[code]
OTS logfile created on: 1/10/2012 10:50:42 PM - Run 1
OTS by OldTimer - Version 3.1.46.0     Folder = C:\Users\Wood\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
8.00 Gb Total Physical Memory | 6.00 Gb Available Physical Memory | 72.00% Memory free
16.00 Gb Paging File | 13.00 Gb Available in Paging File | 84.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 446.93 Gb Total Space | 355.84 Gb Free Space | 79.62% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: WOOD-PC
Current User Name: Wood
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
 
[Processes - Safe List]
ots.exe -> C:\Users\Wood\Desktop\OTS.exe -> [2012/01/10 22:46:51 | 000,646,144 | ---- | M] (OldTimer Tools)
mbamservice.exe -> C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -> [2011/12/24 17:50:18 | 000,652,872 | ---- | M] (Malwarebytes Corporation)
mbamgui.exe -> C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe -> [2011/12/24 17:50:18 | 000,460,872 | ---- | M] (Malwarebytes Corporation)
daemonu.exe -> C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -> [2011/08/03 05:50:00 | 002,255,464 | ---- | M] (NVIDIA Corporation)
nvscpapisvr.exe -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -> [2011/08/03 02:31:42 | 000,379,496 | ---- | M] (NVIDIA Corporation)
wfcrun32.exe -> C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe -> [2010/10/12 17:28:26 | 000,726,456 | ---- | M] (Citrix Systems, Inc.)
concentr.exe -> C:\Program Files (x86)\Citrix\ICA Client\concentr.exe -> [2010/10/12 17:24:38 | 000,304,568 | ---- | M] (Citrix Systems, Inc.)
ssonsvr.exe -> C:\Program Files (x86)\Citrix\ICA Client\ssonsvr.exe -> [2010/10/12 16:44:00 | 000,071,096 | ---- | M] (Citrix Systems, Inc.)
aodassist.exe -> C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe -> [2010/03/12 04:40:54 | 000,136,544 | ---- | M] ()
turbokey.exe -> C:\Program Files (x86)\ASUS\Turbo Key\TurboKey.exe -> [2009/11/24 14:25:28 | 001,874,432 | ---- | M] (ASUSTeK Computer Inc.)
winmsgballoonclient.exe -> C:\Windows\SysWOW64\WinMsgBalloonClient.exe -> [2009/11/05 19:26:00 | 000,139,264 | ---- | M] ()
raidxpertservice.exe -> C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe -> [2009/11/05 19:26:00 | 000,122,880 | ---- | M] (AMD)
winmsgballoonserver.exe -> C:\Windows\SysWOW64\WinMsgBalloonServer.exe -> [2009/11/05 19:26:00 | 000,122,880 | ---- | M] ()
raidxpert.exe -> C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpert.exe -> [2009/11/05 19:26:00 | 000,065,536 | ---- | M] ()
assysctrlservice.exe -> C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe -> [2009/08/19 05:56:38 | 000,090,112 | R--- | M] (ASUSTeK Computer Inc.)
 
[Modules - No Company Name]
pngio.dll -> C:\Program Files (x86)\ASUS\Turbo Key\pngio.dll -> [2009/04/29 13:24:44 | 000,253,952 | ---- | M] ()
ainap.dll -> C:\Program Files (x86)\ASUS\Turbo Key\AiNap.dll -> [2009/04/29 13:24:44 | 000,208,896 | ---- | M] ()
vvc.dll -> C:\Program Files (x86)\ASUS\Turbo Key\vvc.dll -> [2009/04/29 13:24:44 | 000,008,704 | ---- | M] ()
 
[Win32 Services - Safe List]
64bit-(avast! Web Scanner)  [On_Demand | Stopped] -> C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -> [2010/09/07 09:11:59 | 000,040,384 | ---- | M] (AVAST Software)
64bit-(avast! Mail Scanner)  [On_Demand | Stopped] -> C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -> [2010/09/07 09:11:59 | 000,040,384 | ---- | M] (AVAST Software)
64bit-(avast! Antivirus)  [Auto | Stopped] -> C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -> [2010/09/07 09:11:59 | 000,040,384 | ---- | M] (AVAST Software)
64bit-(!SASCORE)  [Auto | Running] -> C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE -> [2010/06/29 11:49:27 | 000,128,752 | ---- | M] (SUPERAntiSpyware.com)
64bit-(AppMgmt)  [On_Demand | Running] -> C:\Windows\SysNative\appmgmts.dll -> [2009/07/13 19:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation)
(MBAMService) MBAMService [Auto | Running] -> C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -> [2011/12/24 17:50:18 | 000,652,872 | ---- | M] (Malwarebytes Corporation)
(nvUpdatusService) NVIDIA Update Service Daemon [Auto | Running] -> C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -> [2011/08/03 05:50:00 | 002,255,464 | ---- | M] (NVIDIA Corporation)
(Stereo Service) NVIDIA Stereoscopic 3D Driver Service [Auto | Running] -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -> [2011/08/03 02:31:42 | 000,379,496 | ---- | M] (NVIDIA Corporation)
(clr_optimization_v4.0.30319_32) Microsoft .NET Framework NGEN v4.0.30319_X86 [Auto | Stopped] -> C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -> [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation)
(AODService) AODService [Auto | Running] -> C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe -> [2010/03/12 04:40:54 | 000,136,544 | ---- | M] ()
(AMD_RAIDXpert) AMD RAIDXpert [Auto | Running] -> C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe -> [2009/11/05 19:26:00 | 000,122,880 | ---- | M] (AMD)
(AsSysCtrlService) ASUS System Control Service [Auto | Running] -> C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe -> [2009/08/19 05:56:38 | 000,090,112 | R--- | M] (ASUSTeK Computer Inc.)
(clr_optimization_v2.0.50727_32) Microsoft .NET Framework NGEN v2.0.50727_X86 [Disabled | Stopped] -> C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -> [2009/06/10 15:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation)
 
[Driver Services - Safe List]
64bit-(MBAMProtector) MBAMProtector [File_System | On_Demand | Running] -> C:\Windows\SysNative\drivers\mbam.sys -> [2011/12/10 15:24:08 | 000,023,152 | ---- | M] (Malwarebytes Corporation)
64bit-(NVHDA) Service for NVIDIA High Definition Audio Driver [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\nvhda64v.sys -> [2011/05/25 00:09:17 | 000,174,184 | ---- | M] (NVIDIA Corporation)
64bit-(amdsata) amdsata [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\amdsata.sys -> [2011/03/11 00:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices)
64bit-(amdxata) amdxata [Kernel | Boot | Running] -> C:\Windows\SysNative\drivers\amdxata.sys -> [2011/03/11 00:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices)
64bit-(HpSAMD) HpSAMD [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\HpSAMD.sys -> [2010/11/20 07:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company)
64bit-(TsUsbFlt) TsUsbFlt [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\TsUsbFlt.sys -> [2010/11/20 05:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation)
64bit-(RdpVideoMiniport) Remote Desktop Video Miniport Driver [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\rdpvideominiport.sys -> [2010/11/20 05:03:42 | 000,020,992 | ---- | M] (Microsoft Corporation)
64bit-(aswTdi) avast! Network Shield Support [Kernel | System | Running] -> C:\Windows\SysNative\drivers\aswTdi.sys -> [2010/09/07 08:52:29 | 000,051,280 | ---- | M] (AVAST Software)
64bit-(aswSP) aswSP [Kernel | System | Running] -> C:\Windows\SysNative\drivers\aswSP.sys -> [2010/09/07 08:52:09 | 000,121,936 | ---- | M] (AVAST Software)
64bit-(aswRdr) aswRdr [Kernel | System | Running] -> C:\Windows\SysNative\drivers\aswRdr.sys -> [2010/09/07 08:47:49 | 000,028,752 | ---- | M] (AVAST Software)
64bit-(aswMonFlt) aswMonFlt [File_System | Auto | Running] -> C:\Windows\SysNative\drivers\aswMonFlt.sys -> [2010/09/07 08:47:33 | 000,061,008 | ---- | M] (AVAST Software)
64bit-(aswFsBlk) aswFsBlk [File_System | Auto | Running] -> C:\Windows\SysNative\drivers\aswFsBlk.sys -> [2010/09/07 08:47:10 | 000,020,048 | ---- | M] (AVAST Software)
64bit-(dc3d) MS Hardware Device Detection Driver (USB) [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\dc3d.sys -> [2010/07/21 16:14:24 | 000,051,600 | ---- | M] (Microsoft Corporation)
64bit-(NuidFltr) NUID filter driver [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\nuidfltr.sys -> [2010/07/21 16:14:24 | 000,023,952 | ---- | M] (Microsoft Corporation)
64bit-(Point64) Microsoft IntelliPoint Filter Driver [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\point64.sys -> [2010/07/21 15:59:28 | 000,045,456 | ---- | M] (Microsoft Corporation)
64bit-(ctxusbm) Citrix USB Monitor Driver [Kernel | System | Running] -> C:\Windows\SysNative\drivers\ctxusbm.sys -> [2010/07/14 12:51:56 | 000,087,600 | ---- | M] (Citrix Systems, Inc.)
64bit-(SASDIFSV) SASDIFSV [Kernel | System | Running] -> C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -> [2010/02/17 12:23:05 | 000,014,920 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
64bit-(SASKUTIL) SASKUTIL [Kernel | System | Running] -> C:\Program Files\SUPERAntiSpyware\saskutil64.sys -> [2010/02/17 12:23:05 | 000,012,360 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
64bit-(MTsensor) ATK0110 ACPI UTILITY [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\ASACPI.sys -> [2009/07/15 21:38:40 | 000,015,416 | ---- | M] ()
64bit-(amdsbs) amdsbs [Kernel | Boot | Running] -> C:\Windows\SysNative\drivers\amdsbs.sys -> [2009/07/13 19:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.)
64bit-(LSI_SAS2) LSI_SAS2 [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\lsi_sas2.sys -> [2009/07/13 19:48:04 | 000,065,600 | ---- | M] (LSI Corporation)
64bit-(stexstor) stexstor [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\stexstor.sys -> [2009/07/13 19:45:55 | 000,024,656 | ---- | M] (Promise Technology)
64bit-(RTL8167) Driver Realtek 8167 NT [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\Rt64win7.sys -> [2009/06/10 14:35:42 | 000,187,392 | ---- | M] (Realtek Corporation                                            )
64bit-(ebdrv) Broadcom NetXtreme II 10 GigE VBD [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\evbda.sys -> [2009/06/10 14:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation)
64bit-(b06bdrv) Broadcom NetXtreme II VBD [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\bxvbda.sys -> [2009/06/10 14:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation)
64bit-(b57nd60a) Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0 [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\b57nd60a.sys -> [2009/06/10 14:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation)
64bit-(hcw85cir) Hauppauge Consumer Infrared Receiver [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\hcw85cir.sys -> [2009/06/10 14:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.)
(AODDriver) AODDriver [Kernel | On_Demand | Running] -> C:\Program Files (x86)\AMD\OverDrive\amd64\AODDriver.sys -> [2010/03/12 04:40:48 | 000,052,280 | ---- | M] (Advanced Micro Devices)
(WIMMount) WIMMount [File_System | On_Demand | Stopped] -> C:\Windows\SysWOW64\drivers\wimmount.sys -> [2009/07/13 19:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation)
 
[Registry - Safe List]
< 64bit-Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> -> 
< Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> -> 
HKEY_LOCAL_MACHINE\: Main\\"Local Page" -> C:\Windows\SysWOW64\blank.htm -> 
< Internet Explorer Settings [HKEY_CURRENT_USER\] > -> -> 
HKEY_CURRENT_USER\: Main\\"Start Page" -> https://www.google.com/ -> 
HKEY_CURRENT_USER\: Main\\"Start Page Redirect Cache AcceptLangs" -> en-us -> 
HKEY_CURRENT_USER\: Main\\"Start Page Redirect Cache_TIMESTAMP" ->  -> 
HKEY_CURRENT_USER\: "ProxyEnable" -> 0 -> 
< FireFox Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla
HKLM\software\mozilla\Firefox\Extensions ->  -> 
HKLM\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB} -> C:\PROGRAM FILES\CHECKPOINT\ZAFORCEFIELD\WOW64\TRUSTCHECKER -> 
< FireFox Extensions [User Folders] > -> 
< HOSTS File > ([2012/01/04 00:01:02 | 000,000,027 | ---- | M] - 1 lines) -> C:\Windows\SysNative\Drivers\etc\hosts -> 
Reset Hosts
127.0.0.1       localhost
< BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ -> 
{DBC80044-A445-435b-BC74-9C25C1C588A9} [HKLM] ->  [Java(tm) Plug-In 2 SSV Helper] -> File not found
< Internet Explorer ToolBars [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ -> 
WebBrowser\\"{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
< 64bit-Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> 
"IntelliPoint" -> c:\Program Files\Microsoft IntelliPoint\ipoint.exe ["c:\Program Files\Microsoft IntelliPoint\ipoint.exe"] -> [2010/07/21 15:59:28 | 002,327,952 | ---- | M] (Microsoft Corporation)
"itype" -> c:\Program Files\Microsoft IntelliType Pro\itype.exe ["c:\Program Files\Microsoft IntelliType Pro\itype.exe"] -> [2010/07/21 16:14:24 | 002,306,448 | ---- | M] (Microsoft Corporation)
< Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> 
"ConnectionCenter" -> C:\Program Files (x86)\Citrix\ICA Client\concentr.exe ["C:\Program Files (x86)\Citrix\ICA Client\concentr.exe" /startup] -> [2010/10/12 17:24:38 | 000,304,568 | ---- | M] (Citrix Systems, Inc.)
"Malwarebytes' Anti-Malware" -> C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe ["C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray] -> [2011/12/24 17:50:18 | 000,460,872 | ---- | M] (Malwarebytes Corporation)
"Turbo Key" -> C:\Program Files (x86)\ASUS\Turbo Key\TurboKey.exe ["C:\Program Files (x86)\ASUS\Turbo Key\TurboKey.exe"] -> [2009/11/24 14:25:28 | 001,874,432 | ---- | M] (ASUSTeK Computer Inc.)
< Software Policy Settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer -> 
< Software Policy Settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\Internet Explorer -> 
< CurrentVersion Policy Settings - Explorer [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDrives" ->  [0] -> File not found
< CurrentVersion Policy Settings - System [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System
\\"ConsentPromptBehaviorAdmin" ->  [5] -> File not found
\\"ConsentPromptBehaviorUser" ->  [3] -> File not found
\\"PromptOnSecureDesktop" ->  [0] -> File not found
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats
< CurrentVersion Policy Settings - Explorer [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDriveTypeAutoRun" ->  [145] -> File not found
\\"NoDrives" ->  [0] -> File not found
< CurrentVersion Policy Settings - System [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> 
< 64bit-Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ -> 
PluginsPageFriendlyName -> Microsoft ActiveX Gallery -> 
PluginsPage -> http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s -> 
< Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ -> 
< 64bit-Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix
"" -> http://
< Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix
"" -> http://
< 64bit-Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> 
< 64bit-Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> 
< Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> 
< Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> 
< Trusted Sites Domains [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 2 domain(s) found. -> 
ras.na_invesco.com [https] -> Trusted sites -> 
< Trusted Sites Ranges [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> 
< Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ -> 
{1E54D648-B804-468d-BC78-4AFFED8E262F} [HKLM] -> http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab [System Requirements Lab Class] -> 
{4871A87A-BFDD-4106-8153-FFDE2BAC2967} [HKLM] -> http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.7.cab [DLM Control] -> 
{D27CDB6E-AE6D-11CF-96B8-444553540000} [HKLM] -> http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab [Shockwave Flash Object] -> 
< Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\ -> 
DhcpNameServer -> 75.75.76.76 75.75.75.75 -> 
< Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ -> 
{23DAD21F-4E8B-4582-860D-0D5ACEC09E93}\\DhcpNameServer -> 75.75.76.76 75.75.75.75   (Scheda NIC Gigabit Ethernet PCI-E Realtek RTL8168D/8111D (NDIS 6.20)) -> 
< 64bit-Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> 
64bit-*Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell -> 
Explorer.exe -> C:\Windows\explorer.exe -> [2011/02/25 00:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation)
*MultiFile Done* -> -> 
64bit-*UserInit* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit -> 
C:\Windows\system32\userinit.exe -> C:\Windows\SysNative\userinit.exe -> [2010/11/20 07:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation)
*MultiFile Done* -> -> 
64bit-*VMApplet* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet -> 
SystemPropertiesPerformance.exe -> C:\Windows\SysNative\SystemPropertiesPerformance.exe -> [2009/07/13 19:39:47 | 000,082,432 | ---- | M] (Microsoft Corporation)
/pagefile ->  -> File not found
*MultiFile Done* -> -> 
< Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> 
*Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell -> 
Explorer.exe -> C:\Windows\SysWow64\explorer.exe -> [2011/02/24 23:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation)
*MultiFile Done* -> -> 
*UserInit* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit -> 
C:\Windows\system32\userinit.exe -> C:\Windows\SysWOW64\userinit.exe -> [2010/11/20 06:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation)
*MultiFile Done* -> -> 
*VMApplet* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet -> 
/pagefile ->  -> File not found
*MultiFile Done* -> -> 
< Vista Active Firewall Rules > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules -> 
{195DF17D-5C08-40CE-AC7A-002FB56ECE83} -> rport=2177 | profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-31257 | app=%systemroot%\system32\svchost.exe | svc=qwave | 
{19DC8252-3463-49D0-8524-B10EC7B8D6EE} -> lport=139 | profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-28503 | app=system | 
{1F342E1E-D56B-4F4A-A1B0-C2A05C9685BB} -> lport=2177 | profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-31261 | app=%systemroot%\system32\svchost.exe | svc=qwave | 
{2510DE4D-58FD-495E-AEAE-C11098B9745A} -> rport=138 | profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-28531 | app=system | 
{373CFBA4-0AB0-4FE4-A426-E8F56F35AACE} -> lport=5355 | profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-28548 | app=%systemroot%\system32\svchost.exe | svc=dnscache | 
{3A5BC92A-3125-400E-86C2-A1C9DC30D2A8} -> lport=1900 | profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-31269 | app=%systemroot%\system32\svchost.exe | svc=ssdpsrv | 
{4A3A9753-BF23-4BCF-BDC2-9D6156412943} -> lport=6004 | profile=private | protocol=17 | dir=in | action=allow | name=microsoft office outlook | app=c:\program files (x86)\microsoft office\office12\outlook.exe | 
{53DE8C5D-A567-45CB-AF4A-81D2E199C4C1} -> lport=rpc-epmap | profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-28539 | svc=rpcss | 
{635AB47D-7B4B-4F4E-8FCF-10339532FAE3} -> lport=445 | profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-28511 | app=system | 
{6874700C-FD85-4AAB-A6D9-5B6340F90495} -> rport=445 | profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-28515 | app=system | 
{742A1D81-1492-4561-86F0-9CE2CD8A2725} -> lport=2177 | profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-31253 | app=%systemroot%\system32\svchost.exe | svc=qwave | 
{80715731-7C08-4141-93A2-2C97242C8AAC} -> rport=139 | profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-28507 | app=system | 
{8C3F4979-D312-4144-8A93-6F3C0503A9CB} -> lport=rpc | profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-28535 | app=%systemroot%\system32\spoolsv.exe | svc=spooler | 
{9B6F2354-64B1-49E8-96C7-7C6E28F5BEB4} -> rport=10243 | profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31289 | app=system | 
{A4F9317C-D1F0-49BB-9489-7F0608701815} -> rport=137 | profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-28523 | app=system | 
{B1599D24-71C1-493B-90D4-2890327A23B4} -> lport=138 | profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-28527 | app=system | 
{BED9F518-5748-44A4-BB2B-6B41F835298E} -> lport=3724 | profile=private | protocol=6 | dir=in | action=allow | name=blizzard downloader: 3724 | 
{C035817A-24E4-4244-B5CF-BFC1FB74486D} -> rport=1900 | profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-31273 | app=%systemroot%\system32\svchost.exe | svc=ssdpsrv | 
{D4999504-93EE-4B7C-A958-5882165D567E} -> lport=2869 | profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-31277 | app=system | 
{D7DF2A72-F27A-4FCB-84E1-12C7CAD4BE72} -> lport=10243 | profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-31285 | app=system | 
{E3A67D64-A878-4809-A22F-9165C80B1435} -> rport=5355 | profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-28550 | app=%systemroot%\system32\svchost.exe | svc=dnscache | 
{EA609CB5-37DE-4383-B5AF-7B04E0398A0D} -> lport=137 | profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-28519 | app=system | 
{F7F78AE7-22DD-406C-A56B-A600777DD3C0} -> rport=2177 | profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31265 | app=%systemroot%\system32\svchost.exe | svc=qwave | 
< Vista Active Application Exception Rules > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules -> 
{0DAE6CE9-E9BB-4D87-8009-D684600697FD} -> dir=out | action=allow | name=citrix access gateway endpoint analysis (outbound) | app=c:\program files\citrix\secure access client\nsepa.exe | 
{104977F7-7B1F-4FD8-8286-A4F3A58D413F} -> profile=private | protocol=17 | dir=in | action=allow | name=blizzard launcher | app=c:\games\world of warcraft\launcher.patch.exe | 
{179B742B-AF14-4FBA-87E0-754A8529CBC1} -> profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31301 | app=%programfiles%\windows media player\wmplayer.exe | 
{1DEC20B3-BA51-4D71-A51D-C627ACE63296} -> profile=private | protocol=17 | dir=in | action=allow | name=blizzard downloader | app=c:\games\world of warcraft\wow-3.2.0-enus-downloader.exe | 
{272FCC53-C6AE-4E67-9B7E-A672D7DA550E} -> profile=private | protocol=6 | dir=in | action=allow | name=microsoft office groove | app=c:\program files (x86)\microsoft office\office12\groove.exe | 
{30566925-FD99-4415-BA05-263CA16A973C} -> profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-31305 | app=%programfiles%\windows media player\wmpnetwk.exe | 
{30912537-50E0-4E44-89A1-687D89DCFAEC} -> profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31281 | app=system | 
{30A08B19-7ABF-43C2-A998-57AF88492BFB} -> profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-31309 | app=%programfiles%\windows media player\wmpnetwk.exe | 
{37346E69-E274-41F6-B38B-75EF4AE37C3D} -> profile=domain | protocol=17 | dir=in | action=allow | name=bittorrent (udp-in) | app=c:\program files (x86)\bittorrent\bittorrent.exe | 
{3DABBB5C-275F-4F7C-BE6C-0614180A1600} -> profile=domain | protocol=6 | dir=in | action=allow | name=bittorrent (tcp-in) | app=c:\program files (x86)\bittorrent\bittorrent.exe | 
{41074EC9-FCC4-41A7-B8E5-A8DFEFE0A18D} -> profile=private | protocol=6 | dir=in | action=allow | name=bittorrent (tcp-in) | app=c:\program files (x86)\bittorrent\bittorrent.exe | 
{416F4B11-3DCE-4ACA-ACF5-670DB70973D8} -> profile=private | protocol=17 | dir=in | action=allow | name=microsoft office groove | app=c:\program files (x86)\microsoft office\office12\groove.exe | 
{4583A922-8BED-4D69-A702-3321C0DAF008} -> profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-31003 | app=%programfiles%\windows media player\wmplayer.exe | 
{4D453AAE-79A0-43A1-88E4-3E591B7CFC79} -> profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-31007 | app=%programfiles%\windows media player\wmplayer.exe | 
{51AA6BEB-4D3E-4D18-AC3D-675C43965419} -> profile=private | protocol=17 | dir=in | action=allow | name=installcore™ | app=c:\users\wood\appdata\local\microsoft\windows\temporary internet files\content.ie5\kc8wp2jx\flvplayersetup[1].exe | 
{51E8C173-F94B-4A8B-BB7D-4EF732B99E5B} -> profile=private | protocol=6 | dir=in | action=allow | name=blizzard downloader | app=c:\games\world of warcraft\wow-3.3.5.12340-x86-win-enus-bkgnd-downloader.exe | 
{561A8751-5C7B-4DD0-AAD6-C7C5F9F9B5A6} -> profile=private | protocol=17 | dir=in | action=allow | name=ventrilo.exe | app=c:\program files (x86)\ventrilo\ventrilo.exe | 
{5DDD13C1-2E76-4A28-AA82-7958611C5162} -> profile=private | protocol=6 | dir=in | action=allow | name=blizzard downloader | app=c:\games\world of warcraft\wow-3.2.0-enus-downloader.exe | 
{60BA48AB-B88B-473D-9D6F-BD3A9D829617} -> profile=private | protocol=6 | dir=in | action=allow | name=blizzard launcher | app=c:\games\world of warcraft\launcher.exe | 
{65887575-8E50-4A9A-A36C-371E113135E6} -> profile=private | protocol=6 | dir=in | action=allow | name=microsoft office onenote | app=c:\program files (x86)\microsoft office\office12\onenote.exe | 
{7E3AD623-C78F-47BC-8F87-476A1B71C07B} -> profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31317 | app=%programfiles%\windows media player\wmpnetwk.exe | 
{83F8A1F4-5810-4A82-AB8D-E6C3E598B90A} -> profile=private | protocol=1 | dir=in | action=allow | name=@firewallapi.dll,-28543 | 
{851C9CA1-74FC-4417-8455-34245A9DFA54} -> profile=private | protocol=17 | dir=in | action=allow | name=vsmon | app=c:\windows\syswow64\zonelabs\vsmon.exe | 
{879E3F79-B224-4FB7-9408-E9F5EEC88182} -> profile=private | protocol=1 | dir=out | action=allow | name=@firewallapi.dll,-28544 | 
{8B6187CA-CC51-414D-98C1-1BB44DE8807C} -> profile=private | protocol=17 | dir=in | action=allow | name=bittorrent (udp-in) | app=c:\program files (x86)\bittorrent\bittorrent.exe | 
{8D67C358-9F81-4860-A520-49366FD0D497} -> profile=private | protocol=58 | dir=out | action=allow | name=@firewallapi.dll,-28546 | 
{8DC97F51-26CE-49E1-8426-7755C41D1597} -> profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-31024 | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
{8FAA1D13-D326-4EB3-81E5-AB7467B93A63} -> profile=private | protocol=17 | dir=in | action=allow | name=microsoft office onenote | app=c:\program files (x86)\microsoft office\office12\onenote.exe | 
{92581376-BC79-4F0A-9612-F8E6A3B4D6C3} -> profile=private | protocol=6 | dir=in | action=allow | name=blizzard downloader | app=c:\games\world of warcraft\blizzard downloader.exe | 
{A00BB5AE-C871-401D-90E7-049DFCEA4229} -> profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31025 | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
{A47F0471-17C2-4F89-A33D-2D89BD3362A2} -> profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31321 | app=%systemroot%\system32\svchost.exe | svc=upnphost | 
{A573DE02-ABB4-4C06-8782-6975C53801C9} -> profile=private | protocol=6 | dir=in | action=allow | name=blizzard downloader | app=c:\users\wood\appdata\local\temp\blizzard installer bootstrap - 000b5b87\installer.exe | 
{AB28F2DB-7BB2-41FF-95F1-CCCF5639518F} -> dir=in | action=allow | name=citrix access gateway endpoint analysis (inbound) | app=c:\program files\citrix\secure access client\nsepa.exe | 
{AC81C170-F7A3-4BDD-84C5-57F21022A30F} -> profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-31313 | app=%programfiles%\windows media player\wmpnetwk.exe | 
{B0411BFA-81A9-494B-B7A7-4FCE1765083D} -> profile=private | protocol=6 | dir=in | action=allow | name=vsmon | app=c:\windows\syswow64\zonelabs\vsmon.exe | 
{B5280F89-EDF3-413E-B70E-C8C22ECB9775} -> profile=private | protocol=6 | dir=in | action=allow | name=installcore™ | app=c:\users\wood\appdata\local\microsoft\windows\temporary internet files\content.ie5\kc8wp2jx\flvplayersetup[1].exe | 
{B5BAEE9D-0E3C-446F-864B-9E2286F6ECCC} -> profile=private | protocol=58 | dir=in | action=allow | name=@firewallapi.dll,-28545 | 
{C6A6DFDD-8084-4D7C-897E-61533F4BB34C} -> profile=private | protocol=6 | dir=in | action=allow | name=blizzard launcher | app=c:\games\world of warcraft\launcher.patch.exe | 
{D056975F-E4A0-4BCD-93C8-2B8EAEEF5890} -> profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-31023 | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
{D4F253DD-C6C3-4A7F-8113-C98FC095B3D9} -> profile=private | protocol=17 | dir=in | action=allow | name=blizzard downloader | app=c:\users\wood\appdata\local\temp\blizzard installer bootstrap - 000b5b87\installer.exe | 
{D9A5AC4C-6438-42BA-862F-DB7EAC011EFA} -> profile=private | protocol=17 | dir=in | action=allow | name=blizzard downloader | app=c:\games\world of warcraft\wow-3.3.5.12340-x86-win-enus-bkgnd-downloader.exe | 
{DE445347-AE7C-437C-94D7-42B5B1B0004B} -> profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31011 | app=%programfiles%\windows media player\wmplayer.exe | 
{DEBEE330-90BA-4295-857A-AAE193275786} -> profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-31293 | app=%programfiles%\windows media player\wmplayer.exe | 
{E9B75716-BB1E-470E-8E87-ACF12E79563A} -> profile=private | protocol=6 | dir=in | action=allow | name=ventrilo.exe | app=c:\program files (x86)\ventrilo\ventrilo.exe | 
{F89E5FAF-110C-411B-B482-D1183B907331} -> profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-31297 | app=%programfiles%\windows media player\wmplayer.exe | 
{F9AA9F0E-BDB7-4F9D-9374-37B0E6ABE4BE} -> profile=private | protocol=17 | dir=in | action=allow | name=blizzard downloader | app=c:\games\world of warcraft\blizzard downloader.exe | 
{FD926E47-3760-423E-881F-1FA49259049D} -> profile=private | protocol=17 | dir=in | action=allow | name=blizzard launcher | app=c:\games\world of warcraft\launcher.exe | 
TCP Query User{1D85CD78-B6AC-4E71-9CAA-FC63EB4AB5E2}C:\games\world of warcraft\backgrounddownloader.exe -> profile=private | protocol=6 | dir=in | action=allow | name=blizzard downloader | app=c:\games\world of warcraft\backgrounddownloader.exe | 
TCP Query User{C9990AC3-C7B6-4CAE-ABF8-307DE87809C7}C:\program files (x86)\internet explorer\iexplore.exe -> profile=private | protocol=6 | dir=in | action=block | name=internet explorer | app=c:\program files (x86)\internet explorer\iexplore.exe | 
UDP Query User{60152F3B-2AC5-4B4E-A6C9-471FE0981DBE}C:\games\world of warcraft\backgrounddownloader.exe -> profile=private | protocol=17 | dir=in | action=allow | name=blizzard downloader | app=c:\games\world of warcraft\backgrounddownloader.exe | 
UDP Query User{CCAA48E5-13B8-40F2-975A-C9F39FE48AAF}C:\program files (x86)\internet explorer\iexplore.exe -> profile=private | protocol=17 | dir=in | action=block | name=internet explorer | app=c:\program files (x86)\internet explorer\iexplore.exe | 
< Standard Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List -> 
< SafeBoot AlternateShell [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot -> 
< CDROM Autorun Setting [HKEY_LOCAL_MACHINE]> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom ->
"AutoRun" -> 1 -> 
"DisplayName" -> Driver del CD-ROM -> 
"ImagePath" -> C:\Windows\SysNative\drivers\cdrom.sys [system32\DRIVERS\cdrom.sys] -> [2010/11/20 03:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation)
< MountPoints2 [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2 -> 
< Registry Shell Spawning - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command -> 
64bit-comfile [open] -> "%1" %*
64bit-exefile [open] -> "%1" %*
comfile [open] -> "%1" %* -> 
exefile [open] -> "%1" %* -> 
< 64bit-File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>\ -> 
.com [@ = ComFile] -> "%1" %* -> 
.exe [@ = exefile] -> "%1" %* -> 
< File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>\ -> 
.com [@ = ComFile] -> "%1" %* -> 
.exe [@ = exefile] -> "%1" %* -> 
 
 
[Files/Folders - Created Within 30 Days]
 OTS.exe -> C:\Users\Wood\Desktop\OTS.exe -> [2012/01/10 22:46:51 | 000,646,144 | ---- | C] (OldTimer Tools)
 OTL.exe -> C:\Users\Wood\Desktop\OTL.exe -> [2012/01/07 20:01:01 | 000,584,192 | ---- | C] (OldTimer Tools)
 aswMBR.exe -> C:\Users\Wood\Desktop\aswMBR.exe -> [2012/01/07 19:46:41 | 004,713,472 | ---- | C] (AVAST Software)
 zh-TW -> C:\Windows\SysNative\zh-TW -> [2012/01/06 11:15:27 | 000,000,000 | ---D | C]
 zh-HK -> C:\Windows\SysNative\zh-HK -> [2012/01/06 11:15:27 | 000,000,000 | ---D | C]
 zh-CN -> C:\Windows\SysNative\zh-CN -> [2012/01/06 11:15:27 | 000,000,000 | ---D | C]
 winrm -> C:\Windows\SysNative\winrm -> [2012/01/06 11:15:27 | 000,000,000 | ---D | C]
 WCN -> C:\Windows\SysNative\WCN -> [2012/01/06 11:15:26 | 000,000,000 | ---D | C]
 Wat -> C:\Windows\SysNative\Wat -> [2012/01/06 11:15:25 | 000,000,000 | ---D | C]
 uk-UA -> C:\Windows\SysNative\uk-UA -> [2012/01/06 11:15:25 | 000,000,000 | ---D | C]
 tr-TR -> C:\Windows\SysNative\tr-TR -> [2012/01/06 11:15:25 | 000,000,000 | ---D | C]
 th-TH -> C:\Windows\SysNative\th-TH -> [2012/01/06 11:15:25 | 000,000,000 | ---D | C]
 Tasks -> C:\Windows\SysNative\Tasks -> [2012/01/06 11:15:25 | 000,000,000 | ---D | C]
 sv-SE -> C:\Windows\SysNative\sv-SE -> [2012/01/06 11:15:25 | 000,000,000 | ---D | C]
 sr-Latn-CS -> C:\Windows\SysNative\sr-Latn-CS -> [2012/01/06 11:15:25 | 000,000,000 | ---D | C]
 SPReview -> C:\Windows\SysNative\SPReview -> [2012/01/06 11:15:25 | 000,000,000 | ---D | C]
 sppui -> C:\Windows\SysNative\sppui -> [2012/01/06 11:15:25 | 000,000,000 | ---D | C]
 spp -> C:\Windows\SysNative\spp -> [2012/01/06 11:15:24 | 000,000,000 | ---D | C]
 SMI -> C:\Windows\SysNative\SMI -> [2012/01/06 11:15:22 | 000,000,000 | ---D | C]
 sl-SI -> C:\Windows\SysNative\sl-SI -> [2012/01/06 11:15:22 | 000,000,000 | ---D | C]
 slmgr -> C:\Windows\SysNative\slmgr -> [2012/01/06 11:15:22 | 000,000,000 | ---D | C]
 sk-SK -> C:\Windows\SysNative\sk-SK -> [2012/01/06 11:15:22 | 000,000,000 | ---D | C]
 ru-RU -> C:\Windows\SysNative\ru-RU -> [2012/01/06 11:15:22 | 000,000,000 | ---D | C]
 ro-RO -> C:\Windows\SysNative\ro-RO -> [2012/01/06 11:15:22 | 000,000,000 | ---D | C]
 restore -> C:\Windows\SysNative\restore -> [2012/01/06 11:15:22 | 000,000,000 | ---D | C]
 Recovery -> C:\Windows\SysNative\Recovery -> [2012/01/06 11:15:22 | 000,000,000 | ---D | C]
 ras -> C:\Windows\SysNative\ras -> [2012/01/06 11:15:22 | 000,000,000 | ---D | C]
 pt-PT -> C:\Windows\SysNative\pt-PT -> [2012/01/06 11:15:22 | 000,000,000 | ---D | C]
 pt-BR -> C:\Windows\SysNative\pt-BR -> [2012/01/06 11:15:22 | 000,000,000 | ---D | C]
 Printing_Admin_Scripts -> C:\Windows\SysNative\Printing_Admin_Scripts -> [2012/01/06 11:15:22 | 000,000,000 | ---D | C]
 pl-PL -> C:\Windows\SysNative\pl-PL -> [2012/01/06 11:15:21 | 000,000,000 | ---D | C]
 nl-NL -> C:\Windows\SysNative\nl-NL -> [2012/01/06 11:15:21 | 000,000,000 | ---D | C]
 NetworkList -> C:\Windows\SysNative\NetworkList -> [2012/01/06 11:15:21 | 000,000,000 | ---D | C]
 NDF -> C:\Windows\SysNative\NDF -> [2012/01/06 11:15:21 | 000,000,000 | ---D | C]
 nb-NO -> C:\Windows\SysNative\nb-NO -> [2012/01/06 11:15:21 | 000,000,000 | ---D | C]
 MUI -> C:\Windows\SysNative\MUI -> [2012/01/06 11:15:21 | 000,000,000 | ---D | C]
 Msdtc -> C:\Windows\SysNative\Msdtc -> [2012/01/06 11:15:21 | 000,000,000 | ---D | C]
 Microsoft -> C:\Windows\SysNative\Microsoft -> [2012/01/06 11:15:20 | 000,000,000 | ---D | C]
 manifeststore -> C:\Windows\SysNative\manifeststore -> [2012/01/06 11:15:20 | 000,000,000 | ---D | C]
 Macromed -> C:\Windows\SysNative\Macromed -> [2012/01/06 11:15:20 | 000,000,000 | ---D | C]
 lv-LV -> C:\Windows\SysNative\lv-LV -> [2012/01/06 11:15:20 | 000,000,000 | ---D | C]
 lt-LT -> C:\Windows\SysNative\lt-LT -> [2012/01/06 11:15:20 | 000,000,000 | ---D | C]
 ko-KR -> C:\Windows\SysNative\ko-KR -> [2012/01/06 11:15:20 | 000,000,000 | ---D | C]
 ja-JP -> C:\Windows\SysNative\ja-JP -> [2012/01/06 11:15:20 | 000,000,000 | ---D | C]
 it -> C:\Windows\SysNative\it -> [2012/01/06 11:15:20 | 000,000,000 | ---D | C]
 ntfs.sys.mui -> C:\Windows\SysNative\drivers\it-IT\ntfs.sys.mui -> [2012/01/06 11:15:19 | 000,067,584 | ---- | C] (Microsoft Corporation)
 ntfs.sys.mui -> C:\Windows\SysNative\drivers\en-US\ntfs.sys.mui -> [2012/01/06 11:15:19 | 000,059,904 | ---- | C] (Microsoft Corporation)
 tcpip.sys.mui -> C:\Windows\SysNative\drivers\it-IT\tcpip.sys.mui -> [2012/01/06 11:15:19 | 000,049,152 | ---- | C] (Microsoft Corporation)
 tcpip.sys.mui -> C:\Windows\SysNative\drivers\en-US\tcpip.sys.mui -> [2012/01/06 11:15:19 | 000,044,032 | ---- | C] (Microsoft Corporation)
 ndis.sys.mui -> C:\Windows\SysNative\drivers\it-IT\ndis.sys.mui -> [2012/01/06 11:15:19 | 000,039,936 | ---- | C] (Microsoft Corporation)
 http.sys.mui -> C:\Windows\SysNative\drivers\it-IT\http.sys.mui -> [2012/01/06 11:15:19 | 000,038,912 | ---- | C] (Microsoft Corporation)
 mpio.sys.mui -> C:\Windows\SysNative\drivers\it-IT\mpio.sys.mui -> [2012/01/06 11:15:19 | 000,037,888 | ---- | C] (Microsoft Corporation)
 ndis.sys.mui -> C:\Windows\SysNative\drivers\en-US\ndis.sys.mui -> [2012/01/06 11:15:19 | 000,035,328 | ---- | C] (Microsoft Corporation)
 http.sys.mui -> C:\Windows\SysNative\drivers\en-US\http.sys.mui -> [2012/01/06 11:15:19 | 000,032,256 | ---- | C] (Microsoft Corporation)
 bfe.dll.mui -> C:\Windows\SysNative\drivers\it-IT\bfe.dll.mui -> [2012/01/06 11:15:19 | 000,030,720 | ---- | C] (Microsoft Corporation)
 volsnap.sys.mui -> C:\Windows\SysNative\drivers\it-IT\volsnap.sys.mui -> [2012/01/06 11:15:19 | 000,027,136 | ---- | C] (Microsoft Corporation)
 mpio.sys.mui -> C:\Windows\SysNative\drivers\en-US\mpio.sys.mui -> [2012/01/06 11:15:19 | 000,026,624 | ---- | C] (Microsoft Corporation)
 bfe.dll.mui -> C:\Windows\SysNative\drivers\en-US\bfe.dll.mui -> [2012/01/06 11:15:19 | 000,025,600 | ---- | C] (Microsoft Corporation)
 usbport.sys.mui -> C:\Windows\SysNative\drivers\it-IT\usbport.sys.mui -> [2012/01/06 11:15:19 | 000,025,088 | ---- | C] (Microsoft Corporation)
 usbport.sys.mui -> C:\Windows\SysNative\drivers\en-US\usbport.sys.mui -> [2012/01/06 11:15:19 | 000,024,576 | ---- | C] (Microsoft Corporation)
 volsnap.sys.mui -> C:\Windows\SysNative\drivers\en-US\volsnap.sys.mui -> [2012/01/06 11:15:19 | 000,023,552 | ---- | C] (Microsoft Corporation)
 processr.sys.mui -> C:\Windows\SysNative\drivers\it-IT\processr.sys.mui -> [2012/01/06 11:15:19 | 000,020,992 | ---- | C] (Microsoft Corporation)
 intelppm.sys.mui -> C:\Windows\SysNative\drivers\it-IT\intelppm.sys.mui -> [2012/01/06 11:15:19 | 000,020,992 | ---- | C] (Microsoft Corporation)
 amdppm.sys.mui -> C:\Windows\SysNative\drivers\it-IT\amdppm.sys.mui -> [2012/01/06 11:15:19 | 000,020,992 | ---- | C] (Microsoft Corporation)
 amdk8.sys.mui -> C:\Windows\SysNative\drivers\it-IT\amdk8.sys.mui -> [2012/01/06 11:15:19 | 000,020,992 | ---- | C] (Microsoft Corporation)
 afd.sys.mui -> C:\Windows\SysNative\drivers\it-IT\afd.sys.mui -> [2012/01/06 11:15:19 | 000,016,896 | ---- | C] (Microsoft Corporation)
 pacer.sys.mui -> C:\Windows\SysNative\drivers\it-IT\pacer.sys.mui -> [2012/01/06 11:15:19 | 000,016,384 | ---- | C] (Microsoft Corporation)
 fvevol.sys.mui -> C:\Windows\SysNative\drivers\it-IT\fvevol.sys.mui -> [2012/01/06 11:15:19 | 000,016,384 | ---- | C] (Microsoft Corporation)
 nwifi.sys.mui -> C:\Windows\SysNative\drivers\it-IT\nwifi.sys.mui -> [2012/01/06 11:15:19 | 000,015,872 | ---- | C] (Microsoft Corporation)
 pacer.sys.mui -> C:\Windows\SysNative\drivers\en-US\pacer.sys.mui -> [2012/01/06 11:15:19 | 000,015,360 | ---- | C] (Microsoft Corporation)
 afd.sys.mui -> C:\Windows\SysNative\drivers\en-US\afd.sys.mui -> [2012/01/06 11:15:19 | 000,014,848 | ---- | C] (Microsoft Corporation)
 processr.sys.mui -> C:\Windows\SysNative\drivers\en-US\processr.sys.mui -> [2012/01/06 11:15:19 | 000,014,336 | ---- | C] (Microsoft Corporation)
 intelppm.sys.mui -> C:\Windows\SysNative\drivers\en-US\intelppm.sys.mui -> [2012/01/06 11:15:19 | 000,014,336 | ---- | C] (Microsoft Corporation)
 fvevol.sys.mui -> C:\Windows\SysNative\drivers\en-US\fvevol.sys.mui -> [2012/01/06 11:15:19 | 000,014,336 | ---- | C] (Microsoft Corporation)
 amdppm.sys.mui -> C:\Windows\SysNative\drivers\en-US\amdppm.sys.mui -> [2012/01/06 11:15:19 | 000,014,336 | ---- | C] (Microsoft Corporation)
 amdk8.sys.mui -> C:\Windows\SysNative\drivers\en-US\amdk8.sys.mui -> [2012/01/06 11:15:19 | 000,014,336 | ---- | C] (Microsoft Corporation)
 nwifi.sys.mui -> C:\Windows\SysNative\drivers\en-US\nwifi.sys.mui -> [2012/01/06 11:15:19 | 000,013,824 | ---- | C] (Microsoft Corporation)
 usbhub.sys.mui -> C:\Windows\SysNative\drivers\it-IT\usbhub.sys.mui -> [2012/01/06 11:15:19 | 000,011,776 | ---- | C] (Microsoft Corporation)
 usbhub.sys.mui -> C:\Windows\SysNative\drivers\en-US\usbhub.sys.mui -> [2012/01/06 11:15:19 | 000,011,776 | ---- | C] (Microsoft Corporation)
 ohci1394.sys.mui -> C:\Windows\SysNative\drivers\it-IT\ohci1394.sys.mui -> [2012/01/06 11:15:19 | 000,011,776 | ---- | C] (Microsoft Corporation)
 ohci1394.sys.mui -> C:\Windows\SysNative\drivers\en-US\ohci1394.sys.mui -> [2012/01/06 11:15:19 | 000,011,776 | ---- | C] (Microsoft Corporation)
 1394ohci.sys.mui -> C:\Windows\SysNative\drivers\it-IT\1394ohci.sys.mui -> [2012/01/06 11:15:19 | 000,011,776 | ---- | C] (Microsoft Corporation)
 1394ohci.sys.mui -> C:\Windows\SysNative\drivers\en-US\1394ohci.sys.mui -> [2012/01/06 11:15:19 | 000,011,776 | ---- | C] (Microsoft Corporation)
 serial.sys.mui -> C:\Windows\SysNative\drivers\it-IT\serial.sys.mui -> [2012/01/06 11:15:19 | 000,011,264 | ---- | C] (Microsoft Corporation)
 i8042prt.sys.mui -> C:\Windows\SysNative\drivers\it-IT\i8042prt.sys.mui -> [2012/01/06 11:15:19 | 000,011,264 | ---- | C] (Microsoft Corporation)
 BrSerId.sys.mui -> C:\Windows\SysNative\drivers\it-IT\BrSerId.sys.mui -> [2012/01/06 11:15:19 | 000,011,264 | ---- | C] (Brother Industries Ltd.)
 BrSerIb.sys.mui -> C:\Windows\SysNative\drivers\it-IT\BrSerIb.sys.mui -> [2012/01/06 11:15:19 | 000,011,264 | ---- | C] (Brother Industries Ltd.)
 acpi.sys.mui -> C:\Windows\SysNative\drivers\it-IT\acpi.sys.mui -> [2012/01/06 11:15:19 | 000,010,752 | ---- | C] (Microsoft Corporation)
 serial.sys.mui -> C:\Windows\SysNative\drivers\en-US\serial.sys.mui -> [2012/01/06 11:15:19 | 000,010,240 | ---- | C] (Microsoft Corporation)
 i8042prt.sys.mui -> C:\Windows\SysNative\drivers\en-US\i8042prt.sys.mui -> [2012/01/06 11:15:19 | 000,010,240 | ---- | C] (Microsoft Corporation)
 BrSerId.sys.mui -> C:\Windows\SysNative\drivers\en-US\BrSerId.sys.mui -> [2012/01/06 11:15:19 | 000,010,240 | ---- | C] (Brother Industries Ltd.)
 BrSerIb.sys.mui -> C:\Windows\SysNative\drivers\en-US\BrSerIb.sys.mui -> [2012/01/06 11:15:19 | 000,010,240 | ---- | C] (Brother Industries Ltd.)
 battc.sys.mui -> C:\Windows\SysNative\drivers\it-IT\battc.sys.mui -> [2012/01/06 11:15:19 | 000,009,728 | ---- | C] (Microsoft Corporation)
 pci.sys.mui -> C:\Windows\SysNative\drivers\it-IT\pci.sys.mui -> [2012/01/06 11:15:19 | 000,009,216 | ---- | C] (Microsoft Corporation)
 acpi.sys.mui -> C:\Windows\SysNative\drivers\en-US\acpi.sys.mui -> [2012/01/06 11:15:19 | 000,009,216 | ---- | C] (Microsoft Corporation)
 tunnel.sys.mui -> C:\Windows\SysNative\drivers\it-IT\tunnel.sys.mui -> [2012/01/06 11:15:19 | 000,008,704 | ---- | C] (Microsoft Corporation)
 pci.sys.mui -> C:\Windows\SysNative\drivers\en-US\pci.sys.mui -> [2012/01/06 11:15:19 | 000,008,192 | ---- | C] (Microsoft Corporation)
 bthport.sys.mui -> C:\Windows\SysNative\drivers\it-IT\bthport.sys.mui -> [2012/01/06 11:15:19 | 000,008,192 | ---- | C] (Microsoft Corporation)
 tunnel.sys.mui -> C:\Windows\SysNative\drivers\en-US\tunnel.sys.mui -> [2012/01/06 11:15:19 | 000,007,680 | ---- | C] (Microsoft Corporation)
 bthport.sys.mui -> C:\Windows\SysNative\drivers\en-US\bthport.sys.mui -> [2012/01/06 11:15:19 | 000,007,680 | ---- | C] (Microsoft Corporation)
 msdsm.sys.mui -> C:\Windows\SysNative\drivers\it-IT\msdsm.sys.mui -> [2012/01/06 11:15:19 | 000,007,168 | ---- | C] (Microsoft Corporation)
 luafv.sys.mui -> C:\Windows\SysNative\drivers\it-IT\luafv.sys.mui -> [2012/01/06 11:15:19 | 000,007,168 | ---- | C] (Microsoft Corporation)
 battc.sys.mui -> C:\Windows\SysNative\drivers\en-US\battc.sys.mui -> [2012/01/06 11:15:19 | 000,007,168 | ---- | C] (Microsoft Corporation)
 rdvgkmd.sys.mui -> C:\Windows\SysNative\drivers\it-IT\rdvgkmd.sys.mui -> [2012/01/06 11:15:19 | 000,006,656 | ---- | C] (Microsoft Corporation)
 rdvgkmd.sys.mui -> C:\Windows\SysNative\drivers\en-US\rdvgkmd.sys.mui -> [2012/01/06 11:15:19 | 000,006,144 | ---- | C] (Microsoft Corporation)
 ndiscap.sys.mui -> C:\Windows\SysNative\drivers\it-IT\ndiscap.sys.mui -> [2012/01/06 11:15:19 | 000,006,144 | ---- | C] (Microsoft Corporation)
 luafv.sys.mui -> C:\Windows\SysNative\drivers\en-US\luafv.sys.mui -> [2012/01/06 11:15:19 | 000,006,144 | ---- | C] (Microsoft Corporation)
 IPMIDrv.sys.mui -> C:\Windows\SysNative\drivers\it-IT\IPMIDrv.sys.mui -> [2012/01/06 11:15:19 | 000,006,144 | ---- | C] (Microsoft Corporation)
 IPMIDrv.sys.mui -> C:\Windows\SysNative\drivers\en-US\IPMIDrv.sys.mui -> [2012/01/06 11:15:19 | 000,006,144 | ---- | C] (Microsoft Corporation)
 sermouse.sys.mui -> C:\Windows\SysNative\drivers\it-IT\sermouse.sys.mui -> [2012/01/06 11:15:19 | 000,005,632 | ---- | C] (Microsoft Corporation)
 ndiscap.sys.mui -> C:\Windows\SysNative\drivers\en-US\ndiscap.sys.mui -> [2012/01/06 11:15:19 | 000,005,632 | ---- | C] (Microsoft Corporation)
 msdsm.sys.mui -> C:\Windows\SysNative\drivers\en-US\msdsm.sys.mui -> [2012/01/06 11:15:19 | 000,005,632 | ---- | C] (Microsoft Corporation)
 fltmgr.sys.mui -> C:\Windows\SysNative\drivers\it-IT\fltmgr.sys.mui -> [2012/01/06 11:15:19 | 000,005,632 | ---- | C] (Microsoft Corporation)
 sermouse.sys.mui -> C:\Windows\SysNative\drivers\en-US\sermouse.sys.mui -> [2012/01/06 11:15:19 | 000,005,120 | ---- | C] (Microsoft Corporation)
 rdbss.sys.mui -> C:\Windows\SysNative\drivers\it-IT\rdbss.sys.mui -> [2012/01/06 11:15:19 | 000,005,120 | ---- | C] (Microsoft Corporation)
 fltmgr.sys.mui -> C:\Windows\SysNative\drivers\en-US\fltmgr.sys.mui -> [2012/01/06 11:15:19 | 000,005,120 | ---- | C] (Microsoft Corporation)
 tsusbhub.sys.mui -> C:\Windows\SysNative\drivers\it-IT\tsusbhub.sys.mui -> [2012/01/06 11:15:19 | 000,004,608 | ---- | C] (Microsoft Corporation)
 rdbss.sys.mui -> C:\Windows\SysNative\drivers\en-US\rdbss.sys.mui -> [2012/01/06 11:15:19 | 000,004,608 | ---- | C] (Microsoft Corporation)
 mouclass.sys.mui -> C:\Windows\SysNative\drivers\it-IT\mouclass.sys.mui -> [2012/01/06 11:15:19 | 000,004,608 | ---- | C] (Microsoft Corporation)
 kbdclass.sys.mui -> C:\Windows\SysNative\drivers\it-IT\kbdclass.sys.mui -> [2012/01/06 11:15:19 | 000,004,608 | ---- | C] (Microsoft Corporation)
 kbdclass.sys.mui -> C:\Windows\SysNative\drivers\en-US\kbdclass.sys.mui -> [2012/01/06 11:15:19 | 000,004,608 | ---- | C] (Microsoft Corporation)
 bthpan.sys.mui -> C:\Windows\SysNative\drivers\it-IT\bthpan.sys.mui -> [2012/01/06 11:15:19 | 000,004,608 | ---- | C] (Microsoft Corporation)
 bthpan.sys.mui -> C:\Windows\SysNative\drivers\en-US\bthpan.sys.mui -> [2012/01/06 11:15:19 | 000,004,608 | ---- | C] (Microsoft Corporation)
 wacompen.sys.mui -> C:\Windows\SysNative\drivers\it-IT\wacompen.sys.mui -> [2012/01/06 11:15:19 | 000,004,096 | ---- | C] (Microsoft Corporation)
 wacompen.sys.mui -> C:\Windows\SysNative\drivers\en-US\wacompen.sys.mui -> [2012/01/06 11:15:19 | 000,004,096 | ---- | C] (Microsoft Corporation)
 vhdmp.sys.mui -> C:\Windows\SysNative\drivers\it-IT\vhdmp.sys.mui -> [2012/01/06 11:15:19 | 000,004,096 | ---- | C] (Microsoft Corporation)
 vdrvroot.sys.mui -> C:\Windows\SysNative\drivers\it-IT\vdrvroot.sys.mui -> [2012/01/06 11:15:19 | 000,004,096 | ---- | C] (Microsoft Corporation)
 tsusbhub.sys.mui -> C:\Windows\SysNative\drivers\en-US\tsusbhub.sys.mui -> [2012/01/06 11:15:19 | 000,004,096 | ---- | C] (Microsoft Corporation)
 tpm.sys.mui -> C:\Windows\SysNative\drivers\it-IT\tpm.sys.mui -> [2012/01/06 11:15:19 | 000,004,096 | ---- | C] (Microsoft Corporation)
 tpm.sys.mui -> C:\Windows\SysNative\drivers\en-US\tpm.sys.mui -> [2012/01/06 11:15:19 | 000,004,096 | ---- | C] (Microsoft Corporation)
 pcmcia.sys.mui -> C:\Windows\SysNative\drivers\it-IT\pcmcia.sys.mui -> [2012/01/06 11:15:19 | 000,004,096 | ---- | C] (Microsoft Corporation)
 pcmcia.sys.mui -> C:\Windows\SysNative\drivers\en-US\pcmcia.sys.mui -> [2012/01/06 11:15:19 | 000,004,096 | ---- | C] (Microsoft Corporation)
 mouclass.sys.mui -> C:\Windows\SysNative\drivers\en-US\mouclass.sys.mui -> [2012/01/06 11:15:19 | 000,004,096 | ---- | C] (Microsoft Corporation)
 isapnp.sys.mui -> C:\Windows\SysNative\drivers\it-IT\isapnp.sys.mui -> [2012/01/06 11:15:19 | 000,004,096 | ---- | C] (Microsoft Corporation)
 hdaudbus.sys.mui -> C:\Windows\SysNative\drivers\it-IT\hdaudbus.sys.mui -> [2012/01/06 11:15:19 | 000,004,096 | ---- | C] (Microsoft Corporation)
 hdaudbus.sys.mui -> C:\Windows\SysNative\drivers\en-US\hdaudbus.sys.mui -> [2012/01/06 11:15:19 | 000,004,096 | ---- | C] (Microsoft Corporation)
 pscr.sys.mui -> C:\Windows\SysNative\drivers\it-IT\pscr.sys.mui -> [2012/01/06 11:15:19 | 000,003,584 | ---- | C] (SCM Microsystems, Inc.)
 pscr.sys.mui -> C:\Windows\SysNative\drivers\en-US\pscr.sys.mui -> [2012/01/06 11:15:19 | 000,003,584 | ---- | C] (SCM Microsystems, Inc.)
 vhdmp.sys.mui -> C:\Windows\SysNative\drivers\en-US\vhdmp.sys.mui -> [2012/01/06 11:15:19 | 000,003,584 | ---- | C] (Microsoft Corporation)
 vdrvroot.sys.mui -> C:\Windows\SysNative\drivers\en-US\vdrvroot.sys.mui -> [2012/01/06 11:15:19 | 000,003,584 | ---- | C] (Microsoft Corporation)
 tsusbflt.sys.mui -> C:\Windows\SysNative\drivers\it-IT\tsusbflt.sys.mui -> [2012/01/06 11:15:19 | 000,003,584 | ---- | C] (Microsoft Corporation)
 portcls.sys.mui -> C:\Windows\SysNative\drivers\it-IT\portcls.sys.mui -> [2012/01/06 11:15:19 | 000,003,584 | ---- | C] (Microsoft Corporation)
 portcls.sys.mui -> C:\Windows\SysNative\drivers\en-US\portcls.sys.mui -> [2012/01/06 11:15:19 | 000,003,584 | ---- | C] (Microsoft Corporation)
 parport.sys.mui -> C:\Windows\SysNative\drivers\it-IT\parport.sys.mui -> [2012/01/06 11:15:19 | 000,003,584 | ---- | C] (Microsoft Corporation)
 parport.sys.mui -> C:\Windows\SysNative\drivers\en-US\parport.sys.mui -> [2012/01/06 11:15:19 | 000,003,584 | ---- | C] (Microsoft Corporation)
 modem.sys.mui -> C:\Windows\SysNative\drivers\it-IT\modem.sys.mui -> [2012/01/06 11:15:19 | 000,003,584 | ---- | C] (Microsoft Corporation)
 modem.sys.mui -> C:\Windows\SysNative\drivers\en-US\modem.sys.mui -> [2012/01/06 11:15:19 | 000,003,584 | ---- | C] (Microsoft Corporation)
 isapnp.sys.mui -> C:\Windows\SysNative\drivers\en-US\isapnp.sys.mui -> [2012/01/06 11:15:19 | 000,003,584 | ---- | C] (Microsoft Corporation)
 ipnat.sys.mui -> C:\Windows\SysNative\drivers\it-IT\ipnat.sys.mui -> [2012/01/06 11:15:19 | 000,003,584 | ---- | C] (Microsoft Corporation)
 ipnat.sys.mui -> C:\Windows\SysNative\drivers\en-US\ipnat.sys.mui -> [2012/01/06 11:15:19 | 000,003,584 | ---- | C] (Microsoft Corporation)
 HdAudio.sys.mui -> C:\Windows\SysNative\drivers\it-IT\HdAudio.sys.mui -> [2012/01/06 11:15:19 | 000,003,584 | ---- | C] (Microsoft Corporation)
 ataport.sys.mui -> C:\Windows\SysNative\drivers\it-IT\ataport.sys.mui -> [2012/01/06 11:15:19 | 000,003,584 | ---- | C] (Microsoft Corporation)
 atikmdag.sys.mui -> C:\Windows\SysNative\drivers\it-IT\atikmdag.sys.mui -> [2012/01/06 11:15:19 | 000,003,584 | ---- | C] (ATI Technologies Inc.)
 umbus.sys.mui -> C:\Windows\SysNative\drivers\it-IT\umbus.sys.mui -> [2012/01/06 11:15:19 | 000,003,072 | ---- | C] (Microsoft Corporation)
 umbus.sys.mui -> C:\Windows\SysNative\drivers\en-US\umbus.sys.mui -> [2012/01/06 11:15:19 | 000,003,072 | ---- | C] (Microsoft Corporation)
 tsusbflt.sys.mui -> C:\Windows\SysNative\drivers\en-US\tsusbflt.sys.mui -> [2012/01/06 11:15:19 | 000,003,072 | ---- | C] (Microsoft Corporation)
 scsiport.sys.mui -> C:\Windows\SysNative\drivers\it-IT\scsiport.sys.mui -> [2012/01/06 11:15:19 | 000,003,072 | ---- | C] (Microsoft Corporation)
 scsiport.sys.mui -> C:\Windows\SysNative\drivers\en-US\scsiport.sys.mui -> [2012/01/06 11:15:19 | 000,003,072 | ---- | C] (Microsoft Corporation)
 rndismpx.sys.mui -> C:\Windows\SysNative\drivers\it-IT\rndismpx.sys.mui -> [2012/01/06 11:15:19 | 000,003,072 | ---- | C] (Microsoft Corporation)
 rndismpx.sys.mui -> C:\Windows\SysNative\drivers\en-US\rndismpx.sys.mui -> [2012/01/06 11:15:19 | 000,003,072 | ---- | C] (Microsoft Corporation)
 rndismp6.sys.mui -> C:\Windows\SysNative\drivers\it-IT\rndismp6.sys.mui -> [2012/01/06 11:15:19 | 000,003,072 | ---- | C] (Microsoft Corporation)
 rndismp6.sys.mui -> C:\Windows\SysNative\drivers\en-US\rndismp6.sys.mui -> [2012/01/06 11:15:19 | 000,003,072 | ---- | C] (Microsoft Corporation)
 RNDISMP.sys.mui -> C:\Windows\SysNative\drivers\it-IT\RNDISMP.sys.mui -> [2012/01/06 11:15:19 | 000,003,072 | ---- | C] (Microsoft Corporation)
 RNDISMP.sys.mui -> C:\Windows\SysNative\drivers\en-US\RNDISMP.sys.mui -> [2012/01/06 11:15:19 | 000,003,072 | ---- | C] (Microsoft Corporation)
 ndisuio.sys.mui -> C:\Windows\SysNative\drivers\it-IT\ndisuio.sys.mui -> [2012/01/06 11:15:19 | 000,003,072 | ---- | C] (Microsoft Corporation)
 ndisuio.sys.mui -> C:\Windows\SysNative\drivers\en-US\ndisuio.sys.mui -> [2012/01/06 11:15:19 | 000,003,072 | ---- | C] (Microsoft Corporation)
 mssmbios.sys.mui -> C:\Windows\SysNative\drivers\it-IT\mssmbios.sys.mui -> [2012/01/06 11:15:19 | 000,003,072 | ---- | C] (Microsoft Corporation)
 mssmbios.sys.mui -> C:\Windows\SysNative\drivers\en-US\mssmbios.sys.mui -> [2012/01/06 11:15:19 | 000,003,072 | ---- | C] (Microsoft Corporation)
 hidbth.sys.mui -> C:\Windows\SysNative\drivers\it-IT\hidbth.sys.mui -> [2012/01/06 11:15:19 | 000,003,072 | ---- | C] (Microsoft Corporation)
 hidbth.sys.mui -> C:\Windows\SysNative\drivers\en-US\hidbth.sys.mui -> [2012/01/06 11:15:19 | 000,003,072 | ---- | C] (Microsoft Corporation)
 HdAudio.sys.mui -> C:\Windows\SysNative\drivers\en-US\HdAudio.sys.mui -> [2012/01/06 11:15:19 | 000,003,072 | ---- | C] (Microsoft Corporation)
 ataport.sys.mui -> C:\Windows\SysNative\drivers\en-US\ataport.sys.mui -> [2012/01/06 11:15:19 | 000,003,072 | ---- | C] (Microsoft Corporation)
 atikmdag.sys.mui -> C:\Windows\SysNative\drivers\en-US\atikmdag.sys.mui -> [2012/01/06 11:15:19 | 000,003,072 | ---- | C] (ATI Technologies Inc.)
 wdf01000.sys.mui -> C:\Windows\SysNative\drivers\it-IT\wdf01000.sys.mui -> [2012/01/06 11:15:19 | 000,002,560 | ---- | C] (Microsoft Corporation)
 wdf01000.sys.mui -> C:\Windows\SysNative\drivers\en-US\wdf01000.sys.mui -> [2012/01/06 11:15:19 | 000,002,560 | ---- | C] (Microsoft Corporation)
 vwifibus.sys.mui -> C:\Windows\SysNative\drivers\it-IT\vwifibus.sys.mui -> [2012/01/06 11:15:19 | 000,002,560 | ---- | C] (Microsoft Corporation)
 volmgrx.sys.mui -> C:\Windows\SysNative\drivers\it-IT\volmgrx.sys.mui -> [2012/01/06 11:15:19 | 000,002,560 | ---- | C] (Microsoft Corporation)
 volmgrx.sys.mui -> C:\Windows\SysNative\drivers\en-US\volmgrx.sys.mui -> [2012/01/06 11:15:19 | 000,002,560 | ---- | C] (Microsoft Corporation)
 usbrpm.sys.mui -> C:\Windows\SysNative\drivers\it-IT\usbrpm.sys.mui -> [2012/01/06 11:15:19 | 000,002,560 | ---- | C] (Microsoft Corporation)
 ULIAGPKX.SYS.mui -> C:\Windows\SysNative\drivers\it-IT\ULIAGPKX.SYS.mui -> [2012/01/06 11:15:19 | 000,002,560 | ---- | C] (Microsoft Corporation)
 ULIAGPKX.SYS.mui -> C:\Windows\SysNative\drivers\en-US\ULIAGPKX.SYS.mui -> [2012/01/06 11:15:19 | 000,002,560 | ---- | C] (Microsoft Corporation)
 UAGP35.SYS.mui -> C:\Windows\SysNative\drivers\it-IT\UAGP35.SYS.mui -> [2012/01/06 11:15:19 | 000,002,560 | ---- | C] (Microsoft Corporation)
 UAGP35.SYS.mui -> C:\Windows\SysNative\drivers\en-US\UAGP35.SYS.mui -> [2012/01/06 11:15:19 | 000,002,560 | ---- | C] (Microsoft Corporation)
 srv.sys.mui -> C:\Windows\SysNative\drivers\it-IT\srv.sys.mui -> [2012/01/06 11:15:19 | 000,002,560 | ---- | C] (Microsoft Corporation)
 srv.sys.mui -> C:\Windows\SysNative\drivers\en-US\srv.sys.mui -> [2012/01/06 11:15:19 | 000,002,560 | ---- | C] (Microsoft Corporation)
 serscan.sys.mui -> C:\Windows\SysNative\drivers\it-IT\serscan.sys.mui -> [2012/01/06 11:15:19 | 000,002,560 | ---- | C] (Microsoft Corporation)
 serscan.sys.mui -> C:\Windows\SysNative\drivers\en-US\serscan.sys.mui -> [2012/01/06 11:15:19 | 000,002,560 | ---- | C] (Microsoft Corporation)
 scfilter.sys.mui -> C:\Windows\SysNative\drivers\it-IT\scfilter.sys.mui -> [2012/01/06 11:15:19 | 000,002,560 | ---- | C] (Microsoft Corporation)
 scfilter.sys.mui -> C:\Windows\SysNative\drivers\en-US\scfilter.sys.mui -> [2012/01/06 11:15:19 | 000,002,560 | ---- | C] (Microsoft Corporation)
 rdpwd.sys.mui -> C:\Windows\SysNative\drivers\it-IT\rdpwd.sys.mui -> [2012/01/06 11:15:19 | 000,002,560 | ---- | C] (Microsoft Corporation)
 rdpwd.sys.mui -> C:\Windows\SysNative\drivers\en-US\rdpwd.sys.mui -> [2012/01/06 11:15:19 | 000,002,560 | ---- | C] (Microsoft Corporation)
 qwavedrv.sys.mui -> C:\Windows\SysNative\drivers\it-IT\qwavedrv.sys.mui -> [2012/01/06 11:15:19 | 000,002,560 | ---- | C] (Microsoft Corporation)
 qwavedrv.sys.mui -> C:\Windows\SysNative\drivers\en-US\qwavedrv.sys.mui -> [2012/01/06 11:15:19 | 000,002,560 | ---- | C] (Microsoft Corporation)
 pnpmem.sys.mui -> C:\Windows\SysNative\drivers\it-IT\pnpmem.sys.mui -> [2012/01/06 11:15:19 | 000,002,560 | ---- | C] (Microsoft Corporation)
 pnpmem.sys.mui -> C:\Windows\SysNative\drivers\en-US\pnpmem.sys.mui -> [2012/01/06 11:15:19 | 000,002,560 | ---- | C] (Microsoft Corporation)
 partmgr.sys.mui -> C:\Windows\SysNative\drivers\it-IT\partmgr.sys.mui -> [2012/01/06 11:15:19 | 000,002,560 | ---- | C] (Microsoft Corporation)
 partmgr.sys.mui -> C:\Windows\SysNative\drivers\en-US\partmgr.sys.mui -> [2012/01/06 11:15:19 | 000,002,560 | ---- | C] (Microsoft Corporation)
 NV_AGP.SYS.mui -> C:\Windows\SysNative\drivers\it-IT\NV_AGP.SYS.mui -> [2012/01/06 11:15:19 | 000,002,560 | ---- | C] (Microsoft Corporation)
 NV_AGP.SYS.mui -> C:\Windows\SysNative\drivers\en-US\NV_AGP.SYS.mui -> [2012/01/06 11:15:19 | 000,002,560 | ---- | C] (Microsoft Corporation)
 MTConfig.sys.mui -> C:\Windows\SysNative\drivers\it-IT\MTConfig.sys.mui -> [2012/01/06 11:15:19 | 000,002,560 | ---- | C] (Microsoft Corporation)
 MTConfig.sys.mui -> C:\Windows\SysNative\drivers\en-US\MTConfig.sys.mui -> [2012/01/06 11:15:19 | 000,002,560 | ---- | C] (Microsoft Corporation)
 mountmgr.sys.mui -> C:\Windows\SysNative\drivers\it-IT\mountmgr.sys.mui -> [2012/01/06 11:15:19 | 000,002,560 | ---- | C] (Microsoft Corporation)
 mountmgr.sys.mui -> C:\Windows\SysNative\drivers\en-US\mountmgr.sys.mui -> [2012/01/06 11:15:19 | 000,002,560 | ---- | C] (Microsoft Corporation)
 mouhid.sys.mui -> C:\Windows\SysNative\drivers\it-IT\mouhid.sys.mui -> [2012/01/06 11:15:19 | 000,002,560 | ---- | C] (Microsoft Corporation)
 mouhid.sys.mui -> C:\Windows\SysNative\drivers\en-US\mouhid.sys.mui -> [2012/01/06 11:15:19 | 000,002,560 | ---- | C] (Microsoft Corporation)
 kbdhid.sys.mui -> C:\Windows\SysNative\drivers\it-IT\kbdhid.sys.mui -> [2012/01/06 11:15:19 | 000,002,560 | ---- | C] (Microsoft Corporation)
 kbdhid.sys.mui -> C:\Windows\SysNative\drivers\en-US\kbdhid.sys.mui -> [2012/01/06 11:15:19 | 000,002,560 | ---- | C] (Microsoft Corporation)
 GAGP30KX.SYS.mui -> C:\Windows\SysNative\drivers\it-IT\GAGP30KX.SYS.mui -> [2012/01/06 11:15:19 | 000,002,560 | ---- | C] (Microsoft Corporation)
 GAGP30KX.SYS.mui -> C:\Windows\SysNative\drivers\en-US\GAGP30KX.SYS.mui -> [2012/01/06 11:15:19 | 000,002,560 | ---- | C] (Microsoft Corporation)
 Dot4usb.sys.mui -> C:\Windows\SysNative\drivers\it-IT\Dot4usb.sys.mui -> [2012/01/06 11:15:19 | 000,002,560 | ---- | C] (Microsoft Corporation)
 Dot4usb.sys.mui -> C:\Windows\SysNative\drivers\en-US\Dot4usb.sys.mui -> [2012/01/06 11:15:19 | 000,002,560 | ---- | C] (Microsoft Corporation)
 disk.sys.mui -> C:\Windows\SysNative\drivers\it-IT\disk.sys.mui -> [2012/01/06 11:15:19 | 000,002,560 | ---- | C] (Microsoft Corporation)
 BTHUSB.SYS.mui -> C:\Windows\SysNative\drivers\it-IT\BTHUSB.SYS.mui -> [2012/01/06 11:15:19 | 000,002,560 | ---- | C] (Microsoft Corporation)
 BTHUSB.SYS.mui -> C:\Windows\SysNative\drivers\en-US\BTHUSB.SYS.mui -> [2012/01/06 11:15:19 | 000,002,560 | ---- | C] (Microsoft Corporation)
 AGP440.sys.mui -> C:\Windows\SysNative\drivers\it-IT\AGP440.sys.mui -> [2012/01/06 11:15:19 | 000,002,560 | ---- | C] (Microsoft Corporation)
 AGP440.sys.mui -> C:\Windows\SysNative\drivers\en-US\AGP440.sys.mui -> [2012/01/06 11:15:19 | 000,002,560 | ---- | C] (Microsoft Corporation)
 BrParwdm.sys.mui -> C:\Windows\SysNative\drivers\it-IT\BrParwdm.sys.mui -> [2012/01/06 11:15:19 | 000,002,560 | ---- | C] (Brother Industries Ltd.)
 BrParwdm.sys.mui -> C:\Windows\SysNative\drivers\en-US\BrParwdm.sys.mui -> [2012/01/06 11:15:19 | 000,002,560 | ---- | C] (Brother Industries Ltd.)
 ws2ifsl.sys.mui -> C:\Windows\SysNative\drivers\it-IT\ws2ifsl.sys.mui -> [2012/01/06 11:15:19 | 000,002,048 | ---- | C] (Microsoft Corporation)
 ws2ifsl.sys.mui -> C:\Windows\SysNative\drivers\en-US\ws2ifsl.sys.mui -> [2012/01/06 11:15:19 | 000,002,048 | ---- | C] (Microsoft Corporation)
 wd.sys.mui -> C:\Windows\SysNative\drivers\it-IT\wd.sys.mui -> [2012/01/06 11:15:19 | 000,002,048 | ---- | C] (Microsoft Corporation)
 wd.sys.mui -> C:\Windows\SysNative\drivers\en-US\wd.sys.mui -> [2012/01/06 11:15:19 | 000,002,048 | ---- | C] (Microsoft Corporation)
 vwifibus.sys.mui -> C:\Windows\SysNative\drivers\en-US\vwifibus.sys.mui -> [2012/01/06 11:15:19 | 000,002,048 | ---- | C] (Microsoft Corporation)
 usbrpm.sys.mui -> C:\Windows\SysNative\drivers\en-US\usbrpm.sys.mui -> [2012/01/06 11:15:19 | 000,002,048 | ---- | C] (Microsoft Corporation)
 disk.sys.mui -> C:\Windows\SysNative\drivers\en-US\disk.sys.mui -> [2012/01/06 11:15:19 | 000,002,048 | ---- | C] (Microsoft Corporation)
 cdrom.sys.mui -> C:\Windows\SysNative\drivers\it-IT\cdrom.sys.mui -> [2012/01/06 11:15:19 | 000,002,048 | ---- | C] (Microsoft Corporation)
 cdrom.sys.mui -> C:\Windows\SysNative\drivers\en-US\cdrom.sys.mui -> [2012/01/06 11:15:19 | 000,002,048 | ---- | C] (Microsoft Corporation)
 bthenum.sys.mui -> C:\Windows\SysNative\drivers\it-IT\bthenum.sys.mui -> [2012/01/06 11:15:19 | 000,002,048 | ---- | C] (Microsoft Corporation)
 bthenum.sys.mui -> C:\Windows\SysNative\drivers\en-US\bthenum.sys.mui -> [2012/01/06 11:15:19 | 000,002,048 | ---- | C] (Microsoft Corporation)
 amdide.sys.mui -> C:\Windows\SysNative\drivers\it-IT\amdide.sys.mui -> [2012/01/06 11:15:19 | 000,002,048 | ---- | C] (Microsoft Corporation)
 amdide.sys.mui -> C:\Windows\SysNative\drivers\en-US\amdide.sys.mui -> [2012/01/06 11:15:19 | 000,002,048 | ---- | C] (Microsoft Corporation)
 it-IT -> C:\Windows\SysNative\drivers\it-IT -> [2012/01/06 11:15:19 | 000,000,000 | ---D | C]
 hu-HU -> C:\Windows\SysNative\hu-HU -> [2012/01/06 11:15:19 | 000,000,000 | ---D | C]
 hr-HR -> C:\Windows\SysNative\hr-HR -> [2012/01/06 11:15:19 | 000,000,000 | ---D | C]
 he-IL -> C:\Windows\SysNative\he-IL -> [2012/01/06 11:15:19 | 000,000,000 | ---D | C]
 fr-FR -> C:\Windows\SysNative\fr-FR -> [2012/01/06 11:15:19 | 000,000,000 | ---D | C]
 fi-FI -> C:\Windows\SysNative\fi-FI -> [2012/01/06 11:15:19 | 000,000,000 | ---D | C]
 EventProviders -> C:\Windows\SysNative\EventProviders -> [2012/01/06 11:15:19 | 000,000,000 | ---D | C]
 et-EE -> C:\Windows\SysNative\et-EE -> [2012/01/06 11:15:19 | 000,000,000 | ---D | C]
 etc -> C:\Windows\SysNative\drivers\etc -> [2012/01/06 11:15:19 | 000,000,000 | ---D | C]
 es-ES -> C:\Windows\SysNative\es-ES -> [2012/01/06 11:15:19 | 000,000,000 | ---D | C]
 en-US -> C:\Windows\SysNative\drivers\en-US -> [2012/01/06 11:15:19 | 000,000,000 | ---D | C]
 en -> C:\Windows\SysNative\en -> [2012/01/06 11:15:19 | 000,000,000 | ---D | C]
 el-GR -> C:\Windows\SysNative\el-GR -> [2012/01/06 11:15:19 | 000,000,000 | ---D | C]
 de-DE -> C:\Windows\SysNative\de-DE -> [2012/01/06 11:15:19 | 000,000,000 | ---D | C]
 da-DK -> C:\Windows\SysNative\da-DK -> [2012/01/06 11:15:19 | 000,000,000 | ---D | C]
 cs-CZ -> C:\Windows\SysNative\cs-CZ -> [2012/01/06 11:15:19 | 000,000,000 | ---D | C]
 CodeIntegrity -> C:\Windows\SysNative\CodeIntegrity -> [2012/01/06 11:15:19 | 000,000,000 | ---D | C]
 catroot -> C:\Windows\SysNative\catroot -> [2012/01/06 11:15:15 | 000,000,000 | ---D | C]
 bg-BG -> C:\Windows\SysNative\bg-BG -> [2012/01/06 11:15:15 | 000,000,000 | ---D | C]
 ar-SA -> C:\Windows\SysNative\ar-SA -> [2012/01/06 11:15:15 | 000,000,000 | ---D | C]
 $RECYCLE.BIN -> C:\$RECYCLE.BIN -> [2012/01/04 00:01:04 | 000,000,000 | -HSD | C]
 _OTL -> C:\_OTL -> [2012/01/02 03:18:05 | 000,000,000 | ---D | C]
 SWREG.exe -> C:\Windows\SWREG.exe -> [2012/01/02 02:31:23 | 000,518,144 | ---- | C] (SteelWerX)
 SWSC.exe -> C:\Windows\SWSC.exe -> [2012/01/02 02:31:23 | 000,406,528 | ---- | C] (SteelWerX)
 NIRCMD.exe -> C:\Windows\NIRCMD.exe -> [2012/01/02 02:31:23 | 000,060,416 | ---- | C] (NirSoft)
 ERDNT -> C:\Windows\ERDNT -> [2012/01/02 02:31:18 | 000,000,000 | ---D | C]
 Qoobox -> C:\Qoobox -> [2012/01/02 02:26:55 | 000,000,000 | ---D | C]
 Minidump -> C:\Windows\Minidump -> [2011/12/26 10:05:03 | 000,000,000 | ---D | C]
 mshtmled.dll -> C:\Windows\SysNative\mshtmled.dll -> [2011/12/23 03:01:12 | 000,096,256 | ---- | C] (Microsoft Corporation)
 mshtmled.dll -> C:\Windows\SysWow64\mshtmled.dll -> [2011/12/23 03:01:12 | 000,072,704 | ---- | C] (Microsoft Corporation)
 ieui.dll -> C:\Windows\SysNative\ieui.dll -> [2011/12/23 03:01:11 | 000,248,320 | ---- | C] (Microsoft Corporation)
 url.dll -> C:\Windows\SysNative\url.dll -> [2011/12/23 03:01:11 | 000,237,056 | ---- | C] (Microsoft Corporation)
 url.dll -> C:\Windows\SysWow64\url.dll -> [2011/12/23 03:01:11 | 000,231,936 | ---- | C] (Microsoft Corporation)
 ieui.dll -> C:\Windows\SysWow64\ieui.dll -> [2011/12/23 03:01:11 | 000,176,640 | ---- | C] (Microsoft Corporation)
 jscript9.dll -> C:\Windows\SysNative\jscript9.dll -> [2011/12/23 03:01:10 | 002,309,120 | ---- | C] (Microsoft Corporation)
 inetcpl.cpl -> C:\Windows\SysNative\inetcpl.cpl -> [2011/12/23 03:01:10 | 001,493,504 | ---- | C] (Microsoft Corporation)
 inetcpl.cpl -> C:\Windows\SysWow64\inetcpl.cpl -> [2011/12/23 03:01:10 | 001,427,456 | ---- | C] (Microsoft Corporation)
 jscript.dll -> C:\Windows\SysNative\jscript.dll -> [2011/12/23 03:01:10 | 000,818,688 | ---- | C] (Microsoft Corporation)
 jscript.dll -> C:\Windows\SysWow64\jscript.dll -> [2011/12/23 03:01:10 | 000,716,800 | ---- | C] (Microsoft Corporation)
 csrsrv.dll -> C:\Windows\SysNative\csrsrv.dll -> [2011/12/23 00:38:12 | 000,043,520 | ---- | C] (Microsoft Corporation)
 Malwarebytes' Anti-Malware -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware -> [2011/12/23 00:38:12 | 000,000,000 | ---D | C]
 mbam.sys -> C:\Windows\SysNative\drivers\mbam.sys -> [2011/12/23 00:38:07 | 000,023,152 | ---- | C] (Malwarebytes Corporation)
 EncDec.dll -> C:\Windows\SysNative\EncDec.dll -> [2011/12/23 00:38:03 | 000,723,456 | ---- | C] (Microsoft Corporation)
 EncDec.dll -> C:\Windows\SysWow64\EncDec.dll -> [2011/12/23 00:38:03 | 000,534,528 | ---- | C] (Microsoft Corporation)
 
[Files/Folders - Modified Within 30 Days]
 OTS.exe -> C:\Users\Wood\Desktop\OTS.exe -> [2012/01/10 22:46:51 | 000,646,144 | ---- | M] (OldTimer Tools)
 7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 -> C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 -> [2012/01/09 14:51:19 | 000,017,360 | -H-- | M] ()
 7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 -> C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 -> [2012/01/09 14:51:19 | 000,017,360 | -H-- | M] ()
 OTL.exe -> C:\Users\Wood\Desktop\OTL.exe -> [2012/01/07 20:01:01 | 000,584,192 | ---- | M] (OldTimer Tools)
 MBR.zip -> C:\Users\Wood\Desktop\MBR.zip -> [2012/01/07 19:59:35 | 000,000,560 | ---- | M] ()
 MBR.dat -> C:\Users\Wood\Desktop\MBR.dat -> [2012/01/07 19:58:39 | 000,000,512 | ---- | M] ()
 aswMBR_Error_message.jpg -> C:\Users\Wood\Desktop\aswMBR_Error_message.jpg -> [2012/01/07 19:56:39 | 000,116,768 | ---- | M] ()
 aswMBR.exe -> C:\Users\Wood\Desktop\aswMBR.exe -> [2012/01/07 19:47:59 | 004,713,472 | ---- | M] (AVAST Software)
 launch.ica.kssj2dd.partial -> C:\Users\Wood\Desktop\launch.ica.kssj2dd.partial -> [2012/01/07 10:29:53 | 000,001,683 | ---- | M] ()
 PerfStringBackup.INI -> C:\Windows\SysNative\PerfStringBackup.INI -> [2012/01/06 12:58:09 | 001,549,446 | ---- | M] ()
 perfh010.dat -> C:\Windows\SysNative\perfh010.dat -> [2012/01/06 12:58:09 | 000,701,408 | ---- | M] ()
 perfh009.dat -> C:\Windows\SysNative\perfh009.dat -> [2012/01/06 12:58:09 | 000,628,308 | ---- | M] ()
 perfc010.dat -> C:\Windows\SysNative\perfc010.dat -> [2012/01/06 12:58:09 | 000,128,626 | ---- | M] ()
 perfc009.dat -> C:\Windows\SysNative\perfc009.dat -> [2012/01/06 12:58:09 | 000,107,870 | ---- | M] ()
 bootstat.dat -> C:\Windows\bootstat.dat -> [2012/01/06 12:46:52 | 000,067,584 | --S- | M] ()
 hiberfil.sys -> C:\hiberfil.sys -> [2012/01/06 12:46:29 | 2140,995,583 | -HS- | M] ()
 cryptsvc.reg -> C:\cryptsvc.reg -> [2012/01/04 06:50:03 | 000,003,924 | ---- | M] ()
 hosts -> C:\Windows\SysNative\drivers\etc\hosts -> [2012/01/04 00:01:02 | 000,000,027 | ---- | M] ()
 DiskMgmt.jpg -> C:\Users\Wood\Desktop\DiskMgmt.jpg -> [2012/01/02 17:03:29 | 000,181,342 | ---- | M] ()
 World of Warcraft.lnk -> C:\Users\Public\Desktop\World of Warcraft.lnk -> [2012/01/01 20:49:50 | 000,000,797 | ---- | M] ()
 Adobe Reader 9.lnk -> C:\Users\Public\Desktop\Adobe Reader 9.lnk -> [2011/12/31 18:24:52 | 000,002,014 | ---- | M] ()
 Malwarebytes Anti-Malware.lnk -> C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk -> [2011/12/27 23:59:52 | 000,001,109 | ---- | M] ()
 FNTCACHE.DAT -> C:\Windows\SysNative\FNTCACHE.DAT -> [2011/12/23 03:20:52 | 000,415,544 | ---- | M] ()
 MRT.INI -> C:\Windows\SysNative\MRT.INI -> [2011/12/23 03:03:31 | 000,000,118 | ---- | M] ()
 Resmon.ResmonCfg -> C:\Users\Wood\AppData\Local\Resmon.ResmonCfg -> [2011/12/23 01:07:53 | 000,007,608 | ---- | M] ()
 
[Files - No Company Name]
 MBR.zip -> C:\Users\Wood\Desktop\MBR.zip -> [2012/01/07 19:59:35 | 000,000,560 | ---- | C] ()
 MBR.dat -> C:\Users\Wood\Desktop\MBR.dat -> [2012/01/07 19:58:39 | 000,000,512 | ---- | C] ()
 aswMBR_Error_message.jpg -> C:\Users\Wood\Desktop\aswMBR_Error_message.jpg -> [2012/01/07 19:55:31 | 000,116,768 | ---- | C] ()
 launch.ica.kssj2dd.partial -> C:\Users\Wood\Desktop\launch.ica.kssj2dd.partial -> [2012/01/07 10:30:00 | 000,001,683 | ---- | C] ()
 services -> C:\Windows\SysNative\drivers\etc\services -> [2012/01/06 11:15:19 | 000,017,463 | ---- | C] ()
 lmhosts.sam -> C:\Windows\SysNative\drivers\etc\lmhosts.sam -> [2012/01/06 11:15:19 | 000,003,683 | ---- | C] ()
 protocol -> C:\Windows\SysNative\drivers\etc\protocol -> [2012/01/06 11:15:19 | 000,001,358 | ---- | C] ()
 networks -> C:\Windows\SysNative\drivers\etc\networks -> [2012/01/06 11:15:19 | 000,000,407 | ---- | C] ()
 hosts -> C:\Windows\SysNative\drivers\etc\hosts -> [2012/01/06 11:15:19 | 000,000,027 | ---- | C] ()
 cryptsvc.reg -> C:\cryptsvc.reg -> [2012/01/04 00:25:19 | 000,003,924 | ---- | C] ()
 DiskMgmt.jpg -> C:\Users\Wood\Desktop\DiskMgmt.jpg -> [2012/01/02 17:03:29 | 000,181,342 | ---- | C] ()
 PEV.exe -> C:\Windows\PEV.exe -> [2012/01/02 02:31:23 | 000,256,000 | ---- | C] ()
 MBR.exe -> C:\Windows\MBR.exe -> [2012/01/02 02:31:23 | 000,208,896 | ---- | C] ()
 sed.exe -> C:\Windows\sed.exe -> [2012/01/02 02:31:23 | 000,098,816 | ---- | C] ()
 grep.exe -> C:\Windows\grep.exe -> [2012/01/02 02:31:23 | 000,080,412 | ---- | C] ()
 zip.exe -> C:\Windows\zip.exe -> [2012/01/02 02:31:23 | 000,068,096 | ---- | C] ()
 Malwarebytes Anti-Malware.lnk -> C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk -> [2011/12/27 23:59:52 | 000,001,109 | ---- | C] ()
 MRT.INI -> C:\Windows\SysNative\MRT.INI -> [2011/12/23 03:03:31 | 000,000,118 | ---- | C] ()
 nvStreaming.exe -> C:\Windows\SysWow64\nvStreaming.exe -> [2011/08/03 02:31:54 | 000,311,912 | ---- | C] ()
 _MSRSTRT.EXE -> C:\Windows\_MSRSTRT.EXE -> [2010/12/20 16:24:54 | 000,002,560 | ---- | C] ()
 {789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini -> C:\Windows\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini -> [2010/10/01 07:53:30 | 000,000,268 | ---- | C] ()
 PerfStringBackup.INI -> C:\Windows\SysWow64\PerfStringBackup.INI -> [2010/10/01 00:14:37 | 001,553,332 | ---- | C] ()
 Resmon.ResmonCfg -> C:\Users\Wood\AppData\Local\Resmon.ResmonCfg -> [2010/09/30 21:36:29 | 000,007,608 | ---- | C] ()
 AsIO.dll -> C:\Windows\SysWow64\AsIO.dll -> [2010/09/30 09:39:16 | 000,024,576 | R--- | C] ()
 AsIO.sys -> C:\Windows\SysWow64\drivers\AsIO.sys -> [2010/09/30 09:39:16 | 000,013,440 | R--- | C] ()
 AsInsHelp64.sys -> C:\Windows\SysWow64\drivers\AsInsHelp64.sys -> [2010/09/30 09:39:13 | 000,011,832 | ---- | C] ()
 AsInsHelp32.sys -> C:\Windows\SysWow64\drivers\AsInsHelp32.sys -> [2010/09/30 09:39:13 | 000,010,216 | ---- | C] ()
 Language_trs.ini -> C:\Windows\Language_trs.ini -> [2010/09/30 09:33:09 | 000,001,769 | ---- | C] ()
 Ascd_tmp.ini -> C:\Windows\Ascd_tmp.ini -> [2010/09/30 09:33:02 | 000,028,523 | ---- | C] ()
 WinMsgBalloonClient.exe -> C:\Windows\SysWow64\WinMsgBalloonClient.exe -> [2009/11/05 19:26:00 | 000,139,264 | ---- | C] ()
 WinMsgBalloonServer.exe -> C:\Windows\SysWow64\WinMsgBalloonServer.exe -> [2009/11/05 19:26:00 | 000,122,880 | ---- | C] ()
 bootstat.dat -> C:\Windows\bootstat.dat -> [2009/07/13 23:38:36 | 000,067,584 | --S- | C] ()
 NOISE.DAT -> C:\Windows\SysWow64\NOISE.DAT -> [2009/07/13 20:35:51 | 000,000,741 | ---- | C] ()
 dssec.dat -> C:\Windows\SysWow64\dssec.dat -> [2009/07/13 20:34:42 | 000,215,943 | ---- | C] ()
 mib.bin -> C:\Windows\mib.bin -> [2009/07/13 18:10:29 | 000,043,131 | ---- | C] ()
 BWContextHandler.dll -> C:\Windows\SysWow64\BWContextHandler.dll -> [2009/07/13 17:42:10 | 000,064,000 | ---- | C] ()
 msjetoledb40.dll -> C:\Windows\SysWow64\msjetoledb40.dll -> [2009/07/13 15:03:59 | 000,364,544 | ---- | C] ()
 mlang.dat -> C:\Windows\SysWow64\mlang.dat -> [2009/06/10 15:26:10 | 000,673,088 | ---- | C] ()
 ASUSHWIO.SYS -> C:\Windows\SysWow64\drivers\ASUSHWIO.SYS -> [2009/04/02 06:30:14 | 000,010,296 | ---- | C] ()
 
[Alternate Data Streams]
@Alternate Data Stream - 538 bytes -> C:\Users\Wood\Desktop\launch.ica.kssj2dd.partial:icasource
< End of report >
[/code]