OTL logfile created on: 16/05/2013 11:00:05 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Dell\Desktop
64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
 
1.93 Gb Total Physical Memory | 0.87 Gb Available Physical Memory | 45.29% Memory free
3.86 Gb Paging File | 2.59 Gb Available in Paging File | 67.07% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 121.97 Gb Total Space | 86.97 Gb Free Space | 71.30% Space Free | Partition Type: NTFS
Drive D: | 176.02 Gb Total Space | 175.29 Gb Free Space | 99.59% Space Free | Partition Type: NTFS
 
Computer Name: DELL-PC | User Name: Dell | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2013/05/16 10:59:29 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Dell\Desktop\OTL.exe
PRC - [2013/04/27 04:09:42 | 000,423,144 | ---- | M] (BillP Studios) -- C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exe
PRC - [2012/03/08 04:25:34 | 000,913,144 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
PRC - [2010/05/08 17:33:36 | 000,229,376 | ---- | M] () -- C:\ProgramData\DatacardService\DCService.exe
PRC - [2010/05/08 17:33:26 | 000,241,664 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\ProgramData\DatacardService\DCSHelper.exe
PRC - [2009/07/02 08:00:06 | 000,623,984 | ---- | M] (Dell) -- C:\Program Files (x86)\Battery Meter\BTMeter.exe
PRC - [2009/06/11 03:08:09 | 000,066,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
PRC - [2009/05/28 04:09:54 | 000,247,080 | ---- | M] (Dell) -- C:\Program Files (x86)\WSED\WSED.exe
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2012/12/10 07:31:38 | 000,600,868 | ---- | M] () -- C:\Program Files (x86)\BillP Studios\WinPatrol\sqlite3.dll
MOD - [2009/06/27 04:28:42 | 000,577,536 | ---- | M] () -- C:\Windows\SysWOW64\EMSC.DLL
 
 
[color=#E56717]========== Services (SafeList) ==========[/color]
 
SRV:[b]64bit:[/b] - [2012/03/08 04:25:34 | 000,913,144 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe -- (ekrn)
SRV:[b]64bit:[/b] - [2009/07/14 07:26:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:[b]64bit:[/b] - [2009/04/01 02:46:34 | 000,092,160 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe -- (AERTFilters)
SRV - [2013/04/10 12:43:17 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2010/05/08 17:33:36 | 000,229,376 | ---- | M] () [Auto | Running] -- C:\ProgramData\DatacardService\DCService.exe -- (DCService.exe)
SRV - [2009/06/11 03:08:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV:[b]64bit:[/b] - [2012/03/14 21:25:04 | 000,137,144 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfwwfpr.sys -- (epfwwfpr)
DRV:[b]64bit:[/b] - [2012/03/14 21:25:02 | 000,209,768 | ---- | M] (ESET) [File_System | System | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm)
DRV:[b]64bit:[/b] - [2012/03/14 21:25:02 | 000,148,528 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
DRV:[b]64bit:[/b] - [2012/03/01 12:39:38 | 000,022,896 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2010/05/23 03:34:30 | 000,083,456 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ew_jubusenum.sys -- (huawei_enumerator)
DRV:[b]64bit:[/b] - [2010/05/01 05:38:10 | 000,252,928 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbnet.sys -- (ewusbnet)
DRV:[b]64bit:[/b] - [2010/03/25 22:53:46 | 000,120,704 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbmdm.sys -- (hwdatacard)
DRV:[b]64bit:[/b] - [2010/03/21 00:41:56 | 000,114,560 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_hwusbdev.sys -- (ew_hwusbdev)
DRV:[b]64bit:[/b] - [2009/07/14 07:37:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2009/07/14 07:37:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2009/07/14 07:37:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2009/07/14 07:33:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2009/07/14 07:32:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2009/07/14 07:30:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2009/07/14 02:09:56 | 000,138,752 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcHdmi.sys -- (IntcHdmiAddService)
DRV:[b]64bit:[/b] - [2009/07/14 02:09:38 | 007,342,432 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:[b]64bit:[/b] - [2009/07/05 03:16:52 | 000,136,192 | ---- | M] (ELAN Microelectronic Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:[b]64bit:[/b] - [2009/06/30 00:38:44 | 000,058,368 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:[b]64bit:[/b] - [2009/06/27 04:28:42 | 000,016,752 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\EMSC.sys -- (EMSC)
DRV:[b]64bit:[/b] - [2009/06/11 02:19:38 | 001,311,232 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:[b]64bit:[/b] - [2009/06/11 02:19:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2009/06/11 02:19:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2009/06/11 02:19:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:[/b] - [2009/06/11 02:16:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:[b]64bit:[/b] - [2009/06/05 05:31:50 | 000,216,064 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV - [2009/07/14 07:04:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2009/06/27 04:28:42 | 000,013,680 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | Boot | Running] -- C:\Windows\SysWOW64\drivers\EMSC.sys -- (EMSC)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bbc.co.uk/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 7D E8 CC 2D 64 3F CE 01  [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {9297E642-4B79-4B79-996D-5105C1B7FCC4}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{9297E642-4B79-4B79-996D-5105C1B7FCC4}: "URL" = http://www.google.com/search?q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:20.0.1
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.21.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/04/23 13:09:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2013/04/22 19:51:55 | 000,000,000 | ---D | M]
 
[2013/04/23 13:09:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dell\AppData\Roaming\mozilla\Extensions
[2013/04/23 13:09:19 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013/04/10 12:43:33 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2013/04/10 12:42:54 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2013/04/10 12:42:54 | 000,002,086 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml
 
O1 HOSTS File: ([2009/06/11 02:45:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4:[b]64bit:[/b] - HKLM..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronic Corp.)
O4:[b]64bit:[/b] - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [BTMeter] C:\Program Files (x86)\Battery Meter\BTMeter.exe (Dell)
O4 - HKLM..\Run: [WSED] C:\Program Files (x86)\WSED\WSED.exe (Dell)
O4 - HKCU..\Run: [WinPatrol] C:\Program Files (x86)\BillP Studios\WinPatrol\winpatrol.exe (BillP Studios)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7FD022DC-CDEA-42B0-8A26-496985B6ADEA}: DhcpNameServer = 192.168.11.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{82778767-6D2C-47DC-A8EB-729637003D54}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CBE72A17-37E8-4FB9-9EB2-238C43437433}: NameServer = 116.68.209.16 116.68.212.10
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D4832534-0ED8-4CF8-9C05-50CA71931DDA}: NameServer = 116.68.209.16 116.68.212.10
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E91E4D66-07FD-475E-B9C8-B840C563114C}: NameServer = 116.68.209.16 116.68.212.10
O18:[b]64bit:[/b] - Protocol\Handler\ms-help - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{7d6f1017-b54d-11e2-b5c5-0ceee6d18349}\Shell - "" = AutoRun
O33 - MountPoints2\{7d6f1017-b54d-11e2-b5c5-0ceee6d18349}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{c7373ca6-acaf-11e2-b858-0ceee6d18349}\Shell - "" = AutoRun
O33 - MountPoints2\{c7373ca6-acaf-11e2-b858-0ceee6d18349}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{e5aec16d-abbd-11e2-b092-0ceee6d18349}\Shell - "" = AutoRun
O33 - MountPoints2\{e5aec16d-abbd-11e2-b092-0ceee6d18349}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{e5aec17a-abbd-11e2-b092-0ceee6d18349}\Shell - "" = AutoRun
O33 - MountPoints2\{e5aec17a-abbd-11e2-b092-0ceee6d18349}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2013/05/16 10:59:15 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Dell\Desktop\OTL.exe
[2013/05/02 06:24:59 | 000,000,000 | ---D | C] -- C:\Users\Dell\AppData\Roaming\Adobe
[2013/05/02 06:24:59 | 000,000,000 | ---D | C] -- C:\Users\Dell\AppData\Local\Adobe
[2013/04/30 13:31:59 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2013/04/30 13:18:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2013/04/30 13:18:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2013/04/30 13:17:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2013/04/30 12:53:02 | 000,000,000 | ---D | C] -- C:\Users\Dell\Documents\Downloads
[2013/04/30 12:37:20 | 000,000,000 | ---D | C] -- C:\Users\Dell\AppData\Roaming\WinPatrol
[2013/04/30 12:37:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPatrol
[2013/04/30 12:37:07 | 000,000,000 | ---D | C] -- C:\ProgramData\InstallMate
[2013/04/30 12:37:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BillP Studios
[2013/04/25 13:12:49 | 000,000,000 | ---D | C] -- C:\Users\Dell\Documents\AUDIO
[2013/04/24 14:37:57 | 000,000,000 | ---D | C] -- C:\Users\Dell\Documents\VAJRAYANA
[2013/04/24 14:37:13 | 000,000,000 | ---D | C] -- C:\Users\Dell\Documents\TEXT
[2013/04/24 13:53:02 | 000,000,000 | ---D | C] -- C:\Users\Dell\Documents\KEN HOLMES
[2013/04/24 13:43:00 | 000,000,000 | ---D | C] -- C:\Users\Dell\Documents\PHOTOS
[2013/04/24 13:21:14 | 000,000,000 | ---D | C] -- C:\Users\Dell\Documents\DHARMASUN
[2013/04/24 13:18:09 | 000,000,000 | ---D | C] -- C:\Users\Dell\Documents\SUTRAS
[2013/04/24 13:18:08 | 000,000,000 | ---D | C] -- C:\Users\Dell\Documents\SADHANA
[2013/04/24 13:18:06 | 000,000,000 | ---D | C] -- C:\Users\Dell\Documents\Prayers & Praises
[2013/04/24 13:18:02 | 000,000,000 | ---D | C] -- C:\Users\Dell\Documents\Health
[2013/04/24 13:17:59 | 000,000,000 | ---D | C] -- C:\Users\Dell\Documents\General Dharma
[2013/04/24 13:17:59 | 000,000,000 | ---D | C] -- C:\Users\Dell\Documents\CREATION STAGE TEACHINGS
[2013/04/24 13:17:55 | 000,000,000 | ---D | C] -- C:\Users\Dell\Documents\VAJRAYOGINI
[2013/04/24 13:17:53 | 000,000,000 | ---D | C] -- C:\Users\Dell\Documents\TEACHINGS
[2013/04/23 13:18:56 | 000,000,000 | ---D | C] -- C:\Users\Dell\AppData\Roaming\vlc
[2013/04/23 13:09:38 | 000,000,000 | ---D | C] -- C:\Users\Dell\AppData\Roaming\Mozilla
[2013/04/23 13:09:38 | 000,000,000 | ---D | C] -- C:\Users\Dell\AppData\Local\Mozilla
[2013/04/23 13:09:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2013/04/23 13:09:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2013/04/23 13:09:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013/04/23 12:52:04 | 000,000,000 | ---D | C] -- C:\Users\Dell\AppData\Local\Diagnostics
[2013/04/23 08:46:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ncell Connect
[2013/04/23 08:45:50 | 000,195,584 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ew_juwwanecm.sys
[2013/04/23 08:45:50 | 000,083,456 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ew_jubusenum.sys
[2013/04/23 08:45:50 | 000,078,848 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ew_jucdcacm.sys
[2013/04/23 08:45:50 | 000,054,784 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ew_jucdcecm.sys
[2013/04/23 08:45:50 | 000,029,696 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ew_juextctrl.sys
[2013/04/23 08:45:42 | 000,252,928 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ewusbnet.sys
[2013/04/23 08:45:42 | 000,120,704 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ewusbmdm.sys
[2013/04/23 08:45:42 | 000,032,768 | ---- | C] (Huawei Tech. Co., Ltd.) -- C:\Windows\SysNative\drivers\ewdcsc.sys
[2013/04/23 08:45:42 | 000,013,952 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ew_usbenumfilter.sys
[2013/04/23 08:45:34 | 000,114,560 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ew_hwusbdev.sys
[2013/04/23 08:45:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ncell Connect
[2013/04/23 08:44:32 | 000,000,000 | ---D | C] -- C:\ProgramData\DatacardService
[2013/04/22 20:06:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2013/04/22 20:04:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Works
[2013/04/22 20:04:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio
[2013/04/22 20:04:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2013/04/22 20:03:42 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2013/04/22 20:03:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2013/04/22 20:01:34 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2013/04/22 20:00:40 | 000,000,000 | ---D | C] -- C:\Users\Dell\AppData\Local\Microsoft Help
[2013/04/22 20:00:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office
[2013/04/22 20:00:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2013/04/22 19:59:58 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2013/04/22 19:58:58 | 000,000,000 | ---D | C] -- C:\Users\Dell\AppData\Roaming\Skype
[2013/04/22 19:58:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2013/04/22 19:58:44 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2013/04/22 19:58:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2013/04/22 19:57:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2013/04/22 19:57:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2013/04/22 19:56:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2013/04/22 19:56:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2013/04/22 19:55:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN
[2013/04/22 19:51:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
[2013/04/22 19:51:49 | 000,000,000 | ---D | C] -- C:\ProgramData\ESET
[2013/04/22 19:51:49 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2013/04/22 19:50:07 | 000,000,000 | ---D | C] -- C:\Users\Dell\AppData\Local\Apps
[2013/04/22 19:49:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Battery Meter
[2013/04/22 19:48:45 | 000,000,000 | ---D | C] -- C:\Windows\Downloaded Installations
[2013/04/22 19:46:51 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\x64
[2013/04/22 19:46:51 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Lang
[2013/04/22 19:46:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WSED
[2013/04/22 19:45:28 | 000,000,000 | ---D | C] -- C:\Users\Dell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Function Keys
[2013/04/22 19:45:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Function Keys
[2013/04/22 19:45:19 | 000,000,000 | ---D | C] -- C:\ProgramData\XP32
[2013/04/22 19:45:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Win764
[2013/04/22 19:45:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Win732
[2013/04/22 19:45:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Vista64
[2013/04/22 19:45:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Vista32
[2013/04/22 19:45:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Function Keys
[2013/04/22 19:43:27 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Atheros_L1e
[2013/04/22 19:42:59 | 000,058,368 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\SysNative\drivers\L1C62x64.sys
[2013/04/22 19:42:34 | 000,000,000 | ---D | C] -- C:\Program Files\Elantech
[2013/04/22 19:42:19 | 000,136,192 | ---- | C] (ELAN Microelectronic Corp.) -- C:\Windows\SysNative\drivers\ETD.sys
[2013/04/22 19:42:18 | 004,638,720 | ---- | C] (ELAN Microelectronics Corp.) -- C:\Windows\SysNative\ETDUI.cpl
[2013/04/22 19:40:57 | 000,053,248 | ---- | C] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\SysWow64\CSVer.dll
[2013/04/22 19:40:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel
[2013/04/22 19:40:47 | 000,000,000 | ---D | C] -- C:\Intel
[2013/04/22 19:20:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM
[2013/04/22 19:20:41 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2013/04/22 19:20:40 | 000,513,536 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll
[2013/04/22 19:20:40 | 000,150,528 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll
[2013/04/22 19:20:39 | 000,304,640 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll
[2013/04/22 19:20:39 | 000,304,640 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll
[2013/04/22 19:20:39 | 000,176,640 | ---- | C] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll
[2013/04/22 19:20:39 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2013/04/22 19:20:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek
[2013/04/22 19:20:35 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Temp
[2013/04/22 19:20:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2013/04/22 19:20:12 | 000,000,000 | ---D | C] -- C:\dell
[2013/04/22 19:19:32 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\vmm32
[2013/04/22 19:19:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Dell
[2013/04/22 19:18:25 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2013/04/22 19:18:12 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2013/04/22 12:26:36 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2013/04/22 12:26:09 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\oem
[2013/04/22 11:45:42 | 000,000,000 | R--D | C] -- C:\Users\Dell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2013/04/22 11:45:42 | 000,000,000 | R--D | C] -- C:\Users\Dell\Searches
[2013/04/22 11:45:42 | 000,000,000 | R--D | C] -- C:\Users\Dell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2013/04/22 11:45:42 | 000,000,000 | -H-D | C] -- C:\Users\Dell\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2013/04/22 11:45:32 | 000,000,000 | ---D | C] -- C:\Users\Dell\AppData\Roaming\Identities
[2013/04/22 11:45:23 | 000,000,000 | R--D | C] -- C:\Users\Dell\Contacts
[2013/04/22 11:45:20 | 000,000,000 | ---D | C] -- C:\Users\Dell\AppData\Local\VirtualStore
[2013/04/22 11:45:06 | 000,000,000 | -HSD | C] -- C:\Users\Dell\AppData\Local\Temporary Internet Files
[2013/04/22 11:45:06 | 000,000,000 | -HSD | C] -- C:\Users\Dell\Templates
[2013/04/22 11:45:06 | 000,000,000 | -HSD | C] -- C:\Users\Dell\Start Menu
[2013/04/22 11:45:06 | 000,000,000 | -HSD | C] -- C:\Users\Dell\SendTo
[2013/04/22 11:45:06 | 000,000,000 | -HSD | C] -- C:\Users\Dell\Recent
[2013/04/22 11:45:06 | 000,000,000 | -HSD | C] -- C:\Users\Dell\PrintHood
[2013/04/22 11:45:06 | 000,000,000 | -HSD | C] -- C:\Users\Dell\NetHood
[2013/04/22 11:45:06 | 000,000,000 | -HSD | C] -- C:\Users\Dell\Documents\My Videos
[2013/04/22 11:45:06 | 000,000,000 | -HSD | C] -- C:\Users\Dell\Documents\My Pictures
[2013/04/22 11:45:06 | 000,000,000 | -HSD | C] -- C:\Users\Dell\Documents\My Music
[2013/04/22 11:45:06 | 000,000,000 | -HSD | C] -- C:\Users\Dell\My Documents
[2013/04/22 11:45:06 | 000,000,000 | -HSD | C] -- C:\Users\Dell\Local Settings
[2013/04/22 11:45:06 | 000,000,000 | -HSD | C] -- C:\Users\Dell\AppData\Local\History
[2013/04/22 11:45:06 | 000,000,000 | -HSD | C] -- C:\Users\Dell\Cookies
[2013/04/22 11:45:06 | 000,000,000 | -HSD | C] -- C:\Users\Dell\Application Data
[2013/04/22 11:45:06 | 000,000,000 | -HSD | C] -- C:\Users\Dell\AppData\Local\Application Data
[2013/04/22 11:45:05 | 000,000,000 | --SD | C] -- C:\Users\Dell\AppData\Roaming\Microsoft
[2013/04/22 11:45:05 | 000,000,000 | R--D | C] -- C:\Users\Dell\Videos
[2013/04/22 11:45:05 | 000,000,000 | R--D | C] -- C:\Users\Dell\Saved Games
[2013/04/22 11:45:05 | 000,000,000 | R--D | C] -- C:\Users\Dell\Pictures
[2013/04/22 11:45:05 | 000,000,000 | R--D | C] -- C:\Users\Dell\Music
[2013/04/22 11:45:05 | 000,000,000 | R--D | C] -- C:\Users\Dell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2013/04/22 11:45:05 | 000,000,000 | R--D | C] -- C:\Users\Dell\Links
[2013/04/22 11:45:05 | 000,000,000 | R--D | C] -- C:\Users\Dell\Favorites
[2013/04/22 11:45:05 | 000,000,000 | R--D | C] -- C:\Users\Dell\Downloads
[2013/04/22 11:45:05 | 000,000,000 | R--D | C] -- C:\Users\Dell\Documents
[2013/04/22 11:45:05 | 000,000,000 | R--D | C] -- C:\Users\Dell\Desktop
[2013/04/22 11:45:05 | 000,000,000 | R--D | C] -- C:\Users\Dell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2013/04/22 11:45:05 | 000,000,000 | -H-D | C] -- C:\Users\Dell\AppData
[2013/04/22 11:45:05 | 000,000,000 | ---D | C] -- C:\Users\Dell\AppData\Local\Temp
[2013/04/22 11:45:05 | 000,000,000 | ---D | C] -- C:\Users\Dell\AppData\Local\Microsoft
[2013/04/22 11:45:05 | 000,000,000 | ---D | C] -- C:\Users\Dell\AppData\Roaming\Media Center Programs
[2013/04/22 11:44:57 | 000,000,000 | -HSD | C] -- C:\Recovery
[2013/04/22 11:27:29 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2013/04/22 11:27:11 | 000,000,000 | -HSD | C] -- C:\System Volume Information
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2013/05/16 10:59:29 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Dell\Desktop\OTL.exe
[2013/05/16 10:49:06 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/05/16 10:49:06 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/05/16 10:46:01 | 000,713,888 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/05/16 10:46:01 | 000,619,642 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/05/16 10:46:01 | 000,107,792 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/05/16 10:41:37 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/05/16 10:41:27 | 1554,690,048 | -HS- | M] () -- C:\hiberfil.sys
[2013/05/15 05:42:17 | 000,346,024 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/05/12 13:33:27 | 000,000,517 | ---- | M] () -- C:\Users\Dell\Desktop\Network and Sharing Center - Shortcut.lnk
[2013/05/12 11:03:27 | 000,289,455 | ---- | M] () -- C:\Users\Dell\Documents\Dzogchen retreat 2013_EN.pdf
[2013/05/03 02:53:04 | 000,179,165 | ---- | M] () -- C:\Users\Dell\Documents\VISION May 2013.pdf
[2013/05/01 20:41:06 | 000,002,807 | ---- | M] () -- C:\Users\Dell\Desktop\Suffering - Shortcut.lnk
[2013/04/23 08:47:49 | 000,001,441 | ---- | M] () -- C:\Users\Dell\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2013/04/23 08:46:09 | 000,001,071 | ---- | M] () -- C:\Users\Public\Desktop\Ncell Connect.lnk
[2013/04/23 08:45:55 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ew_jubusenum_01009.Wdf
[2013/04/23 07:49:42 | 000,002,693 | ---- | M] () -- C:\Users\Dell\Desktop\Microsoft Office Word 2007.lnk
[2013/04/22 20:22:14 | 000,013,856 | ---- | M] () -- C:\Windows\SysNative\results.xml
[2013/04/22 19:21:00 | 000,000,159 | RH-- | M] () -- C:\Windows\ctfile.rfc
[2013/04/22 11:30:38 | 000,039,252 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2013/04/22 11:30:38 | 000,039,252 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2013/04/22 11:28:58 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2013/05/15 00:32:37 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2013/05/14 23:59:21 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2013/05/12 13:33:27 | 000,000,517 | ---- | C] () -- C:\Users\Dell\Desktop\Network and Sharing Center - Shortcut.lnk
[2013/05/12 11:03:23 | 000,289,455 | ---- | C] () -- C:\Users\Dell\Documents\Dzogchen retreat 2013_EN.pdf
[2013/05/03 02:52:52 | 000,179,165 | ---- | C] () -- C:\Users\Dell\Documents\VISION May 2013.pdf
[2013/05/01 20:41:06 | 000,002,807 | ---- | C] () -- C:\Users\Dell\Desktop\Suffering - Shortcut.lnk
[2013/04/24 13:17:57 | 000,254,544 | ---- | C] () -- C:\Users\Dell\Documents\creation stage.wps
[2013/04/24 13:17:57 | 000,083,456 | ---- | C] () -- C:\Users\Dell\Documents\Dependent Arising Commentary.wps
[2013/04/23 13:09:22 | 000,001,163 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2013/04/23 08:47:49 | 000,001,441 | ---- | C] () -- C:\Users\Dell\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2013/04/23 08:46:09 | 000,001,071 | ---- | C] () -- C:\Users\Public\Desktop\Ncell Connect.lnk
[2013/04/23 08:45:55 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ew_jubusenum_01009.Wdf
[2013/04/23 07:49:42 | 000,002,693 | ---- | C] () -- C:\Users\Dell\Desktop\Microsoft Office Word 2007.lnk
[2013/04/22 20:22:14 | 000,013,856 | ---- | C] () -- C:\Windows\SysNative\results.xml
[2013/04/22 19:57:59 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2013/04/22 19:46:43 | 000,005,120 | ---- | C] () -- C:\Windows\SysNative\HdmiCoin.dll
[2013/04/22 19:46:42 | 002,805,511 | ---- | C] () -- C:\Windows\SysNative\iglhxa64.cpa
[2013/04/22 19:46:42 | 000,982,220 | ---- | C] () -- C:\Windows\SysWow64\igkrng500.bin
[2013/04/22 19:46:42 | 000,982,220 | ---- | C] () -- C:\Windows\SysNative\igkrng500.bin
[2013/04/22 19:46:42 | 000,059,442 | ---- | C] () -- C:\Windows\SysNative\iglhxg64.vp
[2013/04/22 19:46:42 | 000,059,330 | ---- | C] () -- C:\Windows\SysNative\iglhxc64.vp
[2013/04/22 19:46:42 | 000,058,839 | ---- | C] () -- C:\Windows\SysNative\iglhxo64.vp
[2013/04/22 19:46:42 | 000,004,480 | ---- | C] () -- C:\Windows\SysNative\iglhxs64.vp
[2013/04/22 19:46:42 | 000,001,073 | ---- | C] () -- C:\Windows\SysNative\iglhxa64.vp
[2013/04/22 19:46:41 | 000,134,592 | ---- | C] () -- C:\Windows\SysWow64\igfcg500.bin
[2013/04/22 19:46:41 | 000,134,592 | ---- | C] () -- C:\Windows\SysNative\igfcg500.bin
[2013/04/22 19:46:41 | 000,092,216 | ---- | C] () -- C:\Windows\SysWow64\igfcg500m.bin
[2013/04/22 19:46:41 | 000,092,216 | ---- | C] () -- C:\Windows\SysNative\igfcg500m.bin
[2013/04/22 19:46:40 | 000,439,300 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng500.bin
[2013/04/22 19:46:40 | 000,439,300 | ---- | C] () -- C:\Windows\SysNative\igcompkrng500.bin
[2013/04/22 19:21:00 | 000,188,416 | ---- | C] () -- C:\Windows\SysNative\APOMgr64.DLL
[2013/04/22 19:21:00 | 000,146,432 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL
[2013/04/22 19:21:00 | 000,088,064 | ---- | C] () -- C:\Windows\SysNative\CmdRtr64.DLL
[2013/04/22 19:21:00 | 000,072,704 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL
[2013/04/22 19:21:00 | 000,000,159 | RH-- | C] () -- C:\Windows\ctfile.rfc
[2013/04/22 19:20:41 | 000,000,176 | ---- | C] () -- C:\Windows\SysNative\drivers\RTHDAEQ0.dat
[2013/04/22 12:26:09 | 000,000,024 | RH-- | C] () -- C:\Windows\DELL_version
[2013/04/22 11:45:52 | 000,001,413 | ---- | C] () -- C:\Users\Dell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2013/04/22 11:45:44 | 000,001,447 | ---- | C] () -- C:\Users\Dell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2013/04/22 11:45:06 | 000,000,290 | ---- | C] () -- C:\Users\Dell\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2013/04/22 11:45:06 | 000,000,272 | ---- | C] () -- C:\Users\Dell\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2013/04/22 11:30:29 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2013/04/22 11:30:26 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2013/04/22 11:28:58 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2013/04/22 11:27:11 | 1554,690,048 | -HS- | C] () -- C:\hiberfil.sys
 
[color=#E56717]========== ZeroAccess Check ==========[/color]
 
[2009/07/14 10:40:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 11:15:56 | 014,165,504 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 10:31:56 | 012,868,608 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 07:25:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/07/14 07:00:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 07:26:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
[color=#E56717]========== LOP Check ==========[/color]
 
 
[color=#E56717]========== Purity Check ==========[/color]
 
 

< End of report >