i am using vista home premium. task manager is greyed and not accessible and disabled by administrator error message is showing if i try to use it from windows . regedit- disabled by administrator error( even though i am the administrator). gpedit is not available for home premium.
system became very very slow . and i am not using any virus ( being afraid of making the system even slower).
please help me to get back the task manager.
i am posting the otl log file below.
OTL logfile created on: 02-06-2013 17:47:13 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\phani\Documents\Downloads\Programs
Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.16512)
Locale: 00004009 | Country: India | Language: ENN | Date Format: dd-MM-yyyy
3.00 Gb Total Physical Memory | 1.04 Gb Available Physical Memory | 34.70% Memory free
6.19 Gb Paging File | 3.90 Gb Available in Paging File | 63.05% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 287.53 Gb Total Space | 152.78 Gb Free Space | 53.13% Space Free | Partition Type: NTFS
Drive D: | 10.56 Gb Total Space | 1.63 Gb Free Space | 15.41% Space Free | Partition Type: NTFS
Drive F: | 931.48 Gb Total Space | 97.32 Gb Free Space | 10.45% Space Free | Partition Type: NTFS
Computer Name: PHANI-PC | User Name: phani | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013-06-02 17:46:32 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\phani\Documents\Downloads\Programs\OTL.exe
PRC - [2013-06-02 14:06:48 | 000,011,776 | ---- | M] () -- C:\Users\phani\AppData\Local\Temp\winbpde.exe
PRC - [2013-05-23 11:14:09 | 000,825,808 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2010-05-26 18:33:07 | 003,298,736 | ---- | M] (Tonec Inc.) -- C:\Program Files\Internet download manager\IDMan.exe
PRC - [2010-05-25 18:58:58 | 000,337,328 | ---- | M] (Tonec Inc.) -- C:\Program Files\Internet download manager\IEMonitor.exe
PRC - [2009-10-03 04:07:50 | 000,349,544 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Reader 9.0\Reader\AcroRd32.exe
PRC - [2009-02-20 09:46:52 | 000,030,312 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
PRC - [2008-06-12 22:17:01 | 000,042,168 | ---- | M] (Antony Lewis) -- C:\Program Files\WordWeb\wweb32.exe
PRC - [2007-12-16 20:34:43 | 001,006,264 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2007-09-20 23:42:02 | 000,741,376 | ---- | M] (DigitalPersona, Inc.) -- C:\Program Files\DigitalPersona\Bin\DpAgent.exe
PRC - [2007-09-20 23:32:58 | 000,299,008 | ---- | M] (DigitalPersona, Inc.) -- C:\Program Files\DigitalPersona\Bin\DpHostW.exe
PRC - [2007-09-06 01:39:54 | 001,694,248 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
PRC - [2007-09-06 01:39:54 | 000,727,592 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2007-07-12 17:30:36 | 000,202,128 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
PRC - [2006-11-02 15:15:07 | 002,923,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
========== Modules (No Company Name) ==========
MOD - [2013-06-02 14:06:48 | 000,011,776 | ---- | M] () -- C:\Users\phani\AppData\Local\Temp\winbpde.exe
MOD - [2013-05-23 11:14:07 | 000,393,168 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\27.0.1453.94\ppgooglenaclpluginchrome.dll
MOD - [2013-05-23 11:14:06 | 013,136,336 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\27.0.1453.94\PepperFlash\pepflashplayer.dll
MOD - [2013-05-23 11:13:59 | 004,051,408 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\27.0.1453.94\pdf.dll
MOD - [2013-05-23 11:13:06 | 000,599,504 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\27.0.1453.94\libglesv2.dll
MOD - [2013-05-23 11:13:05 | 000,124,368 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\27.0.1453.94\libegl.dll
MOD - [2013-05-23 11:13:03 | 001,597,392 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\27.0.1453.94\ffmpegsumo.dll
MOD - [2009-08-16 17:06:02 | 000,141,312 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2009-02-27 12:52:56 | 000,258,048 | ---- | M] () -- C:\Program Files\Adobe\Reader 9.0\Reader\sqlite.dll
MOD - [2008-10-05 20:53:58 | 000,022,736 | ---- | M] () -- C:\Program Files\WordWeb\WUCNT.dll
MOD - [2007-10-01 08:04:52 | 000,345,384 | ---- | M] () -- C:\Program Files\HP\QuickPlay\Kernel\TV\CLTinyDB.dll
MOD - [2007-10-01 08:04:42 | 000,255,384 | ---- | M] () -- C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapEngine.dll
MOD - [2007-10-01 08:04:42 | 000,120,208 | ---- | M] () -- C:\Program Files\HP\QuickPlay\Kernel\TV\CLSchMgr.dll
MOD - [2007-10-01 08:04:42 | 000,038,184 | ---- | M] () -- C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvcps.dll
MOD - [2007-10-01 08:03:32 | 000,066,856 | ---- | M] () -- C:\Program Files\HP\QuickPlay\Kernel\common\MCEMediaStatus.dll
MOD - [2007-09-06 01:33:06 | 000,126,976 | ---- | M] () -- C:\Program Files\WIDCOMM\Bluetooth Software\BTKeyInd.dll
MOD - [2007-09-06 01:22:04 | 000,389,120 | ---- | M] () -- C:\WINDOWS\System32\btwhidcs.dll
MOD - [2007-08-14 15:43:46 | 006,365,184 | ---- | M] () -- C:\Program Files\Common Files\LightScribe\QtGui4.dll
MOD - [2007-07-12 13:55:52 | 000,131,072 | ---- | M] () -- C:\Program Files\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll
MOD - [2007-07-12 13:55:28 | 001,581,056 | ---- | M] () -- C:\Program Files\Common Files\LightScribe\QtCore4.dll
========== Services (SafeList) ==========
SRV - [2013-04-19 15:14:16 | 000,161,384 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2010-05-19 12:42:36 | 000,724,480 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009-09-19 15:12:21 | 000,509,320 | ---- | M] () [Auto | Stopped] -- C:\Program Files\1221189441\phani1221189441L.exe -- (.1221189441)
SRV - [2009-02-20 09:46:52 | 000,030,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc)
SRV - [2007-12-16 20:34:43 | 000,265,912 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007-09-20 23:32:58 | 000,299,008 | ---- | M] (DigitalPersona, Inc.) [Auto | Running] -- C:\Program Files\DigitalPersona\Bin\DpHostW.exe -- (DpHost)
SRV - [2007-03-05 23:00:06 | 000,180,224 | ---- | M] (Hewlett-Packard Development Company, L.P.) [On_Demand | Stopped] -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe -- (Com4Qlb)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\SymIM.sys -- (SymIMMP)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [File_System | Auto | Stopped] -- C:\Windows\system32\WinVDEdrv6.sys -- (NEWDRIVER)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (a5v804pr)
DRV - [2010-05-19 12:32:20 | 000,717,296 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sptd.sys -- (sptd)
DRV - [2010-05-19 12:25:14 | 000,180,224 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\System32\WinVd32.sys -- (WinVd32)
DRV - [2010-05-19 12:25:13 | 000,010,752 | ---- | M] () [File_System | Auto | Running] -- C:\Windows\System32\WinFLdrv.sys -- (WinFLdrv)
DRV - [2009-10-03 06:02:06 | 009,905,096 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2008-05-16 11:33:14 | 000,115,752 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\s0016unic.sys -- (s0016unic)
DRV - [2008-05-16 11:33:14 | 000,025,512 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\s0016nd5.sys -- (s0016nd5)
DRV - [2008-05-16 11:33:14 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\s0016mdfl.sys -- (s0016mdfl)
DRV - [2008-05-16 11:33:12 | 000,120,744 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\s0016mdm.sys -- (s0016mdm)
DRV - [2008-05-16 11:33:12 | 000,114,216 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\s0016mgmt.sys -- (s0016mgmt)
DRV - [2008-05-16 11:33:12 | 000,110,632 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\s0016obex.sys -- (s0016obex)
DRV - [2008-05-16 11:33:12 | 000,089,256 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\s0016bus.sys -- (s0016bus)
DRV - [2008-05-06 16:06:00 | 000,011,520 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\wdcsam.sys -- (WDC_SAM)
DRV - [2008-03-04 02:32:00 | 000,188,416 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\CHDRT32.sys -- (CnxtHdAudService)
DRV - [2007-10-01 21:05:52 | 000,183,352 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\CHDART.sys -- (HdAudAddService)
DRV - [2007-08-29 04:17:36 | 000,146,560 | ---- | M] (AuthenTec, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\atswpdrv.sys -- (ATSWPDRV)
DRV - [2007-08-09 09:12:08 | 000,045,568 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2007-07-31 00:24:02 | 000,038,400 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2007-07-30 23:12:58 | 000,043,008 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2007-07-11 23:00:22 | 000,007,168 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\HpqRemHid.sys -- (HpqRemHid)
DRV - [2007-07-10 19:57:56 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2007-06-28 20:39:56 | 002,222,080 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\NETw4v32.sys -- (NETw4v32)
DRV - [2007-06-19 05:42:04 | 000,016,768 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV - [2007-04-18 17:33:26 | 000,141,312 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\Apfiltr.sys -- (ApfiltrService)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...ilion&pf=laptop
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...ilion&pf=laptop
IE - HKLM\..\SearchScopes,DefaultScope = {DC363577-0417-4B93-8127-3491AF6CE6B7}
IE - HKLM\..\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0}: "URL" = http://search.mywebs...r={searchTerms}
IE - HKLM\..\SearchScopes\{DC363577-0417-4B93-8127-3491AF6CE6B7}: "URL" = http://slirsredirect...hpcnnbie7-en-in
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.mywebsea...ptb=&n=77cf47b2
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\SearchScopes,DefaultScope = {56256A51-B582-467e-B8D4-7786EDA79AE0}
IE - HKCU\..\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0}: "URL" = http://search.mywebs...r={searchTerms}
IE - HKCU\..\SearchScopes\{DC363577-0417-4B93-8127-3491AF6CE6B7}: "URL" = http://slirsredirect...hpcnnbie7-en-in
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "http://www.universit...versities.html"
FF - prefs.js..extensions.enabledItems: [email protected]:6.9.8
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.2
FF - prefs.js..extensions.enabledItems: {ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}:1.3
FF - prefs.js..extensions.enabledItems: {20cc25e2-48c9-45e1-9a1f-1ccc1882b81b}:1.7
FF - prefs.js..extensions.enabledItems: [email protected]:1.2.1
FF - prefs.js..extensions.enabledItems: {aff87fa2-a58e-4edd-b852-0a20203c1e17}:0.8
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: [email protected]:3.9
FF - prefs.js..network.proxy.ftp: "localhost"
FF - prefs.js..network.proxy.ftp_port: 8080
FF - prefs.js..network.proxy.gopher: "localhost"
FF - prefs.js..network.proxy.gopher_port: 8080
FF - prefs.js..network.proxy.http: "localhost"
FF - prefs.js..network.proxy.http_port: 8080
FF - prefs.js..network.proxy.socks: "localhost"
FF - prefs.js..network.proxy.socks_port: 1080
FF - prefs.js..network.proxy.ssl: "localhost"
FF - prefs.js..network.proxy.ssl_port: 8080
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Users\phani\AppData\Roaming\Mozilla\Firefox\Profiles\8wfaj5ay.default\extensions\[email protected] [2013-05-30 15:41:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Users\phani\AppData\Roaming\Mozilla\Firefox\Profiles\8wfaj5ay.default\extensions\[email protected] [2013-05-30 17:30:55 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-10-29 22:24:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-10-29 22:24:18 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Users\phani\AppData\Roaming\IDM\idmmzcc3 [2010-07-24 11:42:52 | 000,000,000 | ---D | M]
[2010-07-21 09:04:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\phani\AppData\Roaming\Mozilla\Extensions
[2013-06-02 13:03:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\phani\AppData\Roaming\Mozilla\Firefox\Profiles\8wfaj5ay.default\extensions
[2010-09-15 15:24:37 | 000,000,000 | ---D | M] ("Facebook PhotoZoom") -- C:\Users\phani\AppData\Roaming\Mozilla\Firefox\Profiles\8wfaj5ay.default\extensions\{20cc25e2-48c9-45e1-9a1f-1ccc1882b81b}
[2010-10-23 15:19:40 | 000,000,000 | ---D | M] (gTranslate) -- C:\Users\phani\AppData\Roaming\Mozilla\Firefox\Profiles\8wfaj5ay.default\extensions\{aff87fa2-a58e-4edd-b852-0a20203c1e17}
[2010-09-15 15:24:38 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\phani\AppData\Roaming\Mozilla\Firefox\Profiles\8wfaj5ay.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010-09-27 12:18:57 | 000,000,000 | ---D | M] (FoxTab) -- C:\Users\phani\AppData\Roaming\Mozilla\Firefox\Profiles\8wfaj5ay.default\extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}
[2013-05-30 17:30:55 | 000,000,000 | ---D | M] (SearchNewTab) -- C:\Users\phani\AppData\Roaming\Mozilla\Firefox\Profiles\8wfaj5ay.default\extensions\[email protected]
[2010-09-15 15:24:37 | 000,000,000 | ---D | M] () -- C:\Users\phani\AppData\Roaming\Mozilla\Firefox\Profiles\8wfaj5ay.default\extensions\[email protected]
[2013-05-30 15:41:06 | 000,000,000 | ---D | M] (continuetoosave) -- C:\Users\phani\AppData\Roaming\Mozilla\Firefox\Profiles\8wfaj5ay.default\extensions\[email protected]
[2010-09-14 17:30:08 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010-07-24 11:42:52 | 000,000,000 | ---D | M] (IDM CC) -- C:\USERS\PHANI\APPDATA\ROAMING\IDM\IDMMZCC3
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.espncrici...-world-cup-2011
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\27.0.1453.94\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\27.0.1453.94\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\27.0.1453.94\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: RealPlayer G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll
CHR - plugin: MetaStream 3 Plugin (Enabled) = C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - Extension: Angry Birds = C:\Users\phani\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_0\
CHR - Extension: Google Docs = C:\Users\phani\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\phani\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: Web2PDFConverter = C:\Users\phani\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkanhckocooacphbnclgcndnpfpoppdk\2.4.4_0\
CHR - Extension: TinEye Reverse Image Search (old version) = C:\Users\phani\AppData\Local\Google\Chrome\User Data\Default\Extensions\blkehhkdbdbaggkkapkcaoanffomhgjl\1.1_0\
CHR - Extension: YouTube = C:\Users\phani\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Search = C:\Users\phani\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Lookup Companion for Wikipedia = C:\Users\phani\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhgpkiiipkgmckicafkhcihkcldbdeej\1.9.0_0\
CHR - Extension: Photo Zoom for Facebook = C:\Users\phani\AppData\Local\Google\Chrome\User Data\Default\Extensions\elioihkkcdgakfbahdoddophfngopipi\1.1208.30.1_0\
CHR - Extension: PanicButton = C:\Users\phani\AppData\Local\Google\Chrome\User Data\Default\Extensions\faminaibgiklngmfpfbhmokfmnglamcm\0.14.2.2_0\
CHR - Extension: AdBlock = C:\Users\phani\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.63_0\
CHR - Extension: TinEye Reverse Image Search = C:\Users\phani\AppData\Local\Google\Chrome\User Data\Default\Extensions\haebnnbpedcbhciplfhjjkbafijpncjl\1.1.2_0\
CHR - Extension: Incredible StartPage - Productive Start Page for Chrome! = C:\Users\phani\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncdfeghkpohnalmpblddmnppfooljekh\1.6.2_0\
CHR - Extension: Youtube Video Downloader = C:\Users\phani\AppData\Local\Google\Chrome\User Data\Default\Extensions\obmbipnhbnpicpechoajlkjfdiopnoki\1.3_0\
CHR - Extension: Gmail = C:\Users\phani\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2010-07-23 15:17:26 | 000,000,851 | R--- | M]) - C:\WINDOWS\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (IDMIEHlprObj Class) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet download manager\IDMIECC.dll (Tonec Inc.)
O2 - BHO: (SearchNewTab) - {4DAFB6E0-04FC-4EF3-B591-325682FD921A} - C:\ProgramData\SearchNewTab\51a720ed142b6.dll ()
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (continuetoosave) - {9F24ECA8-FDD8-587C-52E5-A232A1FD732A} - C:\ProgramData\continuetoosave\51a720de501e2.dll ()
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [DpAgent] C:\Program Files\DigitalPersona\Bin\DpAgent.exe (DigitalPersona, Inc.)
O4 - HKLM..\Run: [HP Health Check Scheduler] [ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe File not found
O4 - HKLM..\Run: [hpqSRMon] File not found
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - Startup: C:\Users\phani\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\WordWeb.lnk = C:\Program Files\WordWeb\wweb32.exe (Antony Lewis)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 1
O8 - Extra context menu item: Download all links with IDM - C:\Program Files\Internet download manager\IEGetAll.htm ()
O8 - Extra context menu item: Download FLV video content with IDM - C:\Program Files\Internet download manager\IEGetVL.htm ()
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet download manager\IEExt.htm ()
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll (Sun Microsystems, Inc.)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\idmmbc.dll (Tonec Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\idmmbc.dll (Tonec Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\idmmbc.dll (Tonec Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\idmmbc.dll (Tonec Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\idmmbc.dll (Tonec Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\idmmbc.dll (Tonec Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\idmmbc.dll (Tonec Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\idmmbc.dll (Tonec Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\System32\idmmbc.dll (Tonec Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\System32\idmmbc.dll (Tonec Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\Windows\System32\idmmbc.dll (Tonec Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_02)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_02)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_02)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 123.176.37.38 123.176.37.36
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{90287A92-9985-48E9-8DB8-44C361BA6F23}: DhcpNameServer = 100.1.200.106 202.56.230.5
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B85124C2-846A-4FCA-B933-15D9ADF7B92E}: DhcpNameServer = 123.176.37.38 123.176.37.36
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\WINDOWS\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\phani\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\phani\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007-12-16 21:44:26 | 000,000,074 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2013-06-02 14:04:14 | 000,000,272 | RHS- | M] () - C:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2005-09-11 20:48:54 | 000,000,340 | -HS- | M] () - D:\AUTOMODE -- [ NTFS ]
O32 - AutoRun File - [2013-06-02 14:04:14 | 000,000,256 | RHS- | M] () - D:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2010-12-06 12:19:53 | 000,000,241 | ---- | M] () - F:\autorun.inf -- [ NTFS ]
O33 - MountPoints2\{254dc5da-636b-11df-9e3c-001d72702d3d}\Shell\aUTopLay\comMaNd - "" = H:\saere.pif
O33 - MountPoints2\{254dc5da-636b-11df-9e3c-001d72702d3d}\Shell\AutoRun\command - "" = H:\saere.pif
O33 - MountPoints2\{254dc5da-636b-11df-9e3c-001d72702d3d}\Shell\exPloRe\comMand - "" = H:\saere.pif
O33 - MountPoints2\{254dc5da-636b-11df-9e3c-001d72702d3d}\Shell\Open\comManD - "" = H:\saere.pif
O33 - MountPoints2\{2afbe20f-98af-11df-8ff2-00218691e671}\Shell\AutoRun\command - "" = H:\cache\tmp983.exe
O33 - MountPoints2\{2afbe20f-98af-11df-8ff2-00218691e671}\Shell\oPEN\coMmaNd - "" = H:\cache\tmp983.exe
O33 - MountPoints2\{36befee0-e4cf-11df-82f6-00218691e671}\Shell\AuTOplAY\CommAND - "" = F:\muxal.exe
O33 - MountPoints2\{36befee0-e4cf-11df-82f6-00218691e671}\Shell\AutoRun\command - "" = F:\muxal.exe
O33 - MountPoints2\{36befee0-e4cf-11df-82f6-00218691e671}\Shell\EXPloRe\cOMmAnd - "" = F:\muxal.exe
O33 - MountPoints2\{36befee0-e4cf-11df-82f6-00218691e671}\Shell\OPEn\coMmand - "" = F:\muxal.exe
O33 - MountPoints2\{6a8d14e7-c6d3-11e2-b5d3-001d72702d3d}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\USB\Data\SecureDrive.exe
O33 - MountPoints2\{6a8d14e7-c6d3-11e2-b5d3-001d72702d3d}\Shell\explore\command - "" = F:\USB\Data\SecureDrive.exe /e
O33 - MountPoints2\{6a8d14e7-c6d3-11e2-b5d3-001d72702d3d}\Shell\open\command - "" = F:\USB\Data\SecureDrive.exe
O33 - MountPoints2\{7c0fd826-036e-11e0-aad9-806e6f6e6963}\Shell\AUtoPLay\coMmanD - "" = F:\yuxkpl.exe
O33 - MountPoints2\{7c0fd826-036e-11e0-aad9-806e6f6e6963}\Shell\AutoRun\command - "" = F:\yuxkpl.exe
O33 - MountPoints2\{7c0fd826-036e-11e0-aad9-806e6f6e6963}\Shell\eXpLore\cOmmanD - "" = F:\yuxkpl.exe
O33 - MountPoints2\{7c0fd826-036e-11e0-aad9-806e6f6e6963}\Shell\open\cOmmANd - "" = F:\yuxkpl.exe
O33 - MountPoints2\{a7f1c5a7-926c-11e0-9386-00218691e671}\Shell - "" = Autorun
O33 - MountPoints2\{a7f1c5a7-926c-11e0-9386-00218691e671}\Shell\AutoRun\command - "" = F:\Install_Nokia_Ovi_Suite.exe
O33 - MountPoints2\{a8ff8073-c000-11df-832e-00218691e671}\Shell\autOPlAy\comMAND - "" = F:\inus.exe
O33 - MountPoints2\{a8ff8073-c000-11df-832e-00218691e671}\Shell\AutoRun\command - "" = F:\inus.exe
O33 - MountPoints2\{a8ff8073-c000-11df-832e-00218691e671}\Shell\expLore\ComMand - "" = F:\inus.exe
O33 - MountPoints2\{a8ff8073-c000-11df-832e-00218691e671}\Shell\open\commAnD - "" = F:\inus.exe
O33 - MountPoints2\{ac42209c-9bbd-11e0-bce1-00215c7cf6f1}\Shell - "" = AutoRun
O33 - MountPoints2\{ac42209c-9bbd-11e0-bce1-00215c7cf6f1}\Shell\AutoRun\command - "" = "F:\WD SmartWare.exe" autoplay=true
O33 - MountPoints2\{ac42209e-9bbd-11e0-bce1-00215c7cf6f1}\Shell\AUtOplay\commAnd - "" = H:\lqaqd.exe
O33 - MountPoints2\{ac42209e-9bbd-11e0-bce1-00215c7cf6f1}\Shell\AutoRun\command - "" = H:\lqaqd.exe
O33 - MountPoints2\{ac42209e-9bbd-11e0-bce1-00215c7cf6f1}\Shell\exploRE\CoMManD - "" = H:\lqaqd.exe
O33 - MountPoints2\{ac42209e-9bbd-11e0-bce1-00215c7cf6f1}\Shell\open\coMmanD - "" = H:\lqaqd.exe
O33 - MountPoints2\{ac773447-1e16-11e0-b789-00218691e671}\Shell - "" = Autorun
O33 - MountPoints2\{ac773447-1e16-11e0-b789-00218691e671}\Shell\AutoRun\command - "" = F:\Install_Nokia_Ovi_Suite.exe
O33 - MountPoints2\{c902fc45-c2a3-11e2-9a19-00215c7cf6f1}\Shell\AUTOplAY\commANd - "" = F:\rnjxri.exe
O33 - MountPoints2\{c902fc45-c2a3-11e2-9a19-00215c7cf6f1}\Shell\AutoRun\command - "" = F:\rnjxri.exe
O33 - MountPoints2\{c902fc45-c2a3-11e2-9a19-00215c7cf6f1}\Shell\eXploRe\Command - "" = F:\rnjxri.exe
O33 - MountPoints2\{c902fc45-c2a3-11e2-9a19-00215c7cf6f1}\Shell\open\Command - "" = F:\rnjxri.exe
O33 - MountPoints2\{e31ad2d9-0352-11e0-a296-00215c7cf6f1}\Shell\AutoplaY\cOmmaNd - "" = F:\gmnm.exe
O33 - MountPoints2\{e31ad2d9-0352-11e0-a296-00215c7cf6f1}\Shell\AutoRun\command - "" = F:\gmnm.exe
O33 - MountPoints2\{e31ad2d9-0352-11e0-a296-00215c7cf6f1}\Shell\explorE\CommAND - "" = F:\gmnm.exe
O33 - MountPoints2\{e31ad2d9-0352-11e0-a296-00215c7cf6f1}\Shell\OPEN\comMAND - "" = F:\gmnm.exe
O33 - MountPoints2\H\Shell\AUtOplay\commAnd - "" = H:\lqaqd.exe
O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\lqaqd.exe
O33 - MountPoints2\H\Shell\exploRE\CoMManD - "" = H:\lqaqd.exe
O33 - MountPoints2\H\Shell\open\coMmanD - "" = H:\lqaqd.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2013-06-02 13:00:28 | 000,000,000 | ---D | C] -- C:\Windows\SQL9_KB970892_ENU
[2013-06-02 12:57:39 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2013-05-31 13:23:18 | 000,000,000 | R--D | C] -- C:\Users\phani\Desktop\Dropbox
[2013-05-31 13:21:32 | 000,000,000 | ---D | C] -- C:\Program Files\Dropbox
[2013-05-31 13:21:10 | 000,000,000 | ---D | C] -- C:\Users\phani\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
[2013-05-31 13:20:04 | 000,000,000 | ---D | C] -- C:\Users\phani\AppData\Roaming\Dropbox
[2013-05-31 10:18:22 | 000,000,000 | ---D | C] -- C:\Users\phani\Documents\SCRIVINER
[2013-05-31 10:10:25 | 000,000,000 | ---D | C] -- C:\Users\phani\AppData\Local\Scrivener
[2013-05-31 10:10:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Scrivener
[2013-05-31 10:09:43 | 000,000,000 | ---D | C] -- C:\Program Files\Scrivener
[2013-05-30 17:30:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SearchNewTab
[2013-05-30 17:30:55 | 000,000,000 | ---D | C] -- C:\ProgramData\SearchNewTab
[2013-05-30 15:41:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\continuetoosave
[2013-05-30 15:41:06 | 000,000,000 | ---D | C] -- C:\ProgramData\continuetoosave
[2013-05-30 15:19:20 | 000,000,000 | ---D | C] -- C:\ProgramData\StarApp
[2013-05-30 15:18:24 | 000,000,000 | ---D | C] -- C:\ProgramData\InstallMate
[2013-05-25 22:41:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2013-05-25 22:31:49 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2013-05-25 22:09:01 | 000,000,000 | ---D | C] -- C:\Users\phani\AppData\Local\4kdownload.com
[2013-05-25 21:17:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\4K Download
[2013-05-25 21:16:57 | 000,000,000 | ---D | C] -- C:\Program Files\4KDownload
[2013-05-25 18:58:28 | 000,000,000 | ---D | C] -- C:\Users\phani\workspace
[2013-05-25 18:21:59 | 000,000,000 | ---D | C] -- C:\Users\phani\Documents\Youcam
[2013-05-25 18:06:50 | 000,000,000 | ---D | C] -- C:\Users\phani\AppData\Roaming\Skype
[2013-05-25 18:06:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2013-05-25 18:06:19 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2013-05-25 18:06:17 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2013-05-25 18:06:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2013-05-24 11:28:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Western Digital
[2013-05-24 11:21:54 | 000,000,000 | ---D | C] -- C:\Users\phani\Documents\cpp
[2013-05-24 11:17:10 | 000,000,000 | ---D | C] -- C:\Users\phani\AppData\Roaming\Dev-Cpp
[2013-05-24 11:17:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bloodshed Dev-C++
[2013-05-24 11:16:56 | 000,000,000 | ---D | C] -- C:\Dev-Cpp
[2013-05-22 16:12:56 | 000,000,000 | ---D | C] -- C:\Users\phani\Documents\Square Enix
[2013-05-22 15:51:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Batman Arkham Asylum GOTY
[2013-05-22 09:42:55 | 000,000,000 | ---D | C] -- C:\Users\phani\AppData\Roaming\HP
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2055-09-19 11:59:11 | 000,002,012 | ---- | M] () -- C:\Windows\System32\NAV_75_cltDynam.dat
[2013-06-02 18:02:01 | 000,003,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013-06-02 18:02:01 | 000,003,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013-06-02 17:36:28 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013-06-02 14:51:01 | 000,670,050 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013-06-02 14:51:01 | 000,126,048 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013-06-02 14:30:30 | 000,072,567 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2013-06-02 14:30:30 | 000,072,567 | ---- | M] () -- C:\ProgramData\nvModes.001
[2013-06-02 14:30:09 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013-06-02 14:04:29 | 000,000,163 | ---- | M] () -- C:\Users\Public\Documents\hpqp.ini
[2013-06-02 14:04:14 | 000,103,140 | RHS- | M] () -- C:\bymyvu.pif
[2013-06-02 14:04:14 | 000,000,272 | RHS- | M] () -- C:\autorun.inf
[2013-06-02 14:03:28 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013-06-02 14:01:34 | 3219,513,344 | -HS- | M] () -- C:\hiberfil.sys
[2013-06-02 13:26:18 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2013-06-02 12:54:12 | 000,039,291 | ---- | M] () -- C:\Windows\System32\MRT.INI
[2013-06-01 15:19:24 | 000,104,448 | ---- | M] () -- C:\Users\phani\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013-05-31 08:59:30 | 000,000,374 | ---- | M] () -- C:\Users\phani\Desktop\CS 007 - Shortcut.lnk
[2013-05-29 09:36:07 | 000,168,704 | ---- | M] () -- C:\Users\phani\Desktop\ebill 29th may.pdf
[2013-05-27 19:13:49 | 348,285,627 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2013-05-26 10:33:12 | 000,001,165 | ---- | M] () -- C:\Users\phani\Desktop\eclipse.exe - Shortcut.lnk
[2013-05-26 09:40:47 | 000,001,995 | ---- | M] () -- C:\Users\phani\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013-05-25 18:18:46 | 000,000,000 | ---- | M] () -- C:\Cookies
[2013-05-24 19:21:56 | 000,000,700 | -HS- | M] () -- C:\Users\phani\AppData\Local\systemFL7.$dk
[2013-05-24 19:09:51 | 035,651,584 | ---- | M] () -- C:\Users\phani\personal.flk
[2013-05-24 11:17:05 | 000,000,561 | ---- | M] () -- C:\Users\phani\Application Data\Microsoft\Internet Explorer\Quick Launch\Dev-C++.lnk
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013-06-02 14:04:15 | 000,000,272 | RHS- | C] () -- C:\autorun.inf
[2013-06-02 14:04:14 | 000,103,140 | RHS- | C] () -- C:\bymyvu.pif
[2013-06-02 12:54:11 | 000,039,291 | ---- | C] () -- C:\Windows\System32\MRT.INI
[2013-05-31 08:59:30 | 000,000,374 | ---- | C] () -- C:\Users\phani\Desktop\CS 007 - Shortcut.lnk
[2013-05-29 09:36:06 | 000,168,704 | ---- | C] () -- C:\Users\phani\Desktop\ebill 29th may.pdf
[2013-05-26 10:33:12 | 000,001,165 | ---- | C] () -- C:\Users\phani\Desktop\eclipse.exe - Shortcut.lnk
[2013-05-25 22:31:55 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013-05-25 22:31:52 | 000,000,880 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013-05-25 18:18:46 | 000,000,000 | ---- | C] () -- C:\Cookies
[2013-05-24 19:01:33 | 000,000,700 | -HS- | C] () -- C:\Users\phani\AppData\Local\systemFL7.$dk
[2013-05-24 11:17:05 | 000,000,561 | ---- | C] () -- C:\Users\phani\Application Data\Microsoft\Internet Explorer\Quick Launch\Dev-C++.lnk
[2010-09-07 17:26:05 | 035,651,584 | ---- | C] () -- C:\Users\phani\personal.flk
[2010-07-24 15:01:54 | 000,001,356 | ---- | C] () -- C:\Users\phani\AppData\Local\d3d9caps.dat
[2010-07-22 18:26:28 | 000,072,567 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2010-07-22 18:26:28 | 000,072,567 | ---- | C] () -- C:\ProgramData\nvModes.001
[2010-07-21 11:35:56 | 000,050,784 | ---- | C] () -- C:\Users\phani\.ems.cfg
[2010-05-19 14:18:02 | 000,048,271 | ---- | C] () -- C:\Users\phani\AppData\Roaming\nvModes.001
[2010-05-19 14:15:54 | 000,048,271 | ---- | C] () -- C:\Users\phani\AppData\Roaming\nvModes.dat
[2010-05-19 14:06:25 | 000,104,448 | ---- | C] () -- C:\Users\phani\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
========== ZeroAccess Check ==========
[2006-11-02 18:24:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2007-12-16 20:57:30 | 011,315,200 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2006-11-02 15:16:04 | 000,614,400 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2006-11-02 15:16:13 | 000,348,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== Alternate Data Streams ==========
@Alternate Data Stream - 110 bytes -> C:\ProgramData\TEMP:2FD2AC7E
< End of report >