BAD7D3} -> profile=private | protocol=17 | dir=in | action=allow | name=bonjour service | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
{76E3EB61-3B3C-45DA-9655-1297003B652C} -> profile=private | protocol=6 | dir=in | action=allow | name=cinemanow media manager | app=c:\program files (x86)\cinemanow\cinemanow media manager\cinemanowshell.exe | 
{779D58F0-012F-4ECA-8A32-B2E7A2FC69D6} -> profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-31293 | app=%programfiles%\windows media player\wmplayer.exe | 
{785F8C7B-D04C-45D9-84F3-CF91D2241DD4} -> dir=in | action=allow | name=skype | app=c:\program files (x86)\skype\phone\skype.exe | 
{7C299DED-D527-4321-B068-9A7C87447045} -> dir=in | action=allow | name=skype | app=c:\program files (x86)\skype\phone\skype.exe | 
{7ECF0889-E79B-450E-B683-1D142422571E} -> profile=domain | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-30812 | app=%systemroot%\ehome\mcx2prov.exe | 
{800B96DC-FFC9-41F7-9914-3A1FC6684FC6} -> profile=private | protocol=1 | dir=in | action=allow | name=@firewallapi.dll,-28543 | 
{8147781D-A676-4826-BA9E-8C89ECD2CD0C} -> profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-31309 | app=%programfiles%\windows media player\wmpnetwk.exe | 
{81DBCADE-E7A1-4EDD-B959-0165F8975EB9} -> profile=public | protocol=17 | dir=in | action=allow | name=cinemanow media manager | app=c:\program files (x86)\cinemanow\cinemanow media manager\cinemanowshell.exe | 
{82194C84-231C-4C48-BC53-FCAE7ADC383D} -> profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-31003 | app=%programfiles%\windows media player\wmplayer.exe | 
{8284E57D-A5F8-46FB-948D-1E2D5B8137D8} -> profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31011 | app=%programfiles%\windows media player\wmplayer.exe | 
{879C88B7-2227-4B10-89E5-1A253A5B5524} -> profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-31313 | app=%programfiles%\windows media player\wmpnetwk.exe | 
{88CDBC46-A99B-42DC-8D01-0CCEC8FE514B} -> profile=public | protocol=17 | dir=in | action=allow | name=bonjour service | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
{88D0CB5E-1DD8-44EB-A640-A0534DA1054D} -> dir=in | action=allow | name=skype | app=c:\program files (x86)\skype\phone\skype.exe | 
{8B2C27D5-0EE6-4B5C-B053-AF394BF01040} -> profile=public | protocol=17 | dir=in | action=allow | name=hp device setup | app=c:\program files\hp\hp photosmart plus b210 series\bin\devicesetup.exe | 
{915167A6-DE68-4711-8A28-55B0B8E6BF40} -> profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31025 | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
{9334C1BA-F136-4EA8-88C5-BCE22AFD9A50} -> profile=public | protocol=17 | dir=in | action=allow | name=cinemanow updater | app=c:\program files (x86)\cinemanow\cinemanow media manager\cnupdater.exe | 
{9440ADB5-C8A7-4DF0-BCC7-F559371B15B5} -> profile=private | protocol=6 | dir=in | action=allow | name=render manager | app=c:\program files (x86)\pinnacle\studio 14\programs\rm.exe | 
{976E66DE-F478-42AD-83AD-9080D1452CAD} -> dir=in | action=allow | name=skype | app=c:\program files (x86)\skype\phone\skype.exe | 
{9CECF1EB-304A-4920-9B7C-910912A364B5} -> profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-31297 | app=%programfiles%\windows media player\wmplayer.exe | 
{A0BF9CA4-1301-4D5E-B557-E520FBF38A86} -> profile=private | protocol=17 | dir=in | action=allow | name=studio | app=c:\program files (x86)\pinnacle\studio 14\programs\studio.exe | 
{A1CE0730-B7E4-404A-8537-7A9124A08247} -> profile=public | protocol=17 | dir=in | action=allow | name=microsoft sharepoint workspace | app=c:\program files\microsoft office\office14\groove.exe | 
{A70360A1-37C4-48D4-8776-1D2E42DA3A32} -> profile=domain | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-30818 | app=%systemroot%\ehome\mcrmgr.exe | 
{A8DDB8D9-CA28-431A-AEB5-7E23B90C5C55} -> profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-30822 | app=%systemroot%\system32\svchost.exe | svc=fdphost | 
{B0C06FD8-8319-4011-9795-355A030779CF} -> profile=public | protocol=6 | dir=in | action=allow | name=hp network communicator | app=c:\program files\hp\hp photosmart plus b210 series\bin\hpnetworkcommunicator.exe | 
{B22FB396-0931-4B25-86C4-C60FD3C00A0C} -> profile=public | protocol=6 | dir=in | action=allow | name=microsoft onenote | app=c:\program files\microsoft office\office14\onenote.exe | 
{B3FF0977-1012-4CB5-B51A-FA783FC8208B} -> dir=in | action=allow | name=skype | app=c:\program files (x86)\skype\phone\skype.exe | 
{BAD87725-522C-466A-A9C4-9FCCB0238744} -> profile=domain | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-30810 | app=%systemroot%\system32\svchost.exe | svc=mcx2svc | 
{BDC62E88-CAD7-4F06-824B-EF780E5C59D3} -> profile=public | protocol=17 | dir=in | action=allow | name=bonjour service | app=c:\program files\bonjour\mdnsresponder.exe | 
{C5473D54-23E3-4ECA-94BD-840E90D19DCB} -> profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31301 | app=%programfiles%\windows media player\wmplayer.exe | 
{C583923A-00B0-4D4E-8C15-2186DC974DD0} -> profile=public | protocol=6 | dir=in | action=allow | name=cinemanow updater | app=c:\program files (x86)\cinemanow\cinemanow media manager\cnupdater.exe | 
{C7C7B1FB-6676-4A74-AC7F-F3916BCE887E} -> profile=public | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-32821 | app=%systemroot%\system32\svchost.exe | svc=upnphost | 
{D0C5DEF3-3B8B-4C53-9210-26F63D88F46E} -> profile=private | protocol=6 | dir=in | action=allow | name=umi | app=c:\program files (x86)\pinnacle\studio 14\programs\umi.exe | 
{D6256325-293F-4C43-B0DA-84ED20EDEF1C} -> profile=public | protocol=17 | dir=in | action=allow | name=bradford persistent agent | app=c:\program files (x86)\bradford networks\persistent agent\bndaemon.exe | 
{D7D626F0-8117-4666-B6F7-884BB4560A20} -> profile=private | protocol=17 | dir=in | action=allow | name=blackberry desktop software | app=c:\program files (x86)\research in motion\blackberry desktop\rim.desktop.exe | 
{DE8F9C56-D0A8-4ABC-B066-067E593FE3B9} -> profile=public | protocol=6 | dir=in | action=allow | name=blackberry desktop software | app=c:\program files (x86)\research in motion\blackberry desktop\rim.desktop.exe | 
{E0527007-62A0-4E8E-8D61-CA239C309547} -> dir=in | action=allow | name=windows live communications platform | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | 
{E2AEBBE3-85F5-49BD-AEA1-93FFA25DCF9B} -> profile=domain | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-30822 | app=%systemroot%\system32\svchost.exe | svc=fdphost | 
{E57EDF74-9061-4A44-9B10-5DFA13E4076B} -> profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31317 | app=%programfiles%\windows media player\wmpnetwk.exe | 
{E60EE6C8-7562-4CAE-8737-34CB6D61F262} -> profile=domain | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-30816 | app=%systemroot%\system32\svchost.exe | svc=upnphost | 
{E6302540-C8C1-41E9-8E95-A64BF197A99A} -> profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31321 | app=%systemroot%\system32\svchost.exe | svc=upnphost | 
{E730F957-7DC2-47A3-B0DE-6ECA2B3E3508} -> profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-30810 | app=%systemroot%\system32\svchost.exe | svc=mcx2svc | 
{EE7A8C3A-15FB-45AE-9DF0-5E209E97269C} -> profile=domain | protocol=6 | dir=out | action=allow | name=@hnetcfg.dll,-149 | app=%systemroot%\system32\svchost.exe | svc=upnphost | 
{EED619BC-EDC5-464E-8ECB-EF6F51622C91} -> profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-30816 | app=%systemroot%\system32\svchost.exe | svc=upnphost | 
{F0A394B5-A8C2-4D7A-A37E-CC4EF48114D5} -> profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-30818 | app=%systemroot%\ehome\mcrmgr.exe | 
{F0F63042-A198-4B9F-A5B5-8197FBDC19C1} -> profile=private | protocol=58 | dir=out | action=allow | name=@firewallapi.dll,-28546 | 
{F19C078B-AC23-45D1-A36B-7E1FDCFDACE3} -> profile=private | protocol=6 | dir=in | action=allow | name=bonjour service | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
{FA42E55B-29DE-48EE-8914-C9D521600300} -> profile=private | protocol=6 | dir=in | action=allow | name=blackberry desktop software | app=c:\program files (x86)\research in motion\blackberry desktop\rim.desktop.exe | 
{FA7BB78C-53C1-4561-A444-7D64183D6AE1} -> dir=in | action=allow | name=skype | app=c:\program files (x86)\skype\phone\skype.exe | 
{FDEFC23E-ABFE-47E0-8FA3-2DC9F727CCBF} -> profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-31023 | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
TCP Query User{7134EFFC-2636-4A0E-BC04-F0ABF51C1CEA}E:\setup.exe -> profile=private | protocol=6 | dir=in | action=allow | name=setup wizard of wga54ag | app=e:\setup.exe | 
UDP Query User{79FF93DE-1D27-44BA-AD08-9ED705E329B5}E:\setup.exe -> profile=private | protocol=17 | dir=in | action=allow | name=setup wizard of wga54ag | app=e:\setup.exe | 
< Standard Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List -> 
< SafeBoot AlternateShell [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot -> 
< CDROM Autorun Setting [HKEY_LOCAL_MACHINE]> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom ->
"AutoRun" -> 1 -> 
"DisplayName" -> CD-ROM Driver -> 
"ImagePath" -> C:\Windows\SysNative\drivers\cdrom.sys [system32\DRIVERS\cdrom.sys] -> [2010/11/20 05:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation)
< MountPoints2 [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2 -> 
< Registry Shell Spawning - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command -> 
64bit-comfile [open] -> "%1" %*
64bit-exefile [open] -> "%1" %*
comfile [open] -> "%1" %* -> 
exefile [open] -> "%1" %* -> 
< 64bit-File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>\ -> 
.com [@ = ComFile] -> "%1" %* -> 
.exe [@ = exefile] -> "%1" %* -> 
< File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>\ -> 
.com [@ = ComFile] -> "%1" %* -> 
.exe [@ = exefile] -> "%1" %* -> 
 
 
[Files/Folders - Created Within 30 Days]
 OTS.exe -> C:\Users\Chris Reaper\Desktop\OTS.exe -> [2011/11/04 17:08:18 | 000,646,144 | ---- | C] (OldTimer Tools)
 mfc80u.dll -> C:\Windows\SysWow64\mfc80u.dll -> [2011/11/03 13:44:35 | 001,079,808 | ---- | C] (Microsoft Corporation)
 ElevatedDiagnostics -> C:\Users\Chris Reaper\AppData\Local\ElevatedDiagnostics -> [2011/11/02 11:56:01 | 000,000,000 | ---D | C]
 DVDVideoSoft -> C:\Users\Chris Reaper\AppData\Roaming\DVDVideoSoft -> [2011/11/01 21:16:09 | 000,000,000 | ---D | C]
 rsit -> C:\rsit -> [2011/10/31 19:44:49 | 000,000,000 | ---D | C]
 cmdcsr.dll -> C:\Windows\SysNative\cmdcsr.dll -> [2011/10/31 07:52:59 | 000,041,200 | ---- | C] (COMODO)
 WCF RIA Services V1.0 SP1 -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WCF RIA Services V1.0 SP1 -> [2011/10/28 18:21:27 | 000,000,000 | ---D | C]
 Microsoft Silverlight 4 SDK -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 4 SDK -> [2011/10/28 18:20:56 | 000,000,000 | ---D | C]
 VS -> C:\ProgramData\VS -> [2011/10/28 18:20:21 | 000,000,000 | ---D | C]
 QuickTime -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime -> [2011/10/28 13:53:49 | 000,000,000 | ---D | C]
 QuickTime -> C:\Program Files (x86)\QuickTime -> [2011/10/28 13:53:30 | 000,000,000 | ---D | C]
 QuickTimeVR.qtx -> C:\Windows\SysWow64\QuickTimeVR.qtx -> [2011/10/24 14:29:02 | 000,094,208 | ---- | C] (Apple Inc.)
 QuickTime.qts -> C:\Windows\SysWow64\QuickTime.qts -> [2011/10/24 14:29:02 | 000,069,632 | ---- | C] (Apple Inc.)
 $RECYCLE.BIN -> C:\$RECYCLE.BIN -> [2011/10/19 09:43:05 | 000,000,000 | -HSD | C]
 SWSC.exe -> C:\Windows\SWSC.exe -> [2011/10/16 19:37:33 | 000,406,528 | ---- | C] (SteelWerX)
 SWREG.exe -> C:\Windows\SWREG.exe -> [2011/10/16 19:37:33 | 000,286,720 | ---- | C] (SteelWerX)
 NIRCMD.exe -> C:\Windows\NIRCMD.exe -> [2011/10/16 19:37:33 | 000,060,416 | ---- | C] (NirSoft)
 ERDNT -> C:\Windows\ERDNT -> [2011/10/16 19:37:24 | 000,000,000 | ---D | C]
 username123 -> C:\username123 -> [2011/10/16 19:37:22 | 000,000,000 | ---D | C]
 Qoobox -> C:\Qoobox -> [2011/10/16 19:36:17 | 000,000,000 | ---D | C]
 Apps -> C:\Users\Chris Reaper\AppData\Local\Apps -> [2011/10/15 09:16:46 | 000,000,000 | ---D | C]
 javaws.exe -> C:\Windows\SysWow64\javaws.exe -> [2011/10/14 08:56:35 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.)
 javaw.exe -> C:\Windows\SysWow64\javaw.exe -> [2011/10/14 08:56:35 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.)
 java.exe -> C:\Windows\SysWow64\java.exe -> [2011/10/14 08:56:35 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.)
 mshtmled.dll -> C:\Windows\SysNative\mshtmled.dll -> [2011/10/14 07:42:30 | 000,096,256 | ---- | C] (Microsoft Corporation)
 mshtmled.dll -> C:\Windows\SysWow64\mshtmled.dll -> [2011/10/14 07:42:29 | 000,072,704 | ---- | C] (Microsoft Corporation)
 url.dll -> C:\Windows\SysWow64\url.dll -> [2011/10/14 07:42:28 | 000,231,936 | ---- | C] (Microsoft Corporation)
 url.dll -> C:\Windows\SysNative\url.dll -> [2011/10/14 07:42:27 | 000,237,056 | ---- | C] (Microsoft Corporation)
 ieui.dll -> C:\Windows\SysWow64\ieui.dll -> [2011/10/14 07:42:24 | 000,176,640 | ---- | C] (Microsoft Corporation)
 jscript9.dll -> C:\Windows\SysNative\jscript9.dll -> [2011/10/14 07:42:23 | 002,309,120 | ---- | C] (Microsoft Corporation)
 ieui.dll -> C:\Windows\SysNative\ieui.dll -> [2011/10/14 07:42:23 | 000,248,320 | ---- | C] (Microsoft Corporation)
 jscript.dll -> C:\Windows\SysWow64\jscript.dll -> [2011/10/14 07:42:22 | 000,716,800 | ---- | C] (Microsoft Corporation)
 jscript.dll -> C:\Windows\SysNative\jscript.dll -> [2011/10/14 07:42:21 | 000,818,176 | ---- | C] (Microsoft Corporation)
 psisdecd.dll -> C:\Windows\SysNative\psisdecd.dll -> [2011/10/13 12:35:46 | 000,613,888 | ---- | C] (Microsoft Corporation)
 psisrndr.ax -> C:\Windows\SysWow64\psisrndr.ax -> [2011/10/13 12:35:46 | 000,075,776 | ---- | C] (Microsoft Corporation)
 psisdecd.dll -> C:\Windows\SysWow64\psisdecd.dll -> [2011/10/13 12:35:45 | 000,465,408 | ---- | C] (Microsoft Corporation)
 psisrndr.ax -> C:\Windows\SysNative\psisrndr.ax -> [2011/10/13 12:35:44 | 000,108,032 | ---- | C] (Microsoft Corporation)
 oleaut32.dll -> C:\Windows\SysNative\oleaut32.dll -> [2011/10/13 12:35:35 | 000,861,696 | ---- | C] (Microsoft Corporation)
 oleacc.dll -> C:\Windows\SysNative\oleacc.dll -> [2011/10/13 12:35:35 | 000,331,776 | ---- | C] (Microsoft Corporation)
 iTunes -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes -> [2011/10/13 08:34:42 | 000,000,000 | ---D | C]
 iPod -> C:\Program Files\iPod -> [2011/10/13 08:33:41 | 000,000,000 | ---D | C]
 iTunes -> C:\Program Files\iTunes -> [2011/10/13 08:33:40 | 000,000,000 | ---D | C]
 iTunes -> C:\Program Files (x86)\iTunes -> [2011/10/13 08:33:40 | 000,000,000 | ---D | C]
 Bonjour -> C:\Program Files\Bonjour -> [2011/10/13 08:30:05 | 000,000,000 | ---D | C]
 Bonjour -> C:\Program Files (x86)\Bonjour -> [2011/10/13 08:30:05 | 000,000,000 | ---D | C]
 Brother HL-2140 -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother HL-2140 -> [2011/10/11 12:54:43 | 000,000,000 | ---D | C]
 brlmw03a.dll -> C:\Windows\SysWow64\brlmw03a.dll -> [2011/10/11 12:54:42 | 000,077,824 | ---- | C] (Brother Industries, Ltd.)
 Brownie -> C:\Program Files (x86)\Brownie -> [2011/10/11 12:54:40 | 000,000,000 | ---D | C]
 Pdrvinst.dll -> C:\Windows\SysWow64\Pdrvinst.dll -> [2011/10/11 12:53:11 | 000,200,704 | ---- | C] (brother)
 BROSNMP.DLL -> C:\Windows\SysWow64\BROSNMP.DLL -> [2011/10/11 12:53:11 | 000,176,128 | ---- | C] (Brother Industries, Ltd.)
 BRRBTOOL.EXE -> C:\Windows\SysWow64\BRRBTOOL.EXE -> [2011/10/11 12:53:11 | 000,111,928 | ---- | C] (Brother Industries Ltd)
 BRLM03A.DLL -> C:\Windows\SysWow64\BRLM03A.DLL -> [2011/10/11 12:53:11 | 000,024,223 | ---- | C] (Brother Industries, Ltd)
 Brother -> C:\Program Files (x86)\Brother -> [2011/10/11 12:53:11 | 000,000,000 | ---D | C]
 Avira -> C:\Users\Chris Reaper\AppData\Roaming\Avira -> [2011/10/11 09:37:10 | 000,000,000 | ---D | C]
 Avira -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira -> [2011/10/11 09:36:27 | 000,000,000 | ---D | C]
 avipbb.sys -> C:\Windows\SysNative\drivers\avipbb.sys -> [2011/10/11 09:35:17 | 000,130,760 | ---- | C] (Avira GmbH)
 avgntflt.sys -> C:\Windows\SysNative\drivers\avgntflt.sys -> [2011/10/11 09:35:17 | 000,097,312 | ---- | C] (Avira GmbH)
 avkmgr.sys -> C:\Windows\SysNative\drivers\avkmgr.sys -> [2011/10/11 09:35:17 | 000,027,760 | ---- | C] (Avira GmbH)
 Avira -> C:\ProgramData\Avira -> [2011/10/11 09:35:12 | 000,000,000 | ---D | C]
 Avira -> C:\Program Files (x86)\Avira -> [2011/10/11 09:35:12 | 000,000,000 | ---D | C]
 Google Earth -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth -> [2011/10/08 09:32:40 | 000,000,000 | ---D | C]
 Google -> C:\Users\Chris Reaper\AppData\Local\Google -> [2011/10/08 09:31:59 | 000,000,000 | ---D | C]
 Google -> C:\Program Files (x86)\Google -> [2011/10/08 09:31:59 | 000,000,000 | ---D | C]
 pcouffin.sys -> C:\Users\Chris Reaper\AppData\Roaming\pcouffin.sys -> [2009/11/22 03:21:47 | 000,082,816 | ---- | C] (VSO Software)
 MSIactionall.dll -> C:\Program Files (x86)\Common Files\MSIactionall.dll -> [2008/08/12 00:45:20 | 000,155,648 | ---- | C] (ASUS)
 1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> 
 
[Files/Folders - Modified Within 30 Days]
 OTS.exe -> C:\Users\Chris Reaper\Desktop\OTS.exe -> [2011/11/04 17:08:35 | 000,646,144 | ---- | M] (OldTimer Tools)
 GoogleUpdateTaskMachineUA.job -> C:\Windows\tasks\GoogleUpdateTaskMachineUA.job -> [2011/11/04 16:47:00 | 000,000,910 | ---- | M] ()
 GoogleUpdateTaskMachineCore.job -> C:\Windows\tasks\GoogleUpdateTaskMachineCore.job -> [2011/11/03 17:47:00 | 000,000,906 | ---- | M] ()
 PerfStringBackup.INI -> C:\Windows\SysNative\PerfStringBackup.INI -> [2011/11/03 11:39:02 | 000,786,770 | ---- | M] ()
 perfh009.dat -> C:\Windows\SysNative\perfh009.dat -> [2011/11/03 11:39:02 | 000,665,562 | ---- | M] ()
 perfc009.dat -> C:\Windows\SysNative\perfc009.dat -> [2011/11/03 11:39:02 | 000,123,298 | ---- | M] ()
 Brownie.ini -> C:\Windows\Brownie.ini -> [2011/11/03 08:39:35 | 000,000,425 | ---- | M] ()
 7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 -> C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 -> [2011/11/03 05:15:56 | 000,010,240 | -H-- | M] ()
 7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 -> C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 -> [2011/11/03 05:15:56 | 000,010,240 | -H-- | M] ()
 hosts.ics -> C:\Windows\SysNative\drivers\etc\hosts.ics -> [2011/11/03 05:08:48 | 000,000,440 | ---- | M] ()
 bootstat.dat -> C:\Windows\bootstat.dat -> [2011/11/03 05:06:39 | 000,067,584 | --S- | M] ()
 hiberfil.sys -> C:\hiberfil.sys -> [2011/11/03 05:06:17 | 3193,765,888 | -HS- | M] ()
 RSIT.exe -> C:\Users\Chris Reaper\Desktop\RSIT.exe -> [2011/10/31 19:44:16 | 000,781,383 | ---- | M] ()
 FNTCACHE.DAT -> C:\Windows\SysNative\FNTCACHE.DAT -> [2011/10/26 08:02:13 | 004,630,232 | ---- | M] ()
 SWREG.exe -> C:\Windows\SWREG.exe -> [2011/10/25 19:58:28 | 000,286,720 | ---- | M] (SteelWerX)
 QuickTimeVR.qtx -> C:\Windows\SysWow64\QuickTimeVR.qtx -> [2011/10/24 14:29:02 | 000,094,208 | ---- | M] (Apple Inc.)
 QuickTime.qts -> C:\Windows\SysWow64\QuickTime.qts -> [2011/10/24 14:29:02 | 000,069,632 | ---- | M] (Apple Inc.)
 CCleaner.lnk -> C:\Users\Public\Desktop\CCleaner.lnk -> [2011/10/20 13:40:26 | 000,000,979 | ---- | M] ()
 hosts -> C:\Windows\SysNative\drivers\etc\hosts -> [2011/10/16 19:57:42 | 000,000,027 | ---- | M] ()
 ServiceFilter.ini -> C:\Windows\SysNative\ServiceFilter.ini -> [2011/10/16 10:15:21 | 000,002,133 | ---- | M] ()
 AutoRunFilter.ini -> C:\Windows\SysNative\AutoRunFilter.ini -> [2011/10/16 10:15:11 | 000,002,946 | ---- | M] ()
 Malwarebytes' Anti-Malware.lnk -> C:\Users\Chris Reaper\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk -> [2011/10/14 23:56:57 | 000,001,095 | ---- | M] ()
 Malwarebytes' Anti-Malware.lnk -> C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk -> [2011/10/14 23:56:57 | 000,001,071 | ---- | M] ()
 FlashPlayerCPLApp.cpl -> C:\Windows\SysWow64\FlashPlayerCPLApp.cpl -> [2011/10/13 21:11:26 | 000,414,368 | ---- | M] (Adobe Systems Incorporated)
 iTunes.lnk -> C:\Users\Public\Desktop\iTunes.lnk -> [2011/10/13 08:34:42 | 000,001,745 | ---- | M] ()
 BD2140.DAT -> C:\Windows\SysWow64\BD2140.DAT -> [2011/10/11 12:54:51 | 000,000,034 | ---- | M] ()
 HL-2140.INI -> C:\Windows\HL-2140.INI -> [2011/10/11 12:54:43 | 000,009,868 | ---- | M] ()
 BRVIDEO.INI -> C:\Windows\BRVIDEO.INI -> [2011/10/11 12:54:43 | 000,000,151 | ---- | M] ()
 brmx2001.ini -> C:\Windows\brmx2001.ini -> [2011/10/11 12:54:43 | 000,000,000 | ---- | M] ()
 BRWMARK.INI -> C:\Windows\BRWMARK.INI -> [2011/10/11 12:53:20 | 000,000,410 | ---- | M] ()
 Avira Control Center.lnk -> C:\Users\Public\Desktop\Avira Control Center.lnk -> [2011/10/11 09:36:27 | 000,001,956 | ---- | M] ()
 avkmgr.sys -> C:\Windows\SysNative\drivers\avkmgr.sys -> [2011/10/11 09:29:53 | 000,027,760 | ---- | M] (Avira GmbH)
 avipbb.sys -> C:\Windows\SysNative\drivers\avipbb.sys -> [2011/10/11 09:29:52 | 000,130,760 | ---- | M] (Avira GmbH)
 avgntflt.sys -> C:\Windows\SysNative\drivers\avgntflt.sys -> [2011/10/11 09:29:52 | 000,097,312 | ---- | M] (Avira GmbH)
 mlfcache.dat -> C:\Windows\SysWow64\mlfcache.dat -> [2011/10/08 09:06:13 | 000,816,556 | -H-- | M] ()
 cmderd.sys -> C:\Windows\SysNative\drivers\cmderd.sys -> [2011/10/07 13:47:54 | 000,016,528 | ---- | M] (COMODO)
 cmdcsr.dll -> C:\Windows\SysNative\cmdcsr.dll -> [2011/10/07 13:47:12 | 000,041,200 | ---- | M] (COMODO)
 guard32.dll -> C:\Windows\SysWow64\guard32.dll -> [2011/10/07 13:47:10 | 000,300,200 | ---- | M] (COMODO)
 guard64.dll -> C:\Windows\SysNative\guard64.dll -> [2011/10/07 13:47:08 | 000,388,280 | ---- | M] (COMODO)
 SC_Access2010_C2_L1b_ChristopherTReaper_2.accdb -> C:\Users\Chris Reaper\Documents\SC_Access2010_C2_L1b_ChristopherTReaper_2.accdb -> [2011/10/06 08:50:28 | 000,684,032 | ---- | M] ()
 1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> 
 
[Files - No Company Name]
 RSIT.exe -> C:\Users\Chris Reaper\Desktop\RSIT.exe -> [2011/10/31 19:44:09 | 000,781,383 | ---- | C] ()
 FNTCACHE.DAT -> C:\Windows\SysNative\FNTCACHE.DAT -> [2011/10/26 07:58:30 | 004,630,232 | ---- | C] ()
 PEV.exe -> C:\Windows\PEV.exe -> [2011/10/16 19:37:33 | 000,256,000 | ---- | C] ()
 MBR.exe -> C:\Windows\MBR.exe -> [2011/10/16 19:37:33 | 000,208,896 | ---- | C] ()
 sed.exe -> C:\Windows\sed.exe -> [2011/10/16 19:37:33 | 000,098,816 | ---- | C] ()
 grep.exe -> C:\Windows\grep.exe -> [2011/10/16 19:37:33 | 000,080,412 | ---- | C] ()
 zip.exe -> C:\Windows\zip.exe -> [2011/10/16 19:37:33 | 000,068,096 | ---- | C] ()
 iTunes.lnk -> C:\Users\Public\Desktop\iTunes.lnk -> [2011/10/13 08:34:42 | 000,001,745 | ---- | C] ()
 BRVIDEO.INI -> C:\Windows\BRVIDEO.INI -> [2011/10/11 12:54:43 | 000,000,151 | ---- | C] ()
 brmx2001.ini -> C:\Windows\brmx2001.ini -> [2011/10/11 12:54:43 | 000,000,000 | ---- | C] ()
 brlmw03a.ini -> C:\Windows\SysWow64\brlmw03a.ini -> [2011/10/11 12:54:42 | 000,000,114 | ---- | C] ()
 HL-2140.INI -> C:\Windows\HL-2140.INI -> [2011/10/11 12:54:40 | 000,009,868 | ---- | C] ()
 BRWMARK.INI -> C:\Windows\BRWMARK.INI -> [2011/10/11 12:53:19 | 000,000,410 | ---- | C] ()
 BD2140.DAT -> C:\Windows\SysWow64\BD2140.DAT -> [2011/10/11 12:53:19 | 000,000,034 | ---- | C] ()
 Brownie.ini -> C:\Windows\Brownie.ini -> [2011/10/11 12:52:48 | 000,000,425 | ---- | C] ()
 Avira Control Center.lnk -> C:\Users\Public\Desktop\Avira Control Center.lnk -> [2011/10/11 09:36:27 | 000,001,956 | ---- | C] ()
 GoogleUpdateTaskMachineUA.job -> C:\Windows\tasks\GoogleUpdateTaskMachineUA.job -> [2011/10/08 09:32:05 | 000,000,910 | ---- | C] ()
 GoogleUpdateTaskMachineCore.job -> C:\Windows\tasks\GoogleUpdateTaskMachineCore.job -> [2011/10/08 09:32:04 | 000,000,906 | ---- | C] ()
 mlfcache.dat -> C:\Windows\SysWow64\mlfcache.dat -> [2011/10/08 09:06:13 | 000,816,556 | -H-- | C] ()
 SC_Access2010_C2_L1b_ChristopherTReaper_2.accdb -> C:\Users\Chris Reaper\Documents\SC_Access2010_C2_L1b_ChristopherTReaper_2.accdb -> [2011/10/06 08:17:22 | 000,684,032 | ---- | C] ()
 DVEdit.INI -> C:\Windows\DVEdit.INI -> [2011/05/05 17:30:16 | 000,000,000 | ---- | C] ()
 IcdSptSvps.dll -> C:\Windows\SysWow64\IcdSptSvps.dll -> [2011/05/05 17:10:11 | 000,010,600 | R--- | C] ()
 mp3dec.dll -> C:\Windows\SysWow64\mp3dec.dll -> [2011/05/05 17:10:10 | 000,124,264 | R--- | C] ()
 dsp_trc.dll -> C:\Windows\SysWow64\dsp_trc.dll -> [2011/05/05 17:10:10 | 000,081,920 | R--- | C] ()
 Temp10.html -> C:\Users\Chris Reaper\AppData\Local\Temp10.html -> [2011/01/09 20:19:38 | 000,013,384 | ---- | C] ()
 Temp1.html -> C:\Users\Chris Reaper\AppData\Local\Temp1.html -> [2011/01/09 20:19:32 | 000,001,667 | ---- | C] ()
 DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> C:\Users\Chris Reaper\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> [2010/10/04 21:30:30 | 000,024,064 | ---- | C] ()
 F3AE7F81BB.sys -> C:\ProgramData\F3AE7F81BB.sys -> [2010/07/25 21:50:59 | 000,000,088 | RHS- | C] ()
 KGyGaAvL.sys -> C:\ProgramData\KGyGaAvL.sys -> [2010/07/25 21:50:58 | 000,005,642 | -HS- | C] ()
 ntuser.pol -> C:\ProgramData\ntuser.pol -> [2010/05/31 10:58:16 | 000,000,258 | RHS- | C] ()
 RSBot Accounts.ini -> C:\Users\Chris Reaper\AppData\Roaming\RSBot Accounts.ini -> [2010/05/08 20:49:05 | 000,000,092 | ---- | C] ()
 igcompkrng500.bin -> C:\Windows\SysWow64\igcompkrng500.bin -> [2010/04/21 18:14:56 | 000,439,308 | ---- | C] ()
 igkrng500.bin -> C:\Windows\SysWow64\igkrng500.bin -> [2010/04/21 18:14:54 | 000,982,240 | ---- | C] ()
 igfcg500m.bin -> C:\Windows\SysWow64\igfcg500m.bin -> [2010/04/21 18:14:54 | 000,092,356 | ---- | C] ()
 rrver.ini -> C:\Windows\rrver.ini -> [2010/03/18 20:57:19 | 000,000,019 | ---- | C] ()
 PerfStringBackup.INI -> C:\Windows\SysWow64\PerfStringBackup.INI -> [2010/02/20 15:59:28 | 000,800,920 | ---- | C] ()
 vfprintpthelper.dll -> C:\Windows\SysWow64\vfprintpthelper.dll -> [2010/02/08 07:33:04 | 000,359,320 | ---- | C] ()
 default.rss -> C:\Users\Chris Reaper\AppData\Roaming\default.rss -> [2010/01/07 19:27:59 | 000,000,158 | ---- | C] ()
 NeroDigital.ini -> C:\Windows\NeroDigital.ini -> [2010/01/07 19:27:33 | 000,000,069 | ---- | C] ()
 ezsidmv.dat -> C:\Windows\SysWow64\ezsidmv.dat -> [2009/12/14 20:27:50 | 000,000,048 | -H-- | C] ()
 unins000.exe -> C:\Windows\SysWow64\unins000.exe -> [2009/12/14 20:25:38 | 000,695,901 | ---- | C] ()
 unins000.dat -> C:\Windows\SysWow64\unins000.dat -> [2009/12/14 20:25:38 | 000,034,333 | ---- | C] ()
 resmon.resmoncfg -> C:\Users\Chris Reaper\AppData\Local\resmon.resmoncfg -> [2009/12/08 18:17:31 | 000,000,017 | ---- | C] ()
 NWKL2_64.DLL -> C:\Windows\SysWow64\NWKL2_64.DLL -> [2009/12/06 17:42:40 | 000,089,088 | ---- | C] ()
 KL2DLL64.DLL -> C:\Windows\SysWow64\KL2DLL64.DLL -> [2009/12/06 17:42:40 | 000,074,240 | ---- | C] ()
 ppmon.exe -> C:\Windows\SysWow64\ppmon.exe -> [2009/12/06 17:42:40 | 000,047,104 | ---- | C] ()
 NPSWF32.dll -> C:\Windows\SysWow64\NPSWF32.dll -> [2009/11/24 11:52:38 | 002,463,976 | ---- | C] ()
 pcouffin.cat -> C:\Users\Chris Reaper\AppData\Roaming\pcouffin.cat -> [2009/11/22 03:21:47 | 000,007,859 | ---- | C] ()
 pcouffin.inf -> C:\Users\Chris Reaper\AppData\Roaming\pcouffin.inf -> [2009/11/22 03:21:47 | 000,001,167 | ---- | C] ()
 wklnhst.dat -> C:\Users\Chris Reaper\AppData\Roaming\wklnhst.dat -> [2009/11/21 15:51:01 | 000,000,000 | ---- | C] ()
 CinemaNowSvc.ini -> C:\ProgramData\CinemaNowSvc.ini -> [2009/11/21 13:58:30 | 000,000,024 | ---- | C] ()
 LogonStart.dll -> C:\Windows\SysWow64\LogonStart.dll -> [2009/10/04 23:59:14 | 000,053,248 | ---- | C] ()
 OOBEPlayer.exe -> C:\Windows\OOBEPlayer.exe -> [2009/08/19 04:33:09 | 000,018,432 | ---- | C] ()
 OOBEPlayer.ini -> C:\Windows\OOBEPlayer.ini -> [2009/08/19 04:33:09 | 000,000,031 | ---- | C] ()
 ABLKSR.ini -> C:\Windows\SysWow64\ABLKSR.ini -> [2009/07/29 01:20:40 | 000,000,010 | ---- | C] ()
 igfcg500.bin -> C:\Windows\SysWow64\igfcg500.bin -> [2009/07/28 03:34:11 | 000,134,592 | ---- | C] ()
 bootstat.dat -> C:\Windows\bootstat.dat -> [2009/07/14 01:38:36 | 000,067,584 | --S- | C] ()
 NOISE.DAT -> C:\Windows\SysWow64\NOISE.DAT -> [2009/07/13 22:35:51 | 000,000,741 | ---- | C] ()
 dssec.dat -> C:\Windows\SysWow64\dssec.dat -> [2009/07/13 22:34:42 | 000,215,943 | ---- | C] ()
 mib.bin -> C:\Windows\mib.bin -> [2009/07/13 20:10:29 | 000,043,131 | ---- | C] ()
 BWContextHandler.dll -> C:\Windows\SysWow64\BWContextHandler.dll -> [2009/07/13 19:42:10 | 000,064,000 | ---- | C] ()
 msjetoledb40.dll -> C:\Windows\SysWow64\msjetoledb40.dll -> [2009/07/13 17:03:59 | 000,364,544 | ---- | C] ()
 mlang.dat -> C:\Windows\SysWow64\mlang.dat -> [2009/06/10 17:26:10 | 000,673,088 | ---- | C] ()
 CPInstallAction.dll -> C:\Program Files (x86)\Common Files\CPInstallAction.dll -> [2009/04/08 13:31:56 | 000,106,496 | ---- | C] ()
 libavcodec.dll -> C:\Windows\SysWow64\libavcodec.dll -> [2009/04/08 03:52:24 | 004,338,246 | ---- | C] ()
 ff_x264.dll -> C:\Windows\SysWow64\ff_x264.dll -> [2009/04/08 03:52:24 | 000,884,237 | ---- | C] ()
 xvidcore.dll -> C:\Windows\SysWow64\xvidcore.dll -> [2009/04/08 03:52:24 | 000,791,742 | ---- | C] ()
 audxlib.dll -> C:\Windows\SysWow64\audxlib.dll -> [2009/04/08 03:52:24 | 000,741,376 | ---- | C] ()
 ff_kernelDeint.dll -> C:\Windows\SysWow64\ff_kernelDeint.dll -> [2009/04/08 03:52:24 | 000,683,520 | ---- | C] ()
 libmplayer.dll -> C:\Windows\SysWow64\libmplayer.dll -> [2009/04/08 03:52:24 | 000,560,802 | ---- | C] ()
 ff_libfaad2.dll -> C:\Windows\SysWow64\ff_libfaad2.dll -> [2009/04/08 03:52:24 | 000,485,888 | ---- | C] ()
 ff_libdts.dll -> C:\Windows\SysWow64\ff_libdts.dll -> [2009/04/08 03:52:24 | 000,257,024 | ---- | C] ()
 ff_theora.dll -> C:\Windows\SysWow64\ff_theora.dll -> [2009/04/08 03:52:24 | 000,239,247 | ---- | C] ()
 TomsMoComp_ff.dll -> C:\Windows\SysWow64\TomsMoComp_ff.dll -> [2009/04/08 03:52:24 | 000,238,080 | ---- | C] ()
 ff_samplerate.dll -> C:\Windows\SysWow64\ff_samplerate.dll -> [2009/04/08 03:52:24 | 000,183,296 | ---- | C] ()
 ff_libmad.dll -> C:\Windows\SysWow64\ff_libmad.dll -> [2009/04/08 03:52:24 | 000,178,688 | ---- | C] ()
 ff_tremor.dll -> C:\Windows\SysWow64\ff_tremor.dll -> [2009/04/08 03:52:24 | 000,146,944 | ---- | C] ()
 libmpeg2_ff.dll -> C:\Windows\SysWow64\libmpeg2_ff.dll -> [2009/04/08 03:52:24 | 000,145,609 | ---- | C] ()
 ff_liba52.dll -> C:\Windows\SysWow64\ff_liba52.dll -> [2009/04/08 03:52:24 | 000,142,848 | ---- | C] ()
 ff_unrar.dll -> C:\Windows\SysWow64\ff_unrar.dll -> [2009/04/08 03:52:24 | 000,113,152 | ---- | C] ()
 ff_realaac.dll -> C:\Windows\SysWow64\ff_realaac.dll -> [2009/04/08 03:52:24 | 000,097,280 | ---- | C] ()
 ff_wmv9.dll -> C:\Windows\SysWow64\ff_wmv9.dll -> [2009/04/08 03:52:24 | 000,093,184 | ---- | C] ()
 ff_vfw.dll -> C:\Windows\SysWow64\ff_vfw.dll -> [2009/04/08 03:52:24 | 000,057,344 | ---- | C] ()
 banner.jpg -> C:\Program Files (x86)\Common Files\banner.jpg -> [2008/05/22 11:35:54 | 000,051,962 | ---- | C] ()
 snp2uvc.ini -> C:\Windows\snp2uvc.ini -> [2006/05/18 23:39:57 | 000,015,497 | ---- | C] ()
 
[Alternate Data Streams]
@Alternate Data Stream - 125 bytes -> C:\ProgramData\Temp:8CE646EE
@Alternate Data Stream - 127 bytes -> C:\ProgramData\Temp:0FF263E8
< End of report >
[/code]