Jump to content


Photo
- - - - -

C drive not showing comlete storage capacity


  • Please log in to reply
7 replies to this topic

#1 faraz

faraz

    Member

  • Members
  • PipPipPip
  • 78 posts

Posted 08 April 2012 - 03:42 AM

Hi

i have a Dell inspiron laptop n5110 .... Defaul partition named As C: is of the size of 48.7 Gb

i have installed Win 7 operating System ...

My issue is when i check the size of all the folders(including hidden ones) inside that drive C it shows all files & folders are of 33 GB

But when i go to My computer place and drive C shows only empty space of 7 GB how it should show around 16 to 17 GB free space ...

Sometimes i also recevie msg of drive C has not much space .... whenever i reached close....

Can anyone please tell me y i am not able to see & utilize that 7 to 8 GB ... why it is not appearing while calculating from properties ???


Thanx in advance as seeking help

#2 faraz

faraz

    Member

  • Members
  • PipPipPip
  • 78 posts

Posted 08 April 2012 - 03:44 AM

sorry forget to mention the complete name of my operating system :

It Win7 utlmate 64 bit

#3 guestolo

guestolo

    Site Donator

  • Admin
  • PipPipPipPipPipPipPip
  • 16,205 posts

Posted 08 April 2012 - 12:13 PM

it could be your not seeing the actual size of the drive, not sure
But why not post logs from OTL, might give us a better idea

Download OTL.exe by OldTimer to your Desktop.
  • Right click on OTL.exe and choose to "Run as Administrator"
  • Click Run Scan and let the program run uninterrupted.
  • It will produce two logs for you, one will pop up - OTL.txt, the other will be saved on your Desktop - Extras.txt. Post both logs in this thread.

Do you want to post your own HijackThis log?
Follow the instructions posted Here

Not required, but if you would like to donate to help my fight against malware
Click Here


#4 faraz

faraz

    Member

  • Members
  • PipPipPip
  • 78 posts

Posted 16 April 2012 - 12:48 AM

OTL Extras logfile created on: 4/15/2012 10:29:12 PM - Run 1
OTL by OldTimer - Version 3.2.39.2 Folder = C:\Users\Faraz\Desktop
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.91 Gb Total Physical Memory | 2.25 Gb Available Physical Memory | 57.65% Memory free
7.82 Gb Paging File | 6.13 Gb Available in Paging File | 78.41% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 48.73 Gb Total Space | 5.36 Gb Free Space | 10.99% Space Free | Partition Type: NTFS
Drive D: | 48.83 Gb Total Space | 5.13 Gb Free Space | 10.51% Space Free | Partition Type: NTFS
Drive E: | 368.10 Gb Total Space | 12.13 Gb Free Space | 3.29% Space Free | Partition Type: NTFS
Drive G: | 1.84 Gb Total Space | 1.18 Gb Free Space | 64.00% Space Free | Partition Type: FAT

Computer Name: FARAZ-PC | User Name: Faraz | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- C:\Program Files (x86)\VideoLAN\VLC\vlc.exe --one-instance-when-started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- C:\Program Files (x86)\VideoLAN\VLC\vlc.exe --one-instance-when-started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- C:\Program Files (x86)\VideoLAN\VLC\vlc.exe --one-instance-when-started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- C:\Program Files (x86)\VideoLAN\VLC\vlc.exe --one-instance-when-started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{05BFB060-4F22-4710-B0A2-2801A1B606C5}" = Microsoft Antimalware
"{230D1595-57DA-4933-8C4E-375797EBB7E1}" = Bluetooth Win7 Suite (64)
"{42738DB0-FC3E-4672-A99B-9372F5696E30}" = Microsoft Security Client
"{68660049-8D48-427C-9FF7-139D8340CDC0}" = MSVC80_x64
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{74A8C1AF-75E5-4653-95AF-222725B7D877}" = Bentley DGN Thumbnail Provider
"{7CE8BE79-ABC3-4B2C-9543-28ED2B0A9EA8}" = Intel® PROSet/Wireless Software for Bluetooth® Technology
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010
"{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
"{9ACF3FDB-C8E6-444C-8C64-13A221F7BFFD}" = Microsoft SQL Server Native Client
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Dell Touchpad
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 268.30
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 268.30
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 268.30
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus 1.0.21
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B636C9B9-A3F2-4DCE-ADCC-72E095018385}" = Microsoft SQL Server VSS Writer
"{C40D6727-57FE-4671-B51A-69B0F21F44B5}" = Microsoft SQL Server Management Studio Express
"{EE751355-2D68-4905-8289-B0510F535798}" = Nitro Reader 2
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
"E8A6D621B6D3FC5D43C68C549D959DE76EEF5D84" = Windows Driver Package - Nokia Modem (06/01/2009 4.1)
"F779F5541ABD99C95C03B0FD5E3C058B22DA0FF7" = Windows Driver Package - Nokia Modem (06/01/2009 7.01.0.3)
"FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D" = Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"Microsoft Security Client" = Microsoft Security Essentials
"WinRAR archiver" = WinRAR 4.01 (64-bit)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0C973594-7DDF-4BD0-84ED-3517F7622037}" = PC Connectivity Solution
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java™ 6 Update 31
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Dell WLAN and Bluetooth Client Installation
"{2EA870FA-585F-4187-903D-CB9FFD21E2E0}" = DHTML Editing Component
"{2EF17083-57D4-4D64-AE4F-55F32A2C4571}" = CodecC
"{330F8583-DB42-4E0C-86F0-178FBE9E8288}" = Bentley® OpenPlant Reporting V8i (SELECTseries 2)
"{3D39E775-DDDA-4327-B747-0BDC5F191331}" = Nokia PC Suite
"{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}" = WIDCOMM Bluetooth Software
"{451517F1-7E41-400B-AA36-FB7E2563526D}" = Dell Wireless Driver Installation
"{477F115E-D48E-4D9D-B839-2AF37CA2987B}" = Bentley V8i (SELECTseries 2) - Autodesk® RealDWG™ 2010
"{47FA2C44-D148-4DBC-AF60-B91934AA4842}" = Adobe AIR
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{52D02A2B-03D2-4E34-A358-DC5D951FD296}" = Nokia Connectivity Cable Driver
"{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English)
"{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"{58D379F7-62BC-4748-8237-FE071ECE797C}" = Microsoft SQL Server 2005 Tools
"{59552B98-E671-AFA7-C04D-6F62DDD44D3C}" = Adobe® CreatePDF Desktop
"{5BE5DB79-685E-46FD-A231-CD7467B69DD7}" = TP-LINK Wireless Utility
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}" = Live! Cam Avatar Creator
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{87655413-1064-1017-2250-851555730017}" = MAXORING
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0409-1000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0116-0409-1000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PRJPROR_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.PRJPROR_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.PRJPROR_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.PRJPROR_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0409-1000-0000000FF1CE}_Office14.PRJPROR_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-002C-0409-0000-0000000FF1CE}_Office14.PRJPROR_{7CA93DF4-8902-449E-A42E-4C5923CFBDE3}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}_Office14.PRJPROR_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00B4-0409-0000-0000000FF1CE}" = Microsoft Office Project MUI (English) 2010
"{90140000-00B4-0409-0000-0000000FF1CE}_Office14.PRJPROR_{18A0C151-8F8A-4B68-A960-60C464B94329}" = Microsoft Project 2010 Service Pack 1 (SP1)
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}_Office14.PRJPROR_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0116-0409-1000-0000000FF1CE}_Office14.PRJPROR_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{91140000-003B-0000-0000-0000000FF1CE}" = Microsoft Office Project Professional 2010
"{91140000-003B-0000-0000-0000000FF1CE}_Office14.PRJPROR_{8A8F117F-8EDB-440D-B679-F08909D729F7}" = Microsoft Project 2010 Service Pack 1 (SP1)
"{983F7138-0BB4-418B-973B-84EE71001422}" = Primavera 6.0
"{A13D16C5-38A9-4D96-9647-59FCCAB12A85}" = Visual Basic for Applications ® Core - English
"{B0F9497C-52B4-4686-8E73-74D866BBDF59}" = Microsoft SQL Server 2005 (PRIMAVERA)
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{E3E30FF7-5EAE-4E0E-B394-78214222D60C}" = Windows Internet Explorer Platform Preview
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.8
"{F0C2AD51-9F09-4B75-82EE-74DA80F708D8}" = Nitro PDF Professional
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel® Control Center
"{FB97C283-1F3C-42D4-AE01-ADC1DC12F774}" = Visual Basic for Applications ® Core
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Advanced Audio FX Engine" = Advanced Audio FX Engine
"BurstCopy_is1" = BurstCopy v2.700
"ChatSend Toolbar" = ChatSend Toolbar
"com.acrobat.createpdf.CreatePDFDesktop" = Adobe® CreatePDF Desktop
"conduitEngine" = Conduit Engine
"CoreAAC" = CoreAAC
"Debut" = Debut Video Capture Software
"Dell Webcam Center" = Dell Webcam Center
"Dell Webcam Manager" = Dell Webcam Manager
"ENTERPRISE" = Microsoft Office Enterprise 2007
"EWED 2000 A" = Microsoft Encarta World English Dictionary
"FrostWire 5" = FrostWire 5.3.2
"GOM Player" = GOM Player
"Hotspot_Shield Toolbar" = Hotspot_Shield Toolbar
"HotspotShield" = Hotspot Shield 2.24
"InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"InstallShield_{983F7138-0BB4-418B-973B-84EE71001422}" = Primavera 6.0
"Internet Download Manager" = Internet Download Manager
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 1.53
"LocK-A-FoLdeR" = LocK-A-FoLdeR
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Mozilla Firefox 11.0 (x86 en-US)" = Mozilla Firefox 11.0 (x86 en-US)
"MPEG2 Codec(libmpeg2/mad)" = MPEG2 Codec(libmpeg2/mad)
"Nokia PC Suite" = Nokia PC Suite
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Office14.PRJPROR" = Microsoft Project Professional 2010
"Opera 11.50.1074" = Opera 11.50
"Optimizer Pro_is1" = Optimizer Pro v3.0
"Oxford Advanced Genie" = Oxford Advanced Genie
"PlatinumHideIP" = Platinum Hide IP
"RealAlt_is1" = Real Alternative 1.8.0
"TeamViewer 7" = TeamViewer 7
"uTorrent" = µTorrent
"uTorrentBar Toolbar" = uTorrentBar Toolbar
"VIVA Broadband" = VIVA Broadband
"VIVA WiFi" = VIVA WiFi
"VLC media player" = VideoLAN VLC media player 0.8.5
"Yahoo! Messenger" = Yahoo! Messenger

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-182233152-2924250215-3996894080-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{79A765E1-C399-405B-85AF-466F52E918B0}" = Ask Toolbar Updater
"FolderLock6" = Folder Lock

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 4/13/2012 12:41:58 PM | Computer Name = Faraz-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Program Files\Common
Files\Nitro PDF\Reader\2.0\NitroPrinterInstallerx64.exe". Dependent Assembly Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 4/13/2012 12:42:14 PM | Computer Name = Faraz-PC | Source = SideBySide | ID = 16842824
Description = Activation context generation failed for "c:\program files\microsoft
security client\MSESysprep.dll".Error in manifest or policy file "c:\program files\microsoft
security client\MSESysprep.dll" on line 10. The element imaging appears as a child
of element urn:schemas-microsoft-com:asm.v1^assembly which is not supported by
this version of Windows.

Error - 4/13/2012 12:42:45 PM | Computer Name = Faraz-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Program Files (x86)\Nokia\Nokia
PC Suite 7\TIS_VistaPIM.dll". Dependent Assembly Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 4/13/2012 4:21:05 PM | Computer Name = Faraz-PC | Source = Application Error | ID = 1000
Description = Faulting application name: iexplore.exe, version: 9.0.8112.16421,
time stamp: 0x4d76255d Faulting module name: KERNELBASE.dll, version: 6.1.7600.16850,
time stamp: 0x4e211485 Exception code: 0x0eedfade Fault offset: 0x0000b9bc Faulting
process id: 0x1d0 Faulting application start time: 0x01cd19b26b410d9a Faulting application
path: C:\Program Files (x86)\Internet Explorer\iexplore.exe Faulting module path:
C:\Windows\syswow64\KERNELBASE.dll Report Id: 31a47d29-85a6-11e1-ac7c-b48003ba55a9

Error - 4/14/2012 7:58:06 AM | Computer Name = Faraz-PC | Source = Application Hang | ID = 1002
Description = The program iexplore.exe version 9.0.8112.16421 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 1cf8 Start
Time: 01cd19d12ca678cb Termination Time: 521 Application Path: C:\Program Files (x86)\Internet
Explorer\iexplore.exe Report Id:

Error - 4/14/2012 7:58:15 AM | Computer Name = Faraz-PC | Source = Application Hang | ID = 1002
Description = The program iexplore.exe version 9.0.8112.16421 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 1cf4 Start
Time: 01cd1a2ec47ae98b Termination Time: 83 Application Path: C:\Program Files (x86)\Internet
Explorer\iexplore.exe Report Id:

Error - 4/15/2012 2:26:58 PM | Computer Name = Faraz-PC | Source = Windows Backup | ID = 4103
Description =

Error - 4/15/2012 2:36:39 PM | Computer Name = Faraz-PC | Source = SideBySide | ID = 16842827
Description = Activation context generation failed for "C:\Program Files (x86)\Skype\Toolbars\Internet
Explorer\SkypeIEPluginBroker.exe".Error in manifest or policy file "C:\Program
Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe" on line 2.
Multiple
requestedPrivileges elements are not allowed in manifest.

Error - 4/15/2012 2:37:57 PM | Computer Name = Faraz-PC | Source = SideBySide | ID = 16842824
Description = Activation context generation failed for "c:\program files\microsoft
security client\MSESysprep.dll".Error in manifest or policy file "c:\program files\microsoft
security client\MSESysprep.dll" on line 10. The element imaging appears as a child
of element urn:schemas-microsoft-com:asm.v1^assembly which is not supported by
this version of Windows.

Error - 4/15/2012 2:39:20 PM | Computer Name = Faraz-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Program Files (x86)\Nokia\Nokia
PC Suite 7\TIS_VistaPIM.dll". Dependent Assembly Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.

[ Media Center Events ]
Error - 11/11/2011 6:37:54 PM | Computer Name = Faraz-PC | Source = MCUpdate | ID = 0
Description = 1:37:54 AM - Error connecting to the internet. 1:37:54 AM - Unable
to contact server..

Error - 11/11/2011 6:38:43 PM | Computer Name = Faraz-PC | Source = MCUpdate | ID = 0
Description = 1:38:41 AM - Error connecting to the internet. 1:38:41 AM - Unable
to contact server..

Error - 12/1/2011 1:38:41 PM | Computer Name = Faraz-PC | Source = MCUpdate | ID = 0
Description = 8:38:41 PM - Error connecting to the internet. 8:38:41 PM - Unable
to contact server..

Error - 12/1/2011 1:39:04 PM | Computer Name = Faraz-PC | Source = MCUpdate | ID = 0
Description = 8:38:59 PM - Error connecting to the internet. 8:38:59 PM - Unable
to contact server..

Error - 12/1/2011 2:39:09 PM | Computer Name = Faraz-PC | Source = MCUpdate | ID = 0
Description = 9:39:09 PM - Error connecting to the internet. 9:39:09 PM - Unable
to contact server..

Error - 12/1/2011 2:39:16 PM | Computer Name = Faraz-PC | Source = MCUpdate | ID = 0
Description = 9:39:14 PM - Error connecting to the internet. 9:39:14 PM - Unable
to contact server..

Error - 12/1/2011 3:39:21 PM | Computer Name = Faraz-PC | Source = MCUpdate | ID = 0
Description = 10:39:21 PM - Error connecting to the internet. 10:39:21 PM - Unable
to contact server..

Error - 12/1/2011 3:39:31 PM | Computer Name = Faraz-PC | Source = MCUpdate | ID = 0
Description = 10:39:26 PM - Error connecting to the internet. 10:39:26 PM - Unable
to contact server..

Error - 12/1/2011 4:40:09 PM | Computer Name = Faraz-PC | Source = MCUpdate | ID = 0
Description = 11:40:09 PM - Error connecting to the internet. 11:40:09 PM - Unable
to contact server..

Error - 12/1/2011 4:40:44 PM | Computer Name = Faraz-PC | Source = MCUpdate | ID = 0
Description = 11:40:38 PM - Error connecting to the internet. 11:40:38 PM - Unable
to contact server..

[ System Events ]
Error - 4/2/2012 5:45:29 PM | Computer Name = Faraz-PC | Source = Ntfs | ID = 262199
Description = The file system structure on the disk is corrupt and unusable. Please
run the chkdsk utility on the volume Fraz Ali.

Error - 4/2/2012 5:45:29 PM | Computer Name = Faraz-PC | Source = Ntfs | ID = 262199
Description = The file system structure on the disk is corrupt and unusable. Please
run the chkdsk utility on the volume Fraz Ali.

Error - 4/4/2012 6:53:30 PM | Computer Name = Faraz-PC | Source = volsnap | ID = 393252
Description = The shadow copies of volume C: were aborted because the shadow copy
storage could not grow due to a user imposed limit.

Error - 4/5/2012 4:13:52 PM | Computer Name = Faraz-PC | Source = volsnap | ID = 393252
Description = The shadow copies of volume C: were aborted because the shadow copy
storage could not grow due to a user imposed limit.

Error - 4/5/2012 5:06:35 PM | Computer Name = Faraz-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk2\DR3.

Error - 4/5/2012 5:06:36 PM | Computer Name = Faraz-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk2\DR3.

Error - 4/5/2012 5:06:36 PM | Computer Name = Faraz-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk2\DR3.

Error - 4/5/2012 5:06:37 PM | Computer Name = Faraz-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk2\DR3.

Error - 4/5/2012 5:06:37 PM | Computer Name = Faraz-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk2\DR3.

Error - 4/5/2012 7:54:57 PM | Computer Name = Faraz-PC | Source = volsnap | ID = 393252
Description = The shadow copies of volume C: were aborted because the shadow copy
storage could not grow due to a user imposed limit.


< End of report >

#5 faraz

faraz

    Member

  • Members
  • PipPipPip
  • 78 posts

Posted 16 April 2012 - 12:49 AM

OTL logfile created on: 4/15/2012 10:29:12 PM - Run 1
OTL by OldTimer - Version 3.2.39.2 Folder = C:\Users\Faraz\Desktop
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.91 Gb Total Physical Memory | 2.25 Gb Available Physical Memory | 57.65% Memory free
7.82 Gb Paging File | 6.13 Gb Available in Paging File | 78.41% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 48.73 Gb Total Space | 5.36 Gb Free Space | 10.99% Space Free | Partition Type: NTFS
Drive D: | 48.83 Gb Total Space | 5.13 Gb Free Space | 10.51% Space Free | Partition Type: NTFS
Drive E: | 368.10 Gb Total Space | 12.13 Gb Free Space | 3.29% Space Free | Partition Type: NTFS
Drive G: | 1.84 Gb Total Space | 1.18 Gb Free Space | 64.00% Space Free | Partition Type: FAT

Computer Name: FARAZ-PC | User Name: Faraz | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/04/10 14:40:27 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Users\Faraz\Desktop\OTL.exe
PRC - [2012/02/18 06:10:21 | 000,740,216 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe
PRC - [2012/01/19 14:47:20 | 003,027,840 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
PRC - [2012/01/19 14:47:19 | 011,171,712 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer.exe
PRC - [2012/01/19 14:26:19 | 000,116,608 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\tv_w32.exe
PRC - [2012/01/07 04:45:28 | 000,660,296 | ---- | M] () -- C:\Program Files (x86)\Hotspot Shield\bin\openvpntray.exe
PRC - [2012/01/06 21:36:14 | 000,331,608 | ---- | M] () -- C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe
PRC - [2012/01/05 02:02:02 | 000,329,544 | ---- | M] () -- C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
PRC - [2012/01/05 02:01:58 | 000,363,336 | ---- | M] (AnchorFree Inc.) -- C:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe
PRC - [2011/10/25 01:48:40 | 003,437,976 | ---- | M] (Tonec Inc.) -- C:\Program Files (x86)\Internet Download Manager\idman.exe
PRC - [2011/07/15 21:20:12 | 000,947,056 | ---- | M] (Opera Software) -- C:\Program Files (x86)\Opera\opera.exe
PRC - [2011/03/14 18:27:28 | 000,236,384 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\ProgramData\DatacardService\DCSHelper.exe
PRC - [2010/12/10 18:29:30 | 029,293,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\MSSQL\Primavera\MSSQL.1\MSSQL\Binn\sqlservr.exe
PRC - [2010/11/03 09:53:28 | 000,897,088 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
PRC - [2010/07/30 09:52:58 | 000,185,632 | ---- | M] (Ralink Technology, Corp.) -- C:\Program Files (x86)\TP-LINK\Common\RaRegistry.exe
PRC - [2010/05/25 17:28:58 | 000,263,600 | ---- | M] (Tonec Inc.) -- C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
PRC - [2010/03/26 03:07:42 | 000,091,992 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\MSSQL\Primavera\MSSQL.1\MSSQL\Binn\msftesql.exe


========== Modules (No Company Name) ==========

MOD - [2012/01/07 04:45:28 | 000,660,296 | ---- | M] () -- C:\Program Files (x86)\Hotspot Shield\bin\openvpntray.exe
MOD - [2012/01/06 21:38:08 | 000,009,544 | ---- | M] () -- C:\Program Files (x86)\Hotspot Shield\bin\lang\gui-eng.dll
MOD - [2011/11/13 00:56:17 | 008,527,008 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
MOD - [2011/04/22 06:13:00 | 000,004,096 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\detoured.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2012/03/25 19:49:22 | 000,204,304 | ---- | M] (Nitro PDF Software) [Auto | Running] -- C:\Program Files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe -- (NitroReaderDriverReadSpool2)
SRV:64bit: - [2011/04/27 17:21:18 | 000,288,272 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2011/04/27 17:21:18 | 000,012,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2009/07/14 04:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/14 04:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2009/07/14 04:38:59 | 000,019,456 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\CISVC.EXE -- (CISVC)
SRV - [2012/02/29 08:50:48 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/01/19 14:47:20 | 003,027,840 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7)
SRV - [2012/01/06 21:39:12 | 000,077,520 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.exe -- (HssTrayService)
SRV - [2012/01/06 21:36:14 | 000,331,608 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe -- (hshld)
SRV - [2012/01/05 02:02:02 | 000,329,544 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe -- (HssWd)
SRV - [2012/01/05 02:01:58 | 000,363,336 | ---- | M] (AnchorFree Inc.) [Auto | Running] -- C:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe -- (HssSrv)
SRV - [2011/04/22 06:13:00 | 002,009,704 | ---- | M] (NVIDIA Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011/04/21 17:32:26 | 000,378,472 | ---- | M] (NVIDIA Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2011/03/14 18:27:34 | 000,346,976 | ---- | M] () [Auto | Running] -- C:\ProgramData\DatacardService\HWDeviceService64.exe -- (HWDeviceService64.exe)
SRV - [2010/12/17 12:46:48 | 000,053,920 | ---- | M] (Atheros Commnucations) [Disabled | Stopped] -- C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AdminService.exe -- (AtherosSvc)
SRV - [2010/12/10 18:29:30 | 029,293,408 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\MSSQL\Primavera\MSSQL.1\MSSQL\Binn\sqlservr.exe -- (MSSQL$PRIMAVERA) SQL Server (PRIMAVERA)
SRV - [2010/11/03 10:01:34 | 000,983,104 | ---- | M] (Intel Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe -- (Bluetooth OBEX Service)
SRV - [2010/11/03 10:01:20 | 001,298,496 | ---- | M] (Intel Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe -- (Bluetooth Media Service)
SRV - [2010/11/03 09:53:28 | 000,897,088 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe -- (Bluetooth Device Monitor)
SRV - [2010/10/05 19:04:12 | 002,655,768 | ---- | M] (Intel Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS) Intel®
SRV - [2010/10/05 19:04:08 | 000,325,656 | ---- | M] (Intel Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS) Intel®
SRV - [2010/10/01 09:49:08 | 000,151,552 | ---- | M] (Atheros) [Disabled | Stopped] -- C:\Program Files (x86)\Dell Wireless\Ath_CoexAgent.exe -- (Atheros Bt&Wlan Coex Agent)
SRV - [2010/07/30 09:52:58 | 000,212,256 | ---- | M] (Ralink Technology, Corp.) [Auto | Running] -- C:\Program Files (x86)\TP-LINK\Common\RaRegistry64.exe -- (RalinkRegistryWriter64)
SRV - [2010/07/30 09:52:58 | 000,185,632 | ---- | M] (Ralink Technology, Corp.) [Auto | Running] -- C:\Program Files (x86)\TP-LINK\Common\RaRegistry.exe -- (RalinkRegistryWriter)
SRV - [2010/03/26 03:07:42 | 000,091,992 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\MSSQL\Primavera\MSSQL.1\MSSQL\Binn\msftesql.exe -- (msftesql$PRIMAVERA) SQL Server FullText Search (PRIMAVERA)
SRV - [2009/07/14 04:15:31 | 000,396,288 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (WAS)
SRV - [2009/07/14 04:15:31 | 000,396,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (W3SVC)
SRV - [2009/07/14 04:14:53 | 000,061,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll -- (AppHostSvc)
SRV - [2009/06/11 00:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/06/02 10:10:08 | 000,637,952 | ---- | M] (Nokia.) [Disabled | Stopped] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2007/03/30 18:59:16 | 000,673,280 | ---- | M] () [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Primavera Common\BackgroundAgent\PrmBackgroundAgent.exe -- (PrmBackAgent)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/03/01 09:54:38 | 000,022,896 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/07/06 18:14:42 | 000,145,008 | ---- | M] (Tonec Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\idmwfp.sys -- (IDMWFP)
DRV:64bit: - [2011/05/31 17:11:36 | 000,415,744 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbwwan.sys -- (ewusbmbb)
DRV:64bit: - [2011/05/25 02:40:12 | 000,056,832 | ---- | M] (AnchorFree Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HssDrv.sys -- (HssDrv)
DRV:64bit: - [2011/05/25 02:40:10 | 000,037,888 | ---- | M] (AnchorFree Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\taphss.sys -- (taphss)
DRV:64bit: - [2011/05/12 22:28:46 | 000,363,856 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService)
DRV:64bit: - [2011/05/03 15:42:40 | 000,222,464 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbmdm.sys -- (hwdatacard)
DRV:64bit: - [2011/04/27 15:25:24 | 000,084,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2011/04/22 06:13:00 | 000,025,960 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt)
DRV:64bit: - [2011/03/25 23:17:50 | 012,262,336 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011/03/11 09:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 09:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/02/25 18:02:38 | 000,098,816 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_jucdcacm.sys -- (huawei_cdcacm)
DRV:64bit: - [2011/01/30 18:19:34 | 000,069,632 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_jucdcecm.sys -- (huawei_cdcecm)
DRV:64bit: - [2011/01/30 18:19:34 | 000,028,672 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_juextctrl.sys -- (huawei_ext_ctrl)
DRV:64bit: - [2011/01/30 18:19:32 | 000,086,016 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ew_jubusenum.sys -- (huawei_enumerator)
DRV:64bit: - [2010/12/17 12:47:10 | 000,275,616 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter)
DRV:64bit: - [2010/12/17 12:47:08 | 000,201,376 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_hcrp.sys -- (BTATH_HCRP)
DRV:64bit: - [2010/12/17 12:47:08 | 000,154,272 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_rcp.sys -- (BTATH_RCP)
DRV:64bit: - [2010/12/17 12:47:08 | 000,055,456 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_lwflt.sys -- (BTATH_LWFLT)
DRV:64bit: - [2010/12/17 12:47:08 | 000,036,000 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_flt.sys -- (AthBTPort)
DRV:64bit: - [2010/12/17 12:47:08 | 000,028,832 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_bus.sys -- (BTATH_BUS)
DRV:64bit: - [2010/12/17 12:47:06 | 000,298,144 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_a2dp.sys -- (BTATH_A2DP)
DRV:64bit: - [2010/12/10 11:50:36 | 000,181,248 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2010/12/10 11:50:36 | 000,080,384 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2010/11/24 09:33:26 | 002,673,664 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2010/11/04 03:07:06 | 000,058,128 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btmaux.sys -- (btmaux)
DRV:64bit: - [2010/10/26 09:08:08 | 000,406,632 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010/09/21 07:59:38 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) Intel®
DRV:64bit: - [2010/07/27 09:52:16 | 000,117,248 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_hwusbdev.sys -- (ew_hwusbdev)
DRV:64bit: - [2010/05/27 04:30:00 | 001,121,632 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netr28ux.sys -- (netr28ux)
DRV:64bit: - [2009/07/14 04:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 04:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 04:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/14 04:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/14 03:06:32 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2009/06/10 23:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 23:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 23:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 23:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/02/09 08:38:44 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64j.sys -- (UsbserFilt)
DRV:64bit: - [2009/02/09 08:38:34 | 000,018,944 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcdx64)
DRV:64bit: - [2009/02/09 08:38:34 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys -- (upperdev)
DRV:64bit: - [2009/02/09 08:38:32 | 000,025,088 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdcx64)
DRV:64bit: - [2008/08/28 12:44:42 | 000,025,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd)
DRV - [2009/07/14 04:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {c95a4e8e-816d-4655-8c79-d736da1adb6d} - C:\Program Files (x86)\Hotspot_Shield\prxtbHot2.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.condui...&ctid=CT3080215


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-182233152-2924250215-3996894080-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com.pk/
IE - HKU\S-1-5-21-182233152-2924250215-3996894080-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://pk.msn.com/?C=PK
IE - HKU\S-1-5-21-182233152-2924250215-3996894080-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKU\S-1-5-21-182233152-2924250215-3996894080-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = ED 44 0A 8A 56 41 CC 01 [binary data]
IE - HKU\S-1-5-21-182233152-2924250215-3996894080-1000\..\URLSearchHook: {08d6b0b4-c132-470d-a8e2-aa2e9c3851c9} - No CLSID value found
IE - HKU\S-1-5-21-182233152-2924250215-3996894080-1000\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-182233152-2924250215-3996894080-1000\..\URLSearchHook: {c34bfb11-eff0-4123-a7a5-79051ef24cf5} - No CLSID value found
IE - HKU\S-1-5-21-182233152-2924250215-3996894080-1000\..\URLSearchHook: {c95a4e8e-816d-4655-8c79-d736da1adb6d} - C:\Program Files (x86)\Hotspot_Shield\prxtbHot2.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-182233152-2924250215-3996894080-1000\..\URLSearchHook: {CA3EB689-8F09-4026-AA10-B9534C691CE0} - C:\Program Files (x86)\ChatSend Toolbar\tbunsgE75D.tmp\tbhelper.dll ()
IE - HKU\S-1-5-21-182233152-2924250215-3996894080-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-182233152-2924250215-3996894080-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKU\S-1-5-21-182233152-2924250215-3996894080-1000\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.condui...&ctid=CT3080215
IE - HKU\S-1-5-21-182233152-2924250215-3996894080-1000\..\SearchScopes\{c99fdc39-a1ae-4b24-8d71-e5274f8d7c54}: "URL" = http://search.hotspo...&q={searchTerms}
IE - HKU\S-1-5-21-182233152-2924250215-3996894080-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-182233152-2924250215-3996894080-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local

========== FireFox ==========

FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nitropdf.com/NitroPDF: C:\Program Files (x86)\Nitro PDF\Reader 2\npnitromozilla.dll ( )
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2852: C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.46: C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1662: C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.46: C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Nokia\Nokia PC Suite 7\bkmrksync\ [2011/07/29 14:13:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/04/12 20:29:59 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Users\Faraz\AppData\Roaming\IDM\idmmzcc5 [2011/12/14 23:19:23 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\[email protected]: C:\Users\Faraz\AppData\Roaming\IDM\idmmzcc5 [2011/12/14 23:19:23 | 000,000,000 | ---D | M]

[2012/04/12 20:30:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Faraz\AppData\Roaming\Mozilla\Extensions
[2012/04/12 20:29:59 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/03/13 07:39:39 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/03/13 07:38:32 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/03/13 07:38:32 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Faraz\AppData\Local\Google\Chrome\Application\15.0.874.121\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files (x86)\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files (x86)\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Faraz\AppData\Local\Google\Chrome\Application\15.0.874.121\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Faraz\AppData\Local\Google\Chrome\Application\15.0.874.121\pdf.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Faraz\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: uTorrentBar = C:\Users\Faraz\AppData\Local\Google\Chrome\User Data\Default\Extensions\bejbohlohkkgompgecdcbbglkpjfjgdj\2.3.0.15_0\
CHR - Extension: ChatVibes.com = C:\Users\Faraz\AppData\Local\Google\Chrome\User Data\Default\Extensions\figdphohhlffelolcabcjpikobidapnk\2.3.0.13_0\
CHR - Extension: ChatZum.com - Easy Pictures zoom. = C:\Users\Faraz\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbpcjmidkkgldeplajgnbpjkfpmpeepb\1.0.1_0\
CHR - Extension: Skype Click to Call = C:\Users\Faraz\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0\

O1 HOSTS File: ([2009/06/11 00:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll (Internet Download Manager, Tonec Inc.)
O2:64bit: - BHO: (Hotspot Shield Class) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE_64.dll (AnchorFree Inc.)
O2 - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
O2 - BHO: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngin.dll (Conduit Ltd.)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (CodecC Class) - {813C007A-CEF9-47FD-83D1-A42854CD1E0A} - C:\ProgramData\CodecC\bhoclass.dll ()
O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)
O2 - BHO: (QUICKfind BHO Object) - {C08DF07A-3E49-4E25-9AB0-D3882835F153} - C:\Program Files (x86)\TEXTware\QUICKfind\PlugIns\IEHelp.dll ()
O2 - BHO: (Hotspot Shield Toolbar) - {c95a4e8e-816d-4655-8c79-d736da1adb6d} - C:\Program Files (x86)\Hotspot_Shield\prxtbHot2.dll (Conduit Ltd.)
O2 - BHO: (FrostWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (Hotspot Shield Class) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE.dll (AnchorFree Inc.)
O2 - BHO: (XBTBPos00 Class) - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files (x86)\ChatSend Toolbar\tbunsgE75D.tmp\tbcore3.dll ()
O3 - HKLM\..\Toolbar: (ChatSend Toolbar) - {1BB22D38-A411-4B13-A746-C2A4F4EC7344} - C:\Program Files (x86)\ChatSend Toolbar\tbunsgE75D.tmp\tbcore3.dll ()
O3 - HKLM\..\Toolbar: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngin.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Hotspot Shield Toolbar) - {c95a4e8e-816d-4655-8c79-d736da1adb6d} - C:\Program Files (x86)\Hotspot_Shield\prxtbHot2.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (FrostWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\S-1-5-21-182233152-2924250215-3996894080-1000\..\Toolbar\WebBrowser: (no name) - {08D6B0B4-C132-470D-A8E2-AA2E9C3851C9} - No CLSID value found.
O3 - HKU\S-1-5-21-182233152-2924250215-3996894080-1000\..\Toolbar\WebBrowser: (ChatSend Toolbar) - {1BB22D38-A411-4B13-A746-C2A4F4EC7344} - C:\Program Files (x86)\ChatSend Toolbar\tbunsgE75D.tmp\tbcore3.dll ()
O3 - HKU\S-1-5-21-182233152-2924250215-3996894080-1000\..\Toolbar\WebBrowser: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngin.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-182233152-2924250215-3996894080-1000\..\Toolbar\WebBrowser: (uTorrentBar Toolbar) - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-182233152-2924250215-3996894080-1000\..\Toolbar\WebBrowser: (Hotspot Shield Toolbar) - {C95A4E8E-816D-4655-8C79-D736DA1ADB6D} - C:\Program Files (x86)\Hotspot_Shield\prxtbHot2.dll (Conduit Ltd.)
O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKU\.DEFAULT..\Run: [Mobile Partner] C:\Program Files (x86)\VIVA WiFi\VIVA WiFi File not found
O4 - HKU\S-1-5-18..\Run: [Mobile Partner] C:\Program Files (x86)\VIVA WiFi\VIVA WiFi File not found
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-182233152-2924250215-3996894080-1000..\Run: [IDMan] C:\Program Files (x86)\Internet Download Manager\idman.exe (Tonec Inc.)
O4 - HKU\S-1-5-21-182233152-2924250215-3996894080-1000..\Run: [uTorrent] C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()
O8:64bit: - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O8:64bit: - Extra context menu item: QuickDefine - C:\Program Files (x86)\Common Files\microsoft shared\Reference Titles\eddefine.htm ()
O8 - Extra context menu item: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()
O8 - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O8 - Extra context menu item: QuickDefine - C:\Program Files (x86)\Common Files\microsoft shared\Reference Titles\eddefine.htm ()
O9:64bit: - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - Reg Error: Value error. File not found
O9 - Extra Button: ChatSend Toolbar - {1BB22D38-A411-4B13-A746-C2A4F4EC7344} - C:\Program Files (x86)\ChatSend Toolbar\tbunsgE75D.tmp\tbcore3.dll ()
O9 - Extra 'Tools' menuitem : ChatSend Toolbar - {1BB22D38-A411-4B13-A746-C2A4F4EC7344} - C:\Program Files (x86)\ChatSend Toolbar\tbunsgE75D.tmp\tbcore3.dll ()
O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B8279CC7-E468-4327-8945-001CAC1F5048}: NameServer = 10.70.184.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FA04366D-2165-423F-A651-14234745D747}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FAE069F2-FC77-475B-BC93-520F83D5C4FF}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{02c8fcea-4ca3-11e1-bef9-b0f753bc31d4}\Shell - "" = AutoRun
O33 - MountPoints2\{02c8fcea-4ca3-11e1-bef9-b0f753bc31d4}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{33399f99-67c2-11e1-8d4c-a98bf1d84fd7}\Shell - "" = AutoRun
O33 - MountPoints2\{33399f99-67c2-11e1-8d4c-a98bf1d84fd7}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{3c7c41a4-2031-11e1-b52f-ee78cfe267cc}\Shell - "" = AutoRun
O33 - MountPoints2\{3c7c41a4-2031-11e1-b52f-ee78cfe267cc}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{3c7c41cd-2031-11e1-b52f-cfa96447c4ac}\Shell - "" = AutoRun
O33 - MountPoints2\{3c7c41cd-2031-11e1-b52f-cfa96447c4ac}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{3c7c41fc-2031-11e1-b52f-cfa96447c4ac}\Shell - "" = AutoRun
O33 - MountPoints2\{3c7c41fc-2031-11e1-b52f-cfa96447c4ac}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{4af26f6f-30a6-11e1-9b94-910f30baeed7}\Shell - "" = AutoRun
O33 - MountPoints2\{4af26f6f-30a6-11e1-9b94-910f30baeed7}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{4af26f77-30a6-11e1-9b94-910f30baeed7}\Shell - "" = AutoRun
O33 - MountPoints2\{4af26f77-30a6-11e1-9b94-910f30baeed7}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{7b2ec2e4-ccc5-11e0-a18e-001e101f50a4}\Shell - "" = AutoRun
O33 - MountPoints2\{7b2ec2e4-ccc5-11e0-a18e-001e101f50a4}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{86568119-c4b4-11e0-b905-001e101f24f1}\Shell - "" = AutoRun
O33 - MountPoints2\{86568119-c4b4-11e0-b905-001e101f24f1}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{86568127-c4b4-11e0-b905-001e101f24f1}\Shell - "" = AutoRun
O33 - MountPoints2\{86568127-c4b4-11e0-b905-001e101f24f1}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{b37abe37-0cab-11e1-8e39-f1be9be713a1}\Shell - "" = AutoRun
O33 - MountPoints2\{b37abe37-0cab-11e1-8e39-f1be9be713a1}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{b37abe3e-0cab-11e1-8e39-f1be9be713a1}\Shell - "" = AutoRun
O33 - MountPoints2\{b37abe3e-0cab-11e1-8e39-f1be9be713a1}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{b78e385c-0a03-11e1-916b-95476b19059a}\Shell - "" = AutoRun
O33 - MountPoints2\{b78e385c-0a03-11e1-916b-95476b19059a}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{b78e3869-0a03-11e1-916b-95476b19059a}\Shell - "" = AutoRun
O33 - MountPoints2\{b78e3869-0a03-11e1-916b-95476b19059a}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{b78e3877-0a03-11e1-916b-95476b19059a}\Shell - "" = AutoRun
O33 - MountPoints2\{b78e3877-0a03-11e1-916b-95476b19059a}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{e453e644-42ec-11e1-ba57-dbe944af10d1}\Shell - "" = AutoRun
O33 - MountPoints2\{e453e644-42ec-11e1-ba57-dbe944af10d1}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{e5e543a2-b458-11e0-8134-c0f8da9ce4fc}\Shell - "" = AutoRun
O33 - MountPoints2\{e5e543a2-b458-11e0-8134-c0f8da9ce4fc}\Shell\AutoRun\command - "" = H:\AutoRun.exe
O33 - MountPoints2\{e5e543b7-b458-11e0-8134-c0f8da9ce4fc}\Shell - "" = AutoRun
O33 - MountPoints2\{e5e543b7-b458-11e0-8134-c0f8da9ce4fc}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{e5e543d4-b458-11e0-8134-c0f8da9ce4fc}\Shell - "" = AutoRun
O33 - MountPoints2\{e5e543d4-b458-11e0-8134-c0f8da9ce4fc}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{e98d437d-d555-11e0-8ea9-001e101f8ed0}\Shell - "" = AutoRun
O33 - MountPoints2\{e98d437d-d555-11e0-8ea9-001e101f8ed0}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{e98d47ad-d555-11e0-8ea9-001e101f8ed0}\Shell - "" = AutoRun
O33 - MountPoints2\{e98d47ad-d555-11e0-8ea9-001e101f8ed0}\Shell\AutoRun\command - "" = I:\AutoRun.exe
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012/04/13 23:00:14 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nitro PDF
[2012/04/13 23:00:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Nitro PDF
[2012/04/13 22:50:12 | 000,000,000 | ---D | C] -- C:\Users\Faraz\AppData\Roaming\Downloaded Installations
[2012/04/12 20:30:09 | 000,000,000 | ---D | C] -- C:\Users\Faraz\AppData\Roaming\Mozilla
[2012/04/12 20:30:09 | 000,000,000 | ---D | C] -- C:\Users\Faraz\AppData\Local\Mozilla
[2012/04/12 20:29:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2012/04/11 22:55:04 | 016,157,992 | ---- | C] (Mozilla) -- C:\Users\Faraz\Desktop\Firefox Setup 11.0.exe
[2012/04/11 22:44:47 | 000,593,920 | ---- | C] (OldTimer Tools) -- C:\Users\Faraz\Desktop\OTL.exe
[2012/04/11 03:03:49 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012/04/11 03:03:49 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012/04/11 03:03:47 | 002,311,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012/04/11 03:03:47 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012/04/11 03:03:46 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012/04/11 03:03:46 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012/04/11 03:03:46 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012/04/11 03:03:45 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012/04/11 03:03:44 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012/04/11 03:03:43 | 001,493,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012/04/11 03:03:43 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012/04/11 03:00:53 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll
[2012/04/11 03:00:53 | 000,022,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fs_rec.sys
[2012/04/11 03:00:49 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2012/03/31 16:09:43 | 000,000,000 | ---D | C] -- C:\Users\Faraz\AppData\Roaming\com.acrobat.createpdf.CreatePDFDesktop
[2012/03/31 16:09:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
[2012/03/31 16:09:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe AIR
[2012/03/31 16:09:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2012/03/30 02:36:25 | 000,000,000 | ---D | C] -- C:\Users\Faraz\AppData\Roaming\Optimizer Pro
[2012/03/30 02:29:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Premium
[2012/03/30 02:29:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro
[2012/03/30 02:29:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Optimizer Pro
[2012/03/30 02:28:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CodecC
[2012/03/30 02:28:37 | 000,000,000 | ---D | C] -- C:\ProgramData\CodecC
[2012/03/30 02:28:20 | 000,000,000 | ---D | C] -- C:\codec-info
[2012/03/30 02:27:43 | 000,000,000 | ---D | C] -- C:\ProgramData\InstallMate
[2012/03/23 18:56:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Ralink
[2012/03/23 18:56:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TP-LINK
[2012/03/23 18:55:08 | 001,121,632 | ---- | C] (Ralink Technology Corp.) -- C:\Windows\SysNative\drivers\netr28ux.sys
[2012/03/23 18:55:08 | 000,326,496 | ---- | C] (Ralink Technology, Inc.) -- C:\Windows\SysNative\RaCoInstx.dll
[2012/03/23 18:55:07 | 000,000,000 | ---D | C] -- C:\ProgramData\TP-LINK Driver
[2012/03/23 18:54:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cisco
[2012/03/23 18:54:37 | 002,061,600 | ---- | C] (Ralink Technology, Corp.) -- C:\Windows\SysNative\RaCertMgr.dll
[2012/03/23 18:54:37 | 001,063,200 | ---- | C] (Ralink Technology, Corp.) -- C:\Windows\SysWow64\RAIHV.dll
[2012/03/23 18:54:37 | 001,063,200 | ---- | C] (Ralink Technology, Corp.) -- C:\Windows\SysNative\RAIHV.dll
[2012/03/23 18:54:37 | 000,109,856 | ---- | C] (Ralink Technology, Corp.) -- C:\Windows\SysWow64\RAEXTUI.dll
[2012/03/23 18:54:37 | 000,109,856 | ---- | C] (Ralink Technology, Corp.) -- C:\Windows\SysNative\RAEXTUI.dll
[2012/03/23 18:54:36 | 001,590,560 | ---- | C] (Ralink Technology, Corp.) -- C:\Windows\SysWow64\RaCertMgr.dll
[2012/03/23 18:54:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TP-LINK
[2012/03/22 23:00:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Internet Explorer Platform Preview
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/04/15 22:12:29 | 000,019,184 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/04/15 22:12:29 | 000,019,184 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/04/15 22:11:38 | 000,873,446 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/04/15 22:11:38 | 000,732,724 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/04/15 22:11:38 | 000,141,186 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/04/15 22:07:27 | 000,065,536 | ---- | M] () -- C:\Windows\SysNative\Ikeext.etl
[2012/04/15 22:07:19 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/04/15 22:07:11 | 3148,218,368 | -HS- | M] () -- C:\hiberfil.sys
[2012/04/13 23:00:31 | 000,001,995 | ---- | M] () -- C:\Users\Public\Desktop\Nitro Reader.lnk
[2012/04/12 20:30:05 | 000,001,090 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012/04/11 22:56:37 | 016,157,992 | ---- | M] (Mozilla) -- C:\Users\Faraz\Desktop\Firefox Setup 11.0.exe
[2012/04/10 14:40:27 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Users\Faraz\Desktop\OTL.exe
[2012/04/09 20:56:01 | 000,171,791 | ---- | M] () -- C:\Users\Faraz\Desktop\teter.jpg
[2012/04/09 00:38:10 | 001,869,002 | ---- | M] () -- C:\Users\Faraz\Desktop\Pics.rar
[2012/04/03 23:53:35 | 000,088,724 | ---- | M] () -- C:\Users\Faraz\Desktop\Fraz_cv PCE.pdf
[2012/03/25 19:49:04 | 000,029,712 | ---- | M] (Nitro PDF Software) -- C:\Windows\SysNative\nitrolocalmon2.dll
[2012/03/25 19:49:04 | 000,017,936 | ---- | M] (Nitro PDF Software) -- C:\Windows\SysNative\nitrolocalui2.dll
[2012/03/23 18:56:19 | 000,001,931 | ---- | M] () -- C:\Users\Public\Desktop\TP-LINK Wireless Utility.lnk
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/04/13 23:00:31 | 000,002,507 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nitro Reader 2.lnk
[2012/04/13 23:00:31 | 000,001,995 | ---- | C] () -- C:\Users\Public\Desktop\Nitro Reader.lnk
[2012/04/12 20:30:05 | 000,001,090 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012/04/12 20:30:04 | 000,001,102 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012/04/09 00:38:09 | 001,869,002 | ---- | C] () -- C:\Users\Faraz\Desktop\Pics.rar
[2012/04/07 21:59:11 | 000,171,791 | ---- | C] () -- C:\Users\Faraz\Desktop\teter.jpg
[2012/04/03 23:53:45 | 000,088,724 | ---- | C] () -- C:\Users\Faraz\Desktop\Fraz_cv PCE.pdf
[2012/03/23 18:56:19 | 000,001,931 | ---- | C] () -- C:\Users\Public\Desktop\TP-LINK Wireless Utility.lnk
[2012/03/23 18:55:09 | 000,014,051 | ---- | C] () -- C:\Windows\SysWow64\RaCoInst.dat
[2012/03/23 18:55:09 | 000,014,051 | ---- | C] () -- C:\Windows\SysNative\RaCoInst.dat
[2012/03/22 23:00:24 | 000,001,914 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Explorer Platform Preview.lnk
[2011/10/11 23:02:54 | 000,006,144 | ---- | C] () -- C:\Users\Faraz\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/10/10 21:25:18 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\cd.dat
[2011/09/26 22:18:38 | 000,037,647 | ---- | C] () -- C:\Users\Faraz\AppData\Roaming\Debut.dmp
[2011/08/22 17:46:38 | 000,197,728 | ---- | C] () -- C:\Windows\WinVd32.sys
[2011/08/22 17:46:37 | 000,007,680 | ---- | C] () -- C:\Windows\SysWow64\WinFLsrv.exe
[2011/08/12 10:25:40 | 000,000,075 | RHS- | C] () -- C:\Windows\CT4CET.bin
[2011/07/29 17:27:03 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\Iyvu9_32.dll
[2011/07/29 17:27:02 | 000,568,850 | ---- | C] () -- C:\Windows\SysWow64\x264vfw.dll
[2011/07/29 17:27:01 | 000,856,064 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2011/07/29 17:27:01 | 000,217,088 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2011/07/29 17:27:00 | 003,596,288 | ---- | C] () -- C:\Windows\SysWow64\qt-dx331.dll
[2011/07/29 17:26:57 | 000,005,120 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2011/07/29 17:24:02 | 000,000,061 | ---- | C] () -- C:\Windows\TEXTware.ini
[2011/07/29 17:24:00 | 000,147,456 | ---- | C] () -- C:\Windows\SysWow64\Twavbx32.dll
[2011/07/29 17:24:00 | 000,090,112 | ---- | C] () -- C:\Windows\SysWow64\idiom010227.dll
[2011/07/29 17:23:59 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\ILXTBS.DLL
[2011/07/29 17:23:59 | 000,115,200 | ---- | C] () -- C:\Windows\SysWow64\UnzDll.dll
[2011/07/29 17:23:59 | 000,113,288 | ---- | C] () -- C:\Windows\SysWow64\bass.dll
[2011/07/15 03:20:28 | 000,824,918 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/07/13 15:58:16 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\drivers\IntelMEFWVer.dll
[2011/03/25 23:16:12 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2011/03/25 23:16:10 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2011/03/25 23:16:10 | 000,216,876 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin

< End of report >




#6 faraz

faraz

    Member

  • Members
  • PipPipPip
  • 78 posts

Posted 02 May 2012 - 06:27 AM

hey its been a long time i didnt get any answer ...


please reply and sugggest any soluiotn

#7 faraz

faraz

    Member

  • Members
  • PipPipPip
  • 78 posts

Posted 13 May 2012 - 06:36 AM

Hey guestolo ..........

looking for help from you

#8 guestolo

guestolo

    Site Donator

  • Admin
  • PipPipPipPipPipPipPip
  • 16,205 posts

Posted 13 May 2012 - 06:53 AM

woops, sorry, as you can see, this is how OTL reads your partitions:

Drive C: | 48.73 Gb Total Space | 5.36 Gb Free Space | 10.99% Space Free | Partition Type: NTFS
Drive D: | 48.83 Gb Total Space | 5.13 Gb Free Space | 10.51% Space Free | Partition Type: NTFS
Drive E: | 368.10 Gb Total Space | 12.13 Gb Free Space | 3.29% Space Free | Partition Type: NTFS

I would start making room on each partition, clear temp files, etc....
Is this one harddrive you have partitioned..
There really isn't much help I can give. Your just running out of room on your drive

But take a peek at this link, you might be able to make some more room
http://www.wikihow.c...n-Windows-Vista

Do you want to post your own HijackThis log?
Follow the instructions posted Here

Not required, but if you would like to donate to help my fight against malware
Click Here





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users