[Inactive]strange happenings

[coast]

Hello

I recently had a problem with my computer in which I thought my hard drive was  failing. It locking up and going into check disk regularly at start up. I used CCleaner to clean up lingering stuff. I also used it to clean up my registry. I had no success in solving the problem with that. Using Seatools, the hard drive failed the long generic test and passed the others. Through multiple restarts and manual check disk sequence, I seem to be past the original problem.

I am now left with 2 identifiable problems. (1) Adobe reader is in protected mode and is preventing me from opening pdf files. (2) AVG seemed to be a part of the original problem and still is. I get a setup error with a code: 0xC0070643. AVG created 2 error logs that can be reviewed if requested. I worked with AVG for over an hour and they feel it is a problem with my computer.

I think I am getting in over my head on this one. I will appreciate your assistance in fixing this mess I have gotten myself into.

Thank you
Coast

[Hoov]

If your harddrive failed the long generic test, back up your entire drive and get a replacement drive as soon as possible. Then move everything to the new drive. Anything else is playing with fire. I have seen drives work just fine with a failure such as your for weeks. But when it dies, everything on the drive is lost unless you want to pay to get it recovered. It is possible that backing up everything will cause the drive to fail. If you cannot backup your existing drive, backup all your personal data and when the new drive shows up, you can start with a new windows install and go from there.

Which brings up the point, do you have a windows install CD or a system restore disk from your computers manufacturer?

[coast]

I do not have the disks. I bought the notebook used and was giong to clone the drive but never got around to it. I now have more incentive. Hopefully I will be able to get it done tomorrow.

I do have a USB to SATA cable, but it is plug in pinned connector as apposed to spade connector. Is that the difference between desktop drives and notebook drives? 

[Hoov]

SATA drives, full size and laptop all have the "Spade" or blade part of the connector on the drive. If your cable has a socket on it, it will work as long as you also have the power adapter to get power to the drive as well as the USB cable will not provide power to the drive.

[coast]

Hello Hoov,
I have cloned and replaced the hard drive. Still have the problem with AVG and PDF.
Thanks for your help so far.
Gratefully,
Coast

[Hoov]

I would uninstall AVG, run AVG Removal Tool and then reinstall AVG.

Let me know if that fixes the problem with AVG.

If AVG will not uninstall, just use the removal tool to uninstall it, then reinstall normally.

[coast]

The unistall tool appears to work fine. The install tool fails with a "Setup error".
Code 0x0070643
General internal error.
MSI Engine: Failed to install the product.
@AVGMSI_Error 27028
Writing config value failed (0xC00736B1)

[Hoov]

Do you have any other security software installed?

[coast]

There is the windows firewall that is on.   Windows defender is on. The windows security center says there is no virus protection. I am not aware of any other security software.

[Hoov]

Try this,

I need you to reboot windows cleanly. To do that please go to the run command and type in msconfig . Once that starts, select selective startup, and then uncheck the load startup items. Now click on the services tab, and down near the bottom of the window, check the box that says Hide all Microsoft Services now go up and uncheck all the services still listed, make sure you scroll down the list if need to unselect all the non Microsoft services. Now click apply, then click OK and reboot the computer.

Now try installing AVG. Once it installs or fails, run msconfig and select normal startup then click apply then OK and reboot the computer.

Let me know what happened.

[coast]

Done. Resulted in the same error. I did not have to uncheck any services; they were all unchecked.

[Hoov]

Well that probably explains that problem, but may lead to bigger issues. Run msconfig and select normal startup then click apply then OK and reboot the computer.

Now try installing AVG. Let me know what happens.

[coast]

I guess it is bigger issues.  javascript:replaceText(' ', document.forms.postmodify.message); I got the same error again.

[Hoov]

Just so that you know I have moved your thread to the malware removal board so we can use the malware tools to try and fix your problem. I suspect it is either malware related or due to corruption.

We need to see some information about what is happening in your machine.  Please perform the following scan:

• Download DDS by sUBs from one of the following links.  Save it to your desktop.
  • DDS.scr
    
• Double click on the DDS icon, allow it to run.
  
• A small box will open, with an explaination about the tool.  No input is needed, the scan is running.
• Notepad will open with the results.
• Please copy and paste both logs into your next response. You may need more than one response.
• Close the program window, and delete the program from your desktop.

Please note:  You may have to disable any script protection running if the scan fails to run.  After downloading the tool, disconnect from the internet and disable all antivirus protection.  Run the scan, enable your A/V and reconnect to the internet. 

Information on A/V control HERE





I need you to go to the administration tools in Windows. They are in the Control Panel. Open the Admin tools, then open the event viewer. Over on the left hand side expand the window category and then click on  System. Then up at the top click on Action and then click on Save Events As, type in system as the file name,  make sure file type EVTX is selected, and then navigate so it will save the file to your desktop, then click save. Over on the left hand side and click on Application. Then up at the top click on Action and then click on Save Events As, type in application as the file name,  make sure file type EVTX (for XP it is EVT file type) is selected, and then navigate so it will save the file to your desktop, then click save. Zip them both up into a single zip file, post them back here in your next reply as attachments.

[coast]

DDS said two files would be created, but only one appeared.


.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 9.0.8112.16421
Run by Kelly at 18:47:07 on 2011-11-21
Microsoft® Windows Vista™ Home Premium   6.0.6002.2.1252.1.1033.18.3062.1323 [GMT -6:00]
.
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\vfsFPService.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Acer\Acer Bio Protection\CompPtcVUI.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
C:\Windows\system32\agrsmsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Program Files\Nero\Update\NASvc.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\PLFSetI.exe
C:\Windows\RtHDVCpl.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe
C:\Users\Kelly\AppData\Local\Temp\RtkBtMnt.exe
C:\Program Files\Launch Manager\LManager.exe
C:\Program Files\Windows iLivid Toolbar\Datamngr\datamngrUI.exe
C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\Program Files\Unified Remote\RemoteServer.exe
C:\Program Files\W3i\InstallIQUpdater\InstallIQUpdater.exe
C:\Program Files\WhiteSmoke\WSEnrichment.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\igfxext.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Kelly\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Kelly\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\rundll32.exe
C:\Users\Kelly\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.ca/
uInternet Settings,ProxyOverride = *.local
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: DivX Plus Web Player HTML5 <video>: {326e768d-4182-46fd-9c16-1449a49795f4} - c:\program files\divx\divx plus web player\ie\divxhtml5\DivXHTML5.dll
BHO: Searchqu Toolbar: {99079a25-328f-4bd4-be04-00955acaa0a7} - c:\progra~1\wi371a~1\datamngr\toolbar\searchqudtx.dll
BHO: Loader Class: {9d717f81-9148-4f12-8568-69135f087db0} - c:\progra~1\wi371a~1\datamngr\BROWSE~1.DLL
BHO: Skype Plug-In: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
TB: Searchqu Toolbar: {99079a25-328f-4bd4-be04-00955acaa0a7} - c:\progra~1\wi371a~1\datamngr\toolbar\searchqudtx.dll
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
uRun: [Google Update] "c:\users\kelly\appdata\local\google\update\GoogleUpdate.exe" /c
uRun: [ISUSPM] "c:\program files\common files\installshield\updateservice\ISUSPM.exe" -scheduler
uRun: [Unified Remote v2] c:\program files\unified remote\RemoteServer.exe
uRun: [Xvid] c:\program files\xvid\CheckUpdate.exe
uRun: [InstallIQUpdater] "c:\program files\w3i\installiqupdater\InstallIQUpdater.exe" /silent /autorun
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [IAAnotif] c:\program files\intel\intel matrix storage manager\iaanotif.exe
mRun: [PLFSetI] c:\windows\PLFSetI.exe
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [Skytel] Skytel.exe
mRun: [ZPdtWzdVitaKey MC3000] "c:\program files\acer\acer bio protection\PdtWzd.exe" show
mRun: [LManager] c:\progra~1\launch~1\LManager.exe
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [DATAMNGR] c:\progra~1\wi371a~1\datamngr\DATAMN~1.EXE
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [B2C_AGENT] c:\programdata\lgmobileax\b2c_client\B2CNotiAgent.exe
mRun: [TrueImageMonitor.exe] c:\program files\acronis\trueimagehome\TrueImageMonitor.exe
mRun: [AcronisTimounterMonitor] c:\program files\acronis\trueimagehome\TimounterMonitor.exe
mRun: [Acronis Scheduler2 Service] "c:\program files\common files\acronis\schedule2\schedhlp.exe"
mRun: [DivXUpdate] "c:\program files\divx\divx update\DivXUpdate.exe" /CHECKNOW
StartupFolder: c:\users\kelly\appdata\roaming\micros~1\windows\startm~1\programs\startup\launch~1.lnk - c:\program files\whitesmoke\WSEnrichment.exe
StartupFolder: c:\users\kelly\appdata\roaming\microsoft\windows\start menu\programs\startup\OneNote Table Of Contents.onetoc2
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
IE: {10954C80-4F0F-11d3-B17C-00C0DFE39736} - c:\program files\acer\acer bio protection\PwdBank.exe
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{138F3D98-EAF5-4B8D-8BEC-EB24EB59771B} : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{6AC4E051-7D87-442F-BA2B-99EC83CF9B9A} : DhcpNameServer = 192.168.1.1
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: AWinNotifyVitaKey MC3000 - c:\program files\acer\acer bio protection\WinNotify.dll
Notify: igfxcui - igfxdev.dll
AppInit_DLLs: c:\progra~1\wi371a~1\datamngr\datamngr.dll c:\progra~1\wi371a~1\datamngr\iebho.dll
LSA: Notification Packages = scecli c:\program files\acer\acer bio protection\PwdFilter
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\kelly\appdata\roaming\mozilla\firefox\profiles\3y5vcej3.default\
FF - prefs.js: browser.search.selectedEngine - Web Search
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com
FF - prefs.js: keyword.URL - hxxp://www.searchqu.com/web?src=ffb&appid=119&systemid=406&sr=0&q=
FF - component: c:\program files\windows ilivid toolbar\datamngr\firefoxextension\components\DataMngrHlpFF3.dll
FF - component: c:\users\kelly\appdata\roaming\mozilla\firefox\profiles\3y5vcej3.default\extensions\{6ac85730-7d0f-4de0-b3fa-21142dd85326}\platform\winnt\components\ColorZilla.dll
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\divx\divx ovs helper\npovshelper.dll
FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: c:\program files\google\update\1.2.183.17\npGoogleOneClick8.dll
FF - plugin: c:\program files\google\update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: c:\program files\google\update\1.2.183.29\npGoogleOneClick8.dll
FF - plugin: c:\program files\google\update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\program files\google\update\1.2.183.7\npGoogleOneClick8.dll
FF - plugin: c:\program files\google\update\1.3.21.57\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.65\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.79\npGoogleUpdate3.dll
FF - plugin: c:\users\kelly\appdata\local\google\update\1.3.21.79\npGoogleUpdate3.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
FF - Ext: DivX Plus Web Player HTML5 &lt;video&gt;: {23fcfd51-4958-4f00-80a3-ae97e717ed8b} - c:\program files\divx\divx plus web player\firefox\DivXHTML5
FF - Ext: Greasemonkey: {e4a8a97b-f2ed-450b-b12d-ee082ba24781} - %profile%\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
FF - Ext: Web Developer: {c45c406e-ab73-11d8-be73-000a95be3b12} - %profile%\extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}
FF - Ext: ColorZilla: {6AC85730-7D0F-4de0-B3FA-21142DD85326} - %profile%\extensions\{6AC85730-7D0F-4de0-B3FA-21142DD85326}
FF - Ext: Stylish: {46551EC9-40F0-4e47-8E18-8E5CF550CFB8} - %profile%\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}
FF - Ext: CodeBurner for Firebug: firebug@tools.sitepoint.com - %profile%\extensions\firebug@tools.sitepoint.com
FF - Ext: MeasureIt: {75CEEE46-9B64-46f8-94BF-54012DE155F0} - %profile%\extensions\{75CEEE46-9B64-46f8-94BF-54012DE155F0}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: CacheViewer: {71328583-3CA7-4809-B4BA-570A85818FBB} - %profile%\extensions\{71328583-3CA7-4809-B4BA-570A85818FBB}
FF - Ext: DownloadHelper: {b9db16a4-6edc-47ec-a1f4-b86292ed211d} - %profile%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF - Ext: Screenshot Pimp: {056d0610-e44d-11df-bccf-0800200c9a66} - %profile%\extensions\{056d0610-e44d-11df-bccf-0800200c9a66}
.
============= SERVICES / DRIVERS ===============
.
R0 AlfaFF;AlfaFF File System mini-filter;c:\windows\system32\drivers\AlfaFF.sys [2009-6-1 43184]
R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2009-6-13 21504]
R2 NAUpdate;Nero Update;c:\program files\nero\update\NASvc.exe [2011-3-29 598312]
R2 vfsFPService;Validity Fingerprint Service;c:\windows\system32\vfsFPService.exe [2008-2-15 595248]
R3 itecir;ITECIR Infrared Receiver;c:\windows\system32\drivers\itecir.sys [2009-6-1 54784]
R3 vfs101x;vfs101x;c:\windows\system32\drivers\vfs101x.sys [2008-2-15 40752]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\common files\adobe\arm\1.0\armsvc.exe [2011-6-6 64952]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2009-9-17 133104]
S3 Andbus;LGE Android Platform Composite USB Device;c:\windows\system32\drivers\lgandbus.sys [2011-9-14 14336]
S3 AndDiag;LGE Android Platform USB Serial Port;c:\windows\system32\drivers\lganddiag.sys [2011-9-14 20736]
S3 AndGps;LGE Android Platform USB GPS NMEA Port;c:\windows\system32\drivers\lgandgps.sys [2011-9-14 20096]
S3 ANDModem;LGE Android Platform USB Modem;c:\windows\system32\drivers\lgandmodem.sys [2011-9-14 25088]
S3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys [2011-8-19 14216]
S3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys [2011-8-19 8456]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2009-9-17 133104]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
S3 XSIUSBXP;XSIUSBXP;c:\windows\system32\drivers\XSiUSBXp.sys [2011-11-14 14848]
.
=============== Created Last 30 ================
.
2011-11-21 22:57:59   56200   ----a-w-   c:\programdata\microsoft\windows defender\definition updates\{65b126b2-3ca0-40ca-8885-8ea25182871c}\offreg.dll
2011-11-19 00:55:16   2069272   ----a-w-   c:\windows\system32\AutoPartNt.exe
2011-11-18 08:03:03   6668624   ----a-w-   c:\programdata\microsoft\windows defender\definition updates\{65b126b2-3ca0-40ca-8885-8ea25182871c}\mpengine.dll
2011-11-17 02:46:06   134272   ----a-w-   c:\windows\system32\drivers\snman380.sys
2011-11-15 00:59:51   --------   d-----w-   c:\windows\system32\Silabs
2011-11-15 00:59:08   18944   ----a-w-   c:\windows\system32\drivers\XSiLib.sys
2011-11-15 00:59:08   18944   ----a-w-   c:\windows\system32\drivers\SiLib.sys
2011-11-15 00:59:08   14848   ----a-w-   c:\windows\system32\drivers\XSiUSBXp.sys
2011-11-15 00:59:08   14848   ----a-w-   c:\windows\system32\drivers\SiUSBXp.sys
2011-11-15 00:59:08   --------   d-----w-   c:\program files\Xtreme Tech
2011-11-13 22:42:15   --------   d-----w-   C:\AVGTemp
2011-11-13 18:44:39   --------   d-----w-   c:\programdata\{AB2D8F2E-F7AD-4446-A11A-50D846B2CF2A}
2011-11-12 03:19:52   971552   ----a-w-   c:\windows\system32\drivers\tdrpm174.sys
2011-11-12 03:19:46   540000   ----a-w-   c:\windows\system32\drivers\timntr.sys
2011-11-12 03:19:46   44704   ----a-w-   c:\windows\system32\drivers\tifsfilt.sys
2011-11-12 03:08:28   --------   d-sh--w-   c:\windows\system32\AI_RecycleBin
2011-11-12 03:08:26   --------   d-----w-   c:\programdata\W3i
2011-11-12 03:08:26   --------   d-----w-   c:\program files\W3i
2011-11-12 03:08:13   --------   d-----w-   c:\program files\Free Offers from Freeze.com
2011-11-12 03:07:55   --------   d-----w-   c:\program files\Yahoo!
2011-11-09 07:37:17   905088   ----a-w-   c:\windows\system32\drivers\tcpip.sys
2011-11-09 07:37:16   707584   ----a-w-   c:\program files\common files\system\wab32.dll
2011-10-26 02:42:07   --------   d-----w-   c:\users\kelly\appdata\roaming\Unified Remote
2011-10-26 02:41:57   --------   d-----w-   c:\program files\Unified Remote
.
==================== Find3M  ====================
.
2011-10-13 23:28:08   414368   ----a-w-   c:\windows\system32\FlashPlayerCPLApp.cpl
2011-09-06 13:30:12   2043392   ----a-w-   c:\windows\system32\win32k.sys
2011-09-01 02:35:59   1798144   ----a-w-   c:\windows\system32\jscript9.dll
2011-09-01 02:28:15   1126912   ----a-w-   c:\windows\system32\wininet.dll
2011-09-01 02:22:54   2382848   ----a-w-   c:\windows\system32\mshtml.tlb
2011-08-25 16:15:04   555520   ----a-w-   c:\windows\system32\UIAutomationCore.dll
2011-08-25 16:14:01   563712   ----a-w-   c:\windows\system32\oleaut32.dll
2011-08-25 16:14:01   238080   ----a-w-   c:\windows\system32\oleacc.dll
2011-08-25 13:31:01   4096   ----a-w-   c:\windows\system32\oleaccrc.dll
.
============= FINISH: 18:47:30.22 ===============