Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Restrictions on my PC

Started by Parth115 , Aug 05 2013 09:25 AM

  • Please log in to reply

#1
Parth115
Posted 05 August 2013 - 09:25 AM

Parth115

    New Member

  • Member
  • Pip
  • 3 posts
Restrictions on my PC unable to open Task Manager , Run , Registry Editor ,Windows Security Center WINDOWS 8

I am unable to open task manager as in all ways on windows 8
1. I pressed Ctrl+Alt+Delete so there was no option of task manager
2. I right clicked taskbar and selected task manager it was faded and unable to open Image : http://tinypic.com/r/243gj1x/5
3. I tried to open run by Win + R or Right click in left down corner but it showed a warning message Image: http://tinypic.com/r/1zg55ck/5
4.Command prompt was opening fine but from it also i was unable to open anything mentioned above even in admin mode
5. Task manager did not open from control panel even
6.windows security center service even showed a error Image: http://tinypic.com/r/2eat21j/5 and clicking it
http://tinypic.com/r/2q83tdt/5
7. unable to open regedit from command prompt admin
8.No virus detected by Windows Defender

OTL.txt in quick scan

OTL logfile created on: 8/5/2013 8:38:30 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = D:\Downloads Chrome
Professional (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16635)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.99 Gb Total Physical Memory | 0.91 Gb Available Physical Memory | 45.74% Memory free
2.43 Gb Paging File | 1.14 Gb Available in Paging File | 46.83% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 39.06 Gb Total Space | 4.54 Gb Free Space | 11.61% Space Free | Partition Type: NTFS
Drive D: | 97.66 Gb Total Space | 61.69 Gb Free Space | 63.17% Space Free | Partition Type: NTFS
Drive E: | 96.16 Gb Total Space | 35.21 Gb Free Space | 36.62% Space Free | Partition Type: NTFS

Computer Name: PARTH | User Name: Parth | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/08/05 20:37:44 | 000,602,112 | ---- | M] (OldTimer Tools) -- D:\Downloads Chrome\OTL.exe
PRC - [2013/08/05 20:29:41 | 002,701,304 | ---- | M] (Microsoft Corporation) -- D:\Downloads Chrome\vbsetup.exe
PRC - [2013/08/04 17:45:40 | 003,624,528 | ---- | M] (Tonec Inc.) -- C:\Program Files\Internet Download Manager\IDMan.exe
PRC - [2013/07/30 16:39:05 | 000,681,984 | ---- | M] (rackeys) -- D:\BroadbandUsageMeter.EXE
PRC - [2013/07/25 06:19:49 | 000,846,288 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2013/07/13 11:08:45 | 000,217,992 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\1.3.21.153\GoogleCrashHandler.exe
PRC - [2013/06/01 15:54:46 | 002,106,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2013/05/31 18:46:28 | 000,138,672 | ---- | M] (Microsoft Corporation) -- C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x86__8wekyb3d8bbwe\LiveComm.exe
PRC - [2013/03/02 13:54:03 | 000,053,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhostex.exe
PRC - [2013/01/29 05:32:40 | 000,013,344 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MsMpEng.exe
PRC - [2012/12/12 19:14:48 | 000,268,248 | ---- | M] (Tonec Inc.) -- C:\Program Files\Internet Download Manager\IEMonitor.exe
PRC - [2012/07/26 09:00:19 | 000,029,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RuntimeBroker.exe
PRC - [2012/07/26 08:50:44 | 000,045,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dasHost.exe
PRC - [2007/11/07 16:26:34 | 000,269,304 | ---- | M] (Microsoft Corporation) -- d:\359d5c14a27b2551c236a1ea7112\setup.exe
PRC - [2007/11/07 16:26:34 | 000,269,304 | ---- | M] (Microsoft Corporation) -- C:\Users\Parth\AppData\Local\Temp\SIT22939.tmp\setup.exe


========== Modules (No Company Name) ==========

MOD - [2013/07/25 06:19:46 | 000,396,240 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\28.0.1500.95\ppgooglenaclpluginchrome.dll
MOD - [2013/07/25 06:19:45 | 013,599,184 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\28.0.1500.95\PepperFlash\pepflashplayer.dll
MOD - [2013/07/25 06:19:44 | 004,052,944 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\28.0.1500.95\pdf.dll
MOD - [2013/07/25 06:18:54 | 000,601,552 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\28.0.1500.95\libglesv2.dll
MOD - [2013/07/25 06:18:53 | 000,123,344 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\28.0.1500.95\libegl.dll
MOD - [2013/07/25 06:18:51 | 001,597,392 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\28.0.1500.95\ffmpegsumo.dll
MOD - [2013/06/03 07:22:44 | 008,865,448 | ---- | M] () -- C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
MOD - [2013/05/31 18:58:26 | 000,140,208 | ---- | M] () -- C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x86__8wekyb3d8bbwe\ModernShared\ErrorReporting\ErrorReporting.dll


========== Services (SafeList) ==========

SRV - [2013/06/28 15:34:00 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2013/06/01 14:53:42 | 000,161,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\DeviceSetupManager.dll -- (DsmSvc)
SRV - [2013/05/04 10:27:04 | 000,371,200 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\netprofmsvc.dll -- (netprofm)
SRV - [2013/05/04 10:26:05 | 000,143,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\bisrv.dll -- (BrokerInfrastructure)
SRV - [2013/04/18 11:06:42 | 000,737,616 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2013/04/09 03:21:05 | 000,136,704 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV - [2013/03/02 13:53:17 | 000,114,176 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\TimeBrokerServer.dll -- (TimeBroker)
SRV - [2013/03/02 13:53:15 | 000,117,760 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV - [2013/01/29 05:32:40 | 000,013,344 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV - [2013/01/10 04:56:37 | 001,532,928 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wlidsvc.dll -- (wlidsvc)
SRV - [2013/01/10 04:56:01 | 000,349,696 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\lsm.dll -- (LSM)
SRV - [2012/09/20 12:02:32 | 002,151,128 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\WSService.dll -- (WSService)
SRV - [2012/09/20 11:23:51 | 000,095,232 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\fhsvc.dll -- (fhsvc)
SRV - [2012/09/05 21:26:44 | 000,234,776 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\3.0.285\McCHSvc.exe -- (McComponentHostService)
SRV - [2012/07/26 09:33:42 | 002,205,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\spool\drivers\w32x86\3\PrintConfig.dll -- (PrintNotify)
SRV - [2012/07/26 08:50:19 | 000,051,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wiarpc.dll -- (WiaRpc)
SRV - [2012/07/26 08:50:13 | 000,226,304 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wcmsvc.dll -- (Wcmsvc)
SRV - [2012/07/26 08:50:11 | 000,192,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\vaultsvc.dll -- (VaultSvc)
SRV - [2012/07/26 08:50:04 | 000,018,432 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)
SRV - [2012/07/26 08:50:04 | 000,010,752 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\svsvc.dll -- (svsvc)
SRV - [2012/07/26 08:49:54 | 000,132,608 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2012/07/26 08:49:40 | 002,028,032 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2012/07/26 08:49:21 | 000,138,752 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\NcaSvc.dll -- (NcaSvc)
SRV - [2012/07/26 08:49:21 | 000,062,976 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV - [2012/07/26 08:48:47 | 000,043,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\keyiso.dll -- (KeyIso)
SRV - [2012/07/26 08:48:24 | 000,027,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\efssvc.dll -- (EFS)
SRV - [2012/07/26 08:48:13 | 000,261,632 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\das.dll -- (DeviceAssociationService)
SRV - [2012/07/26 08:47:58 | 000,109,568 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\AUInstallAgent.dll -- (AllUserInstallAgent)
SRV - [2012/07/26 05:57:36 | 000,276,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\icsvc.dll -- (vmicvss)
SRV - [2012/07/26 05:57:36 | 000,276,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\icsvc.dll -- (vmictimesync)
SRV - [2012/07/26 05:57:36 | 000,276,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\icsvc.dll -- (vmicshutdown)
SRV - [2012/07/26 05:57:36 | 000,276,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\icsvc.dll -- (vmicrdv)
SRV - [2012/07/26 05:57:36 | 000,276,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\icsvc.dll -- (vmickvpexchange)
SRV - [2012/07/26 05:57:36 | 000,276,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\icsvc.dll -- (vmicheartbeat)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Unknown] -- -- (an7yqq5o)
DRV - [2013/07/14 14:12:58 | 000,466,008 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2013/06/27 15:27:42 | 000,104,928 | ---- | M] (Tonec Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\Drivers\idmwfp.sys -- (IDMWFP)
DRV - [2013/06/01 15:12:14 | 000,268,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\USBXHCI.SYS -- (USBXHCI)
DRV - [2013/06/01 15:12:11 | 000,180,480 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\UCX01000.SYS -- (UCX01000)
DRV - [2013/06/01 07:59:09 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV - [2013/05/04 10:50:57 | 000,362,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\USBHUB3.SYS -- (USBHUB3)
DRV - [2013/05/04 10:50:54 | 000,238,336 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\spaceport.sys -- (spaceport)
DRV - [2013/03/02 15:24:25 | 000,121,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\tpm.sys -- (TPM)
DRV - [2013/03/02 14:36:16 | 000,057,576 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\pdc.sys -- (pdc)
DRV - [2013/03/02 14:22:47 | 000,066,280 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\storahci.sys -- (storahci)
DRV - [2013/01/29 05:32:46 | 000,029,088 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\WdBoot.sys -- (WdBoot)
DRV - [2013/01/29 04:37:34 | 000,193,936 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\System32\Drivers\WdFilter.sys -- (WdFilter)
DRV - [2013/01/23 10:31:50 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2013/01/23 10:31:50 | 000,018,560 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\ccdcmb.sys -- (nmwcd)
DRV - [2013/01/23 10:31:50 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2013/01/23 10:31:50 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2013/01/10 06:37:00 | 000,024,808 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\msgpiowin32.sys -- (msgpiowin32)
DRV - [2012/11/27 09:23:14 | 000,022,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BthhfHid.sys -- (bthhfhid)
DRV - [2012/11/20 10:26:58 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\hidi2c.sys -- (hidi2c)
DRV - [2012/11/06 09:22:56 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\fxppm.sys -- (FxPPM)
DRV - [2012/10/17 14:53:46 | 000,019,072 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2012/10/12 12:42:33 | 000,023,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2012/10/11 11:15:31 | 000,050,920 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\System32\Drivers\dam.sys -- (dam)
DRV - [2012/10/11 10:58:23 | 000,046,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\sdstor.sys -- (sdstor)
DRV - [2012/09/20 12:39:32 | 000,031,464 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\Drivers\cnghwassist.sys -- (cnghwassist)
DRV - [2012/09/20 12:04:07 | 000,097,000 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\msgpioclx.sys -- (GPIOClx0101)
DRV - [2012/07/26 09:47:18 | 000,025,600 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\condrv.sys -- (condrv)
DRV - [2012/07/26 09:18:44 | 000,058,608 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\acpiex.sys -- (acpiex)
DRV - [2012/07/26 09:12:33 | 000,068,848 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\lsi_sss.sys -- (LSI_SSS)
DRV - [2012/07/26 09:12:32 | 000,099,056 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV - [2012/07/26 09:12:32 | 000,070,384 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\EhStorClass.sys -- (EhStorClass)
DRV - [2012/07/26 09:12:31 | 000,085,232 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\3ware.sys -- (3ware)
DRV - [2012/07/26 09:12:19 | 000,285,424 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV - [2012/07/26 09:12:19 | 000,080,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\VerifierExt.sys -- (VerifierExt)
DRV - [2012/07/26 09:12:18 | 000,076,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\uaspstor.sys -- (UASPStor)
DRV - [2012/07/26 09:12:15 | 000,059,120 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\mvumis.sys -- (mvumis)
DRV - [2012/07/26 09:10:36 | 000,038,640 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\wfplwfs.sys -- (WFPLWFS)
DRV - [2012/07/26 09:10:10 | 000,256,240 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\clfs.sys -- (CLFS)
DRV - [2012/07/26 09:09:55 | 000,029,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\terminpt.sys -- (terminpt)
DRV - [2012/07/26 09:03:00 | 000,130,024 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\vmbus.sys -- (vmbus)
DRV - [2012/07/26 09:03:00 | 000,042,344 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\vmstorfl.sys -- (storflt)
DRV - [2012/07/26 09:03:00 | 000,032,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\storvsc.sys -- (storvsc)
DRV - [2012/07/26 08:06:54 | 000,042,496 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\Drivers\BasicDisplay.sys -- (BasicDisplay)
DRV - [2012/07/26 08:06:49 | 000,007,680 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\mshidumdf.sys -- (mshidumdf)
DRV - [2012/07/26 08:06:36 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\HyperVideo.sys -- (HyperVideo)
DRV - [2012/07/26 08:06:35 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\Drivers\BasicRender.sys -- (BasicRender)
DRV - [2012/07/26 08:05:30 | 000,006,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\vms3cap.sys -- (s3cap)
DRV - [2012/07/26 08:05:28 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\Drivers\npsvctrig.sys -- (npsvctrig)
DRV - [2012/07/26 08:05:10 | 000,015,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\kdnic.sys -- (kdnic)
DRV - [2012/07/26 08:05:06 | 000,008,704 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\acpitime.sys -- (acpitime)
DRV - [2012/07/26 08:05:04 | 000,009,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\vmgencounter.sys -- (gencounter)
DRV - [2012/07/26 08:04:43 | 000,008,704 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\acpipagr.sys -- (acpipagr)
DRV - [2012/07/26 08:04:42 | 000,015,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV - [2012/07/26 08:04:22 | 000,018,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2012/07/26 08:04:04 | 000,010,496 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\hyperkbd.sys -- (hyperkbd)
DRV - [2012/07/26 08:03:53 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\SerCx.sys -- (SerCx)
DRV - [2012/07/26 08:03:50 | 000,046,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\SpbCx.sys -- (SpbCx)
DRV - [2012/07/26 08:03:29 | 000,027,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\TsUsbGD.sys -- (TsUsbGD)
DRV - [2012/07/26 08:03:16 | 000,044,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\bthhfenum.sys -- (BthHFEnum)
DRV - [2012/07/26 08:02:54 | 000,049,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2012/07/26 08:02:53 | 000,028,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\dmvsc.sys -- (dmvsc)
DRV - [2012/07/26 08:02:02 | 000,035,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\wpcfltr.sys -- (wpcfltr)
DRV - [2012/07/26 08:01:11 | 000,110,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV - [2012/07/26 08:00:56 | 000,057,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\mslldp.sys -- (MsLldp)
DRV - [2012/07/26 08:00:39 | 000,084,480 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\Drivers\Ndu.sys -- (Ndu)
DRV - [2012/07/26 04:19:40 | 000,495,104 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\Rt630x86.sys -- (RTL8168)
DRV - [2007/12/12 14:04:56 | 000,034,963 | ---- | M] (Compuware Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\hid7906.sys -- (hid7906)
DRV - [2007/12/03 08:46:12 | 000,037,024 | ---- | M] (Compuware Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\hid8101.sys -- (hid8101)
DRV - [2007/11/28 10:52:46 | 000,034,587 | ---- | M] (Compuware Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\hid8103.sys -- (hid8103)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}
IE - HKLM\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://feed.snapdo.c...Date=04/08/2013
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = D:\Downloads IE
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://feed.snapdo.c...Date=04/08/2013
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://feed.snapdo.c...Date=04/08/2013
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://feed.snapdo.c...Date=04/08/2013
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://t.in.msn.com/...IN&dcc=IN&opt=0
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 19 7C 3A EF 94 72 CE 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://feed.snapdo.c...Date=04/08/2013
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://feed.snapdo.c...Date=04/08/2013
IE - HKCU\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}
IE - HKCU\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://feed.snapdo.c...Date=04/08/2013
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE10SR
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/Lync,version=15.0: C:\Program Files\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3508.0205: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nokia.com/EnablerPlugin: C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.7: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\[email protected]: C:\Users\Parth\AppData\Roaming\IDM\idmmzcc5 [2013/08/04 17:41:39 | 000,000,000 | ---D | M]

[2013/06/30 15:12:47 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013/06/13 20:45:26 | 000,034,048 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\npMeetingJoinPluginOC.dll

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: https://www.google.co.in/
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\28.0.1500.95\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\28.0.1500.95\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\28.0.1500.95\pdf.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: Microsoft Office 2013 (Enabled) = C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll
CHR - plugin: Java™ Platform SE 7 U25 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Microsoft Office 2013 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll
CHR - plugin: Nokia Suite Enabler Plugin (Enabled) = C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files\VideoLAN\VLC\npvlc.dll
CHR - plugin: Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Java Deployment Toolkit 7.0.250.17 (Enabled) = C:\Windows\system32\npDeployJava1.dll
CHR - Extension: Angry Birds = C:\Users\Parth\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_0\
CHR - Extension: Google Docs = C:\Users\Parth\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\Parth\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Parth\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Adblock Plus = C:\Users\Parth\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.5.3_0\
CHR - Extension: Google Search = C:\Users\Parth\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Photo Zoom for Facebook = C:\Users\Parth\AppData\Local\Google\Chrome\User Data\Default\Extensions\elioihkkcdgakfbahdoddophfngopipi\1.1208.30.1_0\
CHR - Extension: Cut the Rope = C:\Users\Parth\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkddaofiamhgfjmaccfcfpfolpgbeomj\15_0\
CHR - Extension: Lord of Ultima = C:\Users\Parth\AppData\Local\Google\Chrome\User Data\Default\Extensions\jdheeblenjmceeppomdgokgilmkonced\1.0.12_0\
CHR - Extension: IDM Integration Module = C:\Users\Parth\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeaohhlajejodfjadcponpnjgkiikocn\6.17.6_0\
CHR - Extension: Gmail = C:\Users\Parth\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
CHR - Extension: Gangnam Style Escape! = C:\Users\Parth\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjpbpimieknpjhhkpggolbandppahmlc\1.0.0.0_0\

O1 HOSTS File: ([2012/07/26 09:47:20 | 000,000,824 | ---- | M]) - C:\Windows\System32\Drivers\etc\hosts
O2 - BHO: (IDMIEHlprObj Class) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
O2 - BHO: (Lync Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKCU..\Run: [] File not found
O4 - HKCU..\Run: [AdobeBridge] File not found
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd)
O4 - HKCU..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe (Tonec Inc.)
O4 - HKCU..\Run: [NokiaSuite.exe] C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe (Nokia)
O4 - HKCU..\Run: [Rackeys Broadband Usage Meter] D:\BroadbandUsageMeter.EXE (rackeys)
O4 - HKCU..\Run: [svchost] C:\Users\Parth\Local Settings\Application Data\svchost.exe File not found
O4 - HKCU..\Run: [uTorrent] C:\Users\Parth\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
O4 - HKCU..\Run: [XLaunchpad] C:\Program Files\iOS6 Skin Pack\RocketDock\XLaunchPad\XLaunchpad.exe start File not found
O4 - HKCU..\Run: [xwidget] C:\Program Files\iOS6 Skin Pack\RocketDock\Xwidget\XWidget.exe File not found
O4 - Startup: C:\Users\Parth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk = C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRun = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFind = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogOff = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetFolders = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFolderOptions = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O8 - Extra context menu item: Download all links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm ()
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm ()
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office15\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 1.1.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{62FCA964-9C64-4C84-8BC3-04F68E4366D4}: DhcpNameServer = 1.1.1.1
O18 - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012/07/26 12:22:25 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/08/04 21:15:37 | 000,000,000 | ---D | C] -- C:\Users\Parth\AppData\Roaming\Media Player Classic
[2013/08/04 17:41:29 | 000,000,000 | ---D | C] -- C:\Users\Parth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
[2013/08/04 17:41:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
[2013/08/04 17:15:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Web Installer
[2013/08/04 17:06:45 | 000,000,000 | ---D | C] -- C:\Users\Parth\Documents\gegl-0.0
[2013/08/04 17:06:45 | 000,000,000 | ---D | C] -- C:\Users\Parth\.gimp-2.6
[2013/08/04 17:06:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP
[2013/08/04 17:06:20 | 000,000,000 | ---D | C] -- C:\Program Files\GIMP-2.0
[2013/08/04 16:59:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Player Classic - Home Cinema
[2013/08/04 16:59:06 | 000,000,000 | ---D | C] -- C:\Program Files\Media Player Classic - Home Cinema
[2013/08/04 16:56:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Tarma Installer
[2013/08/04 15:08:40 | 000,000,000 | ---D | C] -- C:\Windows\XSxS
[2013/08/04 15:03:07 | 000,000,000 | ---D | C] -- C:\Users\Parth\AppData\Roaming\IDM
[2013/08/04 15:03:07 | 000,000,000 | ---D | C] -- C:\ProgramData\IDM
[2013/08/04 15:03:07 | 000,000,000 | ---D | C] -- C:\Users\Parth\AppData\Roaming\DMCache
[2013/08/04 15:03:03 | 000,000,000 | ---D | C] -- C:\Program Files\Internet Download Manager
[2013/08/03 16:21:22 | 000,000,000 | ---D | C] -- C:\Windupdt
[2013/08/03 13:39:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EasyAudioCutter
[2013/08/03 13:35:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MP3 to SWF Converter
[2013/08/03 13:35:32 | 000,000,000 | ---D | C] -- C:\Program Files\MP3 to SWF Converter
[2013/08/02 21:59:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2013/07/26 18:25:29 | 000,104,928 | ---- | C] (Tonec Inc.) -- C:\Windows\System32\drivers\idmwfp.sys
[2013/07/25 16:09:58 | 000,000,000 | ---D | C] -- C:\Users\Parth\Documents\Freedom Fighters
[2013/07/24 16:22:40 | 000,000,000 | ---D | C] -- C:\Users\Parth\AppData\Local\PDF24
[2013/07/23 21:17:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
[2013/07/23 21:17:16 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee Security Scan
[2013/07/23 21:17:16 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2013/07/23 21:17:10 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee Security Scan
[2013/07/22 18:44:57 | 000,000,000 | ---D | C] -- C:\Users\Parth\Documents\OneNote Notebooks
[2013/07/22 17:46:50 | 000,000,000 | ---D | C] -- C:\Users\Parth\Documents\Custom Office Templates
[2013/07/19 20:04:12 | 000,000,000 | ---D | C] -- C:\Users\Parth\AppData\Roaming\Blueberry
[2013/07/19 20:04:01 | 000,000,000 | ---D | C] -- C:\Windows\System32\ShellDD
[2013/07/19 20:04:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blueberry Software
[2013/07/19 20:03:57 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Blueberry Software
[2013/07/19 17:11:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Blueberry
[2013/07/19 17:07:19 | 000,000,000 | ---D | C] -- C:\Users\Parth\Documents\BB FlashBack Movies
[2013/07/19 17:06:16 | 000,000,000 | ---D | C] -- C:\Users\Parth\AppData\Roaming\LogSys
[2013/07/19 17:06:15 | 000,000,000 | ---D | C] -- C:\ProgramData\LogSys
[2013/07/19 17:06:02 | 000,000,000 | ---D | C] -- C:\Program Files\Blueberry Software
[2013/07/18 17:35:58 | 000,000,000 | ---D | C] -- C:\Windows\en
[2013/07/18 17:27:35 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server Compact Edition
[2013/07/18 17:19:33 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live
[2013/07/18 16:57:08 | 000,000,000 | ---D | C] -- C:\Users\Parth\AppData\Local\Windows Live
[2013/07/18 16:56:48 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Windows Live
[2013/07/18 16:50:48 | 000,000,000 | ---D | C] -- C:\Users\Parth\AppData\Roaming\MakeitOne
[2013/07/18 16:41:51 | 000,000,000 | ---D | C] -- C:\Users\Parth\AppData\Local\www.dvbportal.de
[2013/07/18 16:30:57 | 001,986,560 | ---- | C] (NCT Company Ltd.) -- C:\Windows\System32\AudFile.dll
[2013/07/18 16:30:57 | 001,212,416 | ---- | C] (NCT Company Ltd.) -- C:\Windows\System32\AudioInfos.dll
[2013/07/18 16:30:57 | 000,479,232 | ---- | C] (NCT Company Ltd.) -- C:\Windows\System32\AudioVisu.dll
[2013/07/18 16:30:57 | 000,458,752 | ---- | C] (NCT Company Ltd.) -- C:\Windows\System32\AudPlayer.dll
[2013/07/18 16:30:57 | 000,454,656 | ---- | C] (NCT Company Ltd.) -- C:\Windows\System32\AudioRecord.dll
[2013/07/18 16:30:57 | 000,348,160 | ---- | C] (NCT Company Ltd.) -- C:\Windows\System32\WMAFile.dll
[2013/07/18 16:30:56 | 002,084,864 | ---- | C] (NCT Company Ltd.) -- C:\Windows\System32\AudDesign.dll
[2013/07/18 16:30:56 | 000,417,792 | ---- | C] (NCT Company Ltd.) -- C:\Windows\System32\AudDisplay.dll
[2013/07/18 16:30:56 | 000,000,000 | ---D | C] -- C:\Users\Parth\AppData\Roaming\FreeAudioPack
[2013/07/18 16:28:09 | 000,000,000 | ---D | C] -- C:\Program Files\Free MP3 Cutter
[2013/07/16 20:17:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyRealGames.com
[2013/07/16 20:17:40 | 000,000,000 | ---D | C] -- C:\Program Files\MyRealGames.com
[2013/07/16 19:53:14 | 000,000,000 | ---D | C] -- C:\Users\Parth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Virtua Cop 2
[2013/07/16 19:53:06 | 000,000,000 | ---D | C] -- C:\Program Files\VCop2
[2013/07/16 17:23:21 | 000,000,000 | ---D | C] -- C:\Program Files\SkinPack
[2013/07/16 17:22:36 | 000,000,000 | ---D | C] -- C:\Program Files\Skin Pack
[2013/07/14 20:12:15 | 000,000,000 | ---D | C] -- C:\Users\Parth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows 7 USB DVD Download Tool
[2013/07/14 20:12:14 | 000,000,000 | ---D | C] -- C:\Users\Parth\AppData\Local\Apps
[2013/07/14 19:46:08 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2013/07/14 19:46:07 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2013/07/14 15:38:39 | 000,000,000 | ---D | C] -- C:\Users\Parth\Documents\NFS Most Wanted
[2013/07/14 15:38:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA GAMES
[2013/07/14 15:33:17 | 000,000,000 | ---D | C] -- C:\Program Files\EA GAMES
[2013/07/14 14:15:39 | 000,000,000 | ---D | C] -- C:\Users\Parth\AppData\Roaming\PerformerSoft
[2013/07/14 14:15:38 | 000,000,000 | ---D | C] -- C:\ProgramData\IBUpdaterService
[2013/07/14 14:15:37 | 000,018,096 | ---- | C] (PerformerSoft LLC) -- C:\Windows\System32\roboot.exe
[2013/07/14 14:12:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
[2013/07/14 14:12:58 | 000,466,008 | ---- | C] (Duplex Secure Ltd.) -- C:\Windows\System32\drivers\sptd.sys
[2013/07/14 14:12:57 | 000,000,000 | ---D | C] -- C:\Users\Parth\AppData\Roaming\DAEMON Tools Lite
[2013/07/14 14:12:53 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Lite
[2013/07/14 14:12:08 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2013/07/14 11:28:52 | 000,000,000 | ---D | C] -- C:\ProgramData\SystemRequirementsLab
[2013/07/14 11:28:52 | 000,000,000 | ---D | C] -- C:\Program Files\SystemRequirementsLab
[2013/07/14 10:36:46 | 000,000,000 | ---D | C] -- C:\Users\Parth\Documents\Criterion Games
[2013/07/14 10:15:12 | 000,000,000 | ---D | C] -- C:\Windows\System32\directx
[2013/07/13 11:05:58 | 000,000,000 | ---D | C] -- C:\Windows\System32\MRT
[2013/07/08 19:38:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
[2013/07/08 19:38:10 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2013/07/08 19:36:34 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2013/07/08 19:36:34 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server
[2013/07/08 19:34:43 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Analysis Services
[2013/07/08 19:34:38 | 000,000,000 | ---D | C] -- C:\Users\Parth\AppData\Local\Microsoft Help
[2013/07/08 19:34:26 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2013/07/08 19:34:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2013/07/07 14:36:48 | 000,000,000 | ---D | C] -- C:\Users\Parth\Documents\EA SPORTS™ Cricket 07
[2013/07/07 14:33:03 | 000,037,024 | ---- | C] (Compuware Corporation) -- C:\Windows\System32\drivers\hid8101.sys
[2013/07/07 14:33:03 | 000,034,587 | ---- | C] (Compuware Corporation) -- C:\Windows\System32\drivers\hid8103.sys
[2013/07/07 14:33:02 | 000,034,963 | ---- | C] (Compuware Corporation) -- C:\Windows\System32\drivers\hid7906.sys
[2013/07/07 14:33:02 | 000,000,000 | ---D | C] -- C:\Windows\USB Vibration
[2013/07/07 14:32:35 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2013/07/07 14:32:32 | 000,000,000 | ---D | C] -- C:\Program Files\USB Vibration

========== Files - Modified Within 30 Days ==========

[2013/08/05 20:13:02 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/08/05 19:56:20 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/08/05 19:56:16 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/08/05 16:48:37 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2013/08/05 16:48:36 | 1708,904,448 | -HS- | M] () -- C:\hiberfil.sys
[2013/08/04 17:06:43 | 000,001,069 | ---- | M] () -- C:\Users\Public\Desktop\GIMP 2.lnk
[2013/08/04 16:59:08 | 000,002,147 | ---- | M] () -- C:\Users\Parth\Desktop\Media Player Classic - Home Cinema.lnk
[2013/08/03 16:21:23 | 000,000,052 | ---- | M] () -- C:\Users\Parth\AppData\Local\tmp. & 4425424633.tpmpp
[2013/08/03 16:21:22 | 000,000,052 | ---- | M] () -- C:\Users\Parth\AppData\Local\tmp. & 7869768177.tpmpp
[2013/08/03 13:35:34 | 000,001,046 | ---- | M] () -- C:\Users\Public\Desktop\MP3 to SWF Converter.lnk
[2013/08/02 21:59:29 | 000,002,170 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2013/08/02 17:40:21 | 000,718,176 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013/08/02 17:40:21 | 000,132,542 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013/07/31 14:48:01 | 000,007,613 | ---- | M] () -- C:\Users\Parth\AppData\Local\Resmon.ResmonCfg
[2013/07/31 09:21:26 | 000,002,129 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013/07/30 19:16:45 | 000,001,148 | ---- | M] () -- C:\Users\Parth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk
[2013/07/27 08:02:27 | 000,001,915 | ---- | M] () -- C:\Users\Parth\Desktop\HP Deskjet 2510 series - Shortcut.lnk
[2013/07/25 06:02:36 | 000,000,563 | ---- | M] () -- C:\Users\Parth\Desktop\Freedom.ini
[2013/07/23 21:17:16 | 000,002,116 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
[2013/07/23 21:17:16 | 000,002,116 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2013/07/19 20:04:01 | 000,001,372 | ---- | M] () -- C:\Users\Parth\Application Data\Microsoft\Internet Explorer\Quick Launch\BB FlashBack Pro Recorder.lnk
[2013/07/19 20:04:01 | 000,001,362 | ---- | M] () -- C:\Users\Parth\Application Data\Microsoft\Internet Explorer\Quick Launch\BB FlashBack Pro Player.lnk
[2013/07/19 20:04:01 | 000,001,348 | ---- | M] () -- C:\Users\Public\Desktop\BB FlashBack Pro Recorder.lnk
[2013/07/19 20:04:01 | 000,001,338 | ---- | M] () -- C:\Users\Public\Desktop\BB FlashBack Pro Player.lnk
[2013/07/19 18:15:30 | 000,000,031 | ---- | M] () -- C:\Windows\System32\bbcap.err
[2013/07/18 17:42:25 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_LocationProvider_01_11_00.Wdf
[2013/07/18 16:40:20 | 000,411,595 | ---- | M] () -- C:\Users\Parth\Documents\a.mka
[2013/07/16 20:17:44 | 000,001,213 | ---- | M] () -- C:\Users\Parth\Desktop\Grand Master Chess 3.lnk
[2013/07/16 17:47:08 | 000,004,516 | ---- | M] () -- C:\Users\Parth\AppData\Roaming\CamStudio.cfg
[2013/07/16 17:47:08 | 000,000,408 | ---- | M] () -- C:\Users\Parth\AppData\Roaming\CamShapes.ini
[2013/07/16 17:47:08 | 000,000,408 | ---- | M] () -- C:\Users\Parth\AppData\Roaming\CamLayout.ini
[2013/07/16 17:47:08 | 000,000,096 | ---- | M] () -- C:\Users\Parth\AppData\Roaming\Camdata.ini
[2013/07/16 17:23:17 | 000,000,993 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SkinPackMenu.lnk
[2013/07/16 17:23:11 | 000,001,162 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RocketDock.lnk
[2013/07/16 17:22:30 | 000,001,142 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\YzShadow.lnk
[2013/07/16 17:22:30 | 000,001,142 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\UberIcon.lnk
[2013/07/14 20:12:15 | 000,002,468 | ---- | M] () -- C:\Users\Parth\Desktop\Windows 7 USB DVD Download Tool.lnk
[2013/07/14 15:38:29 | 000,002,131 | ---- | M] () -- C:\Users\Public\Desktop\Need for Speed™ Most Wanted.lnk
[2013/07/14 14:12:59 | 000,001,900 | ---- | M] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2013/07/12 20:28:17 | 002,351,784 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013/07/07 14:33:03 | 000,000,896 | ---- | M] () -- C:\Users\Public\Desktop\Game option.lnk

========== Files Created - No Company Name ==========

[2013/08/04 17:06:43 | 000,001,069 | ---- | C] () -- C:\Users\Public\Desktop\GIMP 2.lnk
[2013/08/04 16:59:08 | 000,002,147 | ---- | C] () -- C:\Users\Parth\Desktop\Media Player Classic - Home Cinema.lnk
[2013/08/03 16:21:23 | 000,000,052 | ---- | C] () -- C:\Users\Parth\AppData\Local\tmp. & 4425424633.tpmpp
[2013/08/03 16:21:22 | 000,000,052 | ---- | C] () -- C:\Users\Parth\AppData\Local\tmp. & 7869768177.tpmpp
[2013/08/03 13:40:02 | 000,001,255 | ---- | C] () -- C:\Users\Parth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Free MP3 Cutter.lnk
[2013/08/03 13:39:27 | 000,484,352 | ---- | C] () -- C:\Windows\System32\lame_enc.dll
[2013/08/03 13:35:34 | 000,001,046 | ---- | C] () -- C:\Users\Public\Desktop\MP3 to SWF Converter.lnk
[2013/08/02 21:59:29 | 000,002,170 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2013/07/31 14:36:19 | 000,007,613 | ---- | C] () -- C:\Users\Parth\AppData\Local\Resmon.ResmonCfg
[2013/07/27 08:02:27 | 000,001,915 | ---- | C] () -- C:\Users\Parth\Desktop\HP Deskjet 2510 series - Shortcut.lnk
[2013/07/25 17:16:49 | 000,000,563 | ---- | C] () -- C:\Users\Parth\Desktop\Freedom.ini
[2013/07/23 21:17:16 | 000,002,116 | ---- | C] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
[2013/07/23 21:17:16 | 000,002,116 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2013/07/22 18:44:59 | 000,001,148 | ---- | C] () -- C:\Users\Parth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk
[2013/07/19 20:04:01 | 000,001,372 | ---- | C] () -- C:\Users\Parth\Application Data\Microsoft\Internet Explorer\Quick Launch\BB FlashBack Pro Recorder.lnk
[2013/07/19 20:04:01 | 000,001,362 | ---- | C] () -- C:\Users\Parth\Application Data\Microsoft\Internet Explorer\Quick Launch\BB FlashBack Pro Player.lnk
[2013/07/19 20:04:01 | 000,001,348 | ---- | C] () -- C:\Users\Public\Desktop\BB FlashBack Pro Recorder.lnk
[2013/07/19 20:04:01 | 000,001,338 | ---- | C] () -- C:\Users\Public\Desktop\BB FlashBack Pro Player.lnk
[2013/07/19 18:15:30 | 000,000,031 | ---- | C] () -- C:\Windows\System32\bbcap.err
[2013/07/18 17:42:25 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_LocationProvider_01_11_00.Wdf
[2013/07/18 17:35:54 | 000,001,251 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
[2013/07/18 17:35:50 | 000,001,320 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
[2013/07/18 16:40:20 | 000,411,595 | ---- | C] () -- C:\Users\Parth\Documents\a.mka
[2013/07/18 16:30:57 | 000,116,296 | ---- | C] () -- C:\Windows\System32\NCTWMAProfiles.prx
[2013/07/16 20:17:44 | 000,001,213 | ---- | C] () -- C:\Users\Parth\Desktop\Grand Master Chess 3.lnk
[2013/07/16 17:23:17 | 000,000,993 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SkinPackMenu.lnk
[2013/07/16 17:23:11 | 000,001,162 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RocketDock.lnk
[2013/07/16 17:22:30 | 000,001,142 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\YzShadow.lnk
[2013/07/16 17:22:30 | 000,001,142 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\UberIcon.lnk
[2013/07/14 20:12:15 | 000,002,468 | ---- | C] () -- C:\Users\Parth\Desktop\Windows 7 USB DVD Download Tool.lnk
[2013/07/14 15:38:29 | 000,002,131 | ---- | C] () -- C:\Users\Public\Desktop\Need for Speed™ Most Wanted.lnk
[2013/07/14 14:12:59 | 000,001,900 | ---- | C] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2013/07/12 20:27:54 | 002,351,784 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2013/07/11 20:10:05 | 000,386,642 | ---- | C] () -- C:\Windows\System32\ApnDatabase.xml
[2013/07/07 14:33:03 | 000,000,896 | ---- | C] () -- C:\Users\Public\Desktop\Game option.lnk
[2013/06/24 16:49:03 | 000,004,516 | ---- | C] () -- C:\Users\Parth\AppData\Roaming\CamStudio.cfg
[2013/06/24 16:49:03 | 000,000,408 | ---- | C] () -- C:\Users\Parth\AppData\Roaming\CamShapes.ini
[2013/06/24 16:49:03 | 000,000,408 | ---- | C] () -- C:\Users\Parth\AppData\Roaming\CamLayout.ini
[2013/06/24 16:49:03 | 000,000,096 | ---- | C] () -- C:\Users\Parth\AppData\Roaming\Camdata.ini
[2013/05/31 16:39:48 | 000,083,968 | ---- | C] () -- C:\Windows\System32\OEMLicense.dll
[2012/07/26 12:25:27 | 000,718,176 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2012/07/26 12:25:27 | 000,296,742 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2012/07/26 12:25:27 | 000,132,542 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2012/07/26 12:25:27 | 000,033,362 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2012/07/26 12:23:47 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2012/07/26 12:23:46 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2012/07/26 11:33:55 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2012/07/26 06:50:38 | 000,071,680 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2012/07/26 06:47:42 | 000,043,520 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2012/07/26 02:11:36 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2012/07/26 01:54:47 | 000,526,068 | ---- | C] () -- C:\Windows\System32\staticurllist.bin
[2012/07/14 07:30:46 | 000,043,882 | ---- | C] () -- C:\Windows\System32\srms.dat
[2012/06/03 01:55:24 | 000,008,192 | ---- | C] () -- C:\Windows\System32\settings.dat
[2012/06/02 20:01:24 | 001,520,828 | ---- | C] () -- C:\Windows\System32\WpcNBModel.bin
[2012/06/02 20:01:19 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat

========== ZeroAccess Check ==========

[2013/08/04 16:56:06 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/03/06 10:33:37 | 017,561,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2012/07/26 08:48:27 | 000,784,896 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2012/07/26 08:50:13 | 000,354,304 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2013/06/30 15:09:39 | 000,000,000 | ---D | M] -- C:\Users\Parth\AppData\Roaming\Babylon
[2013/07/31 16:28:21 | 000,000,000 | ---D | M] -- C:\Users\Parth\AppData\Roaming\Blueberry
[2013/07/14 15:32:27 | 000,000,000 | ---D | M] -- C:\Users\Parth\AppData\Roaming\DAEMON Tools Lite
[2013/08/05 20:30:29 | 000,000,000 | ---D | M] -- C:\Users\Parth\AppData\Roaming\DMCache
[2013/06/30 15:10:28 | 000,000,000 | ---D | M] -- C:\Users\Parth\AppData\Roaming\ExpressFiles
[2013/07/18 16:30:56 | 000,000,000 | ---D | M] -- C:\Users\Parth\AppData\Roaming\FreeAudioPack
[2013/08/04 17:41:39 | 000,000,000 | ---D | M] -- C:\Users\Parth\AppData\Roaming\IDM
[2013/07/19 17:06:39 | 000,000,000 | ---D | M] -- C:\Users\Parth\AppData\Roaming\LogSys
[2013/07/18 16:50:49 | 000,000,000 | ---D | M] -- C:\Users\Parth\AppData\Roaming\MakeitOne
[2013/05/31 20:46:39 | 000,000,000 | ---D | M] -- C:\Users\Parth\AppData\Roaming\NCdownloader
[2013/07/06 20:37:10 | 000,000,000 | ---D | M] -- C:\Users\Parth\AppData\Roaming\Nokia
[2013/07/06 20:37:11 | 000,000,000 | ---D | M] -- C:\Users\Parth\AppData\Roaming\Nokia Suite
[2013/07/06 20:36:44 | 000,000,000 | ---D | M] -- C:\Users\Parth\AppData\Roaming\PC Suite
[2013/07/14 15:47:05 | 000,000,000 | ---D | M] -- C:\Users\Parth\AppData\Roaming\PerformerSoft
[2013/07/26 18:38:34 | 000,000,000 | ---D | M] -- C:\Users\Parth\AppData\Roaming\uTorrent

========== Purity Check ==========



< End of report >
  • 0

Advertisements

#2
RKinner
Posted 09 August 2013 - 12:45 AM

RKinner

    Malware Expert

  • Expert
  • 24,624 posts
  • MVP
I'm no Win 8 expert but since no one else has stepped up I'll see what I can do. It seems clear from your OTL log that something has set some policies to restrict you. Also you have two odd processes running:

PRC - [2007/11/07 16:26:34 | 000,269,304 | ---- | M] (Microsoft Corporation) -- d:\359d5c14a27b2551c236a1ea7112\setup.exe
PRC - [2007/11/07 16:26:34 | 000,269,304 | ---- | M] (Microsoft Corporation) -- C:\Users\Parth\AppData\Local\Temp\SIT22939.tmp\setup.exe

The first looks like a Windows Update tho they are usually on C:\ The second one has the same exact date and time so I assume it's related. Might just be an update that hasn't finished yet. If it's an install it should finish and be gone by the next time you reboot.

We can remove the policies that cause your restrictions and see if that helps.

Copy the text in the code box by highlighting and Ctrl + c

:OTL
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (an7yqq5o)
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRun = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFind = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogOff = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetFolders = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFolderOptions = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1

:Commands
[Reboot]

then Rightclick on OTL and select Run As Administrator to start. Under the Custom Scans/Fixes box at the bottom, paste (ctrl +v) the text. Verify that you got it all and Then click the RUN FIX button (NOT THE QUICK SCAN button!) at the top
Let the program run unhindered, OTL will reboot the PC when it is done. Save the log and copy and paste it into a reply.
It appears that Old Timer is now hiding the log in c:\_OTL\MovedFiles\08092013-some number.log so look there if you don't see it.


Then run OLT, Quickscan and post the log. Tell me if that helped.

Ron
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP