TheTechGuide Forum

General Category => Tech Clinic => Topic started by: indfin on June 27, 2012, 05:15:47 PM

Title: Desktop Frozen
Post by: indfin on June 27, 2012, 05:15:47 PM

Hi,

I have a desktop with windows 7.  It has been working great for two years, until today when it froze.  I shut it down with the power button.  It comes on and lets me log in, but freezes after I use it for say 5 minutes.  It will unfreeze but freeze again as soon as I try to use it.

I will try to get a Hijackthis log on a memory stick and post it here .. if the computer stays on long enough.

Anything I can do (start in Safe Mode, etc.) for it to stay on long enough?

Any and all help is appreciated.  Thank you.

_________________

Editing the above to post from the misbehaving computer.

Tried to run Hijack this and got a pop up window, the screen shot of which is attached here.

Hijackthis won't save a log, but I saved the scan results in five screen shots, but I don't think I am able to attach them here.  Please let me know how I can send them to you.

Thanks.

Title: Desktop Frozen
Post by: guestolo on June 28, 2012, 02:44:50 PM

Download [color="#FF0000"]OTL.exe[/color] (http://"http://oldtimer.geekstogo.com/OTL.exe")[/url] by OldTimer to your Desktop.

• Right click on OTL.exe and choose to "Run as Administrator"
• Click Run Scan and let the program run uninterrupted.
  
• It will produce two logs for you, one will pop up - OTL.txt, the other will be saved on your Desktop - Extras.txt. Post both logs in this thread.
  
  

Title: Desktop Frozen
Post by: indfin on June 28, 2012, 04:20:03 PM

Thank you so much for your quick reply.  The OTL logs are posted below.  Also, just to make sure I am providing you all the information, I did a System Restore to 2 days earlier after I posted on your site.  (I had updated to the latest version of AVG yesterday and also installed the latest optional update from Microsoft: KB 2709981).  Even after the System Restore, the computer was unusable yesterday.  I did not turn it off or do anything else, but today it seems to be working.  However, i am using it only sparingly for only my essential work.  I would still very much appreciate if you could take a look at it.  Thanks, again, for your help.

OTL logfile created on: 6/28/2012 5:17:45 PM - Run 1
OTL by OldTimer - Version 3.2.53.0    Folder = C:\Users\Harit\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: enu | Date Format: M/d/yyyy
 
3.75 Gb Total Physical Memory | 2.20 Gb Available Physical Memory | 58.75% Memory free
7.50 Gb Paging File | 5.80 Gb Available in Paging File | 77.32% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 685.54 Gb Total Space | 531.81 Gb Free Space | 77.58% Space Free | Partition Type: NTFS
 
Computer Name: SOURCE401 | User Name: Harit | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012/06/28 17:17:05 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Users\Harit\Desktop\OTL.exe
PRC - [2012/06/18 09:47:17 | 000,913,888 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2012/06/15 23:38:47 | 001,535,176 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_257.exe
PRC - [2012/04/09 14:53:32 | 000,045,056 | ---- | M] (Intuit) -- C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
PRC - [2012/03/19 07:38:46 | 002,666,880 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
PRC - [2011/10/12 06:25:22 | 004,433,248 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
PRC - [2011/08/02 06:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
PRC - [2011/06/30 13:25:52 | 001,248,256 | ---- | M] (Intuit Inc.) -- C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe
PRC - [2011/02/28 16:10:41 | 000,116,536 | ---- | M] (Cisco WebEx LLC) -- C:\Windows\SysWOW64\atashost.exe
PRC - [2010/08/23 21:21:40 | 000,013,672 | ---- | M] (Intuit Inc.) -- C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe
PRC - [2009/08/28 05:38:58 | 001,150,496 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\eMachines\Registration\GregHSRW.exe
PRC - [2009/07/03 21:47:12 | 000,240,160 | ---- | M] (Acer) -- C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012/06/18 09:47:17 | 002,042,848 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2012/06/15 23:38:47 | 009,459,912 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_257.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/03 21:47:12 | 000,240,160 | ---- | M] (Acer) [Auto | Running] -- C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe -- (Updater Service)
SRV - [2012/06/18 09:47:17 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/04/09 14:53:32 | 000,045,056 | ---- | M] (Intuit) [Auto | Running] -- C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe -- (QBCFMonitorService)
SRV - [2012/03/19 07:38:46 | 002,666,880 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7)
SRV - [2011/10/12 06:25:22 | 004,433,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2011/08/25 18:53:00 | 000,013,672 | ---- | M] (Intuit Inc.) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe -- (IntuitUpdateServiceV4)
SRV - [2011/08/02 06:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
SRV - [2011/06/30 13:25:52 | 001,248,256 | ---- | M] (Intuit Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe -- (QBVSS)
SRV - [2011/02/28 16:10:41 | 000,116,536 | ---- | M] (Cisco WebEx LLC) [Auto | Running] -- C:\Windows\SysWOW64\atashost.exe -- (atashost)
SRV - [2010/08/23 21:21:40 | 000,013,672 | ---- | M] (Intuit Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe -- (IntuitUpdateService)
SRV - [2010/08/17 17:14:04 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/08/28 05:38:58 | 001,150,496 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\eMachines\Registration\GregHSRW.exe -- (Greg_Service)
SRV - [2009/08/25 13:38:06 | 000,935,208 | ---- | M] (Nero AG) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2009/07/23 21:10:38 | 000,061,440 | ---- | M] (Intuit Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe -- (QBFCService)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/05/22 14:02:20 | 000,250,616 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\eMachines Games\eMachines Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2007/03/20 16:41:24 | 000,153,792 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe -- (Adobe Version Cue CS3)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/02/15 11:01:50 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011/10/07 06:23:46 | 000,283,728 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64)
DRV:64bit: - [2011/09/13 06:30:08 | 000,037,456 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64)
DRV:64bit: - [2011/08/08 06:08:58 | 000,046,672 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64)
DRV:64bit: - [2011/07/11 01:14:36 | 000,375,376 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia)
DRV:64bit: - [2011/07/11 01:14:08 | 000,029,776 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV:64bit: - [2011/07/11 01:14:06 | 000,120,400 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV:64bit: - [2011/07/11 01:14:06 | 000,026,704 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AVGIDSEH.sys -- (AVGIDSEH)
DRV:64bit: - [2011/03/11 02:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 02:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 09:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 07:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/22 10:52:30 | 000,215,040 | ---- | M] (Realtek                                           ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009/05/18 14:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.emachines.com/rdr.aspx?b=ACEW&l=0409&m=et1831&r=173603102206p0305v1j5r4861s408
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.emachines.com/rdr.aspx?b=ACEW&l=0409&m=et1831&r=173603102206p0305v1j5r4861s408
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.emachines.com/rdr.aspx?b=ACEW&l=0409&m=et1831&r=173603102206p0305v1j5r4861s408
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.emachines.com/rdr.aspx?b=ACEW&l=0409&m=et1831&r=173603102206p0305v1j5r4861s408
IE - HKLM\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACEW
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = C:\Users\Harit\Desktop
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.emachines.com/rdr.aspx?b=ACEW&l=0409&m=et1831&r=173603102206p0305v1j5r4861s408
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page_bak = http://home.microsoft.com/access/allinone.asp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\..\URLSearchHook: {687578b9-7132-4a7a-80e4-30ee31099e03} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {3ECC20ED-3EC6-4CD6-A2D6-D7F970DE43AE}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/ie.aspx?q={searchTerms}
IE - HKCU\..\SearchScopes\{3ECC20ED-3EC6-4CD6-A2D6-D7F970DE43AE}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
IE - HKCU\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACEW_en
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = localhost;*.local;192.168.*.*
 
 
========== FireFox ==========
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_257.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_257.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@octoshape.com/Octoshape Streaming Services,version=1.0: C:\Users\Harit\Application Data\Octoshape\Octoshape Streaming Services\sua-1010120-0-npoctoshape.dll (Octoshape ApS)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files (x86)\AVG\AVG2012\Firefox4\ [2012/06/27 14:10:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/06/18 09:47:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/05/07 08:54:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/06/18 09:47:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/05/07 08:54:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/06/18 09:47:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/05/07 08:54:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/06/18 09:47:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/05/07 08:54:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/06/18 09:47:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/05/07 08:54:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/06/18 09:47:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/05/07 08:54:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/06/18 09:47:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/05/07 08:54:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.11\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/06/18 09:47:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.11\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/05/07 08:54:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/06/18 09:47:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/05/07 08:54:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/06/18 09:47:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/05/07 08:54:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.14\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/06/18 09:47:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.14\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/05/07 08:54:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.15\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/06/18 09:47:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.15\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/05/07 08:54:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/06/18 09:47:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/05/07 08:54:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.9\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/06/18 09:47:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.9\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/05/07 08:54:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/06/18 09:47:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/05/07 08:54:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/06/18 09:47:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/05/07 08:54:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/06/18 09:47:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/05/07 08:54:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/06/18 09:47:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/05/07 08:54:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/06/18 09:47:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/05/07 08:54:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/06/18 09:47:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/05/07 08:54:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/06/18 09:47:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/05/07 08:54:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/06/18 09:47:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/05/07 08:54:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/06/18 09:47:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/05/07 08:54:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/06/18 09:47:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/05/07 08:54:41 | 000,000,000 | ---D | M]
 
[2010/09/09 20:54:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Harit\Application Data\mozilla\Extensions
[2012/06/15 23:40:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Harit\Application Data\mozilla\Firefox\Profiles\hgl37pkb.default\extensions
[2011/10/01 13:52:30 | 000,000,000 | ---D | M] (Garmin Communicator) -- C:\Users\Harit\Application Data\mozilla\Firefox\Profiles\hgl37pkb.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}
[2012/06/06 11:20:57 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/06/18 09:47:17 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/05/02 10:44:58 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2012/02/11 15:39:58 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/02/11 15:39:58 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml
 
O1 HOSTS File: ([2009/06/10 17:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll (AVG Technologies CZ, s.r.o.)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll File not found
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [Intuit SyncManager] C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe (Intuit Inc. All rights reserved.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Append to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert link target to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert selected links to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert selected links to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert selection to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert selection to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html File not found
O8 - Extra context menu item: Append to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html File not found
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: intuit.com ([ttlc] https in Trusted sites)
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} http://download.microsoft.com/download/C/B/F/CBF23A2C-3E55-4664-BC5C-762780D79BA0/OGAControl.cab (Office Genuine Advantage Validation Tool)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} https://nbs.webex.com/client/T27L10NSP21/support/ieatgpc1.cab (GpcContainer Class)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: Garmin Communicator Plug-In https://static.garmincdn.com/gcp/ie/4.0.1.0/GarminAxControl_32.CAB (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file:///C:/Windows/Java/classes/xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 75.75.75.75 75.75.76.76
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C0740008-C748-4F81-A57D-1C1E10AC16D8}: DhcpNameServer = 75.75.75.75 75.75.76.76
O18:64bit: - Protocol\Handler\intu-help-qb2 - No CLSID value found
O18:64bit: - Protocol\Handler\intu-help-qb4 - No CLSID value found
O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll (AVG Technologies CZ, s.r.o.)
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\qbwc - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\intu-help-qb2 - No CLSID value found
O18 - Protocol\Handler\intu-help-qb4 {ACE22922-D07C-4860-B51B-8CF472FEC2CB} - C:\Program Files (x86)\Intuit\QuickBooks 2011\HelpAsyncPluggableProtocol.dll (Intuit, Inc.)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{1cfe4d2a-294b-11e0-a875-00251161cd86}\Shell - "" = AutoRun
O33 - MountPoints2\{1cfe4d2a-294b-11e0-a875-00251161cd86}\Shell\AutoRun\command - "" = J:\USBAutoRun.exe
O33 - MountPoints2\{cec64185-468a-11e1-9831-00251161cd86}\Shell - "" = AutoRun
O33 - MountPoints2\{cec64185-468a-11e1-9831-00251161cd86}\Shell\AutoRun\command - "" = K:\setup.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG2012\avgrsa.exe /sync /restart)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012/06/28 17:17:05 | 000,596,992 | ---- | C] (OldTimer Tools) -- C:\Users\Harit\Desktop\OTL.exe
[2012/06/27 18:37:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro
[2012/06/27 18:37:28 | 000,000,000 | ---D | C] -- C:\Users\Harit\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
[2012/06/21 02:29:10 | 002,622,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2012/06/21 02:29:10 | 000,057,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2012/06/21 02:29:10 | 000,044,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2012/06/21 02:28:42 | 000,186,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2012/06/21 02:28:42 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2012/06/15 23:42:58 | 000,000,000 | ---D | C] -- C:\Users\Harit\AppData\Local\Macromedia
[2012/06/15 23:27:11 | 000,000,000 | ---D | C] -- C:\Users\Harit\AppData\Local\CRE
[2012/06/15 23:27:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Conduit
[2012/06/15 23:27:07 | 000,000,000 | ---D | C] -- C:\Users\Harit\AppData\Local\Conduit
[2012/06/13 14:08:37 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012/06/13 14:08:37 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012/06/13 14:08:37 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012/06/13 14:08:37 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012/06/13 14:08:36 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012/06/13 14:08:36 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012/06/13 14:08:35 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012/06/13 14:08:35 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012/06/13 14:08:34 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012/06/13 14:08:34 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012/06/13 14:08:33 | 002,311,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012/06/13 14:08:33 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012/06/13 14:08:33 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012/06/13 14:07:42 | 001,462,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2012/06/13 14:07:42 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2012/06/13 14:07:35 | 005,559,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2012/06/13 14:07:33 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2012/06/13 14:07:33 | 003,913,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2012/06/13 14:07:31 | 003,216,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll
[2012/06/13 14:07:29 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll
[2012/06/13 14:07:29 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll
[2012/06/13 14:07:29 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdrmemptylst.exe
[2012/06/08 18:41:59 | 000,000,000 | ---D | C] -- C:\Users\Harit\Documents\MMA
[2012/06/01 00:07:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012/06/01 00:07:08 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012/06/01 00:07:07 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2008/09/12 23:50:45 | 000,081,920 | ---- | C] (hob) -- C:\Users\Harit\hobjni.dll
[2005/06/21 15:33:58 | 000,483,401 | ---- | C] (Citrix Online) -- C:\Users\Harit\gotomypc.exe
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012/06/28 17:17:05 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Users\Harit\Desktop\OTL.exe
[2012/06/28 17:03:00 | 000,000,900 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3778001595-1908271483-2739586615-1004UA.job
[2012/06/28 13:13:01 | 000,000,353 | ---- | M] () -- C:\Users\Harit\Documents\Hudson Montessori  LLC.QBW.ND
[2012/06/28 13:13:00 | 036,765,696 | R--- | M] () -- C:\Users\Harit\Documents\Hudson Montessori  LLC.QBW
[2012/06/28 13:13:00 | 002,686,976 | R--- | M] () -- C:\Users\Harit\Documents\Hudson Montessori  LLC.QBW.TLG
[2012/06/28 13:08:34 | 000,002,296 | ---- | M] () -- C:\Users\Harit\Desktop\QuickBooks Premier - Accountant Edition 2011.lnk
[2012/06/28 13:03:00 | 000,000,848 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3778001595-1908271483-2739586615-1004Core.job
[2012/06/28 08:12:56 | 100,776,178 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm
[2012/06/27 18:55:54 | 000,176,557 | ---- | M] () -- C:\Users\Harit\Desktop\Capture7.JPG
[2012/06/27 18:55:29 | 000,172,744 | ---- | M] () -- C:\Users\Harit\Desktop\Capture6.JPG
[2012/06/27 18:55:03 | 000,171,443 | ---- | M] () -- C:\Users\Harit\Desktop\Capture5.JPG
[2012/06/27 18:54:32 | 000,185,646 | ---- | M] () -- C:\Users\Harit\Desktop\Capture4.JPG
[2012/06/27 18:53:54 | 000,168,425 | ---- | M] () -- C:\Users\Harit\Desktop\Capture3.JPG
[2012/06/27 18:42:00 | 000,781,122 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/06/27 18:42:00 | 000,661,270 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/06/27 18:42:00 | 000,121,772 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/06/27 18:39:29 | 000,075,940 | ---- | M] () -- C:\Users\Harit\Desktop\Capture2.JPG
[2012/06/27 18:37:28 | 000,002,917 | ---- | M] () -- C:\Users\Harit\Desktop\HiJackThis.lnk
[2012/06/27 18:08:01 | 000,526,289 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\iavichjg.avm
[2012/06/27 15:53:23 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/06/27 15:53:23 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/06/27 15:45:05 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/06/27 15:45:00 | 3019,296,768 | -HS- | M] () -- C:\hiberfil.sys
[2012/06/25 17:32:57 | 000,144,336 | ---- | M] () -- C:\Users\Harit\Desktop\22746025.#vc
[2012/06/25 16:12:37 | 000,040,343 | ---- | M] () -- C:\Users\Harit\Desktop\Capture.JPG
[2012/06/22 13:15:19 | 000,000,058 | ---- | M] () -- C:\Windows\sview.ini
[2012/06/15 23:38:47 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012/06/15 23:38:47 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012/06/15 23:27:03 | 000,000,974 | ---- | M] () -- C:\Users\Harit\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
[2012/06/14 20:10:13 | 000,040,870 | ---- | M] () -- C:\Users\Harit\Desktop\P2P Accomodations.pdf
[2012/06/14 20:08:04 | 000,062,725 | ---- | M] () -- C:\Users\Harit\Desktop\P2P Itinerary.pdf
[2012/06/13 16:53:16 | 002,387,024 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/06/02 18:19:42 | 000,057,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2012/06/02 18:19:42 | 000,044,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2012/06/02 18:15:31 | 002,622,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2012/06/02 15:19:42 | 000,186,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2012/06/02 15:15:12 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2012/06/01 12:23:01 | 000,000,090 | ---- | M] () -- C:\Windows\QBChanUtil_Trigger.ini
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012/06/28 13:08:34 | 000,002,296 | ---- | C] () -- C:\Users\Harit\Desktop\QuickBooks Premier - Accountant Edition 2011.lnk
[2012/06/27 18:55:54 | 000,176,557 | ---- | C] () -- C:\Users\Harit\Desktop\Capture7.JPG
[2012/06/27 18:55:29 | 000,172,744 | ---- | C] () -- C:\Users\Harit\Desktop\Capture6.JPG
[2012/06/27 18:55:02 | 000,171,443 | ---- | C] () -- C:\Users\Harit\Desktop\Capture5.JPG
[2012/06/27 18:54:32 | 000,185,646 | ---- | C] () -- C:\Users\Harit\Desktop\Capture4.JPG
[2012/06/27 18:53:54 | 000,168,425 | ---- | C] () -- C:\Users\Harit\Desktop\Capture3.JPG
[2012/06/27 18:39:29 | 000,075,940 | ---- | C] () -- C:\Users\Harit\Desktop\Capture2.JPG
[2012/06/27 18:37:28 | 000,002,917 | ---- | C] () -- C:\Users\Harit\Desktop\HiJackThis.lnk
[2012/06/25 17:32:56 | 000,144,336 | ---- | C] () -- C:\Users\Harit\Desktop\22746025.#vc
[2012/06/25 16:12:37 | 000,040,343 | ---- | C] () -- C:\Users\Harit\Desktop\Capture.JPG
[2012/06/21 23:32:16 | 000,001,126 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\foobar2000.lnk
[2012/06/15 23:27:03 | 000,000,974 | ---- | C] () -- C:\Users\Harit\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
[2012/06/14 20:10:12 | 000,040,870 | ---- | C] () -- C:\Users\Harit\Desktop\P2P Accomodations.pdf
[2012/06/14 20:08:03 | 000,062,725 | ---- | C] () -- C:\Users\Harit\Desktop\P2P Itinerary.pdf
[2012/01/30 13:46:30 | 000,102,248 | ---- | C] () -- C:\Users\Harit\GoToAssistDownloadHelper.exe
[2012/01/17 20:18:14 | 000,000,469 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
[2011/09/30 22:00:27 | 000,000,028 | ---- | C] () -- C:\Windows\v2d.INI
[2011/09/27 11:54:56 | 000,000,017 | ---- | C] () -- C:\Users\Harit\AppData\Local\resmon.resmoncfg
[2011/09/07 15:22:57 | 000,000,028 | ---- | C] () -- C:\Windows\ODBC.INI
[2011/05/23 15:58:41 | 000,072,080 | ---- | C] () -- C:\Users\Harit\g2mdlhlpx.exe
[2011/04/13 21:29:40 | 000,774,846 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/04/12 14:12:07 | 000,000,114 | ---- | C] () -- C:\Windows\wininit.ini
[2010/10/19 14:53:54 | 000,000,023 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2010/09/19 19:27:54 | 000,000,022 | ---- | C] () -- C:\Users\Harit\AppData\Local\kodakpcd.ini
[2010/09/16 11:38:54 | 000,000,058 | ---- | C] () -- C:\Windows\sview.ini
[2010/09/16 11:21:20 | 000,000,502 | ---- | C] () -- C:\Windows\tiff2pdf.ini
[2010/08/17 20:34:27 | 000,038,334 | ---- | C] () -- C:\Users\Harit\test.pdf
[2010/08/17 17:19:03 | 002,463,976 | ---- | C] () -- C:\Windows\SysWow64\NPSWF32.dll
[2010/06/26 12:44:11 | 000,004,096 | -H-- | C] () -- C:\Users\Harit\AppData\Local\keyfile3.drm
[2010/04/29 18:59:27 | 000,000,048 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/03/31 10:21:31 | 007,618,560 | ---- | C] () -- C:\Users\Harit\Hudson Montessori (Backup Mar 31,2010  10 20 AM).QBB
[2010/03/07 23:19:41 | 020,140,032 | ---- | C] () -- C:\Users\Harit\RightFaceLtd (Backup Mar 07,2010  10 19 PM).QBB
[2010/03/07 20:23:37 | 000,000,000 | ---- | C] () -- C:\Users\Harit\AppData\Local\prvlcl.dat
[2009/06/24 23:08:02 | 000,007,004 | ---- | C] () -- C:\Users\Harit\ZOOM.htm
[2009/06/24 13:54:41 | 000,408,661 | ---- | C] () -- C:\Users\Harit\HM Tan combo.pdf
[2008/09/12 23:50:46 | 000,090,112 | ---- | C] () -- C:\Users\Harit\IDHWTSS1.dll
[2008/09/12 23:50:46 | 000,036,868 | ---- | C] () -- C:\Users\Harit\PrtDLL.dll
[2005/10/11 09:56:52 | 000,000,129 | ---- | C] () -- C:\Users\Harit\default.pls
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:5C321E34

< End of report >

_________________________________________________________


OTL Extras logfile created on: 6/28/2012 5:17:45 PM - Run 1
OTL by OldTimer - Version 3.2.53.0    Folder = C:\Users\Harit\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: enu | Date Format: M/d/yyyy
 
3.75 Gb Total Physical Memory | 2.20 Gb Available Physical Memory | 58.75% Memory free
7.50 Gb Paging File | 5.80 Gb Available in Paging File | 77.32% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 685.54 Gb Total Space | 531.81 Gb Free Space | 77.58% Space Free | Partition Type: NTFS
 
Computer Name: SOURCE401 | User Name: Harit | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"AutoUpdateDisableNotify" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0128F63F-5B3E-4977-B7BD-E20F8C7DAD8A}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{0C0C7C41-F33D-49

Title: Desktop Frozen
Post by: guestolo on June 29, 2012, 08:01:32 AM

Do you have any problems with frozen Desktop in Safe Mode?

Title: Desktop Frozen
Post by: indfin on June 29, 2012, 10:24:10 AM

[font="Arial"][size="2"]Hi, I think I started the computer in Safe Mode to do the System Restore and, yes, I was able to do that.  But this has been a strange experience.  The computer suddenly became unusable for a day and now it is working.  But there are definitely some issues even now.  For instance, why can’t I still run HJT?  I still get the pop-up window I attached with my first post.[/size][/font][font="Arial"][size="2"]

Another small matter is that about six weeks ago I installed ‘Ghostery’ or ‘Do Not Track Plus’ after reading a newspaper article.  I subsequently uninstalled it, hopefully successfully, as it does not show up in the Add/Remove Programs list.  Even now when I do a Google search, however, it often (40% of the time) takes me to a random site when I click on a search result.  When I click for the second time, it takes me to the correct page.[/size][/font][font="Arial"][size="2"]

In a nutshell, the computer is working right now, but I am afraid of any lurking issues.  I want to be able to correct them now before they explode into bigger problems later.  I use this computer mainly for work and any problems could cost me dearly.  If you say all looks fine, it at least will give me peace of mind.  Thank you for your time and your help.  I truly appreciate it.[/size][/font]

Title: Desktop Frozen
Post by: guestolo on June 29, 2012, 11:27:39 AM

Don't worry about Hijackthis, it just doesn't have proper permission to access hosts file
Try right clicking on Hijackthis shortcut and choose to "Run as Admin"
Download ComboFix from the following location

[color="#0000FF"]Link 1[/color] (http://"http://download.bleepingcomputer.com/sUBs/ComboFix.exe")
Save it ONLY to your Desktop

      --------------------------------------------------------------------
[color="#2E8B57"]Temporarily Disable your AntiVirus/AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with this tool
[/color]

Double click on ComboFix.exe & follow the prompts.
Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply

NOTE: Do not mouseclick inside ComboFix window as it's running, it may cause it to stall
ComboFix will/may run again on startup, it will prompt that it's creating a log
This process could take up to 10 minutes, let it run uninterrupted please

Title: Desktop Frozen
Post by: indfin on June 29, 2012, 12:36:35 PM

Ok, this appears to have escalated into a bigger problem.  I disabled the antivirus/firewall and ran ComboFix.  It took about 30 minutes and when the computer came on and ComboFix did its thing, I cannot open any application.  When I clicked on Firefox, for instance, I got a pop up message, saying "Illegal operation attempted on a registry key that has been marked for deletion."  I get the same message when i click on any icon.

I saved the ComboFix log on a memory stick and am posting it below from a different computer.  Please help!!!

ComboFix 12-06-28.03 - Harit 06/29/2012  12:58:56.1.2 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.3839.2614 [GMT -4:00]
Running from: c:\users\Harit\Desktop\ComboFix.exe
AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Created a new restore point
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Harit\AppData\Local\Microsoft\Windows\Temporary Internet Files\mootools.svn.js
c:\users\Harit\AppData\Local\Microsoft\Windows\Temporary Internet Files\pffcenter.html
c:\users\Harit\AppData\Local\Microsoft\Windows\Temporary Internet Files\pffCenter.js
c:\users\Harit\AppData\Local\Microsoft\Windows\Temporary Internet Files\reviewDialog.html
c:\users\Harit\AppData\Local\Microsoft\Windows\Temporary Internet Files\reviewNotesPopUp.html
c:\users\Harit\AppData\Local\Microsoft\Windows\Temporary Internet Files\taskNotesDialog.html
c:\users\Harit\g2mdlhlpx.exe
c:\users\Harit\GoToAssistDownloadHelper.exe
c:\users\Harit\IDHWTSS1.dll
c:\users\Harit\PrtDLL.dll
.
.
(((((((((((((((((((((((((   Files Created from 2012-05-28 to 2012-06-29  )))))))))))))))))))))))))))))))
.
.
2012-06-29 17:21 . 2012-06-29 17:21   --------   d-----w-   c:\users\Z Everyone Else\AppData\Local\temp
2012-06-29 17:21 . 2012-06-29 17:21   --------   d-----w-   c:\users\Default\AppData\Local\temp
2012-06-29 17:21 . 2012-06-29 17:21   --------   d-----w-   c:\users\Tej\AppData\Local\temp
2012-06-29 17:21 . 2012-06-29 17:21   --------   d-----w-   c:\users\Gracy\AppData\Local\temp
2012-06-28 23:24 . 2012-06-28 23:25   --------   d-----w-   c:\users\Harit\AppData\Local\Adobe
2012-06-27 22:37 . 2012-06-27 22:37   388096   ----a-r-   c:\users\Harit\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe   ERROR(0x00000005)
2012-06-27 22:37 . 2012-06-27 22:37   388096   ----a-r-   c:\users\Harit\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-06-27 22:37 . 2012-06-27 22:37   --------   d-----w-   c:\program files (x86)\Trend Micro
2012-06-25 00:19 . 2012-06-25 00:19   --------   d-----w-   c:\users\Z Everyone Else\AppData\Local\Macromedia
2012-06-21 06:29 . 2012-06-02 22:19   2428952   ----a-w-   c:\windows\system32\wuaueng.dll
2012-06-21 06:29 . 2012-06-02 22:19   57880   ----a-w-   c:\windows\system32\wuauclt.exe
2012-06-21 06:29 . 2012-06-02 22:19   44056   ----a-w-   c:\windows\system32\wups2.dll
2012-06-21 06:29 . 2012-06-02 22:15   2622464   ----a-w-   c:\windows\system32\wucltux.dll
2012-06-21 06:28 . 2012-06-02 22:19   38424   ----a-w-   c:\windows\system32\wups.dll
2012-06-21 06:28 . 2012-06-02 22:19   701976   ----a-w-   c:\windows\system32\wuapi.dll
2012-06-21 06:28 . 2012-06-02 22:15   99840   ----a-w-   c:\windows\system32\wudriver.dll
2012-06-21 06:28 . 2012-06-02 19:19   186752   ----a-w-   c:\windows\system32\wuwebv.dll
2012-06-21 06:28 . 2012-06-02 19:15   36864   ----a-w-   c:\windows\system32\wuapp.exe
2012-06-16 03:42 . 2012-06-16 03:42   --------   d-----w-   c:\users\Harit\AppData\Local\Macromedia
2012-06-16 03:27 . 2012-06-16 03:27   --------   d-----w-   c:\users\Harit\AppData\Local\CRE
2012-06-16 03:27 . 2012-06-16 03:27   --------   d-----w-   c:\program files (x86)\Conduit
2012-06-16 03:27 . 2012-06-16 03:36   --------   d-----w-   c:\users\Harit\AppData\Local\Conduit
2012-06-13 18:07 . 2012-04-24 05:37   184320   ----a-w-   c:\windows\system32\cryptsvc.dll
2012-06-06 15:20 . 2012-06-06 15:20   421200   ----a-w-   c:\program files (x86)\Mozilla Firefox\msvcp100.dll
2012-06-06 15:20 . 2012-06-06 15:20   770384   ----a-w-   c:\program files (x86)\Mozilla Firefox\msvcr100.dll
2012-06-01 04:07 . 2012-06-01 04:07   --------   d-----w-   c:\program files\iPod
2012-06-01 04:07 . 2012-06-01 04:07   --------   d-----w-   c:\program files\iTunes
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-06-16 03:38 . 2012-04-12 19:10   426184   ----a-w-   c:\windows\SysWow64\FlashPlayerApp.exe
2012-06-16 03:38 . 2011-05-30 22:58   70344   ----a-w-   c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-05-13 20:51 . 2012-05-13 20:51   5   ----a-w-   c:\windows\SysWow64\lMMLDeleteUserData42107612FX.tmp
2012-05-02 14:44 . 2010-04-15 04:55   472808   ----a-w-   c:\windows\SysWow64\deployJava1.dll
2012-04-04 19:56 . 2010-03-07 18:55   24904   ----a-w-   c:\windows\system32\drivers\mbam.sys
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Intuit SyncManager"="c:\program files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe" [2011-09-30 2215768]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute   REG_MULTI_SZ      autocheck autochk *\0c:\progra~2\AVG\AVG2012\avgrsa.exe /sync /restart
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 BTCFilterService;USB Networking Driver Filter Service;c:\windows\system32\DRIVERS\motfilt.sys

R3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\DRIVERS\motccgp.sys

R3 motccgpfl;MotCcgpFlService;c:\windows\system32\DRIVERS\motccgpfl.sys

R3 Motousbnet;Motorola USB Networking Driver Service;c:\windows\system32\DRIVERS\Motousbnet.sys

R3 motusbdevice;Motorola USB Dev Driver;c:\windows\system32\DRIVERS\motusbdevice.sys

R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-06-18 113120]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-02-15 52736]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-03-07 1255736]
S0 AVGIDSEH;AVGIDSEH;c:\windows\system32\DRIVERS\AVGIDSEH.Sys [2011-07-11 26704]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [2011-09-13 37456]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [2011-10-07 283728]
S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [2011-08-08 46672]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [2011-07-11 375376]
S2 atashost;WebEx Service Host for Support Center;c:\windows\SysWOW64\atashost.exe [2011-02-28 116536]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe [2011-08-02 192776]
S2 Greg_Service;GRegService;c:\program files (x86)\eMachines\Registration\GregHSRW.exe [2009-08-28 1150496]
S2 IntuitUpdateServiceV4;Intuit Update Service v4;c:\program files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe [2011-08-25 13672]
S2 QBVSS;QBIDPService;c:\program files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe [2011-06-30 1248256]
S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-03-19 2666880]
S2 Updater Service;Updater Service;c:\program files\eMachines\eMachines Updater\UpdaterService.exe [2009-07-04 240160]
S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\AVGIDSDriver.Sys [2011-07-11 120400]
S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\AVGIDSFilter.Sys [2011-07-11 29776]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2009-05-22 215040]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
.
Contents of the 'Scheduled Tasks' folder
.
2012-06-29 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3778001595-1908271483-2739586615-1004Core.job
- c:\users\Tej\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-29 16:58]
.
2012-06-29 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3778001595-1908271483-2739586615-1004UA.job
- c:\users\Tej\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-29 16:58]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncBackedUp]
@="{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}"
[HKEY_CLASSES_ROOT\CLSID\{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}]
2012-03-19 20:23   463952   ----a-w-   c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncPending]
@="{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}"
[HKEY_CLASSES_ROOT\CLSID\{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}]
2012-03-19 20:23   463952   ----a-w-   c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncRoot]
@="{A759AFF6-5851-457D-A540-F4ECED148351}"
[HKEY_CLASSES_ROOT\CLSID\{A759AFF6-5851-457D-A540-F4ECED148351}]
2012-03-19 20:23   463952   ----a-w-   c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncShared]
@="{1574C9EF-7D58-488F-B358-8B78C1538F51}"
[HKEY_CLASSES_ROOT\CLSID\{1574C9EF-7D58-488F-B358-8B78C1538F51}]
2012-03-19 20:23   463952   ----a-w-   c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x1
.
------- Supplementary Scan -------
.
uStart Page = about:blank
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://homepage.emachines.com/rdr.aspx?b=ACEW&l=0409&m=et1831&r=173603102206p0305v1j5r4861s408
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = localhost;*.local;192.168.*.*
IE: Append to existing PDF - c:\program files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert link target to Adobe PDF - c:\program files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - c:\program files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - c:\program files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - c:\program files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - c:\program files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - c:\program files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - c:\program files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
Trusted Zone: intuit.com\ttlc
TCP: DhcpNameServer = 75.75.75.75 75.75.76.76
DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/4.0.1.0/GarminAxControl_32.CAB
DPF: Microsoft XML Parser for Java - file:///C:/Windows/Java/classes/xmldso.cab
FF - ProfilePath - c:\users\Harit\Application Data\Mozilla\Firefox\Profiles\hgl37pkb.default\
.
- - - - ORPHANS REMOVED - - - -
.
URLSearchHooks-{687578b9-7132-4a7a-80e4-30ee31099e03} - (no file)
Toolbar-Locked - (no file)
Toolbar-Locked - (no file)
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11g_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11g_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11g.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11g.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11g.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11g.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B9A09F18-45AB-4F09-A117-A4ADDA8FA8C8}]
@Denied: (A) (Everyone)
"Solution"="{36eb6792-3a29-43b3-8cd0-f67d266fb426}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane\0]
"Key"="ActionsPane"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\8.0\\ActionsPane.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
c:\program files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe
.
**************************************************************************
.
Completion time: 2012-06-29  13:28:38 - machine was rebooted
ComboFix-quarantined-files.txt  2012-06-29 17:28
.
Pre-Run: 570,292,322,304 bytes free
Post-Run: 570,793,971,712 bytes free
.
- - End Of File - - C1B31E7EB15AE3D154E8A883F1F60792


Thank you!

Title: Desktop Frozen
Post by: indfin on June 29, 2012, 01:05:27 PM

Sorry for the Panic Button, but I restarted the computer and the "illegal operation ...." issue seems to be resolved.

Also, should I go ahead and update to the latest version of AVG while you are still helping me.  This way, if anything goes wrong again ....

Thank you!

PS:  I am back on the troubled computer

Title: Desktop Frozen
Post by: guestolo on June 29, 2012, 03:46:07 PM

can you reopen OTL.exe, run a Quick Scan
When done, only one log should be produced
Can you post it's contents and let me know how things are now running please

Title: Desktop Frozen
Post by: indfin on June 29, 2012, 04:12:28 PM

The computer appears to be running fine.  Thank you so much!

Ran OTL as Administrator and the log is posted below.  Two quick questions:

1. Should I update AVG?
2. Is there any answer to Ghostery/Do Not Track Plus or is it already taken care of?

Also, when I right-click on HJT, it doesn't give the Run as Administrator option.

OTL logfile created on: 6/29/2012 5:16:17 PM - Run 2
OTL by OldTimer - Version 3.2.53.0    Folder = C:\Users\Harit\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: enu | Date Format: M/d/yyyy
 
3.75 Gb Total Physical Memory | 2.62 Gb Available Physical Memory | 69.80% Memory free
7.50 Gb Paging File | 6.22 Gb Available in Paging File | 82.91% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 685.54 Gb Total Space | 531.68 Gb Free Space | 77.56% Space Free | Partition Type: NTFS
 
Computer Name: SOURCE401 | User Name: Harit | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012/06/28 17:17:05 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Users\Harit\Desktop\OTL.exe
PRC - [2012/05/14 14:07:42 | 000,045,056 | ---- | M] (Intuit) -- C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
PRC - [2012/03/19 07:38:46 | 002,666,880 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
PRC - [2011/10/12 06:25:22 | 004,433,248 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
PRC - [2011/08/25 18:53:00 | 000,013,672 | ---- | M] (Intuit Inc.) -- C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
PRC - [2011/08/02 06:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
PRC - [2011/06/30 13:25:52 | 001,248,256 | ---- | M] (Intuit Inc.) -- C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe
PRC - [2011/02/28 16:10:41 | 000,116,536 | ---- | M] (Cisco WebEx LLC) -- C:\Windows\SysWOW64\atashost.exe
PRC - [2010/08/23 21:21:40 | 000,013,672 | ---- | M] (Intuit Inc.) -- C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe
PRC - [2009/08/28 05:38:58 | 001,150,496 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\eMachines\Registration\GregHSRW.exe
PRC - [2009/07/03 21:47:12 | 000,240,160 | ---- | M] (Acer) -- C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe
 
 
========== Modules (No Company Name) ==========
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/03 21:47:12 | 000,240,160 | ---- | M] (Acer) [Auto | Running] -- C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe -- (Updater Service)
SRV - [2012/06/18 09:47:17 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/05/14 14:07:42 | 000,045,056 | ---- | M] (Intuit) [Auto | Running] -- C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe -- (QBCFMonitorService)
SRV - [2012/03/19 07:38:46 | 002,666,880 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7)
SRV - [2011/10/12 06:25:22 | 004,433,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2011/08/25 18:53:00 | 000,013,672 | ---- | M] (Intuit Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe -- (IntuitUpdateServiceV4)
SRV - [2011/08/02 06:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
SRV - [2011/06/30 13:25:52 | 001,248,256 | ---- | M] (Intuit Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe -- (QBVSS)
SRV - [2011/02/28 16:10:41 | 000,116,536 | ---- | M] (Cisco WebEx LLC) [Auto | Running] -- C:\Windows\SysWOW64\atashost.exe -- (atashost)
SRV - [2010/08/23 21:21:40 | 000,013,672 | ---- | M] (Intuit Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe -- (IntuitUpdateService)
SRV - [2010/08/17 17:14:04 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/08/28 05:38:58 | 001,150,496 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\eMachines\Registration\GregHSRW.exe -- (Greg_Service)
SRV - [2009/08/25 13:38:06 | 000,935,208 | ---- | M] (Nero AG) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2009/07/23 21:10:38 | 000,061,440 | ---- | M] (Intuit Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe -- (QBFCService)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/05/22 14:02:20 | 000,250,616 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\eMachines Games\eMachines Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2007/03/20 16:41:24 | 000,153,792 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe -- (Adobe Version Cue CS3)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/02/15 11:01:50 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011/10/07 06:23:46 | 000,283,728 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64)
DRV:64bit: - [2011/09/13 06:30:08 | 000,037,456 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64)
DRV:64bit: - [2011/08/08 06:08:58 | 000,046,672 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64)
DRV:64bit: - [2011/07/11 01:14:36 | 000,375,376 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia)
DRV:64bit: - [2011/07/11 01:14:08 | 000,029,776 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV:64bit: - [2011/07/11 01:14:06 | 000,120,400 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV:64bit: - [2011/07/11 01:14:06 | 000,026,704 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AVGIDSEH.sys -- (AVGIDSEH)
DRV:64bit: - [2011/03/11 02:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 02:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 09:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 07:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/22 10:52:30 | 000,215,040 | ---- | M] (Realtek                                           ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009/05/18 14:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.emachines.com/rdr.aspx?b=ACEW&l=0409&m=et1831&r=173603102206p0305v1j5r4861s408
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.emachines.com/rdr.aspx?b=ACEW&l=0409&m=et1831&r=173603102206p0305v1j5r4861s408
IE - HKLM\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACEW
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = C:\Users\Harit\Desktop
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page_bak = http://home.microsoft.com/access/allinone.asp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\..\SearchScopes,DefaultScope = {3ECC20ED-3EC6-4CD6-A2D6-D7F970DE43AE}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/ie.aspx?q={searchTerms}
IE - HKCU\..\SearchScopes\{3ECC20ED-3EC6-4CD6-A2D6-D7F970DE43AE}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
IE - HKCU\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACEW_en
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = localhost;*.local;192.168.*.*
 
 
========== FireFox ==========
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_257.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_257.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@octoshape.com/Octoshape Streaming Services,version=1.0: C:\Users\Harit\Application Data\Octoshape\Octoshape Streaming Services\sua-1010120-0-npoctoshape.dll (Octoshape ApS)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files (x86)\AVG\AVG2012\Firefox4\ [2012/06/27 14:10:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/06/29 14:48:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/05/07 08:54:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/06/29 14:48:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/05/07 08:54:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/06/29 14:48:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/05/07 08:54:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/06/29 14:48:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/05/07 08:54:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/06/29 14:48:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/05/07 08:54:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/06/29 14:48:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/05/07 08:54:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/06/29 14:48:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/05/07 08:54:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.11\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/06/29 14:48:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.11\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/05/07 08:54:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/06/29 14:48:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/05/07 08:54:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/06/29 14:48:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/05/07 08:54:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.14\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/06/29 14:48:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.14\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/05/07 08:54:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.15\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/06/29 14:48:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.15\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/05/07 08:54:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/06/29 14:48:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/05/07 08:54:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.9\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/06/29 14:48:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.9\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/05/07 08:54:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/06/29 14:48:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/05/07 08:54:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/06/29 14:48:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/05/07 08:54:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/06/29 14:48:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/05/07 08:54:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/06/29 14:48:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/05/07 08:54:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/06/29 14:48:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/05/07 08:54:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/06/29 14:48:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/05/07 08:54:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/06/29 14:48:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/05/07 08:54:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/06/29 14:48:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/05/07 08:54:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/06/29 14:48:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/05/07 08:54:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/06/29 14:48:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/05/07 08:54:41 | 000,000,000 | ---D | M]
 
[2010/09/09 20:54:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Harit\Application Data\mozilla\Extensions
[2012/06/15 23:40:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Harit\Application Data\mozilla\Firefox\Profiles\hgl37pkb.default\extensions
[2011/10/01 13:52:30 | 000,000,000 | ---D | M] (Garmin Communicator) -- C:\Users\Harit\Application Data\mozilla\Firefox\Profiles\hgl37pkb.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}
[2012/06/29 14:48:09 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/06/14 18:20:49 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/05/02 10:44:58 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2012/06/14 18:19:40 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/06/14 18:19:40 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml
 
O1 HOSTS File: ([2012/06/29 13:23:25 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1      localhost
O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll (AVG Technologies CZ, s.r.o.)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll File not found
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Intuit SyncManager] C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe (Intuit Inc. All rights reserved.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: Append to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert link target to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert selected links to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert selected links to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert selection to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert selection to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html File not found
O8 - Extra context menu item: Append to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html File not found
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: intuit.com ([ttlc] https in Trusted sites)
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} http://download.microsoft.com/download/C/B/F/CBF23A2C-3E55-4664-BC5C-762780D79BA0/OGAControl.cab (Office Genuine Advantage Validation Tool)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} https://nbs.webex.com/client/T27L10NSP21/support/ieatgpc1.cab (GpcContainer Class)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: Garmin Communicator Plug-In https://static.garmincdn.com/gcp/ie/4.0.1.0/GarminAxControl_32.CAB (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file:///C:/Windows/Java/classes/xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 75.75.75.75 75.75.76.76
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C0740008-C748-4F81-A57D-1C1E10AC16D8}: DhcpNameServer = 75.75.75.75 75.75.76.76
O18:64bit: - Protocol\Handler\intu-help-qb2 - No CLSID value found
O18:64bit: - Protocol\Handler\intu-help-qb4 - No CLSID value found
O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll (AVG Technologies CZ, s.r.o.)
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\qbwc - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\intu-help-qb2 - No CLSID value found
O18 - Protocol\Handler\intu-help-qb4 {ACE22922-D07C-4860-B51B-8CF472FEC2CB} - C:\Program Files (x86)\Intuit\QuickBooks 2011\HelpAsyncPluggableProtocol.dll (Intuit, Inc.)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG2012\avgrsa.exe /sync /restart)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012/06/29 15:00:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro
[2012/06/29 12:56:25 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012/06/29 12:56:25 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012/06/29 12:56:25 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012/06/29 12:56:20 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/06/29 12:56:04 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2012/06/29 12:53:18 | 004,566,027 | R--- | C] (Swearware) -- C:\Users\Harit\Desktop\ComboFix.exe
[2012/06/28 19:24:40 | 000,000,000 | ---D | C] -- C:\Users\Harit\AppData\Local\Adobe
[2012/06/28 17:17:05 | 000,596,992 | ---- | C] (OldTimer Tools) -- C:\Users\Harit\Desktop\OTL.exe
[2012/06/27 18:37:28 | 000,000,000 | ---D | C] -- C:\Users\Harit\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
[2012/06/21 02:29:10 | 002,622,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2012/06/21 02:29:10 | 000,057,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2012/06/21 02:29:10 | 000,044,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2012/06/21 02:28:55 | 000,701,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2012/06/21 02:28:55 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2012/06/21 02:28:55 | 000,038,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2012/06/21 02:28:42 | 000,186,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2012/06/21 02:28:42 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2012/06/15 23:42:58 | 000,000,000 | ---D | C] -- C:\Users\Harit\AppData\Local\Macromedia
[2012/06/15 23:27:11 | 000,000,000 | ---D | C] -- C:\Users\Harit\AppData\Local\CRE
[2012/06/15 23:27:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Conduit
[2012/06/15 23:27:07 | 000,000,000 | ---D | C] -- C:\Users\Harit\AppData\Local\Conduit
[2012/06/13 14:08:37 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012/06/13 14:08:37 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012/06/13 14:08:37 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012/06/13 14:08:37 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012/06/13 14:08:36 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012/06/13 14:08:36 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012/06/13 14:08:35 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012/06/13 14:08:35 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012/06/13 14:08:34 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012/06/13 14:08:34 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012/06/13 14:08:33 | 002,311,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012/06/13 14:08:33 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012/06/13 14:08:33 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012/06/13 14:07:42 | 001,462,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2012/06/13 14:07:42 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2012/06/13 14:07:35 | 005,559,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2012/06/13 14:07:33 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2012/06/13 14:07:33 | 003,913,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2012/06/13 14:07:31 | 003,216,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll
[2012/06/13 14:07:29 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll
[2012/06/13 14:07:29 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll
[2012/06/13 14:07:29 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdrmemptylst.exe
[2012/06/08 18:41:59 | 000,000,000 | ---D | C] -- C:\Users\Harit\Documents\MMA
[2012/06/01 00:07:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012/06/01 00:07:08 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012/06/01 00:07:07 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2008/09/12 23:50:45 | 000,081,920 | ---- | C] (hob) -- C:\Users\Harit\hobjni.dll
[2005/06/21 15:33:58 | 000,483,401 | ---- | C] (Citrix Online) -- C:\Users\Harit\gotomypc.exe
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012/06/29 17:03:00 | 000,000,900 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3778001595-1908271483-2739586615-1004UA.job
[2012/06/29 15:00:33 | 000,002,917 | ---- | M] () -- C:\Users\Harit\Desktop\HiJackThis.lnk
[2012/06/29 14:59:55 | 001,402,880 | ---- | M] () -- C:\Users\Harit\Desktop\HiJackThis.msi
[2012/06/29 14:48:11 | 000,002,051 | ---- | M] () -- C:\Users\Harit\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2012/06/29 14:48:11 | 000,001,143 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012/06/29 14:23:18 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/06/29 14:23:18 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/06/29 14:20:14 | 000,781,122 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/06/29 14:20:14 | 000,661,270 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/06/29 14:20:14 | 000,121,772 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/06/29 14:15:52 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/06/29 14:15:43 | 3019,296,768 | -HS- | M] () -- C:\hiberfil.sys
[2012/06/29 13:23:25 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2012/06/29 13:18:38 | 000,000,020 | ---- | M] () -- C:\Windows\SysWow64\SD.DLL
[2012/06/29 13:03:00 | 000,000,848 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3778001595-1908271483-2739586615-1004Core.job
[2012/06/29 12:53:18 | 004,566,027 | R--- | M] (Swearware) -- C:\Users\Harit\Desktop\ComboFix.exe
[2012/06/29 09:32:39 | 100,801,629 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm
[2012/06/28 21:55:17 | 000,000,353 | ---- | M] () -- C:\Users\Harit\Documents\Hudson Montessori  LLC.QBW.ND
[2012/06/28 21:55:16 | 036,765,696 | R--- | M] () -- C:\Users\Harit\Documents\Hudson Montessori  LLC.QBW
[2012/06/28 21:55:16 | 001,114,112 | R--- | M] () -- C:\Users\Harit\Documents\Hudson Montessori  LLC.QBW.TLG
[2012/06/28 21:54:40 | 000,000,090 | ---- | M] () -- C:\Windows\QBChanUtil_Trigger.ini
[2012/06/28 18:21:46 | 000,029,672 | ---- | M] () -- C:\Users\Harit\Desktop\Capture.JPG
[2012/06/28 17:17:05 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Users\Harit\Desktop\OTL.exe
[2012/06/28 13:08:34 | 000,002,296 | ---- | M] () -- C:\Users\Harit\Desktop\QuickBooks Premier - Accountant Edition 2011.lnk
[2012/06/27 18:55:54 | 000,176,557 | ---- | M] () -- C:\Users\Harit\Desktop\Capture7.JPG
[2012/06/27 18:55:29 | 000,172,744 | ---- | M] () -- C:\Users\Harit\Desktop\Capture6.JPG
[2012/06/27 18:55:03 | 000,171,443 | ---- | M] () -- C:\Users\Harit\Desktop\Capture5.JPG
[2012/06/27 18:54:32 | 000,185,646 | ---- | M] () -- C:\Users\Harit\Desktop\Capture4.JPG
[2012/06/27 18:53:54 | 000,168,425 | ---- | M] () -- C:\Users\Harit\Desktop\Capture3.JPG
[2012/06/27 18:39:29 | 000,075,940 | ---- | M] () -- C:\Users\Harit\Desktop\Capture2.JPG
[2012/06/27 18:08:01 | 000,526,289 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\iavichjg.avm
[2012/06/25 17:32:57 | 000,144,336 | ---- | M] () -- C:\Users\Harit\Desktop\22746025.#vc
[2012/06/22 13:15:19 | 000,000,058 | ---- | M] () -- C:\Windows\sview.ini
[2012/06/15 23:38:47 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012/06/15 23:38:47 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012/06/15 23:27:03 | 000,000,974 | ---- | M] () -- C:\Users\Harit\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
[2012/06/14 20:10:13 | 000,040,870 | ---- | M] () -- C:\Users\Harit\Desktop\P2P Accomodations.pdf
[2012/06/14 20:08:04 | 000,062,725 | ---- | M] () -- C:\Users\Harit\Desktop\P2P Itinerary.pdf
[2012/06/13 16:53:16 | 002,387,024 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/06/02 18:19:46 | 000,038,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2012/06/02 18:19:42 | 000,057,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2012/06/02 18:19:42 | 000,044,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2012/06/02 18:19:23 | 000,701,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2012/06/02 18:15:31 | 002,622,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2012/06/02 18:15:08 | 000,099,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2012/06/02 15:19:42 | 000,186,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2012/06/02 15:15:12 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012/06/29 15:00:33 | 000,002,917 | ---- | C] () -- C:\Users\Harit\Desktop\HiJackThis.lnk
[2012/06/29 14:59:55 | 001,402,880 | ---- | C] () -- C:\Users\Harit\Desktop\HiJackThis.msi
[2012/06/29 14:48:11 | 000,001,143 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012/06/29 13:18:38 | 000,000,020 | ---- | C] () -- C:\Windows\SysWow64\SD.DLL
[2012/06/29 12:56:25 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012/06/29 12:56:25 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012/06/29 12:56:25 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012/06/29 12:56:25 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012/06/29 12:56:25 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012/06/28 13:08:34 | 000,002,296 | ---- | C] () -- C:\Users\Harit\Desktop\QuickBooks Premier - Accountant Edition 2011.lnk
[2012/06/27 18:55:54 | 000,176,557 | ---- | C] () -- C:\Users\Harit\Desktop\Capture7.JPG
[2012/06/27 18:55:29 | 000,172,744 | ---- | C] () -- C:\Users\Harit\Desktop\Capture6.JPG
[2012/06/27 18:55:02 | 000,171,443 | ---- | C] () -- C:\Users\Harit\Desktop\Capture5.JPG
[2012/06/27 18:54:32 | 000,185,646 | ---- | C] () -- C:\Users\Harit\Desktop\Capture4.JPG
[2012/06/27 18:53:54 | 000,168,425 | ---- | C] () -- C:\Users\Harit\Desktop\Capture3.JPG
[2012/06/27 18:39:29 | 000,075,940 | ---- | C] () -- C:\Users\Harit\Desktop\Capture2.JPG
[2012/06/25 17:32:56 | 000,144,336 | ---- | C] () -- C:\Users\Harit\Desktop\22746025.#vc
[2012/06/25 16:12:37 | 000,029,672 | ---- | C] () -- C:\Users\Harit\Desktop\Capture.JPG
[2012/06/21 23:32:16 | 000,001,126 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\foobar2000.lnk
[2012/06/15 23:27:03 | 000,000,974 | ---- | C] () -- C:\Users\Harit\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
[2012/06/14 20:10:12 | 000,040,870 | ---- | C] () -- C:\Users\Harit\Desktop\P2P Accomodations.pdf
[2012/06/14 20:08:03 | 000,062,725 | ---- | C] () -- C:\Users\Harit\Desktop\P2P Itinerary.pdf
[2012/01/17 20:18:14 | 000,000,469 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
[2011/09/30 22:00:27 | 000,000,028 | ---- | C] () -- C:\Windows\v2d.INI
[2011/09/27 11:54:56 | 000,000,017 | ---- | C] () -- C:\Users\Harit\AppData\Local\resmon.resmoncfg
[2011/09/07 15:22:57 | 000,000,028 | ---- | C] () -- C:\Windows\ODBC.INI
[2011/04/13 21:29:40 | 000,774,846 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/04/12 14:12:07 | 000,000,114 | ---- | C] () -- C:\Windows\wininit.ini
[2010/10/19 14:53:54 | 000,000,023 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2010/09/19 19:27:54 | 000,000,022 | ---- | C] () -- C:\Users\Harit\AppData\Local\kodakpcd.ini
[2010/09/16 11:38:54 | 000,000,058 | ---- | C] () -- C:\Windows\sview.ini
[2010/09/16 11:21:20 | 000,000,502 | ---- | C] () -- C:\Windows\tiff2pdf.ini
[2010/08/17 20:34:27 | 000,038,334 | ---- | C] () -- C:\Users\Harit\test.pdf
[2010/08/17 17:19:03 | 002,463,976 | ---- | C] () -- C:\Windows\SysWow64\NPSWF32.dll
[2010/06/26 12:44:11 | 000,004,096 | -H-- | C] () -- C:\Users\Harit\AppData\Local\keyfile3.drm
[2010/04/29 18:59:27 | 000,000,048 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/03/31 10:21:31 | 007,618,560 | ---- | C] () -- C:\Users\Harit\Hudson Montessori (Backup Mar 31,2010  10 20 AM).QBB
[2010/03/07 23:19:41 | 020,140,032 | ---- | C] () -- C:\Users\Harit\RightFaceLtd (Backup Mar 07,2010  10 19 PM).QBB
[2010/03/07 20:23:37 | 000,000,000 | ---- | C] () -- C:\Users\Harit\AppData\Local\prvlcl.dat
[2009/06/24 23:08:02 | 000,007,004 | ---- | C] () -- C:\Users\Harit\ZOOM.htm
[2009/06/24 13:54:41 | 000,408,661 | ---- | C] () -- C:\Users\Harit\HM Tan combo.pdf
[2005/10/11 09:56:52 | 000,000,129 | ---- | C] () -- C:\Users\Harit\default.pls
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:5C321E34

< End of report >

Thank you once again!

Title: Desktop Frozen
Post by: guestolo on June 30, 2012, 12:26:14 PM

Double  click on OTL.exe and Run it

• Under the [color="#0000FF"]Custom Scans/Fixes[/color] box at the bottom, copy/paste in the following in the quote box below. don't include the word Quote please
  
  Quote

  :OTL
  O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
  O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
  [2012/06/15 23:27:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Conduit
  [2012/06/15 23:27:07 | 000,000,000 | ---D | C] -- C:\Users\Harit\AppData\Local\Conduit
  :Commands
  [EmptyTemp]
  

  
  
• Then click the [color="#FF0000"]Run Fix[/color] button at the top
  
• Let the program run unhindered, reboot the PC when it is done

On startup, Allow OTL to run if prompted
A log should open, can you post it please
A copy of this log can also be found in
C:\_OTL\Moved Files folder

Quote

1. Should I update AVG?

It looks like your running the latest version of AVG?
But yes, if there is a Program update for your version, or definition updates.
I would think you would want to update
If your wondering if you should update to the Paid version, that is up to you.
The free version should do however

Quote

2. Is there any answer to Ghostery/Do Not Track Plus or is it already taken care of?

I don't see any trace of it.. Are you having problems with it still?

Title: Desktop Frozen
Post by: indfin on June 30, 2012, 03:06:48 PM

Ok, I ran OTL but I may have messed up.  I pasted the commands in the Custom Scans/Fixes box and hit Fix It.  It did something and I thought it was finished and I X-ed it.  The window did not close and the program i think kept running.  The computer restarted by itself, took a long time to reboot, asked to run a OTL program and produced the log, which is posted below.

I opened the AVG user interface.  Below the Anti Virus icon, it says 'Not Active,' but the check mark is there in the Enable Resident Shield box. The Fix button next to 'You are not protected' also does not make it active.

All processes killed
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
C:\Program Files (x86)\Conduit\Community Alerts folder moved successfully.
C:\Program Files (x86)\Conduit folder moved successfully.
C:\Users\Harit\AppData\Local\Conduit folder moved successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 75 bytes
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Gracy
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33237 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 42083893 bytes
->Flash cache emptied: 1268 bytes
 
User: Harit
->Temp folder emptied: 375940 bytes
->Temporary Internet Files folder emptied: 3389114 bytes
->Java cache emptied: 4869979 bytes
->FireFox cache emptied: 267302191 bytes
->Flash cache emptied: 38728 bytes
 
User: Public
->Temp folder emptied: 0 bytes
 
User: Tej
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 1726417 bytes
->Google Chrome cache emptied: 45233815 bytes
->Flash cache emptied: 1359 bytes
 
User: Z Everyone Else
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 122656731 bytes
->Java cache emptied: 2725429 bytes
->FireFox cache emptied: 57300226 bytes
->Flash cache emptied: 11284 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 5 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1049124 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50199 bytes
%systemroot%\sysnative\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 749 bytes
RecycleBin emptied: 11734 bytes
 
Total Files Cleaned = 523.00 mb
 
 
OTL by OldTimer - Version 3.2.53.0 log created on 06302012_152030

Files\Folders moved on Reboot...
C:\Users\Harit\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Windows\temp\wbxtra_06292012_141558.wbt moved successfully.

PendingFileRenameOperations files...
File C:\Users\Harit\AppData\Local\Temp\FXSAPIDebugLogFile.txt not found!
File C:\Windows\temp\wbxtra_06292012_141558.wbt not found!

Registry entries deleted on Reboot...

I restarted the computer again and it is taking an iordinately long time to start, up to 8 to 10 minutes.

Thank you.

Title: Desktop Frozen
Post by: guestolo on June 30, 2012, 03:24:13 PM

Sounds as if AVG is corrupt
Why not download and save to desktop AVG removal tool from this direct link
http://download.avg.com/filedir/util/avgrem/avg_remover_stf_x64_2012_2125.exe

Close down all browser windows
Uninstall AVG from "Programs and Features" in Windows Control Panel
Reboot the computer
Back in Windows run the AVG removal tool, reboot again

Back in Windows, run another quick scan with OTL.exe and post it's new log, we'll make sure to get all of AVG's remnants
and see how things are running

Title: Desktop Frozen
Post by: indfin on June 30, 2012, 06:16:30 PM

Did as instructed, this time without messing up.  Computer start time is back to normal after AVG uninstall.  Posted below is the OTL log.  

Would you like me to post the AVG Removal log too?  Thank you very much for your help.

OTL logfile created on: 6/30/2012 7:20:56 PM - Run 3
OTL by OldTimer - Version 3.2.53.0    Folder = C:\Users\Harit\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: enu | Date Format: M/d/yyyy
 
3.75 Gb Total Physical Memory | 2.85 Gb Available Physical Memory | 75.94% Memory free
7.50 Gb Paging File | 6.50 Gb Available in Paging File | 86.69% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 685.54 Gb Total Space | 532.10 Gb Free Space | 77.62% Space Free | Partition Type: NTFS
 
Computer Name: SOURCE401 | User Name: Harit | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012/06/28 17:17:05 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Users\Harit\Desktop\OTL.exe
PRC - [2012/05/14 14:07:42 | 000,045,056 | ---- | M] (Intuit) -- C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
PRC - [2012/03/19 07:38:46 | 002,666,880 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
PRC - [2011/08/25 18:53:00 | 000,013,672 | ---- | M] (Intuit Inc.) -- C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
PRC - [2011/06/30 13:25:52 | 001,248,256 | ---- | M] (Intuit Inc.) -- C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe
PRC - [2011/02/28 16:10:41 | 000,116,536 | ---- | M] (Cisco WebEx LLC) -- C:\Windows\SysWOW64\atashost.exe
PRC - [2010/08/23 21:21:40 | 000,013,672 | ---- | M] (Intuit Inc.) -- C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe
PRC - [2009/08/28 05:38:58 | 001,150,496 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\eMachines\Registration\GregHSRW.exe
PRC - [2009/07/03 21:47:12 | 000,240,160 | ---- | M] (Acer) -- C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe
 
 
========== Modules (No Company Name) ==========
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/03 21:47:12 | 000,240,160 | ---- | M] (Acer) [Auto | Running] -- C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe -- (Updater Service)
SRV - [2012/06/18 09:47:17 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/05/14 14:07:42 | 000,045,056 | ---- | M] (Intuit) [Auto | Running] -- C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe -- (QBCFMonitorService)
SRV - [2012/03/19 07:38:46 | 002,666,880 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7)
SRV - [2011/08/25 18:53:00 | 000,013,672 | ---- | M] (Intuit Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe -- (IntuitUpdateServiceV4)
SRV - [2011/06/30 13:25:52 | 001,248,256 | ---- | M] (Intuit Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe -- (QBVSS)
SRV - [2011/02/28 16:10:41 | 000,116,536 | ---- | M] (Cisco WebEx LLC) [Auto | Running] -- C:\Windows\SysWOW64\atashost.exe -- (atashost)
SRV - [2010/08/23 21:21:40 | 000,013,672 | ---- | M] (Intuit Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe -- (IntuitUpdateService)
SRV - [2010/08/17 17:14:04 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/08/28 05:38:58 | 001,150,496 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\eMachines\Registration\GregHSRW.exe -- (Greg_Service)
SRV - [2009/08/25 13:38:06 | 000,935,208 | ---- | M] (Nero AG) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2009/07/23 21:10:38 | 000,061,440 | ---- | M] (Intuit Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe -- (QBFCService)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/05/22 14:02:20 | 000,250,616 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\eMachines Games\eMachines Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2007/03/20 16:41:24 | 000,153,792 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe -- (Adobe Version Cue CS3)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/02/15 11:01:50 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011/03/11 02:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 02:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 09:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 07:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/22 10:52:30 | 000,215,040 | ---- | M] (Realtek                                           ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009/05/18 14:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.emachines.com/rdr.aspx?b=ACEW&l=0409&m=et1831&r=173603102206p0305v1j5r4861s408
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.emachines.com/rdr.aspx?b=ACEW&l=0409&m=et1831&r=173603102206p0305v1j5r4861s408
IE - HKLM\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACEW
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = C:\Users\Harit\Desktop
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page_bak = http://home.microsoft.com/access/allinone.asp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\..\SearchScopes,DefaultScope = {3ECC20ED-3EC6-4CD6-A2D6-D7F970DE43AE}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/ie.aspx?q={searchTerms}
IE - HKCU\..\SearchScopes\{3ECC20ED-3EC6-4CD6-A2D6-D7F970DE43AE}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
IE - HKCU\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACEW_en
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = localhost;*.local;192.168.*.*
 
 
========== FireFox ==========
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_257.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_257.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@octoshape.com/Octoshape Streaming Services,version=1.0: C:\Users\Harit\Application Data\Octoshape\Octoshape Streaming Services\sua-1010120-0-npoctoshape.dll (Octoshape ApS)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/06/29 14:48:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/05/07 08:54:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/06/29 14:48:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/05/07 08:54:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/06/29 14:48:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/05/07 08:54:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/06/29 14:48:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/05/07 08:54:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/06/29 14:48:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/05/07 08:54:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/06/29 14:48:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/05/07 08:54:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/06/29 14:48:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/05/07 08:54:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.11\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/06/29 14:48:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.11\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/05/07 08:54:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/06/29 14:48:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/05/07 08:54:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/06/29 14:48:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/05/07 08:54:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.14\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/06/29 14:48:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.14\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/05/07 08:54:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.15\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/06/29 14:48:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.15\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/05/07 08:54:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/06/29 14:48:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/05/07 08:54:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.9\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/06/29 14:48:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.9\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/05/07 08:54:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/06/29 14:48:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/05/07 08:54:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/06/29 14:48:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/05/07 08:54:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/06/29 14:48:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/05/07 08:54:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/06/29 14:48:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/05/07 08:54:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/06/29 14:48:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/05/07 08:54:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/06/29 14:48:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/05/07 08:54:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/06/29 14:48:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/05/07 08:54:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/06/29 14:48:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/05/07 08:54:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/06/29 14:48:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/05/07 08:54:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/06/29 14:48:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/05/07 08:54:41 | 000,000,000 | ---D | M]
 
[2010/09/09 20:54:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Harit\Application Data\mozilla\Extensions
[2012/06/15 23:40:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Harit\Application Data\mozilla\Firefox\Profiles\hgl37pkb.default\extensions
[2011/10/01 13:52:30 | 000,000,000 | ---D | M] (Garmin Communicator) -- C:\Users\Harit\Application Data\mozilla\Firefox\Profiles\hgl37pkb.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}
[2012/06/29 14:48:09 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/06/14 18:20:49 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/05/02 10:44:58 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2012/06/14 18:19:40 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/06/14 18:19:40 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml
 
O1 HOSTS File: ([2012/06/29 13:23:25 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1      localhost
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll File not found
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Intuit SyncManager] C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe (Intuit Inc. All rights reserved.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: Append to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert link target to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert selected links to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert selected links to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert selection to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert selection to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html File not found
O8 - Extra context menu item: Append to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html File not found
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: intuit.com ([ttlc] https in Trusted sites)
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} http://download.microsoft.com/download/C/B/F/CBF23A2C-3E55-4664-BC5C-762780D79BA0/OGAControl.cab (Office Genuine Advantage Validation Tool)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} https://nbs.webex.com/client/T27L10NSP21/support/ieatgpc1.cab (GpcContainer Class)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: Garmin Communicator Plug-In https://static.garmincdn.com/gcp/ie/4.0.1.0/GarminAxControl_32.CAB (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file:///C:/Windows/Java/classes/xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 75.75.75.75 75.75.76.76
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C0740008-C748-4F81-A57D-1C1E10AC16D8}: DhcpNameServer = 75.75.75.75 75.75.76.76
O18:64bit: - Protocol\Handler\intu-help-qb2 - No CLSID value found
O18:64bit: - Protocol\Handler\intu-help-qb4 - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\qbwc - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\intu-help-qb2 - No CLSID value found
O18 - Protocol\Handler\intu-help-qb4 {ACE22922-D07C-4860-B51B-8CF472FEC2CB} - C:\Program Files (x86)\Intuit\QuickBooks 2011\HelpAsyncPluggableProtocol.dll (Intuit, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012/06/30 19:08:19 | 002,899,344 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Users\Harit\Desktop\avg_remover_stf_x64_2012_2125.exe
[2012/06/30 15:20:30 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/06/29 15:00:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro
[2012/06/29 12:56:25 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012/06/29 12:56:25 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012/06/29 12:56:25 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012/06/29 12:56:20 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/06/29 12:56:04 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2012/06/29 12:53:18 | 004,566,027 | R--- | C] (Swearware) -- C:\Users\Harit\Desktop\ComboFix.exe
[2012/06/28 19:24:40 | 000,000,000 | ---D | C] -- C:\Users\Harit\AppData\Local\Adobe
[2012/06/28 17:17:05 | 000,596,992 | ---- | C] (OldTimer Tools) -- C:\Users\Harit\Desktop\OTL.exe
[2012/06/27 18:37:28 | 000,000,000 | ---D | C] -- C:\Users\Harit\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
[2012/06/21 02:29:10 | 002,622,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2012/06/21 02:29:10 | 000,057,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2012/06/21 02:29:10 | 000,044,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2012/06/21 02:28:55 | 000,701,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2012/06/21 02:28:55 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2012/06/21 02:28:55 | 000,038,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2012/06/21 02:28:42 | 000,186,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2012/06/21 02:28:42 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2012/06/15 23:42:58 | 000,000,000 | ---D | C] -- C:\Users\Harit\AppData\Local\Macromedia
[2012/06/15 23:27:11 | 000,000,000 | ---D | C] -- C:\Users\Harit\AppData\Local\CRE
[2012/06/13 14:08:37 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012/06/13 14:08:37 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012/06/13 14:08:37 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012/06/13 14:08:37 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012/06/13 14:08:36 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012/06/13 14:08:36 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012/06/13 14:08:35 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012/06/13 14:08:35 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012/06/13 14:08:34 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012/06/13 14:08:34 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012/06/13 14:08:33 | 002,311,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012/06/13 14:08:33 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012/06/13 14:08:33 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012/06/13 14:07:42 | 001,462,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2012/06/13 14:07:42 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2012/06/13 14:07:35 | 005,559,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2012/06/13 14:07:33 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2012/06/13 14:07:33 | 003,913,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2012/06/13 14:07:31 | 003,216,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll
[2012/06/13 14:07:29 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll
[2012/06/13 14:07:29 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll
[2012/06/13 14:07:29 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdrmemptylst.exe
[2012/06/08 18:41:59 | 000,000,000 | ---D | C] -- C:\Users\Harit\Documents\MMA
[2012/06/01 00:07:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012/06/01 00:07:08 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012/06/01 00:07:07 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2008/09/12 23:50:45 | 000,081,920 | ---- | C] (hob) -- C:\Users\Harit\hobjni.dll
[2005/06/21 15:33:58 | 000,483,401 | ---- | C] (Citrix Online) -- C:\Users\Harit\gotomypc.exe
 
========== Files - Modified Within 30 Days ==========
 
[2012/06/30 19:25:14 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/06/30 19:25:14 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/06/30 19:23:30 | 000,781,122 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/06/30 19:23:30 | 000,661,270 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/06/30 19:23:30 | 000,121,772 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/06/30 19:17:08 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/06/30 19:16:59 | 3019,296,768 | -HS- | M] () -- C:\hiberfil.sys
[2012/06/30 19:08:20 | 002,899,344 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Users\Harit\Desktop\avg_remover_stf_x64_2012_2125.exe
[2012/06/30 19:03:00 | 000,000,900 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3778001595-1908271483-2739586615-1004UA.job
[2012/06/30 13:03:00 | 000,000,848 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3778001595-1908271483-2739586615-1004Core.job
[2012/06/29 15:00:33 | 000,002,917 | ---- | M] () -- C:\Users\Harit\Desktop\HiJackThis.lnk
[2012/06/29 14:59:55 | 001,402,880 | ---- | M] () -- C:\Users\Harit\Desktop\HiJackThis.msi
[2012/06/29 14:48:11 | 000,002,051 | ---- | M] () -- C:\Users\Harit\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2012/06/29 13:23:25 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2012/06/29 13:18:38 | 000,000,020 | ---- | M] () -- C:\Windows\SysWow64\SD.DLL
[2012/06/29 12:53:18 | 004,566,027 | R--- | M] (Swearware) -- C:\Users\Harit\Desktop\ComboFix.exe
[2012/06/28 21:55:17 | 000,000,353 | ---- | M] () -- C:\Users\Harit\Documents\Hudson Montessori  LLC.QBW.ND
[2012/06/28 21:55:16 | 036,765,696 | R--- | M] () -- C:\Users\Harit\Documents\Hudson Montessori  LLC.QBW
[2012/06/28 21:55:16 | 001,114,112 | R--- | M] () -- C:\Users\Harit\Documents\Hudson Montessori  LLC.QBW.TLG
[2012/06/28 21:54:40 | 000,000,090 | ---- | M] () -- C:\Windows\QBChanUtil_Trigger.ini
[2012/06/28 18:21:46 | 000,029,672 | ---- | M] () -- C:\Users\Harit\Desktop\Capture.JPG
[2012/06/28 17:17:05 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Users\Harit\Desktop\OTL.exe
[2012/06/28 13:08:34 | 000,002,296 | ---- | M] () -- C:\Users\Harit\Desktop\QuickBooks Premier - Accountant Edition 2011.lnk
[2012/06/27 18:55:54 | 000,176,557 | ---- | M] () -- C:\Users\Harit\Desktop\Capture7.JPG
[2012/06/27 18:55:29 | 000,172,744 | ---- | M] () -- C:\Users\Harit\Desktop\Capture6.JPG
[2012/06/27 18:55:03 | 000,171,443 | ---- | M] () -- C:\Users\Harit\Desktop\Capture5.JPG
[2012/06/27 18:54:32 | 000,185,646 | ---- | M] () -- C:\Users\Harit\Desktop\Capture4.JPG
[2012/06/27 18:53:54 | 000,168,425 | ---- | M] () -- C:\Users\Harit\Desktop\Capture3.JPG
[2012/06/27 18:39:29 | 000,075,940 | ---- | M] () -- C:\Users\Harit\Desktop\Capture2.JPG
[2012/06/25 17:32:57 | 000,144,336 | ---- | M] () -- C:\Users\Harit\Desktop\22746025.#vc
[2012/06/22 13:15:19 | 000,000,058 | ---- | M] () -- C:\Windows\sview.ini
[2012/06/15 23:38:47 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012/06/15 23:38:47 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012/06/15 23:27:03 | 000,000,974 | ---- | M] () -- C:\Users\Harit\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
[2012/06/14 20:10:13 | 000,040,870 | ---- | M] () -- C:\Users\Harit\Desktop\P2P Accomodations.pdf
[2012/06/14 20:08:04 | 000,062,725 | ---- | M] () -- C:\Users\Harit\Desktop\P2P Itinerary.pdf
[2012/06/13 16:53:16 | 002,387,024 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/06/02 18:19:46 | 000,038,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2012/06/02 18:19:42 | 000,057,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2012/06/02 18:19:42 | 000,044,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2012/06/02 18:19:23 | 000,701,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2012/06/02 18:15:31 | 002,622,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2012/06/02 18:15:08 | 000,099,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2012/06/02 15:19:42 | 000,186,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2012/06/02 15:15:12 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
 
========== Files Created - No Company Name ==========
 
[2012/06/29 15:00:33 | 000,002,917 | ---- | C] () -- C:\Users\Harit\Desktop\HiJackThis.lnk
[2012/06/29 14:59:55 | 001,402,880 | ---- | C] () -- C:\Users\Harit\Desktop\HiJackThis.msi
[2012/06/29 13:18:38 | 000,000,020 | ---- | C] () -- C:\Windows\SysWow64\SD.DLL
[2012/06/29 12:56:25 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012/06/29 12:56:25 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012/06/29 12:56:25 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012/06/29 12:56:25 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012/06/29 12:56:25 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012/06/28 13:08:34 | 000,002,296 | ---- | C] () -- C:\Users\Harit\Desktop\QuickBooks Premier - Accountant Edition 2011.lnk
[2012/06/27 18:55:54 | 000,176,557 | ---- | C] () -- C:\Users\Harit\Desktop\Capture7.JPG
[2012/06/27 18:55:29 | 000,172,744 | ---- | C] () -- C:\Users\Harit\Desktop\Capture6.JPG
[2012/06/27 18:55:02 | 000,171,443 | ---- | C] () -- C:\Users\Harit\Desktop\Capture5.JPG
[2012/06/27 18:54:32 | 000,185,646 | ---- | C] () -- C:\Users\Harit\Desktop\Capture4.JPG
[2012/06/27 18:53:54 | 000,168,425 | ---- | C] () -- C:\Users\Harit\Desktop\Capture3.JPG
[2012/06/27 18:39:29 | 000,075,940 | ---- | C] () -- C:\Users\Harit\Desktop\Capture2.JPG
[2012/06/25 17:32:56 | 000,144,336 | ---- | C] () -- C:\Users\Harit\Desktop\22746025.#vc
[2012/06/25 16:12:37 | 000,029,672 | ---- | C] () -- C:\Users\Harit\Desktop\Capture.JPG
[2012/06/21 23:32:16 | 000,001,126 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\foobar2000.lnk
[2012/06/15 23:27:03 | 000,000,974 | ---- | C] () -- C:\Users\Harit\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
[2012/06/14 20:10:12 | 000,040,870 | ---- | C] () -- C:\Users\Harit\Desktop\P2P Accomodations.pdf
[2012/06/14 20:08:03 | 000,062,725 | ---- | C] () -- C:\Users\Harit\Desktop\P2P Itinerary.pdf
[2012/01/17 20:18:14 | 000,000,469 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
[2011/09/30 22:00:27 | 000,000,028 | ---- | C] () -- C:\Windows\v2d.INI
[2011/09/27 11:54:56 | 000,000,017 | ---- | C] () -- C:\Users\Harit\AppData\Local\resmon.resmoncfg
[2011/09/07 15:22:57 | 000,000,028 | ---- | C] () -- C:\Windows\ODBC.INI
[2011/04/13 21:29:40 | 000,774,846 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/04/12 14:12:07 | 000,000,114 | ---- | C] () -- C:\Windows\wininit.ini
[2010/10/19 14:53:54 | 000,000,023 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2010/09/19 19:27:54 | 000,000,022 | ---- | C] () -- C:\Users\Harit\AppData\Local\kodakpcd.ini
[2010/09/16 11:38:54 | 000,000,058 | ---- | C] () -- C:\Windows\sview.ini
[2010/09/16 11:21:20 | 000,000,502 | ---- | C] () -- C:\Windows\tiff2pdf.ini
[2010/08/17 20:34:27 | 000,038,334 | ---- | C] () -- C:\Users\Harit\test.pdf
[2010/08/17 17:19:03 | 002,463,976 | ---- | C] () -- C:\Windows\SysWow64\NPSWF32.dll
[2010/06/26 12:44:11 | 000,004,096 | -H-- | C] () -- C:\Users\Harit\AppData\Local\keyfile3.drm
[2010/04/29 18:59:27 | 000,000,048 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/03/31 10:21:31 | 007,618,560 | ---- | C] () -- C:\Users\Harit\Hudson Montessori (Backup Mar 31,2010  10 20 AM).QBB
[2010/03/07 23:19:41 | 020,140,032 | ---- | C] () -- C:\Users\Harit\RightFaceLtd (Backup Mar 07,2010  10 19 PM).QBB
[2010/03/07 20:23:37 | 000,000,000 | ---- | C] () -- C:\Users\Harit\AppData\Local\prvlcl.dat
[2009/06/24 23:08:02 | 000,007,004 | ---- | C] () -- C:\Users\Harit\ZOOM.htm
[2009/06/24 13:54:41 | 000,408,661 | ---- | C] () -- C:\Users\Harit\HM Tan combo.pdf
[2005/10/11 09:56:52 | 000,000,129 | ---- | C] () -- C:\Users\Harit\default.pls
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:5C321E34

< End of report >

Title: Desktop Frozen
Post by: guestolo on June 30, 2012, 06:27:28 PM

That looks good, no, I don't think I need to see the AVG log
Can you do the following please

• Press the Windows Key and R on your keyboard. This will bring up the Run... command.
     
• Now type in Combofix /Uninstall in the runbox and click OK. (Notice the space between the "x" and "/")
     
• Please follow the prompts to uninstall Combofix.
• You will then receive a message saying Combofix was uninstalled successfully once it's done uninstalling itself.

Right click on OTL.exe and choose to "Run as Admin"
When it opens, click on the CLEANUP button
Follow prompts and reboot when prompted

Back in Windows, you may want to try a reinstall of AVG
Here's a link to the free version
http://download.cnet.com/AVG-Anti-Virus-Free-Edition-2012/3000-2239_4-10320142.html?part=dl-avg_free_ca&subj=dl&tag=button

After you install, and get AVG updated, can you reboot and let me know how things are now please

Title: Desktop Frozen
Post by: indfin on June 30, 2012, 06:53:43 PM

Did the ComboFix Uninstall, the OTL Clean Up and the AVG install.

Also did the Google searches, and the four of five links I clicked on took me to the relevant sites.

The computer is running great.  Thank you so ver much for all your help.  Really appreciate it.

Title: Desktop Frozen
Post by: guestolo on June 30, 2012, 07:02:03 PM

Are you getting redirected on some other links?

Title: Desktop Frozen
Post by: indfin on June 30, 2012, 07:12:43 PM

I did a few searches and I have not been re-directed as yet.

Title: Desktop Frozen
Post by: guestolo on June 30, 2012, 08:46:01 PM

I'll lock this topic in 24 hours if everything is still ok
If I don't hear back from you, take care indfin  /smile.gif\' class=\'bbc_emoticon\' alt=\':)\' />

Title: Desktop Frozen
Post by: indfin on July 01, 2012, 08:45:08 AM

Thank you very much guestolo.  It is working fine now.

Just out of curiosity, was it an AVG problem?  It was strange because the computer was working fine, decided to take a day off, and started working fine again.  I don't understand.

PS:  Do you have a Dwolla account?

Title: Desktop Frozen
Post by: guestolo on July 03, 2012, 10:59:30 AM

Quote

Just out of curiosity, was it an AVG problem?

It could of been, I'm not 100% sure as ComboFix did fix some problems
No sorry, but thanks anyways
I don't use dwolla, I believe it's only offered to US citizens, I'm up here in Canada  /smile.gif\' class=\'bbc_emoticon\' alt=\':)\' />

Title: Desktop Frozen
Post by: indfin on July 03, 2012, 12:57:00 PM

Ok, guestolo, I know now that the offending program is QuickBooks.  Among the updates I had done earlier, an R11 update from QB was included.  But then I had done a System Restore.

Today, I used QB again.  It asked me to install the update and after the installation, I restarted the computer.  Before the computer restarted, a blue screen appeared with a long message starting with "Windows has detected a bad program and is shutting down to prevent damage to the computer."  (I am writing this from another computer.)

I will try to restart again in safe mode and do a System restore, if it lets me.  If it doesn't, I will let you know.

Thank you.

Title: Desktop Frozen
Post by: guestolo on July 03, 2012, 02:39:13 PM

It's possible this is associated with your problems
http://support.quickbooks.intuit.com/support/Articles/SLN41800

Title: Desktop Frozen
Post by: indfin on July 03, 2012, 03:34:23 PM

The computer ran Start-Up Repair upon restart.  It ran for over two hours!!  (When I hit the Cancel button after 10 minutes, it said the operation cannot be cancelled.)

Anyway, it is up an running now, restored to an earlier date.

The QB link you mentioned refers to earlier versions of QB.  I have the 2011 version.  I found the following in a link on R11 update search:

[font="Arial Black"]Try renaming your config.msi folder.

   Open Windows Explorer (right-click on the Start button and select Explore)
   Double-click on the C: drive
   Show hidden files and folders (Tools > Folder Options > Select View tab >Hidden files and folders > select Show hidden files and folders > Click Apply and OK)
   Show protected operating system files (Tools > Folder Options > Select View tab > Deselect Hide protected operating system files > Click Apply and OK)
   Right-click Config.Msi folder and select Rename
   Add .old to the end of the filename and press Enter (the folder name should now be Config.Msi.old)
   Hide protected operating system files and hidden files and folders again (following Step 3 and 4 above, but hiding, instead of showing)
   Now update, repair, uninstallation or installation should complete without error[/font]

However, I am not going to attempt it.  I can live without the update.

Somehow, this has also messed up Java.  I cannot uninstall it  from the Add/Remove window.  When I try to, I get the message attached here.

Thank you, once again, for your help.  It is much appreciated.

Title: Desktop Frozen
Post by: guestolo on July 03, 2012, 04:14:50 PM

Download and save to desktop JavaRA from the following link
http://download.thewebatom.net/4fe46177bc8cd/JavaRa-1.16-22-6-12.zip
Extract to it's own folder
Open the folder and Right click on JavaRa.exe and choose to "Run as Admin"
Choose 'English' then click "Select"
Under "Additional tasks" select the top 3 selections and also the bottom 2 selections
Then click GO
OK all the prompts, close the box afterwards
Ensure all browser windows are closed and choose "Remove older versions"

Reboot, is that any help?

Title: Desktop Frozen
Post by: indfin on July 03, 2012, 04:55:36 PM

Now the computer won't even start.  It gets stuck on 'Starting Windows.'  The two available options are 'Start Normally' or 'Startup Repair.'  Repair means another two hours.

If I hit Delete at start up, will it give me the choice to start in safe mode or something? Ok, there is no safe mode there.

What do I do now?

If i don't hear from you tonight, I will run Start-Up Repair again before I go to bed and hope for the best by morning.

Title: Desktop Frozen
Post by: guestolo on July 03, 2012, 05:02:14 PM

After you ran Javara? I doubt it would cause that

Try the startup repair option if start normally isn't working
I'm running out of time to help on this unfortuneately, tonight is my last night here before I leave
for work for 28 days, at which time my internet time is very very limited

NOTE: You aren't running registry cleaners on this machine are you?

Title: Desktop Frozen
Post by: indfin on July 03, 2012, 05:09:23 PM

No I am not running registry cleaners or anything else.

I did not run Java.  I shut it before running Java to see if it was running fine.

Hopefully, Start-up Repair will fix it.  If not, I am leaving for a trip too on the 5th until the 30th.  Will deal with it when you return.

Willyou be on your computer for a while today?  I will run the repair now and let you know.  As I said, it could be 2 hours.

Thank you.

Title: Desktop Frozen
Post by: guestolo on July 03, 2012, 05:34:53 PM

I'll be off and on for the rest of the day
Come tomorrow, I'll be trying to be on in the morning, but after that time is very limited for the
next 28 days.. Not my choice, it's where work takes me  /smile.gif\' class=\'bbc_emoticon\' alt=\':)\' />

Title: Desktop Frozen
Post by: indfin on July 03, 2012, 05:39:13 PM

By no means do I want to impose on your time.  You are doing me a favor and you have been very helpful, not only this time but also in the past.

Have a fruitful trip.  If it gets done before you leave, well and good.  If not, we will revisit whenever you have time on your return.

Thank you.

Title: Desktop Frozen
Post by: indfin on July 04, 2012, 12:49:18 AM

After a couple of tries, it started.  I will install Java and let you know.  Anything else I should be doing?

Title: Desktop Frozen
Post by: indfin on July 04, 2012, 10:53:32 AM

I ran JavaRa.  It removed the old files except that the last selection - Remove Java Console Extension - stayed on with the check mark.  Maybe it is supposed to stay that way.

Also, did you want me to post the log?

The computer is working fine, but the last few re-starts have taken forever.  So this machine will be staying on until I have to turn it off.

Thanks again and enjoy your trip.

Title: Desktop Frozen
Post by: guestolo on July 04, 2012, 11:33:05 AM

Quote

but the last few re-starts have taken forever

It's not an AVG problem again is it?
The last time it was....
I don't need to see the log from JavaRA
You may want to again try an uninstall of AVG, reboot, run the removal tool, reboot
Any quicker startup?

Title: Desktop Frozen
Post by: indfin on July 04, 2012, 11:55:06 AM

I am just afraid of a reboot right now.  The last one rendered the machine useless for two to three hours.  And I have much work on this computer before my trip tomorrow.  I will finish whatever I have to do while it is still working and try the uninstall later tonight after wrapping up my work.

I understand you will be unavailable by that time.  I will give you an update after you return.

Thank you, once again, for your time and patience.

Title: Desktop Frozen
Post by: indfin on September 02, 2012, 02:57:10 PM

Hi Guestolo, I have graduated to bigger problems since my return.  The biggest issue is that a message keeps popping up on my screen every 15 minutes or so saying, 'Windows detected a hard disk problem' and that I should back up all my data and contact my computer manufacturer.  This has been going on for three days.

When I start my computer, before the Windows logo comes on, there is a lot of text in black and white ending with 'AHCI Port 1 Device Error' and to hit F1 to continue.  (The Port 1 Device is the CD-ROM, I believe.)  The computer starts after I hit F1.

The computer is considerably slower than before on start up, but not like it was (20 minutes for start-up) when we communicated last time in early July.

I do not believe it is a hard drive error, but it may well be.  The computer keeps freezing, about once a day, usually when using Firefox, but also when I am running Foobar or other programs.  The freeze lasts 5 minutes or less.  Most of the time it runs fine.

There is too much going on and I hope I have given you the gist of the problem(s).  Should I send you the HijackThis log or run anything else, or should I start looking for a new machine?

Thank you.

Title: Desktop Frozen
Post by: guestolo on September 03, 2012, 11:15:22 AM

I would backup all files/folder.. eg.. Save pictures, videos, word files, etc.. that you want to keep to external drive or cd/dvd

What is the exact make/model of computer?
You may have to replace the harddrive, have you made your recovery disks for this machine? Or were they supplied when you bought it?

Title: Desktop Frozen
Post by: indfin on September 03, 2012, 12:27:55 PM

I use an online back-up service, so all files are hopefully saved.

The computer is eMachines ET1831-07, bought 2 1/2 years ago.  I did make the Recovery Disks.

Title: Desktop Frozen
Post by: guestolo on September 03, 2012, 01:33:39 PM

Your hoping the files are saved, still might be a good idea to backup to external drive or DVD if you want to be double sure
You should run a harddrive diagnostic tool... Do you know the makers of your harddrive?

If not, try this tool to identify and post back make of harddrive
http://www.filehippo.com/download_speccy
UNTICK both options when installing concerning Google Chrome, you don't need it if you don't want it

Title: Desktop Frozen
Post by: indfin on September 03, 2012, 09:20:56 PM

I checked from another computer, I can download my saved files from the back up service.  But I will still get an external hard drive to back up the music files, etc. which I don't save with the online back up; gets too expensive.

Ran Speccy.  The harddrive is '699GB Seagate ST375052 8AS SCSI Disk Device (ATA)'.  Following is the rest of the information:

ST375052 8AS SCSI Disk Device
   Manufacturer   Seagate
   Form Factor   3.5"
   Interface   ATA
   Capacity   699GB
   Real size   750,156,374,016 bytes
   RAID Type   None
      S.M.A.R.T
         S.M.A.R.T not supported
      Partition 0
         Partition ID   Disk #0, Partition #0
         Size   13.0 GB
      Partition 1
         Partition ID   Disk #0, Partition #1
         Size   100 MB
      Partition 2
         Partition ID   Disk #0, Partition #2
         Disk Letter   C:
         File System   NTFS
         Volume Serial Number   084A77B1
         Size   686GB
         Used Space   149GB (22%)
         Free Space   536GB (78%)

Please let me know how to run the harddrive diagnostic tool.  Also, should I wait to get the external harddrive and back up the rest of my files before running the diagnostic tool, or it makes no difference?

Thank you for your time and patience.

Title: Desktop Frozen
Post by: guestolo on September 03, 2012, 09:58:03 PM

An external drive is a good idea for backup if you can afford one
Or backup music to blank DVD-r's as eg...
mp3's can be backed up as data


You can run this now, before getting external drive or burning disks
I would run the Seatools for Dos on  drive, will show you if the drive is failing
Run short and long test

Here is the instructions and download link to create a bootable CD
http://knowledge.seagate.com/articles/en_US/FAQ/201271en

Title: Desktop Frozen
Post by: indfin on September 03, 2012, 11:55:21 PM

I copied the ISO image to a CD and then rebooted the computer with the CD.  But it gave me the same black and white text at the beginning with the 'AHCI Port 1 Device Error' message and saying to hit F1 to continue. I hit F1 and the computer stared normally.  The Port 1 Device is the CD-ROM, so I guess it does not read the CD.

What do you suggest I do?

Title: Desktop Frozen
Post by: guestolo on September 04, 2012, 09:18:01 PM

Can you go to START>>All Programs>>Accessories>>> Right click on Command Prompt and choose to "Run as Administrator"
At the prompt, copy and paste the folllowing command, then hit Enter on your keyboard

[color="#FF0000"]chkdsk C: > C:\chkdsksave.txt[/color]

Let this finish, it may take some time
When done, post back the contents of C:\chkdsksave.txt
If the contents of chkdsksave.txt is not at 100 percent, close it and let it finish

Title: Desktop Frozen
Post by: indfin on September 04, 2012, 09:38:19 PM

Thank you for getting back.  If you don't mind, I will run this tonight and post the results in the morning.

Title: Desktop Frozen
Post by: indfin on September 04, 2012, 10:01:48 PM

Given all my computer problems, I expected this to run for hours.  It got done in less than two minutes.

The type of the file system is NTFS.
Volume label is eMachines.

WARNING!  F parameter not specified.
Running CHKDSK in read-only mode.

CHKDSK is verifying files (stage 1 of 3)...
 0 percent complete. (0 of 461824 file records processed)    
 0 percent complete. (22529 of 461824 file records processed)    
 0 percent complete. (35294 of 461824 file records processed)    
 1 percent complete. (46183 of 461824 file records processed)    
 1 percent complete. (75349 of 461824 file records processed)    
 2 percent complete. (92365 of 461824 file records processed)    
 3 percent complete. (138548 of 461824 file records processed)    
 4 percent complete. (184730 of 461824 file records processed)    
 5 percent complete. (230912 of 461824 file records processed)    
 6 percent complete. (277095 of 461824 file records processed)    
 7 percent complete. (323277 of 461824 file records processed)    
 8 percent complete. (369460 of 461824 file records processed)    
 9 percent complete. (415642 of 461824 file records processed)    
  461824 file records processed.                                        

File verification completed.
  761 large file records processed.                                  

  0 bad file records processed.                                    

  0 EA records processed.                                          

  119 reparse records processed.                                     

CHKDSK is verifying indexes (stage 2 of 3)...
11 percent complete. (12457 of 536308 index entries processed)   
12 percent complete. (25207 of 536308 index entries processed)   
13 percent complete. (37957 of 536308 index entries processed)   
14 percent complete. (50707 of 536308 index entries processed)   
15 percent complete. (63457 of 536308 index entries processed)   
16 percent complete. (76207 of 536308 index entries processed)   
17 percent complete. (88957 of 536308 index entries processed)   
18 percent complete. (101707 of 536308 index entries processed)   
19 percent complete. (114457 of 536308 index entries processed)   
20 percent complete. (127206 of 536308 index entries processed)   
21 percent complete. (139956 of 536308 index entries processed)   
22 percent complete. (152706 of 536308 index entries processed)   
23 percent complete. (165456 of 536308 index entries processed)   
24 percent complete. (178206 of 536308 index entries processed)   
25 percent complete. (190956 of 536308 index entries processed)   
26 percent complete. (203706 of 536308 index entries processed)   
27 percent complete. (216456 of 536308 index entries processed)   
28 percent complete. (229206 of 536308 index entries processed)   
29 percent complete. (241956 of 536308 index entries processed)   
30 percent complete. (254706 of 536308 index entries processed)   
31 percent complete. (267456 of 536308 index entries processed)   
32 percent complete. (280206 of 536308 index entries processed)   
33 percent complete. (292956 of 536308 index entries processed)   
34 percent complete. (305705 of 536308 index entries processed)   
35 percent complete. (318455 of 536308 index entries processed)   
36 percent complete. (331205 of 536308 index entries processed)   
37 percent complete. (343955 of 536308 index entries processed)   
38 percent complete. (356705 of 536308 index entries processed)   
39 percent complete. (369455 of 536308 index entries processed)   
40 percent complete. (382205 of 536308 index entries processed)   
41 percent complete. (394955 of 536308 index entries processed)   
42 percent complete. (407705 of 536308 index entries processed)   
43 percent complete. (420455 of 536308 index entries processed)   
44 percent complete. (433205 of 536308 index entries processed)   
45 percent complete. (445955 of 536308 index entries processed)   
46 percent complete. (458705 of 536308 index entries processed)   
46 percent complete. (461835 of 536308 index entries processed)   
46 percent complete. (461877 of 536308 index entries processed)   
46 percent complete. (462266 of 536308 index entries processed)   
46 percent complete. (462304 of 536308 index entries processed)   
46 percent complete. (462673 of 536308 index entries processed)   
46 percent complete. (463175 of 536308 index entries processed)   
46 percent complete. (463473 of 536308 index entries processed)   
46 percent complete. (466230 of 536308 index entries processed)   
46 percent complete. (466577 of 536308 index entries processed)   
46 percent complete. (466905 of 536308 index entries processed)   
46 percent complete. (466970 of 536308 index entries processed)   
46 percent complete. (466979 of 536308 index entries processed)   
46 percent complete. (467334 of 536308 index entries processed)   
46 percent complete. (467555 of 536308 index entries processed)   
46 percent complete. (467870 of 536308 index entries processed)   
46 percent complete. (468293 of 536308 index entries processed)   
46 percent complete. (468336 of 536308 index entries processed)   
46 percent complete. (468941 of 536308 index entries processed)   
46 percent complete. (469996 of 536308 index entries processed)   
46 percent complete. (471440 of 536308 index entries processed)   
47 percent complete. (471455 of 536308 index entries processed)   
47 percent complete. (472258 of 536308 index entries processed)   
47 percent complete. (473625 of 536308 index entries processed)   
47 percent complete. (474262 of 536308 index entries processed)   
47 percent complete. (474571 of 536308 index entries processed)   
47 percent complete. (475268 of 536308 index entries processed)   
47 percent complete. (476081 of 536308 index entries processed)   
47 percent complete. (477803 of 536308 index entries processed)   
47 percent complete. (478432 of 536308 index entries processed)   
47 percent complete. (478740 of 536308 index entries processed)   
47 percent complete. (478813 of 536308 index entries processed)   
47 percent complete. (479187 of 536308 index entries processed)   
47 percent complete. (479598 of 536308 index entries processed)   
47 percent complete. (480036 of 536308 index entries processed)   
47 percent complete. (480290 of 536308 index entries processed)   
47 percent complete. (480802 of 536308 index entries processed)   
47 percent complete. (481144 of 536308 index entries processed)   
47 percent complete. (481597 of 536308 index entries processed)   
47 percent complete. (482001 of 536308 index entries processed)   
47 percent complete. (482148 of 536308 index entries processed)   
47 percent complete. (482447 of 536308 index entries processed)   
47 percent complete. (482604 of 536308 index entries processed)   
47 percent complete. (482681 of 536308 index entries processed)   
47 percent complete. (482813 of 536308 index entries processed)   
47 percent complete. (483142 of 536308 index entries processed)   
47 percent complete. (483396 of 536308 index entries processed)   
47 percent complete. (483489 of 536308 index entries processed)   
47 percent complete. (483615 of 536308 index entries processed)   
47 percent complete. (483811 of 536308 index entries processed)   
48 percent complete. (484204 of 536308 index entries processed)   
48 percent complete. (484540 of 536308 index entries processed)   
48 percent complete. (484990 of 536308 index entries processed)   
48 percent complete. (485997 of 536308 index entries processed)   
48 percent complete. (486571 of 536308 index entries processed)   
48 percent complete. (486871 of 536308 index entries processed)   
48 percent complete. (487443 of 536308 index entries processed)   
48 percent complete. (487940 of 536308 index entries processed)   
48 percent complete. (488216 of 536308 index entries processed)   
48 percent complete. (489427 of 536308 index entries processed)   
48 percent complete. (489975 of 536308 index entries processed)   
48 percent complete. (491025 of 536308 index entries processed)   
48 percent complete. (491596 of 536308 index entries processed)   
48 percent complete. (492454 of 536308 index entries processed)   
48 percent complete. (493137 of 536308 index entries processed)   
48 percent complete. (494804 of 536308 index entries processed)   
48 percent complete. (495790 of 536308 index entries processed)   
48 percent complete. (496287 of 536308 index entries processed)   
48 percent complete. (496703 of 536308 index entries processed)   
49 percent complete. (496954 of 536308 index entries processed)   
49 percent complete. (498268 of 536308 index entries processed)   
49 percent complete. (498905 of 536308 index entries processed)   
  536308 index entries processed.                                       

Index verification completed.
  0 unindexed files scanned.                                       

  0 unindexed files recovered.                                     

CHKDSK is verifying security descriptors (stage 3 of 3)...
52 percent complete. (0 of 461824 file SDs/SIDs processed)   
53 percent complete. (34937 of 461824 file SDs/SIDs processed)   
54 percent complete. (73187 of 461824 file SDs/SIDs processed)   
55 percent complete. (111437 of 461824 file SDs/SIDs processed)   
56 percent complete. (149687 of 461824 file SDs/SIDs processed)   
57 percent complete. (187937 of 461824 file SDs/SIDs processed)   
58 percent complete. (226186 of 461824 file SDs/SIDs processed)   
59 percent complete. (264436 of 461824 file SDs/SIDs processed)   
60 percent complete. (302686 of 461824 file SDs/SIDs processed)   
61 percent complete. (340936 of 461824 file SDs/SIDs processed)   
62 percent complete. (379186 of 461824 file SDs/SIDs processed)   
63 percent complete. (417435 of 461824 file SDs/SIDs processed)   
64 percent complete. (455685 of 461824 file SDs/SIDs processed)   
  461824 file SDs/SIDs processed.                                       

Security descriptor verification completed.
  37243 data files processed.                                          

CHKDSK is verifying Usn Journal...
99 percent complete. (0 of 37308224 USN bytes processed)       
100 percent complete. (37306368 of 37308224 USN bytes processed)       
  37308224 USN bytes processed.                                           

Usn Journal verification completed.
Windows has checked the file system and found no problems.

 718837759 KB total disk space.
 156597252 KB in 203951 files.
   128044 KB in 37244 indexes.
        0 KB in bad sectors.
   734939 KB in use by the system.
    65536 KB occupied by the log file.
 561377524 KB available on disk.

     4096 bytes in each allocation unit.
 179709439 total allocation units on disk.
 140344381 allocation units available on disk.

Title: Desktop Frozen
Post by: guestolo on September 05, 2012, 06:47:56 AM

Can you run the short and long tests for Seatools for Windows
Let me know how it goes please
http://knowledge.seagate.com/articles/en_US/FAQ/202435en

download link
http://www.seagate.com/support/downloads/seatools/

Title: Desktop Frozen
Post by: indfin on September 05, 2012, 08:36:54 AM

The 'How To' article mentions these five tests:

•       Short Drive Self Test (20 to 90 seconds long)
•       Long Drive Self Test (may take up to 4 hours, progress in 10% increments)
•       Drive Information
•       Short Generic
•       Long Generic (progress in 1% increments)

Would you like me to run both the short and both the long tests?

As each of the two long tests takes considerable amount of time, I will run them at night and let you know.

As an aside, other than the nuisance of the 'Windows detected a hard disk' message that pops up every five minutes, the computer is actually working quite fast.  However, it is slower than before on restarts.  It also works jerkily now and then, but only for a minute or so, as if starting a new process.  After restart too, it takes a few minutes to come to full speed.  So it would be good to know what is failing inside.  Thank you for all your help.

Title: Desktop Frozen
Post by: Dataguru on September 06, 2012, 01:34:41 AM

I Think your window is corrupt !!!!!!!! Reinstalled it again !!!!!!!!!!

Title: Desktop Frozen
Post by: guestolo on September 07, 2012, 09:10:15 PM

Any update??

Title: Desktop Frozen
Post by: indfin on September 08, 2012, 02:14:10 PM

Hi,

Sorry for the delay.  Tried running SeaTools.  On the screen where I have to check which drive to test, it does not even show the hard drive.

I have attached the screen shot.

Title: Desktop Frozen
Post by: indfin on September 08, 2012, 03:15:00 PM

Please see previous post; plus now this.

I just opened my email.  There are about 50 'Delivery Status Notification emails in my inbox.  Following is the text from one of them:

Received: from tlzupv ([39.45.158.206])
   by omta10.emeryville.ca.mail.comcast.net with comcast
   id wjZM1j00U4TUV5j8Wja9i7; Sat, 08 Sep 2012 19:34:44 +0000
X-Authority-Analysis: v=2.0 cv=RrWdt1aK c=1 sm=1
 a=X1OlQS9092mZi7quX/TvKg==:17 a=Dyoqhi_TatcA:10 a=rl5eUP2J6s4A:10
 a=Cfj4BQAnxiAA:10 a=C_IRinGWAAAA:8 a=CjxXgO3LAAAA:8 a=QEklvn78AAAA:8
 a=iI3fa4gTEmyUYJC17AgA:9 a=Ft8UYL4EG9YA:10 a=KXuLW65_DLEA:10
 a=foP282CL0ScA:10 a=X1OlQS9092mZi7quX/TvKg==:117
Date: Sat, 08 Sep 2012 22:14:35 +0200
From: [email protected]
X-Priority: 3 (Normal)
Message-Id: <519885853.20120908221401Email Removed>
To: foss50Email Removed, arizona22ifyEmail Removed, the_stone_rangerEmail Removed, [email protected], [email protected]
Subject: Le,s"b -i a n #
MIME-Version: 1.0
Content-Type: text/plain; charset=windows-1251
Content-Transfer-Encoding: quoted-printable

Title: Desktop Frozen
Post by: guestolo on September 09, 2012, 08:56:09 PM

again, I'm out of town, if you still need a hand... I'm sure you have to replace the Harddrive
But, it will have to wait till I get back home
Thursday at the earliest, very sorry  /unsure.gif\' class=\'bbc_emoticon\' alt=\':unsure:\' />

Title: Desktop Frozen
Post by: indfin on September 09, 2012, 09:20:51 PM

No problem.  Reply when you are back and will take it up then.

Title: Desktop Frozen
Post by: guestolo on September 14, 2012, 10:57:09 AM

Do you have an empty USB flashdrive? We can still try and get Seatools for Dos to run from it
Format the flashdrive to fat32 aheand of time... Insert the drive into computer
Go to START>>Computer.. right click your thumbdrive and choose the format>quick option

Put Seatools for Dos on usb drive: Here are the instructions:
http://techno-jack.blogspot.ca/2011/09/how-to-create-bootable-usb-disk-for.html

NOTE: on step 1 it gives a download link to Seatool Bootable disk
DON'T use that download link, instead, use your download of Seatools for Dos .iso file
or redownload from here
http://www.seagate.com/support/downloads/seatools/

you will need a tool to extract the .iso file
If you don't have one, use 7zip
here's a link
http://www.7-zip.org/download.html
download the .exe file and install it
Extract Seagate tools .iso file to it's own folder on desktop by right clicking it
Choose 7zip >> Extract to SeatoolsDosAll.......

A tool to help create a bootable usb
Nothing to install: But download win32diskimager (http://"https://launchpad.net/win32-image-writer/0.6/0.6/+download/win32diskimager-binary.zip")
Again, extract to it's own folder
In step 3 it ask to look for Seatools.img file
You may not see that file, so when browsing for it in the SeatoolsDos23all folder, if you don't see Seatools.img
Change the save as type from *.img*,IMG file >>>> and choose just  *.*
Then select the seatools.ima file
After successfully creating the bootable usb

Next: Ensure your computer is set to boot from USB flash drive or USB-HDD
Here's some info:
http://saveme.danfischbach.com/usbbios

Also, while your in the bios. Can you ensure that IDE controllers are enabled.. Just double checking to see
if that is why you can't boot to CD/DVD or use it

Title: Desktop Frozen
Post by: indfin on September 17, 2012, 07:52:49 PM

Hi and thank you for your reply.  I will be back at my desk on Wednesday and run what you asked me to at that time.  Thanks again.

Title: Desktop Frozen
Post by: indfin on September 30, 2012, 04:11:40 PM

Sorry for not getting back for so many days.  As you may have well guessed, my computer just died.  

I put the hard drive from this computer into the new one, but it does not even show up.  In any event, I had backed up all my data just in the nick of time and am up and running with a new machine.  Thank you for all your time and effort.  Truly appreciate it.