Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

can't even sign into Geeks to go [Closed]


  • This topic is locked This topic is locked

#1
akl16

akl16

    New Member

  • Member
  • Pip
  • 5 posts
Hi wonderful geeks,
I haven't had a problem in a while but now whatever is infecting my dell vostro 1510 laptop running xp with service pack 3 is even preventing me from signing into Geeks to go
My woes started about two weeks my computer was running very slow, especially outlook and explorer 8. So I decided to do a registry clean with Registry fix and crap cleaner but that had no affect. I then decided to go remove a bunch of software using the disk cleanup, I then did a check disk. I then tried to do a defrag in safemode and got a kdcom.dll error.
After searching online, I tried several things including updating kdcom but that had no affect. I then tried a few dll fixers but when they started to run I got BSOD with an iastor.sys error. After researching further I discovered that iastor related to the Intel memory so I tried Intel driver scan and the same thing happened, BSOD.
I went to dell and did a search on the drivers and I tired to update the drivers but again that had no effect. When I loaded the latest bios driver I received a message that I was up to date. Also the new iastor.sys driver wouldn't load.
I then tried the windows debug but could not get it to show anything. Finally I tried replacing KDcom and iastor directly in the windows 32 file but I wound up deleting iastor and it crashed the computer so I used the recovery disk. Booting to the last know good... would not work
I did not do a clean install as I have not backed up in a while. I did a re-install from the repair screen, (the second repair option not on the initial boot screen). The install went fairly well until the last minute. the computer hung at the blue screen after the windows logo and before the logon. So I shut off by hitting the power button. I turned it on and it booted right up.

Internet explorer and the CA security suite did not load properly. First I went to install all the windows updates but I could not get explorer or firefox to work, there was a key error. The same happened when i tried to run CA suite. I finally downloaded a new version of IE through firefox and got the CA virus to load. After running an update I tired fixing the dlls but was getting the BSOD again.. The computer crashed again so I did another recovery and got it working. I also found I was getting a third bsod related to roxio so I deleted that program and that problem disappeared.

I began backing up and found that I could not burn a DVD, a quicken backup said the drive was read only. I ran the dell diagnostic on the hardware an the only problems were old battery and the DVD tray did not open, I have no DVD tray.

I also ran I OTL early on when the problems first showed up. I compared it to an older scan and did not notice anything that looked suspicious to me.

I was also getting a lot of dinging like when you get an error message but I could not find anything the showed up to indicate why I was getting that ringing. I was also getting “change global template plate message but that is something that happened in the past. Finally I was sent a link for a new kdll.com that was accepted in the windows system 32 folder but it did not cure the safemode issue.

I ran a few virus scans, they showed nothing so I started to suspect a ram problem. I reran the dell hardware diagnostic but nothing showed but it did hang halfway through the more extensive scan. I then took out the RAM and cleaned the contacts and ran it again and the same thing happened. I then ran a windows ram check from windows: wtinst and another called memory86. Neither showed a ram problem. Then Yesterday I noticed that when I was doing a search google jumped to insurance puma.com.
I remained I had some kind of redirected. I ran the only thing that would remove it, combo fix.
That worked it fixed most of the issues especially the safe mode BSOD.
Except I still could nit get most of the Windows updates to load. I also had to uninstall CA suite to run combofix.

This morning I experienced more slowing issues but it appeared the redirector was gone. I ran
A few online virus scans and got message about a bifrost virus, a trojan.IframeREF!E2 and a root error. So ran the combofix again. It deleted nothing this time.
I also downloaded EMSIS and AVG to clean out the mess but EMSIS only quarantined the Iframe, and AVG found nothing.
But then I started getting a redirect again I did a online virus scan and it showed viruses. When I check the for files those viruses supposedly create I could nit find them.

SO now It appears my computer is running slow, I am having trouble with outlook explorer and firefox. I could nit even sign into Geeks togo. Is this all from a redirector?\

Thank you for you help


OTL logfile created on: 2/13/2012 10:19:35 PM - Run 4
OTL by OldTimer - Version 3.2.18.0 Folder = C:\Documents and Settings\Andy Lachman\My Documents\downloads,fixes, update
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 63.00% Memory free
5.00 Gb Paging File | 4.00 Gb Available in Paging File | 77.00% Paging File free
Paging file location(s): c:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 223.08 Gb Total Space | 132.78 Gb Free Space | 59.52% Space Free | Partition Type: NTFS

Computer Name: ANDLAC | User Name: Andy Lachman | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/02/11 09:07:19 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2012/02/11 09:07:16 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe
PRC - [2012/02/01 10:46:36 | 003,357,584 | ---- | M] (Emsi Software GmbH) -- C:\Program Files\Emsisoft Anti-Malware\a2guard.exe
PRC - [2012/01/24 17:24:26 | 002,416,480 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgtray.exe
PRC - [2012/01/22 08:40:04 | 003,025,112 | ---- | M] (Emsi Software GmbH) -- C:\Program Files\Emsisoft Anti-Malware\a2service.exe
PRC - [2011/11/28 01:19:04 | 001,229,664 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgnsx.exe
PRC - [2011/10/12 06:25:22 | 004,433,248 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
PRC - [2011/09/08 20:53:26 | 000,743,264 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgrsx.exe
PRC - [2011/08/15 06:21:40 | 000,337,760 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgcsrvx.exe
PRC - [2011/08/02 06:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe
PRC - [2010/12/25 17:27:33 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Andy Lachman\My Documents\downloads,fixes, update\OTL.exe
PRC - [2008/06/11 21:43:26 | 000,640,376 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
PRC - [2008/04/14 07:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/01/31 14:03:40 | 000,094,208 | R--- | M] (Brother Industries, Ltd.) -- C:\Program Files\Brother\Brmfcmon\BrMfimon.exe
PRC - [2007/11/09 20:51:40 | 000,540,672 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files\Brother\ControlCenter3\BrccMCtl.exe
PRC - [2007/11/05 21:34:58 | 000,741,376 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
PRC - [2006/09/11 05:40:32 | 000,218,032 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
PRC - [2006/05/01 07:23:42 | 000,323,736 | ---- | M] (J.W. Hance) -- C:\Program Files\NetSwitcher for Windows\NetSwTray.exe
PRC - [2002/04/12 00:00:00 | 000,057,344 | ---- | M] (brother Industries Ltd) -- C:\WINDOWS\system32\BRSVC01A.EXE
PRC - [2001/12/12 02:01:00 | 000,045,056 | ---- | M] (brother Industries Ltd) -- C:\WINDOWS\system32\BRSS01A.EXE


========== Modules (SafeList) ==========

MOD - [2012/01/31 09:19:26 | 000,225,056 | ---- | M] (Emsi Software GmbH) -- C:\Program Files\Emsisoft Anti-Malware\a2hooks32.dll
MOD - [2010/12/25 17:27:33 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Andy Lachman\My Documents\downloads,fixes, update\OTL.exe
MOD - [2010/08/23 11:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_dellsupportcenter) SupportSoft Sprocket Service (dellsupportcenter)
SRV - File not found [Disabled | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE -- (!SASCORE)
SRV - [2012/01/22 08:40:04 | 003,025,112 | ---- | M] (Emsi Software GmbH) [Auto | Running] -- C:\Program Files\Emsisoft Anti-Malware\a2service.exe -- (a2AntiMalware)
SRV - [2011/12/06 11:48:02 | 000,045,056 | ---- | M] (Intuit) [Disabled | Stopped] -- C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe -- (QBCFMonitorService)
SRV - [2011/10/12 06:25:22 | 004,433,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2011/08/02 06:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
SRV - [2011/06/30 12:25:52 | 001,248,256 | ---- | M] (Intuit Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\Intuit\DataProtect\QBIDPService.exe -- (QBVSS)
SRV - [2010/07/23 18:35:00 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010/07/07 10:47:05 | 000,030,192 | ---- | M] (Google) [Disabled | Stopped] -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe -- (GoogleDesktopManager-051210-111108)
SRV - [2010/04/16 09:03:12 | 000,386,424 | ---- | M] (SupportSoft, Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\supportsoft\bin\ssrc.exe -- (SupportSoft RemoteAssist)
SRV - [2010/03/18 15:47:22 | 000,035,160 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe -- (aspnet_state)
SRV - [2010/03/18 12:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/18 12:16:28 | 000,124,240 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2009/07/23 20:10:38 | 000,061,440 | ---- | M] (Intuit Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe -- (QBFCService)
SRV - [2008/08/15 04:46:20 | 000,284,016 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe -- (Adobe Version Cue CS4)
SRV - [2008/07/29 10:11:00 | 000,071,512 | ---- | M] (O2Micro International) [Disabled | Stopped] -- C:\WINDOWS\system32\drivers\o2flash.exe -- (o2flash)
SRV - [2007/01/04 16:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) [Disabled | Stopped] -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service)
SRV - [2002/04/12 00:00:00 | 000,057,344 | ---- | M] (brother Industries Ltd) [Auto | Running] -- C:\WINDOWS\system32\BRSVC01A.EXE -- (Brother XP spl Service)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | System | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - File not found [Kernel | System | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS -- (SASDIFSV)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\ANDYLA~1\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - [2012/02/06 10:32:29 | 000,009,072 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\16980 -- (16980)
DRV - [2011/11/02 10:13:28 | 000,034,768 | ---- | M] (Emsi Software GmbH) [File_System | System | Running] -- C:\Program Files\Emsisoft Anti-Malware\a2dix86.sys -- (a2injectiondriver)
DRV - [2011/11/02 10:13:12 | 000,051,632 | ---- | M] (Emsi Software GmbH) [File_System | On_Demand | Running] -- C:\Program Files\Emsisoft Anti-Malware\a2accx86.sys -- (a2acc)
DRV - [2011/10/07 06:23:48 | 000,230,608 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2011/10/04 06:21:42 | 000,016,720 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSShim.sys -- (AVGIDSShim)
DRV - [2011/09/13 06:30:10 | 000,032,592 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\avgrkx86.sys -- (Avgrkx86)
DRV - [2011/08/08 06:08:58 | 000,040,016 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2011/07/11 01:14:38 | 000,295,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2011/07/11 01:14:28 | 000,024,272 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV - [2011/07/11 01:14:28 | 000,023,120 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys -- (AVGIDSEH)
DRV - [2011/07/11 01:14:26 | 000,134,608 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV - [2011/06/02 10:08:34 | 000,011,336 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\SystemRequirementsLab\cpudrv.sys -- (cpudrv)
DRV - [2011/05/19 13:10:34 | 000,017,904 | ---- | M] (Emsi Software GmbH) [Kernel | System | Running] -- C:\Program Files\Emsisoft Anti-Malware\a2ddax86.sys -- (A2DDA)
DRV - [2010/05/05 08:40:32 | 000,011,776 | ---- | M] (Emsi Software GmbH) [Kernel | System | Running] -- C:\Program Files\Emsisoft Anti-Malware\a2util32.sys -- (a2util)
DRV - [2010/01/13 12:18:36 | 001,730,272 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\igxpmp32.sys -- (ialm)
DRV - [2009/03/06 06:58:44 | 000,208,304 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP)
DRV - [2008/11/26 11:39:24 | 001,391,104 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2008/08/26 19:39:48 | 000,043,608 | ---- | M] (O2Micro ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\o2sd.sys -- (O2SDRDR)
DRV - [2008/08/26 19:39:42 | 000,051,288 | ---- | M] (O2Micro ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\o2media.sys -- (O2MDRDR)
DRV - [2008/08/14 06:57:42 | 000,074,720 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\adfs.sys -- (adfs)
DRV - [2008/07/16 16:32:12 | 000,235,840 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\OEM13Vid.sys -- (OEM13Vid)
DRV - [2008/07/16 16:32:10 | 000,007,424 | ---- | M] (EyePower Games Pte. Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\OEM13Vfx.sys -- (OEM13Vfx)
DRV - [2008/07/16 16:32:00 | 000,141,376 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\OEM13Afx.sys -- (OEM13Afx)
DRV - [2008/04/14 07:06:40 | 000,043,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\amdagp.sys -- (amdagp)
DRV - [2008/04/14 07:06:40 | 000,040,960 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sisagp.sys -- (sisagp)
DRV - [2008/04/14 07:00:00 | 000,179,584 | ---- | M] (Mylex Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys -- (dac2w2k)
DRV - [2008/04/14 07:00:00 | 000,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2008/04/14 07:00:00 | 000,063,744 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mf.sys -- (mf)
DRV - [2008/04/14 07:00:00 | 000,049,024 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql1280.sys -- (ql1280)
DRV - [2008/04/14 07:00:00 | 000,045,312 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql12160.sys -- (ql12160)
DRV - [2008/04/14 07:00:00 | 000,040,320 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql1080.sys -- (ql1080)
DRV - [2008/04/14 07:00:00 | 000,036,736 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ultra.sys -- (ultra)
DRV - [2008/04/14 07:00:00 | 000,032,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys -- (symc8xx)
DRV - [2008/04/14 07:00:00 | 000,030,688 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys -- (sym_u3)
DRV - [2008/04/14 07:00:00 | 000,028,384 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys -- (sym_hi)
DRV - [2008/04/14 07:00:00 | 000,026,496 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\asc.sys -- (asc)
DRV - [2008/04/14 07:00:00 | 000,019,072 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sparrow.sys -- (Sparrow)
DRV - [2008/04/14 07:00:00 | 000,017,280 | ---- | M] (American Megatrends Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys -- (mraid35x)
DRV - [2008/04/14 07:00:00 | 000,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symc810.sys -- (symc810)
DRV - [2008/04/14 07:00:00 | 000,014,848 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\asc3550.sys -- (asc3550)
DRV - [2008/04/14 07:00:00 | 000,006,656 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\cmdide.sys -- (CmdIde)
DRV - [2008/04/14 07:00:00 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\aliide.sys -- (AliIde)
DRV - [2008/03/17 16:54:30 | 000,305,176 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\iaStor.sys -- (iaStor)
DRV - [2008/02/21 19:28:14 | 000,105,856 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2008/02/21 16:24:52 | 000,155,136 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2007/11/14 16:14:02 | 004,625,408 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2007/07/23 16:05:20 | 000,009,104 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\DLADResM.SYS -- (DLADResM)
DRV - [2007/07/23 16:04:58 | 000,037,360 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\DLABMFSM.SYS -- (DLABMFSM)
DRV - [2007/07/23 16:04:56 | 000,098,448 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\DLAUDF_M.SYS -- (DLAUDF_M)
DRV - [2007/07/23 16:04:56 | 000,093,552 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\DLAUDFAM.SYS -- (DLAUDFAM)
DRV - [2007/07/23 16:04:54 | 000,027,216 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\DLAOPIOM.SYS -- (DLAOPIOM)
DRV - [2007/07/23 16:04:52 | 000,032,848 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\DLABOIOM.SYS -- (DLABOIOM)
DRV - [2007/07/23 16:04:52 | 000,016,304 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\DLAPoolM.SYS -- (DLAPoolM)
DRV - [2007/07/23 16:04:50 | 000,108,752 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\DLAIFS_M.SYS -- (DLAIFS_M)
DRV - [2007/07/23 15:55:44 | 000,099,808 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\DRVMCDB.SYS -- (DRVMCDB)
DRV - [2007/07/23 15:49:44 | 000,030,064 | ---- | M] (Roxio) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLARTL_M.SYS -- (DLARTL_M)
DRV - [2007/07/23 15:49:44 | 000,014,576 | ---- | M] (Roxio) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\DLACDBHM.SYS -- (DLACDBHM)
DRV - [2007/07/23 15:43:42 | 000,052,000 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\DRVNDDM.SYS -- (DRVNDDM)
DRV - [2005/08/12 17:50:46 | 000,016,128 | ---- | M] (Dell Inc) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS -- (APPDRV)
DRV - [2001/08/17 13:12:20 | 000,060,416 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BrSerWdm.sys -- (BrSerWDM)
DRV - [2001/08/17 13:12:20 | 000,011,008 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BrUsbMdm.sys -- (BrUsbMdm)
DRV - [2001/08/17 13:12:12 | 000,002,944 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BrFilt.sys -- (brfilt)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = partnerpage.google.com/smallbiz.dell.com/en_us?hl=en&client=dell-usuk&channel=us-smb&ibd=6081220
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = partnerpage.google.com/smallbiz.dell.com/en_us?hl=en&client=dell-usuk&channel=us-smb&ibd=6081220
IE - HKLM\..\URLSearchHook: {03402f96-3dc7-4285-bc50-9e81fefafe43} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL LLC.)

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?...EIE8HP&PC=DI215
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.msn.com/sphome.aspx
IE - HKCU\..\URLSearchHook: {03402f96-3dc7-4285-bc50-9e81fefafe43} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL LLC.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..network.proxy.type: 0

FF - HKLM\software\mozilla\Firefox\extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG2012\Firefox4\ [2012/02/13 15:29:26 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 10.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/02/11 09:07:19 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 10.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2011/11/07 21:29:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andy Lachman\Application Data\Mozilla\Extensions
[2012/02/06 10:07:52 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2012/02/11 09:07:19 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browsercomps.dll
[2012/02/06 10:07:42 | 000,002,252 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\bing.xml
[2012/02/06 10:07:42 | 000,002,040 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\twitter.xml

O1 HOSTS File: ([2012/02/12 13:38:04 | 000,000,050 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\HOSTS
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 71.74.56.22 nswsmtp
O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files\Adobe\/Adobe Contribute CS4/contributeieplugin.dll ()
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll (Google Inc.)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll (Dell Inc.)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (MSN Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files\MSN\Toolbar\3.0.0988.2\msneshellx.dll (Microsoft Corp.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files\Adobe\/Adobe Contribute CS4/contributeieplugin.dll ()
O3 - HKLM\..\Toolbar: (AIM Toolbar) - {61539ecd-cc67-4437-a03c-9aaccbd14326} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL LLC.)
O3 - HKCU\..\Toolbar\ShellBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\WebBrowser: (AIM Toolbar) - {61539ECD-CC67-4437-A03C-9AACCBD14326} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL LLC.)
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [BrMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [emsisoft anti-malware] c:\program files\emsisoft anti-malware\a2guard.exe (Emsi Software GmbH)
O4 - HKLM..\Run: [NetSwitcher Tray Application] C:\Program Files\NetSwitcher for Windows\NetSwTray.exe (J.W. Hance)
O4 - HKCU..\Run: [ISUSPM] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (Macrovision Corporation)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoThumbnailCache = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Append to existing PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to existing PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O9 - Extra Button: AIM Toolbar - {0b83c99c-1efa-4259-858f-bcb33e007a5b} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL LLC.)
O9 - Extra Button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKCU\..Trusted Ranges: Range1 ([http] in Local intranet)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.micros...n/ieawsdc32.cab (Microsoft Office Template and Media Control)
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} http://go.microsoft....k/?linkid=58813 (Office Genuine Advantage Validation Tool)
O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} http://www.musicnote...ad/mnviewer.cab (Musicnotes Viewer)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://fpdownload.ma...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://windowsupdate...b?1328538569626 (WUWebControl Class)
O16 - DPF: {682C59F5-478C-4421-9070-AD170D143B77} http://www.dell.com/...t/Ode/pcd86.cab (Launcher Class)
O16 - DPF: {6A4F3A11-99B7-4BD1-AF88-B7354D1DAECD} http://www.freehandm...usicControl.cab (SoleroMusicControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {A5A76EA0-7B92-4707-9DBF-6F6FE56A6800} http://scan.networkm...-ship-WD.V1.cab (Pure Networks Security Scan)
O16 - DPF: {B66A992D-C262-496E-8328-2F14FD80443A} https://qbo.intuit.c...49/qboimax7.cab (QuickBooks Online Edition Import Utilities Class v7)
O16 - DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} http://support.dell....lSystemLite.CAB (DellSystemLite.Scanner)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} http://content.syste...tel_4.5.3.0.cab (SysInfo Class)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (Reg Error: Value error.)
O16 - DPF: {E6BB2089-163F-466B-812A-748096614DFD} http://cainternetsec...r/cascanner.cab (CAScanner Control)
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} https://secure.logme...trl.cab?lmi=100 (Performance Viewer Activex Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62 192.168.1.1
O18 - Protocol\Handler\intu-help-qb4 {ACE22922-D07C-4860-B51B-8CF472FEC2CB} - C:\Program Files\Intuit\QuickBooks Enterprise Solutions 11.0\HelpAsyncPluggableProtocol.dll (Intuit, Inc.)
O18 - Protocol\Handler\intu-help-qb5 {867FCB77-9823-4cd6-8210-D85F968D466F} - C:\Program Files\Intuit\QuickBooks 2012\HelpAsyncPluggableProtocol.dll (Intuit, Inc.)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/04/25 16:29:32 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart) - C:\Program Files\AVG\AVG2012\avgrsx.exe (AVG Technologies CZ, s.r.o.)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012/02/13 21:16:20 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2012/02/13 15:30:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andy Lachman\Application Data\AVG2012
[2012/02/13 15:28:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVG2012
[2012/02/13 15:28:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\AVG
[2012/02/13 15:27:14 | 000,000,000 | ---D | C] -- C:\Program Files\AVG
[2012/02/13 15:18:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2012/02/13 11:18:08 | 000,000,000 | ---D | C] -- C:\Program Files\Emsisoft Anti-Malware
[2012/02/13 11:18:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andy Lachman\My Documents\Anti-Malware
[2012/02/13 10:21:41 | 000,000,000 | ---D | C] -- C:\ComboFix
[2012/02/12 12:29:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Adobe
[2012/02/12 11:21:43 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2012/02/12 11:16:56 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2012/02/12 11:16:56 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2012/02/12 11:16:56 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2012/02/12 11:16:56 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2012/02/12 11:16:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2012/02/12 10:42:59 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/02/12 10:36:43 | 004,402,217 | R--- | C] (Swearware) -- C:\Documents and Settings\Andy Lachman\Desktop\ComboFix.exe
[2012/02/12 10:16:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PC Tools
[2012/02/12 10:16:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andy Lachman\Application Data\TestApp
[2012/02/11 06:20:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andy Lachman\Application Data\PerformerSoft
[2012/02/11 06:20:42 | 000,017,464 | ---- | C] (PerformerSoft LLC) -- C:\WINDOWS\System32\roboot.exe
[2012/02/11 06:20:31 | 000,000,000 | ---D | C] -- C:\Program Files\InstallBrainService
[2012/02/08 23:42:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Apple Computer
[2012/02/07 22:32:09 | 000,000,000 | ---D | C] -- C:\Program Files\Intel Desktop Board
[2012/02/07 00:35:54 | 000,150,608 | ---- | C] (CA) -- C:\WINDOWS\System32\drivers\KmxCF.1
[2012/02/07 00:35:54 | 000,116,304 | ---- | C] (CA) -- C:\WINDOWS\System32\drivers\KmxFw.1
[2012/02/06 23:54:13 | 000,000,000 | ---D | C] -- C:\2fb9cba1a47c5491a6c87e793f47029c
[2012/02/06 22:10:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\RegAce
[2012/02/06 22:10:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\RegAce
[2012/02/06 20:59:18 | 000,000,000 | -H-D | C] -- C:\WINDOWS\msdownld.tmp
[2012/02/06 14:22:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData
[2012/02/06 13:19:40 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2012/02/06 13:00:30 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2012/02/06 13:00:30 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2012/02/06 13:00:29 | 000,029,184 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw330ext.dll
[2012/02/06 12:58:28 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2012/02/06 10:34:53 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Scanner
[2012/02/05 23:12:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\Dell
[2012/02/05 10:00:45 | 000,053,248 | ---- | C] (Windows XP Bundled build C-Centric Single User) -- C:\WINDOWS\System32\CSVer.dll
[2012/02/05 09:54:54 | 000,935,768 | ---- | C] (O2Micro) -- C:\WINDOWS\System32\O2Icon_2.dll
[2012/02/05 09:54:54 | 000,739,160 | ---- | C] (O2Micro) -- C:\WINDOWS\System32\O2Icon.dll
[2012/02/05 09:54:54 | 000,071,512 | ---- | C] (O2Micro International) -- C:\WINDOWS\System32\drivers\o2flash.exe
[2012/02/05 09:54:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\SDA
[2012/02/05 09:54:50 | 000,000,000 | ---D | C] -- C:\Program Files\O2Micro Flash Memory Card Driver
[2012/02/04 22:24:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andy Lachman\Local Settings\Application Data\Innovative Solutions
[2012/02/04 22:23:29 | 009,101,424 | ---- | C] (Innovative Solutions ) -- C:\Documents and Settings\Andy Lachman\Desktop\drivermax.exe
[2012/02/04 21:25:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andy Lachman\My Documents\Device Doctor Pro
[2012/02/04 21:14:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
[2012/01/31 13:27:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Apple Computer
[2012/01/28 12:22:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andy Lachman\Desktop\New Folder
[2012/01/27 11:53:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PCDr
[2012/01/27 11:52:50 | 000,000,000 | ---D | C] -- C:\Program Files\Dell Support Center
[2012/01/27 11:46:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andy Lachman\Application Data\PCDr
[2012/01/26 22:30:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Ask
[2012/01/26 22:21:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andy Lachman\Application Data\SystemRequirementsLab
[2012/01/26 22:09:02 | 000,000,000 | ---D | C] -- C:\Program Files\SystemRequirementsLab
[2012/01/26 21:05:00 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Andy Lachman\Recent
[2012/01/26 21:04:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\FxsTmp
[2012/01/26 21:03:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andy Lachman\Local Settings\Application Data\nmmicrocore{DB9CF5D7-17C7-48c7-99A5-06E82D0A0252}
[2012/01/26 21:00:26 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SDKs
[2012/01/26 21:00:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AIM Toolbar
[2012/01/26 21:00:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andy Lachman\Local Settings\Application Data\AIM Toolbar
[2012/01/26 11:13:38 | 000,000,000 | ---D | C] -- C:\Program Files\Seagate
[2012/01/25 18:04:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\Symbols(2)
[2012/01/25 17:37:22 | 000,000,000 | ---D | C] -- C:\debug_symbols
[2012/01/25 17:27:43 | 000,000,000 | ---D | C] -- C:\Program Files\Debugging Tools for Windows (x86)
[2012/01/25 17:26:49 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SDKs(2)
[2012/01/25 15:59:26 | 000,000,000 | ---D | C] -- C:\4fcba2850e16b1822e71109127b1f07a
[2012/01/24 20:34:57 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Andy Lachman\Recent(2)
[2012/01/24 12:22:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andy Lachman\Desktop\IRA
[2012/01/23 15:53:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Adobe
[2012/01/23 09:36:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Sun
[2012/01/21 13:04:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Macromedia
[2012/01/21 13:04:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Adobe
[2012/01/21 12:49:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andy Lachman\Local Settings\Application Data\Ilivid Player
[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[38 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/02/13 22:25:00 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012/02/13 22:19:59 | 000,000,564 | ---- | M] () -- C:\WINDOWS\tasks\PCDoctorBackgroundMonitorTask.job
[2012/02/13 21:58:54 | 000,514,896 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/02/13 21:58:54 | 000,094,424 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012/02/13 21:55:02 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/02/13 21:54:45 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012/02/13 21:53:48 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/02/13 21:53:45 | 3211,169,792 | -HS- | M] () -- C:\hiberfil.sys
[2012/02/13 21:45:00 | 000,001,006 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1092536500-2006155561-895814021-1005UA.job
[2012/02/13 18:27:40 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012/02/13 17:04:31 | 000,025,346 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\iavichjg.avm
[2012/02/13 15:41:35 | 057,559,628 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2012/02/13 15:29:26 | 000,000,704 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AVG 2012.lnk
[2012/02/13 14:59:04 | 000,000,493 | ---- | M] () -- C:\WINDOWS\BRWMARK.INI
[2012/02/13 11:18:35 | 000,000,786 | ---- | M] () -- C:\Documents and Settings\Andy Lachman\Application Data\Microsoft\Internet Explorer\Quick Launch\Emsisoft Anti-Malware.lnk
[2012/02/13 11:18:35 | 000,000,768 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Emsisoft Anti-Malware.lnk
[2012/02/12 22:45:00 | 000,000,954 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1092536500-2006155561-895814021-1005Core.job
[2012/02/12 13:38:04 | 000,000,050 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\HOSTS
[2012/02/12 11:21:56 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2012/02/12 11:08:47 | 000,010,336 | ---- | M] () -- C:\WINDOWS\System32\CAScheduleTasks.JOB
[2012/02/12 10:57:18 | 000,139,612 | ---- | M] () -- C:\WINDOWS\System32\drivers\KmxAgent.asc
[2012/02/12 10:36:52 | 004,402,217 | R--- | M] (Swearware) -- C:\Documents and Settings\Andy Lachman\Desktop\ComboFix.exe
[2012/02/12 10:16:41 | 000,002,130 | ---- | M] () -- C:\Documents and Settings\Andy Lachman\Desktop\sdsetup_aff[1].exe.lnk
[2012/02/11 09:54:37 | 000,091,136 | ---- | M] () -- C:\Documents and Settings\Andy Lachman\Desktop\Symbol search path is.doc
[2012/02/11 09:31:55 | 000,000,466 | ---- | M] () -- C:\Brother MFC-7840W LAN.lnk
[2012/02/11 08:58:28 | 000,000,211 | ---- | M] () -- C:\Boot.bak
[2012/02/11 06:45:24 | 000,041,509 | ---- | M] () -- C:\Documents and Settings\Andy Lachman\Desktop\mindful-eating-as-food.pdf
[2012/02/11 06:20:55 | 000,002,034 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\repository.xml
[2012/02/10 15:59:35 | 000,622,104 | ---- | M] () -- C:\Documents and Settings\Andy Lachman\Desktop\723445 Royal.pdf
[2012/02/10 15:56:31 | 000,128,180 | ---- | M] () -- C:\Documents and Settings\Andy Lachman\Desktop\723445 Royal.jpg
[2012/02/10 13:45:53 | 000,106,624 | ---- | M] () -- C:\Documents and Settings\Andy Lachman\Desktop\Nicole Sweats.pdf
[2012/02/10 13:16:22 | 000,101,637 | ---- | M] () -- C:\Documents and Settings\Andy Lachman\Desktop\Nicole Sweats
[2012/02/09 08:23:23 | 000,015,581 | ---- | M] () -- C:\Documents and Settings\Andy Lachman\Desktop\Lisa Ross.pdf
[2012/02/08 17:23:23 | 000,001,685 | ---- | M] () -- C:\Documents and Settings\Andy Lachman\Desktop\creminder1.ics
[2012/02/08 09:01:53 | 000,009,728 | ---- | M] () -- C:\Documents and Settings\Andy Lachman\Desktop\AR 011812.xls
[2012/02/07 23:08:53 | 000,001,606 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\CDBurnerXP.lnk
[2012/02/07 22:49:02 | 000,654,920 | ---- | M] () -- C:\Documents and Settings\Andy Lachman\Desktop\mtinst.exe
[2012/02/07 19:57:33 | 016,246,229 | ---- | M] () -- C:\Documents and Settings\Andy Lachman\Desktop\macprodftp.132862956301.zip
[2012/02/07 00:35:47 | 000,150,608 | ---- | M] (CA) -- C:\WINDOWS\System32\drivers\KmxCF.1
[2012/02/07 00:35:47 | 000,116,304 | ---- | M] (CA) -- C:\WINDOWS\System32\drivers\KmxFw.1
[2012/02/07 00:15:03 | 000,460,112 | ---- | M] () -- C:\Documents and Settings\Andy Lachman\Desktop\CAInstall.exe
[2012/02/07 00:05:05 | 000,144,648 | ---- | M] () -- C:\Documents and Settings\Andy Lachman\Desktop\SupportBridge.exe
[2012/02/06 23:48:35 | 000,004,507 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012/02/06 23:48:26 | 000,000,781 | ---- | M] () -- C:\Documents and Settings\Andy Lachman\Desktop\Launch Internet Explorer Browser.lnk
[2012/02/06 21:12:00 | 000,010,166 | ---- | M] () -- C:\Documents and Settings\Andy Lachman\Desktop\kdcom.zip
[2012/02/06 20:16:03 | 2145,386,496 | ---- | M] () -- C:\WINDOWS\MEMORY.DMP
[2012/02/06 20:03:40 | 000,000,057 | ---- | M] () -- C:\WINDOWS\System32\mapisvc.inf
[2012/02/06 13:03:57 | 000,000,317 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2012/02/06 12:57:11 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2012/02/06 12:57:09 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2012/02/06 12:57:09 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2012/02/06 12:56:54 | 000,004,161 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2012/02/06 12:53:29 | 000,023,428 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat
[2012/02/06 10:32:29 | 000,009,072 | ---- | M] () -- C:\WINDOWS\System32\drivers\16980
[2012/02/06 10:13:40 | 000,332,092 | ---- | M] () -- C:\WINDOWS\setupapi.old
[2012/02/06 09:21:26 | 005,466,092 | ---- | M] () -- C:\Documents and Settings\Andy Lachman\Desktop\The Resource Specialists.zip
[2012/02/06 09:21:13 | 114,389,796 | ---- | M] () -- C:\Documents and Settings\Andy Lachman\Desktop\Prom2x.zip
[2012/02/06 09:20:29 | 107,827,366 | ---- | M] () -- C:\Documents and Settings\Andy Lachman\Desktop\Fiscal Guardians.zip
[2012/02/06 09:19:35 | 005,619,485 | ---- | M] () -- C:\Documents and Settings\Andy Lachman\Desktop\Legacy.zip
[2012/02/06 09:17:18 | 013,184,974 | ---- | M] () -- C:\Documents and Settings\Andy Lachman\Desktop\PTA.zip
[2012/02/06 09:12:13 | 021,890,361 | ---- | M] () -- C:\Documents and Settings\Andy Lachman\Desktop\PLUS.zip
[2012/02/06 09:11:12 | 000,229,814 | ---- | M] () -- C:\Documents and Settings\Andy Lachman\Desktop\MNSpayroll.zip
[2012/02/06 09:10:41 | 000,407,376 | ---- | M] () -- C:\Documents and Settings\Andy Lachman\Desktop\forms.zip
[2012/02/06 09:10:24 | 005,537,771 | ---- | M] () -- C:\Documents and Settings\Andy Lachman\Desktop\Cost Estimates.zip
[2012/02/06 09:06:22 | 000,220,481 | ---- | M] () -- C:\Documents and Settings\Andy Lachman\My Documents\It's a wrap! Philadelphia Inquirer 12-03-2007_files.zip
[2012/02/06 09:01:09 | 299,584,363 | ---- | M] () -- C:\Documents and Settings\Andy Lachman\Desktop\RJL.zip
[2012/02/06 08:59:15 | 1255,517,136 | ---- | M] () -- C:\Documents and Settings\Andy Lachman\Desktop\Artwork.zip
[2012/02/06 05:51:48 | 002,069,472 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/02/04 22:23:42 | 009,101,424 | ---- | M] (Innovative Solutions ) -- C:\Documents and Settings\Andy Lachman\Desktop\drivermax.exe
[2012/02/03 17:07:48 | 000,013,824 | ---- | M] () -- C:\Documents and Settings\Andy Lachman\My Documents\ADJ020312.xls
[2012/02/03 14:38:05 | 000,035,328 | ---- | M] () -- C:\Documents and Settings\Andy Lachman\My Documents\Misc.xls
[2012/02/03 09:24:55 | 000,032,645 | ---- | M] () -- C:\Documents and Settings\Andy Lachman\My Documents\Chase Statement011011.pdf
[2012/02/03 09:24:11 | 000,051,802 | ---- | M] () -- C:\Documents and Settings\Andy Lachman\My Documents\Chase Statement020811.pdf
[2012/02/03 09:22:58 | 000,050,160 | ---- | M] () -- C:\Documents and Settings\Andy Lachman\My Documents\Chase Statement030811.pdf
[2012/02/03 09:22:28 | 000,045,689 | ---- | M] () -- C:\Documents and Settings\Andy Lachman\My Documents\040811.pdf
[2012/02/03 09:22:05 | 000,070,762 | ---- | M] () -- C:\Documents and Settings\Andy Lachman\My Documents\Chase Statement050911.pdf
[2012/02/03 09:21:26 | 000,052,007 | ---- | M] () -- C:\Documents and Settings\Andy Lachman\My Documents\Chase Statement071111.pdf
[2012/02/03 09:20:33 | 000,032,104 | ---- | M] () -- C:\Documents and Settings\Andy Lachman\My Documents\Chase Statement080811.pdf
[2012/02/03 09:17:56 | 000,066,188 | ---- | M] () -- C:\Documents and Settings\Andy Lachman\My Documents\Chase Statement090911.pdf
[2012/02/03 09:16:36 | 000,085,466 | ---- | M] () -- C:\Documents and Settings\Andy Lachman\My Documents\Chase Statement1101011.pdf
[2012/02/03 09:15:19 | 000,101,441 | ---- | M] () -- C:\Documents and Settings\Andy Lachman\My Documents\Chase Statement110811.pdf
[2012/02/03 09:13:31 | 000,034,208 | ---- | M] () -- C:\Documents and Settings\Andy Lachman\My Documents\Chase Statement120811.pdf
[2012/02/03 09:12:54 | 000,080,913 | ---- | M] () -- C:\Documents and Settings\Andy Lachman\My Documents\Chase Statement0101012.pdf
[2012/02/02 15:35:54 | 000,044,032 | ---- | M] () -- C:\Documents and Settings\Andy Lachman\Desktop\AS report 2-2-12.xls
[2012/02/02 09:39:57 | 000,247,696 | ---- | M] () -- C:\Documents and Settings\Andy Lachman\My Documents\citicard 01-12-12.pdf
[2012/02/01 13:47:06 | 000,017,464 | ---- | M] (PerformerSoft LLC) -- C:\WINDOWS\System32\roboot.exe
[2012/01/28 21:39:11 | 000,019,456 | ---- | M] () -- C:\Documents and Settings\Andy Lachman\My Documents\AS credit card.xls
[2012/01/26 13:22:01 | 000,157,609 | ---- | M] () -- C:\Documents and Settings\Andy Lachman\Desktop\j.1524-4741.2011.01175.x.pdf
[2012/01/26 08:17:21 | 000,090,112 | ---- | M] () -- C:\Documents and Settings\Andy Lachman\My Documents\Mays Talks To Students At Polo Grounds.doc
[2012/01/26 08:14:24 | 000,067,072 | ---- | M] () -- C:\Documents and Settings\Andy Lachman\My Documents\Are you the kind of parent you should be.doc
[2012/01/26 08:12:46 | 000,048,128 | ---- | M] () -- C:\Documents and Settings\Andy Lachman\My Documents\Teachers must also learn far more about children.doc
[2012/01/23 22:49:33 | 000,049,664 | ---- | M] () -- C:\Documents and Settings\Andy Lachman\Desktop\I am receipt of your letter of Jan 19Th.doc
[2012/01/20 14:30:09 | 000,048,128 | ---- | M] () -- C:\Documents and Settings\Andy Lachman\My Documents\Skate letter.doc
[2012/01/20 06:02:07 | 000,012,686 | ---- | M] () -- C:\Documents and Settings\Andy Lachman\Desktop\deleted011911.pdf
[2012/01/19 17:14:44 | 001,693,887 | ---- | M] () -- C:\Documents and Settings\Andy Lachman\My Documents\House_Rules1-19-12.pdf
[2012/01/19 00:10:55 | 000,079,360 | ---- | M] () -- C:\Documents and Settings\Andy Lachman\Desktop\Copy of AR summary 011612 (2).xls
[2012/01/18 08:54:56 | 000,732,160 | ---- | M] () -- C:\Documents and Settings\Andy Lachman\My Documents\Fiscal cart.doc
[2012/01/18 08:22:50 | 000,000,794 | ---- | M] () -- C:\Documents and Settings\Andy Lachman\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Microsoft Office Outlook.lnk
[2012/01/17 19:50:05 | 000,000,989 | ---- | M] () -- C:\WINDOWS\Brpfx04a.ini
[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[38 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/02/13 17:04:31 | 000,025,346 | ---- | C] () -- C:\WINDOWS\System32\drivers\AVG\iavichjg.avm
[2012/02/13 15:41:35 | 057,559,628 | ---- | C] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2012/02/13 15:29:26 | 000,000,704 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\AVG 2012.lnk
[2012/02/13 11:18:35 | 000,000,786 | ---- | C] () -- C:\Documents and Settings\Andy Lachman\Application Data\Microsoft\Internet Explorer\Quick Launch\Emsisoft Anti-Malware.lnk
[2012/02/13 11:18:35 | 000,000,768 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Emsisoft Anti-Malware.lnk
[2012/02/12 12:23:15 | 3211,169,792 | -HS- | C] () -- C:\hiberfil.sys
[2012/02/12 11:21:55 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2012/02/12 11:21:46 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2012/02/12 11:16:56 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2012/02/12 11:16:56 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2012/02/12 11:16:56 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2012/02/12 11:16:56 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2012/02/12 11:16:56 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2012/02/12 11:08:47 | 000,010,336 | ---- | C] () -- C:\WINDOWS\System32\CAScheduleTasks.JOB
[2012/02/12 10:16:40 | 000,002,130 | ---- | C] () -- C:\Documents and Settings\Andy Lachman\Desktop\sdsetup_aff[1].exe.lnk
[2012/02/11 09:54:36 | 000,091,136 | ---- | C] () -- C:\Documents and Settings\Andy Lachman\Desktop\Symbol search path is.doc
[2012/02/11 09:31:54 | 000,000,466 | ---- | C] () -- C:\Brother MFC-7840W LAN.lnk
[2012/02/11 06:45:24 | 000,041,509 | ---- | C] () -- C:\Documents and Settings\Andy Lachman\Desktop\mindful-eating-as-food.pdf
[2012/02/11 06:20:55 | 000,002,034 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\repository.xml
[2012/02/11 06:14:13 | 001,363,968 | ---- | C] () -- C:\Documents and Settings\Andy Lachman\Desktop\Memtest86_4.0s.iso
[2012/02/10 15:59:35 | 000,622,104 | ---- | C] () -- C:\Documents and Settings\Andy Lachman\Desktop\723445 Royal.pdf
[2012/02/10 15:56:31 | 000,128,180 | ---- | C] () -- C:\Documents and Settings\Andy Lachman\Desktop\723445 Royal.jpg
[2012/02/10 13:45:53 | 000,106,624 | ---- | C] () -- C:\Documents and Settings\Andy Lachman\Desktop\Nicole Sweats.pdf
[2012/02/10 13:16:21 | 000,101,637 | ---- | C] () -- C:\Documents and Settings\Andy Lachman\Desktop\Nicole Sweats
[2012/02/09 08:23:23 | 000,015,581 | ---- | C] () -- C:\Documents and Settings\Andy Lachman\Desktop\Lisa Ross.pdf
[2012/02/08 17:23:11 | 000,001,685 | ---- | C] () -- C:\Documents and Settings\Andy Lachman\Desktop\creminder1.ics
[2012/02/08 09:01:49 | 000,009,728 | ---- | C] () -- C:\Documents and Settings\Andy Lachman\Desktop\AR 011812.xls
[2012/02/07 23:08:53 | 000,001,606 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\CDBurnerXP.lnk
[2012/02/07 22:48:57 | 000,654,920 | ---- | C] () -- C:\Documents and Settings\Andy Lachman\Desktop\mtinst.exe
[2012/02/07 22:23:59 | 000,001,023 | ---- | C] () -- C:\WINDOWS\System32\igxpxa32.vp
[2012/02/07 22:23:58 | 001,674,683 | ---- | C] () -- C:\WINDOWS\System32\igxpxa32.cpa
[2012/02/07 22:23:58 | 001,498,560 | ---- | C] () -- C:\WINDOWS\System32\igkrng400.bin
[2012/02/07 19:57:19 | 016,246,229 | ---- | C] () -- C:\Documents and Settings\Andy Lachman\Desktop\macprodftp.132862956301.zip
[2012/02/07 00:05:01 | 000,144,648 | ---- | C] () -- C:\Documents and Settings\Andy Lachman\Desktop\SupportBridge.exe
[2012/02/06 21:13:44 | 000,010,166 | ---- | C] () -- C:\Documents and Settings\Andy Lachman\Desktop\kdcom.zip
[2012/02/06 13:00:17 | 000,175,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll
[2012/02/06 12:59:41 | 001,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2012/02/06 12:59:25 | 000,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe
[2012/02/06 12:59:23 | 000,196,665 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe
[2012/02/06 12:59:20 | 000,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2012/02/06 12:59:07 | 013,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll
[2012/02/06 12:59:00 | 000,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
[2012/02/06 12:58:55 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\dllcache\fpencode.dll
[2012/02/06 12:58:32 | 000,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll
[2012/02/06 12:34:48 | 000,144,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\netfx.cat
[2012/02/06 12:34:47 | 000,112,918 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tabletpc.cat
[2012/02/06 12:34:47 | 000,037,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT
[2012/02/06 12:34:47 | 000,034,747 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mediactr.cat
[2012/02/06 12:34:47 | 000,026,991 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msn7.cat
[2012/02/06 12:34:47 | 000,016,535 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IMS.CAT
[2012/02/06 12:34:47 | 000,014,433 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msn9.cat
[2012/02/06 12:34:47 | 000,013,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT
[2012/02/06 12:34:47 | 000,012,363 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSMSGS.CAT
[2012/02/06 12:34:47 | 000,010,027 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSTSWEB.CAT
[2012/02/06 12:34:47 | 000,008,574 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT
[2012/02/06 12:34:47 | 000,007,710 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2012/02/06 12:34:46 | 001,296,669 | ---- | C] () -- C:\WINDOWS\System32\dllcache\SP3.CAT
[2012/02/06 12:34:46 | 000,797,189 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2012/02/06 12:34:46 | 000,399,645 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2012/02/06 12:34:46 | 000,034,063 | ---- | C] () -- C:\WINDOWS\System32\dllcache\FP4.CAT
[2012/02/06 12:34:45 | 002,144,487 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5.CAT
[2012/02/06 12:34:45 | 000,522,220 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5INF.CAT
[2012/02/06 10:32:29 | 000,009,072 | ---- | C] () -- C:\WINDOWS\System32\drivers\16980
[2012/02/06 10:26:18 | 000,460,112 | ---- | C] () -- C:\Documents and Settings\Andy Lachman\Desktop\CAInstall.exe
[2012/02/06 09:21:24 | 005,466,092 | ---- | C] () -- C:\Documents and Settings\Andy Lachman\Desktop\The Resource Specialists.zip
[2012/02/06 09:20:43 | 114,389,796 | ---- | C] () -- C:\Documents and Settings\Andy Lachman\Desktop\Prom2x.zip
[2012/02/06 09:20:05 | 107,827,366 | ---- | C] () -- C:\Documents and Settings\Andy Lachman\Desktop\Fiscal Guardians.zip
[2012/02/06 09:19:31 | 005,619,485 | ---- | C] () -- C:\Documents and Settings\Andy Lachman\Desktop\Legacy.zip
[2012/02/06 09:12:03 | 021,890,361 | ---- | C] () -- C:\Documents and Settings\Andy Lachman\Desktop\PLUS.zip
[2012/02/06 09:11:11 | 000,229,814 | ---- | C] () -- C:\Documents and Settings\Andy Lachman\Desktop\MNSpayroll.zip
[2012/02/06 09:10:40 | 000,407,376 | ---- | C] () -- C:\Documents and Settings\Andy Lachman\Desktop\forms.zip
[2012/02/06 09:10:16 | 005,537,771 | ---- | C] () -- C:\Documents and Settings\Andy Lachman\Desktop\Cost Estimates.zip
[2012/02/06 09:06:21 | 000,220,481 | ---- | C] () -- C:\Documents and Settings\Andy Lachman\My Documents\It's a wrap! Philadelphia Inquirer 12-03-2007_files.zip
[2012/02/06 09:01:24 | 013,184,974 | ---- | C] () -- C:\Documents and Settings\Andy Lachman\Desktop\PTA.zip
[2012/02/06 08:59:58 | 299,584,363 | ---- | C] () -- C:\Documents and Settings\Andy Lachman\Desktop\RJL.zip
[2012/02/06 08:54:26 | 1255,517,136 | ---- | C] () -- C:\Documents and Settings\Andy Lachman\Desktop\Artwork.zip
[2012/02/06 07:20:21 | 2145,386,496 | ---- | C] () -- C:\WINDOWS\MEMORY.DMP
[2012/02/06 04:46:43 | 000,001,361 | ---- | C] () -- C:\WINDOWS\System32\fxscount.h
[2012/02/06 04:26:37 | 000,004,507 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2012/02/06 04:26:06 | 000,007,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmerrenu.cat
[2012/02/05 13:10:02 | 000,332,092 | ---- | C] () -- C:\WINDOWS\setupapi.old
[2012/02/05 09:12:15 | 000,000,564 | ---- | C] () -- C:\WINDOWS\tasks\PCDoctorBackgroundMonitorTask.job
[2012/02/03 17:07:35 | 000,013,824 | ---- | C] () -- C:\Documents and Settings\Andy Lachman\My Documents\ADJ020312.xls
[2012/02/03 09:24:55 | 000,032,645 | ---- | C] () -- C:\Documents and Settings\Andy Lachman\My Documents\Chase Statement011011.pdf
[2012/02/03 09:24:11 | 000,051,802 | ---- | C] () -- C:\Documents and Settings\Andy Lachman\My Documents\Chase Statement020811.pdf
[2012/02/03 09:22:58 | 000,050,160 | ---- | C] () -- C:\Documents and Settings\Andy Lachman\My Documents\Chase Statement030811.pdf
[2012/02/03 09:22:28 | 000,045,689 | ---- | C] () -- C:\Documents and Settings\Andy Lachman\My Documents\040811.pdf
[2012/02/03 09:22:05 | 000,070,762 | ---- | C] () -- C:\Documents and Settings\Andy Lachman\My Documents\Chase Statement050911.pdf
[2012/02/03 09:21:26 | 000,052,007 | ---- | C] () -- C:\Documents and Settings\Andy Lachman\My Documents\Chase Statement071111.pdf
[2012/02/03 09:20:33 | 000,032,104 | ---- | C] () -- C:\Documents and Settings\Andy Lachman\My Documents\Chase Statement080811.pdf
[2012/02/03 09:17:56 | 000,066,188 | ---- | C] () -- C:\Documents and Settings\Andy Lachman\My Documents\Chase Statement090911.pdf
[2012/02/03 09:16:36 | 000,085,466 | ---- | C] () -- C:\Documents and Settings\Andy Lachman\My Documents\Chase Statement1101011.pdf
[2012/02/03 09:15:19 | 000,101,441 | ---- | C] () -- C:\Documents and Settings\Andy Lachman\My Documents\Chase Statement110811.pdf
[2012/02/03 09:13:31 | 000,034,208 | ---- | C] () -- C:\Documents and Settings\Andy Lachman\My Documents\Chase Statement120811.pdf
[2012/02/03 09:12:54 | 000,080,913 | ---- | C] () -- C:\Documents and Settings\Andy Lachman\My Documents\Chase Statement0101012.pdf
[2012/02/02 15:35:54 | 000,044,032 | ---- | C] () -- C:\Documents and Settings\Andy Lachman\Desktop\AS report 2-2-12.xls
[2012/02/02 09:39:57 | 000,247,696 | ---- | C] () -- C:\Documents and Settings\Andy Lachman\My Documents\citicard 01-12-12.pdf
[2012/01/28 21:39:11 | 000,019,456 | ---- | C] () -- C:\Documents and Settings\Andy Lachman\My Documents\AS credit card.xls
[2012/01/26 13:22:01 | 000,157,609 | ---- | C] () -- C:\Documents and Settings\Andy Lachman\Desktop\j.1524-4741.2011.01175.x.pdf
[2012/01/26 08:17:20 | 000,090,112 | ---- | C] () -- C:\Documents and Settings\Andy Lachman\My Documents\Mays Talks To Students At Polo Grounds.doc
[2012/01/26 08:14:23 | 000,067,072 | ---- | C] () -- C:\Documents and Settings\Andy Lachman\My Documents\Are you the kind of parent you should be.doc
[2012/01/26 08:12:46 | 000,048,128 | ---- | C] () -- C:\Documents and Settings\Andy Lachman\My Documents\Teachers must also learn far more about children.doc
[2012/01/23 22:21:17 | 000,049,664 | ---- | C] () -- C:\Documents and Settings\Andy Lachman\Desktop\I am receipt of your letter of Jan 19Th.doc
[2012/01/20 14:29:23 | 000,048,128 | ---- | C] () -- C:\Documents and Settings\Andy Lachman\My Documents\Skate letter.doc
[2012/01/20 06:02:07 | 000,012,686 | ---- | C] () -- C:\Documents and Settings\Andy Lachman\Desktop\deleted011911.pdf
[2012/01/19 17:14:44 | 001,693,887 | ---- | C] () -- C:\Documents and Settings\Andy Lachman\My Documents\House_Rules1-19-12.pdf
[2012/01/19 00:10:55 | 000,079,360 | ---- | C] () -- C:\Documents and Settings\Andy Lachman\Desktop\Copy of AR summary 011612 (2).xls
[2012/01/18 08:54:56 | 000,732,160 | ---- | C] () -- C:\Documents and Settings\Andy Lachman\My Documents\Fiscal cart.doc
[2011/10/08 09:04:04 | 000,817,880 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-1092536500-2006155561-895814021-1005-0.dat
[2011/10/07 01:06:22 | 000,240,174 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2011/07/25 20:07:37 | 001,829,608 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2011/07/25 19:02:04 | 000,000,090 | ---- | C] () -- C:\WINDOWS\QBChanUtil_Trigger.ini
[2011/03/20 16:49:45 | 000,000,007 | ---- | C] () -- C:\WINDOWS\System32\mkghj.dll
[2010/08/04 21:50:57 | 000,001,152 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2010/03/04 19:07:20 | 000,051,304 | ---- | C] () -- C:\WINDOWS\System32\drivers\atnt40k.sys
[2010/02/09 19:36:29 | 000,015,360 | ---- | C] () -- C:\Documents and Settings\Andy Lachman\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/01/12 04:35:44 | 000,080,416 | ---- | C] () -- C:\WINDOWS\System32\RtNicProp32.dll
[2009/11/24 07:42:34 | 000,038,461 | ---- | C] () -- C:\Documents and Settings\Andy Lachman\Application Data\Microsoft Excel.ADR
[2009/11/14 18:03:47 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\Andy Lachman\Application Data\$_hpcst$.hpc
[2009/07/01 09:04:49 | 000,210,944 | ---- | C] () -- C:\WINDOWS\System32\MSVCRT10.DLL
[2009/07/01 09:04:49 | 000,000,149 | ---- | C] () -- C:\WINDOWS\KPCMS.INI
[2009/03/05 12:51:13 | 000,000,058 | ---- | C] () -- C:\WINDOWS\sview.ini
[2009/02/24 11:09:13 | 000,000,165 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI
[2009/02/22 16:58:07 | 000,000,989 | ---- | C] () -- C:\WINDOWS\Brpfx04a.ini
[2009/02/22 16:58:07 | 000,000,153 | ---- | C] () -- C:\WINDOWS\brpcfx.ini
[2009/02/22 16:56:40 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\BRTCPCON.DLL
[2009/02/22 16:56:39 | 000,000,114 | ---- | C] () -- C:\WINDOWS\System32\BRLMW03A.INI
[2009/02/22 16:56:38 | 000,000,086 | ---- | C] () -- C:\WINDOWS\Brfaxrx.ini
[2009/02/22 16:56:36 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\BrMuSNMP.dll
[2009/02/22 16:53:59 | 000,031,567 | ---- | C] () -- C:\WINDOWS\maxlink.ini
[2009/01/22 16:01:38 | 000,000,040 | ---- | C] () -- C:\WINDOWS\opt_1435.ini
[2009/01/14 16:21:44 | 000,000,040 | ---- | C] () -- C:\WINDOWS\opt_9700.ini
[2009/01/14 16:21:04 | 000,000,493 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI
[2009/01/14 16:21:04 | 000,000,053 | ---- | C] () -- C:\WINDOWS\brmx2001.ini
[2009/01/14 16:21:03 | 000,000,030 | ---- | C] () -- C:\WINDOWS\System32\brss01a.ini
[2009/01/14 16:21:02 | 000,000,104 | ---- | C] () -- C:\WINDOWS\BRPP2KA.INI
[2009/01/14 12:21:58 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008/12/19 19:10:44 | 001,174,000 | ---- | C] () -- C:\WINDOWS\System32\igmedkrn.dll
[2008/12/19 19:10:44 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4864.dll
[2008/12/19 19:10:44 | 000,104,636 | ---- | C] () -- C:\WINDOWS\System32\igmedcompkrn.dll
[2008/12/19 19:09:41 | 000,001,153 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2008/12/19 17:24:41 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2008/12/19 17:22:10 | 000,000,232 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2008/12/19 17:20:36 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\preflib.dll
[2008/12/19 17:20:35 | 000,753,664 | ---- | C] () -- C:\WINDOWS\System32\bcm1xsup.dll
[2008/04/25 16:26:32 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2008/04/25 04:22:39 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2008/02/04 18:23:10 | 000,693,792 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.DLL
[2007/08/06 10:07:30 | 000,462,848 | ---- | C] () -- C:\WINDOWS\System32\ractrlkeyhook.dll
[2006/09/18 13:37:50 | 000,000,530 | ---- | C] () -- C:\WINDOWS\System32\tx12_ic.ini
[2006/09/18 13:37:48 | 000,667,280 | ---- | C] () -- C:\WINDOWS\System32\tx12.dll
[2003/01/07 15:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI

========== LOP Check ==========

[2009/01/12 21:03:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\acccore
[2010/06/22 17:31:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AIM
[2012/01/26 21:00:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AIM Toolbar
[2012/01/26 22:30:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ask
[2012/02/13 15:41:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG2012
[2012/02/12 11:15:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CA
[2012/02/06 10:07:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CA-SupportBridge
[2011/09/09 10:00:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Canneverbe Limited
[2009/07/04 10:58:57 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
[2011/01/01 16:27:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Cisco Systems
[2012/02/13 15:29:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\COMMON FILES
[2010/02/20 11:48:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Downloaded Installations
[2009/06/03 09:30:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DriverCure
[2011/06/12 12:40:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EPSON
[2011/03/24 10:43:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LogMeIn
[2012/02/13 15:41:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2009/01/28 11:04:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MSScanAppDataDir
[2009/08/30 08:02:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Musicnotes
[2011/11/09 18:31:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nuance
[2009/06/03 09:29:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ParetoLogic
[2012/02/04 21:14:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
[2012/01/27 11:53:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PCDr
[2012/02/06 22:10:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\RegAce
[2010/02/20 11:49:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ScanSoft
[2011/07/25 21:05:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SQL Anywhere 11
[2009/06/12 08:58:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2009/07/19 17:11:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2009/01/12 21:04:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andy Lachman\Application Data\acccore
[2010/12/24 12:43:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andy Lachman\Application Data\Amazon
[2012/02/13 15:30:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andy Lachman\Application Data\AVG2012
[2012/02/13 13:34:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andy Lachman\Application Data\Blitware
[2010/12/24 14:14:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andy Lachman\Application Data\calibre
[2011/09/09 10:00:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andy Lachman\Application Data\Canneverbe Limited
[2009/08/28 11:15:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andy Lachman\Application Data\Canon
[2010/04/12 14:43:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andy Lachman\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2009/06/03 09:29:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andy Lachman\Application Data\DriverCure
[2010/02/09 19:11:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andy Lachman\Application Data\GetRightToGo
[2011/03/25 11:54:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andy Lachman\Application Data\IObit
[2011/12/09 18:46:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andy Lachman\Application Data\ntr
[2011/11/09 18:31:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andy Lachman\Application Data\Nuance
[2009/01/14 12:32:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andy Lachman\Application Data\OfficeUpdate12
[2009/12/15 18:24:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andy Lachman\Application Data\PC-FAX TX
[2012/01/27 11:47:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andy Lachman\Application Data\PCDr
[2010/12/24 13:02:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andy Lachman\Application Data\Pdfsvg
[2012/02/12 11:10:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andy Lachman\Application Data\PerformerSoft
[2009/03/05 13:05:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andy Lachman\Application Data\ScanSoft
[2012/01/26 22:21:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andy Lachman\Application Data\SystemRequirementsLab
[2012/02/12 10:16:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andy Lachman\Application Data\TestApp
[2009/01/05 13:49:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andy Lachman\Application Data\tmp
[2009/01/22 15:26:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andy Lachman\Application Data\Viewpoint
[2010/06/17 20:14:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andy Lachman\Application Data\webex
[2010/02/20 11:50:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andy Lachman\Application Data\Zeon
[2012/02/13 22:19:59 | 000,000,564 | ---- | M] () -- C:\WINDOWS\Tasks\PCDoctorBackgroundMonitorTask.job

========== Purity Check ==========



========== Files - Unicode (All) ==========
[2010/10/13 08:14:31 | 000,036,352 | ---- | M] ()(C:\Documents and Settings\Andy Lachman\My Documents\memor 1st dreaft for school?.doc) -- C:\Documents and Settings\Andy Lachman\My Documents\memor 1st dreaft for school.doc
[2010/10/13 08:14:31 | 000,036,352 | ---- | C] ()(C:\Documents and Settings\Andy Lachman\My Documents\memor 1st dreaft for school?.doc) -- C:\Documents and Settings\Andy Lachman\My Documents\memor 1st dreaft for school.doc

< End of report >
  • 0

Advertisements


#2
myrti

myrti

    Expert

  • Expert
  • 2,580 posts
Hi,

you still around? You still have problems with your PC?

regards myrti
  • 0

#3
myrti

myrti

    Expert

  • Expert
  • 2,580 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP