Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Windows Installer Service could not be accessed.

Started by DWHow0556 , Dec 04 2009 02:14 PM

  • Please log in to reply

#1
DWHow0556
Posted 04 December 2009 - 02:14 PM

DWHow0556

    New Member

  • Member
  • Pip
  • 1 posts
I have had a a problem for some time. After a malware cleaning (Antivirus 2009) I have not been able to install anything that requires Microsoft Windows Installer Service and Windows Update gives Error number: 0x800A0046. I appreciate any assistance that anyone can provide. Thanks in advance .Listed below are my log files from the malware cleaning procedure:

Malwarebytes' Anti-Malware 1.42
Database version: 3295
Windows 5.1.2600 Service Pack 3
Internet Explorer 6.0.2900.5512

12/4/2009 2:08:32 PM
mbam-log-2009-12-04 (14-08-32).txt

Scan type: Quick Scan
Objects scanned: 113887
Time elapsed: 6 minute(s), 59 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)


ROOTREPEAL © AD, 2007-2009
==================================================
Scan Start Time: 2009/12/04 14:10
Program Version: Version 1.3.5.0
Windows Version: Windows XP SP3
==================================================

Drivers
-------------------
Name: dump_atapi.sys
Image Path: C:\WINDOWS\System32\Drivers\dump_atapi.sys
Address: 0xAA3DE000 Size: 98304 File Visible: No Signed: -
Status: -

Name: dump_WMILIB.SYS
Image Path: C:\WINDOWS\System32\Drivers\dump_WMILIB.SYS
Address: 0xF89B5000 Size: 8192 File Visible: No Signed: -
Status: -

Name: rootrepeal.sys
Image Path: C:\WINDOWS\system32\drivers\rootrepeal.sys
Address: 0xA9F5E000 Size: 49152 File Visible: No Signed: -
Status: -

==EOF==

OTL logfile created on: 12/4/2009 2:15:50 PM - Run 1
OTL by OldTimer - Version 3.1.11.5 Folder = C:\Documents and Settings\Clinton Jones\My Documents\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

502.07 Mb Total Physical Memory | 157.13 Mb Available Physical Memory | 31.30% Memory free
1.20 Gb Paging File | 0.92 Gb Available in Paging File | 77.20% Paging File free
Paging file location(s): c:\pagefile.sys 756 1512 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 145.88 Gb Total Space | 123.87 Gb Free Space | 84.91% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 1.90 Gb Total Space | 0.65 Gb Free Space | 34.05% Space Free | Partition Type: FAT32
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive P: | 385.16 Gb Total Space | 341.30 Gb Free Space | 88.61% Space Free | Partition Type: NTFS
Drive T: | 385.16 Gb Total Space | 341.30 Gb Free Space | 88.61% Space Free | Partition Type: NTFS

Computer Name: CLINTONJ
Current User Name: Clinton
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2009/12/04 13:47:38 | 00,535,552 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Clinton Jones\My Documents\Downloads\OTL.exe
PRC - [2009/11/30 09:24:00 | 01,055,000 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgchsvx.exe
PRC - [2009/11/30 09:23:56 | 02,020,120 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgtray.exe
PRC - [2009/11/30 09:23:54 | 00,702,744 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgcsrvx.exe
PRC - [2009/11/30 09:23:54 | 00,600,344 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgnsx.exe
PRC - [2009/11/30 09:23:54 | 00,502,040 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgrsx.exe
PRC - [2009/11/30 09:23:52 | 00,285,392 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgwdsvc.exe
PRC - [2008/04/14 05:42:20 | 01,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/03/12 16:28:02 | 00,081,920 | ---- | M] (Sage Software, Inc.) -- c:\Program Files\Timberline Office\Shared\Sage.ServiceHost.Host.exe
PRC - [2004/12/06 02:05:00 | 00,127,035 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\SYSTEM32\dla\tfswctrl.exe
PRC - [2004/10/14 13:42:54 | 01,404,928 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\Core\smax4pnp.exe
PRC - [2004/04/14 11:56:20 | 00,102,450 | ---- | M] () -- C:\PVSW\Bin\w3dbsmgr.exe


========== Modules (SafeList) ==========

MOD - [2009/12/04 13:47:38 | 00,535,552 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Clinton Jones\My Documents\Downloads\OTL.exe


========== Win32 Services (SafeList) ==========

SRV - File not found -- -- (TuneUp.UtilitiesSvc)
SRV - File not found -- -- (MSSQLSERVER)
SRV - [2009/11/30 09:23:52 | 00,285,392 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgwdsvc.exe -- (avg9wd)
SRV - [2007/03/12 16:28:02 | 00,081,920 | ---- | M] (Sage Software, Inc.) -- c:\Program Files\Timberline Office\Shared\Sage.ServiceHost.Host.exe -- (Sage.ServiceHost.Host.1.0)
SRV - [2007/03/07 15:47:46 | 00,076,848 | ---- | M] () -- C:\Program Files\DellSupport\brkrsvc.exe -- (DSBrokerService)
SRV - [2006/09/28 09:49:51 | 00,077,944 | ---- | M] (Autodesk) -- C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe -- (Autodesk Licensing Service)
SRV - [2005/04/04 00:41:10 | 00,069,632 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2004/07/15 02:49:26 | 00,032,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe -- (aspnet_state)
SRV - [2003/12/17 14:59:48 | 00,143,360 | ---- | M] (Intel® Corporation) -- C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe -- (NetSvc)
SRV - [2003/07/28 13:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2002/12/17 16:23:30 | 00,311,872 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\MSSQL\Binn\sqlagent.EXE -- (SQLSERVERAGENT)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://red.clientapp...rch/search.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/mywaybiz
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: [email protected]:1.01


FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG9\Firefox [2009/11/30 09:23:52 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009/11/10 10:09:04 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009/11/09 13:54:14 | 00,000,000 | ---D | M]

[2009/08/20 10:04:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Clinton Jones\Application Data\Mozilla\Extensions
[2009/12/04 13:01:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Clinton Jones\Application Data\Mozilla\Firefox\Profiles\6wg4dlpy.default\extensions
[2009/12/04 13:01:18 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Clinton Jones\Application Data\Mozilla\Firefox\Profiles\6wg4dlpy.default\extensions\[email protected]
[2009/08/20 07:54:25 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions

O1 HOSTS File: (734 bytes) - C:\WINDOWS\SYSTEM32\DRIVERS\ETC\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found.
O4 - HKLM..\Run: [AVG9_TRAY] C:\Program Files\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [dla] C:\WINDOWS\SYSTEM32\dla\tfswctrl.exe (Sonic Solutions)
O4 - HKLM..\Run: [igfxhkcmd] C:\WINDOWS\SYSTEM32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [igfxpers] C:\WINDOWS\SYSTEM32\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [igfxtray] C:\WINDOWS\SYSTEM32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Pervasive.SQL Workgroup Engine.lnk = C:\PVSW\Bin\w3dbsmgr.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 0
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\npjpi160_05.dll (Sun Microsystems, Inc.)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O15 - HKLM\..Trusted Domains: 58 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: 57 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.mi...b?1259877276484 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_05)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = office.judyconstruction.com
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/09/16 12:02:17 | 00,000,050 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{472eb878-5217-11db-b57b-0013200130f1}\Shell - "" = AutoRun
O33 - MountPoints2\{472eb878-5217-11db-b57b-0013200130f1}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{472eb878-5217-11db-b57b-0013200130f1}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -- File not found
O33 - MountPoints2\{e28d8b4b-7f49-11dd-b62a-0013200130f1}\Shell\AutoRun\command - "" = E:\system\viewer\FlipVideoforPC.exe -- File not found
O33 - MountPoints2\{e28d8b4b-7f49-11dd-b62a-0013200130f1}\Shell\Flip Video for PC\command - "" = E:\system\viewer\FlipVideoforPC.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *sprestrt) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\SYSTEM32\IAS [2009/12/03 15:59:57 | 00,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (16891947461378048)

========== Files/Folders - Created Within 14 Days ==========

[2009/12/04 13:55:47 | 00,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2009/12/04 13:25:54 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Clinton Jones\My Documents\SureTrak
[2009/12/04 13:14:40 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\F-Secure
[2009/12/03 16:09:24 | 00,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2009/12/03 16:03:42 | 00,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2009/12/03 16:03:42 | 00,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2009/12/03 16:03:42 | 00,029,184 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw330ext.dll
[2009/12/03 16:02:24 | 00,057,856 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuimgd.dll
[2009/12/03 16:02:24 | 00,045,056 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esunid.dll
[2009/12/03 16:02:24 | 00,031,744 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esucmd.dll
[2009/12/03 16:02:06 | 00,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2009/11/30 09:24:35 | 00,000,000 | -H-D | C] -- C:\$AVG
[2009/11/30 09:24:03 | 00,360,584 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgtdix.sys
[2009/11/30 09:23:51 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\avg9
[2009/11/25 15:52:20 | 00,000,000 | -H-D | C] -- C:\WINDOWS\System32\GroupPolicy
[2009/11/25 15:36:49 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Installer Clean Up
[2009/11/25 15:14:17 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Clinton Jones\Application Data\WinRAR
[2009/11/25 15:13:33 | 00,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2009/11/25 13:18:12 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Clinton Jones\My Documents\Downloads
[2009/11/25 12:46:20 | 00,000,000 | RH-D | C] -- C:\Documents and Settings\Clinton Jones\Recent
[2009/11/25 11:52:49 | 00,000,000 | -H-D | C] -- C:\WINDOWS\PIF
[2009/11/25 10:22:13 | 00,029,512 | ---- | C] (TuneUp Software) -- C:\WINDOWS\System32\TURegOpt.exe
[2009/11/25 10:20:53 | 00,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\Application Data\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 14 Days ==========

[2009/12/04 13:59:50 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/12/04 13:59:02 | 00,002,048 | --S- | M] () -- C:\WINDOWS\BOOTSTAT.DAT
[2009/12/04 13:58:55 | 52,653,6704 | -HS- | M] () -- C:\hiberfil.sys
[2009/12/04 13:58:17 | 08,126,464 | ---- | M] () -- C:\Documents and Settings\Clinton Jones\NTUSER.DAT
[2009/12/04 13:58:17 | 00,000,278 | -HS- | M] () -- C:\Documents and Settings\Clinton Jones\NTUSER.INI
[2009/12/04 13:55:53 | 00,000,620 | ---- | M] () -- C:\Documents and Settings\Clinton Jones\Desktop\NTREGOPT.lnk
[2009/12/04 13:55:52 | 00,000,601 | ---- | M] () -- C:\Documents and Settings\Clinton Jones\Desktop\ERUNT.lnk
[2009/12/04 13:30:06 | 00,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2009/12/04 09:23:13 | 46,148,891 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2009/12/04 09:22:50 | 00,112,014 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\microavi.avg
[2009/12/03 16:42:07 | 00,001,650 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AutoCAD LT 2006.lnk
[2009/12/03 16:26:32 | 00,000,877 | ---- | M] () -- C:\Documents and Settings\Clinton Jones\Desktop\Estimating Extended.lnk
[2009/12/03 16:25:40 | 00,000,979 | ---- | M] () -- C:\Documents and Settings\Clinton Jones\Desktop\Estimating Explorer.lnk
[2009/12/03 16:22:51 | 00,000,877 | ---- | M] () -- C:\Documents and Settings\Clinton Jones\Desktop\Digitizer Extended.lnk
[2009/12/03 16:22:03 | 00,001,065 | ---- | M] () -- C:\Documents and Settings\Clinton Jones\Desktop\Database Editor.lnk
[2009/12/03 16:21:12 | 00,000,841 | ---- | M] () -- C:\Documents and Settings\Clinton Jones\Desktop\Address Book.lnk
[2009/12/03 16:20:10 | 00,000,858 | ---- | M] () -- C:\Documents and Settings\Clinton Jones\Desktop\Means Integrator.lnk
[2009/12/03 16:15:32 | 00,000,837 | ---- | M] () -- C:\Documents and Settings\Clinton Jones\Desktop\Microsoft Office Excel 2003.lnk
[2009/12/03 16:14:43 | 00,000,849 | ---- | M] () -- C:\Documents and Settings\Clinton Jones\Desktop\Microsoft Office Word 2003.lnk
[2009/12/03 16:14:06 | 00,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/12/03 16:13:56 | 00,019,160 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/12/03 16:08:48 | 00,290,088 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/12/03 16:06:21 | 00,000,317 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2009/12/03 16:00:44 | 00,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2009/12/03 16:00:43 | 00,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2009/12/03 16:00:43 | 00,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2009/12/03 16:00:29 | 00,004,698 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2009/12/03 15:59:17 | 00,000,488 | RH-- | M] () -- C:\WINDOWS\System32\WindowsLogon.manifest
[2009/12/03 15:59:17 | 00,000,488 | RH-- | M] () -- C:\WINDOWS\System32\logonui.exe.manifest
[2009/12/03 15:59:10 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest
[2009/12/03 15:59:10 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\WindowsShell.Manifest
[2009/12/03 15:59:10 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\System32\sapi.cpl.manifest
[2009/12/03 15:59:10 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\System32\nwc.cpl.manifest
[2009/12/03 15:59:10 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\System32\ncpa.cpl.manifest
[2009/12/03 15:59:10 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\System32\cdplayer.exe.manifest
[2009/12/03 15:58:56 | 00,000,736 | ---- | M] () -- C:\WINDOWS\WIN.INI
[2009/12/03 15:58:23 | 00,627,400 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/12/03 15:58:23 | 00,510,840 | ---- | M] () -- C:\WINDOWS\System32\PERFH009.DAT
[2009/12/03 15:58:23 | 00,106,528 | ---- | M] () -- C:\WINDOWS\System32\PERFC009.DAT
[2009/12/03 15:57:47 | 00,023,428 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat
[2009/12/03 15:57:11 | 00,001,007 | ---- | M] () -- C:\WINDOWS\System32\MAPISVC.INF
[2009/12/03 15:56:08 | 00,000,211 | -HS- | M] () -- C:\boot.ini
[2009/12/03 15:50:58 | 00,004,128 | ---- | M] () -- C:\INFCACHE.1
[2009/12/03 15:49:02 | 00,004,444 | ---- | M] () -- C:\WINDOWS\System32\pid.PNF
[2009/12/03 13:14:21 | 00,005,332 | ---- | M] () -- C:\WINDOWS\setupapi.old
[2009/12/03 13:09:01 | 00,118,551 | ---- | M] () -- C:\Documents and Settings\Clinton Jones\My Documents\FILTERS #6.JPG
[2009/12/03 13:08:46 | 00,122,590 | ---- | M] () -- C:\Documents and Settings\Clinton Jones\My Documents\FILTERS #5.JPG
[2009/12/03 13:08:35 | 00,070,037 | ---- | M] () -- C:\Documents and Settings\Clinton Jones\My Documents\FILTERS #4.JPG
[2009/12/03 13:08:24 | 00,137,790 | ---- | M] () -- C:\Documents and Settings\Clinton Jones\My Documents\FILTERS #3.JPG
[2009/12/03 13:08:08 | 00,123,122 | ---- | M] () -- C:\Documents and Settings\Clinton Jones\My Documents\FILTERS #2.JPG
[2009/12/03 13:07:47 | 00,146,158 | ---- | M] () -- C:\Documents and Settings\Clinton Jones\My Documents\FILTERS #1.JPG
[2009/12/03 13:07:00 | 00,051,436 | ---- | M] () -- C:\Documents and Settings\Clinton Jones\My Documents\Judy const 001.jpg
[2009/12/02 14:05:42 | 00,015,858 | ---- | M] () -- C:\Documents and Settings\Clinton Jones\My Documents\Floor Covering Costs.wb3
[2009/12/01 08:38:13 | 03,103,232 | ---- | M] () -- C:\Documents and Settings\Clinton Jones\My Documents\1 2009 KY IRVINE WWTP.wb3
[2009/11/30 10:46:22 | 05,154,304 | ---- | M] () -- C:\Documents and Settings\Clinton Jones\Desktop\WindowsDefender.msi
[2009/11/30 09:24:13 | 00,333,192 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys
[2009/11/30 09:24:13 | 00,028,424 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgmfx86.sys
[2009/11/30 09:24:06 | 00,001,516 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AVG Free 9.0.lnk
[2009/11/30 09:24:04 | 00,012,464 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll
[2009/11/30 09:24:03 | 00,360,584 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgtdix.sys
[2009/11/30 09:24:03 | 00,113,461 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\iavichjw.avm
[2009/11/30 09:13:44 | 00,001,496 | ---- | M] () -- C:\Documents and Settings\Clinton Jones\Desktop\Windows Explorer.lnk
[2009/11/30 08:17:26 | 00,000,734 | ---- | M] () -- C:\WINDOWS\System32\drivers\ETC\hosts
[2009/11/25 16:27:57 | 05,365,018 | -H-- | M] () -- C:\Documents and Settings\Clinton Jones\Local Settings\Application Data\IconCache.db
[2009/11/25 14:48:09 | 00,081,784 | ---- | M] () -- C:\Documents and Settings\Clinton Jones\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2009/11/25 10:22:19 | 00,000,490 | ---- | M] () -- C:\WINDOWS\tasks\Automatic troubleshooting.job
[2009/11/25 08:33:41 | 00,024,576 | ---- | M] () -- C:\Documents and Settings\Clinton Jones\My Documents\Clearwell schedule of values.doc
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2009/12/04 13:55:53 | 00,000,620 | ---- | C] () -- C:\Documents and Settings\Clinton Jones\Desktop\NTREGOPT.lnk
[2009/12/04 13:55:52 | 00,000,601 | ---- | C] () -- C:\Documents and Settings\Clinton Jones\Desktop\ERUNT.lnk
[2009/12/03 16:22:51 | 00,000,877 | ---- | C] () -- C:\Documents and Settings\Clinton Jones\Desktop\Digitizer Extended.lnk
[2009/12/03 16:15:32 | 00,000,837 | ---- | C] () -- C:\Documents and Settings\Clinton Jones\Desktop\Microsoft Office Excel 2003.lnk
[2009/12/03 16:14:43 | 00,000,849 | ---- | C] () -- C:\Documents and Settings\Clinton Jones\Desktop\Microsoft Office Word 2003.lnk
[2009/12/03 16:08:48 | 52,653,6704 | -HS- | C] () -- C:\hiberfil.sys
[2009/12/03 16:04:19 | 00,028,288 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xjis.nls
[2009/12/03 16:03:34 | 00,083,748 | ---- | C] () -- C:\WINDOWS\System32\dllcache\prcp.nls
[2009/12/03 16:03:34 | 00,083,748 | ---- | C] () -- C:\WINDOWS\System32\dllcache\prc.nls
[2009/12/03 16:03:33 | 00,175,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll
[2009/12/03 16:03:02 | 00,047,066 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ksc.nls
[2009/12/03 16:03:01 | 01,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2009/12/03 16:02:51 | 00,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe
[2009/12/03 16:02:50 | 00,196,665 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe
[2009/12/03 16:02:48 | 00,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2009/12/03 16:02:37 | 13,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll
[2009/12/03 16:02:31 | 00,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
[2009/12/03 16:02:28 | 00,094,208 | ---- | C] () -- C:\WINDOWS\System32\dllcache\fpencode.dll
[2009/12/03 16:02:09 | 00,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll
[2009/12/03 16:02:05 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_864.nls
[2009/12/03 16:02:05 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_862.nls
[2009/12/03 16:02:05 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_858.nls
[2009/12/03 16:02:05 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_870.nls
[2009/12/03 16:02:04 | 00,180,770 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20932.nls
[2009/12/03 16:02:04 | 00,177,698 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20949.nls
[2009/12/03 16:02:04 | 00,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20936.nls
[2009/12/03 16:02:04 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_720.nls
[2009/12/03 16:02:04 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_708.nls
[2009/12/03 16:02:04 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28596.nls
[2009/12/03 16:02:04 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_21027.nls
[2009/12/03 16:02:04 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_21025.nls
[2009/12/03 16:02:03 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20924.nls
[2009/12/03 16:02:03 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20880.nls
[2009/12/03 16:02:03 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20871.nls
[2009/12/03 16:02:03 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20838.nls
[2009/12/03 16:02:03 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20833.nls
[2009/12/03 16:02:03 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20424.nls
[2009/12/03 16:02:03 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20423.nls
[2009/12/03 16:02:03 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20420.nls
[2009/12/03 16:02:03 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20297.nls
[2009/12/03 16:02:03 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20290.nls
[2009/12/03 16:02:03 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20285.nls
[2009/12/03 16:02:03 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20284.nls
[2009/12/03 16:02:02 | 00,187,938 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20005.nls
[2009/12/03 16:02:02 | 00,185,378 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20003.nls
[2009/12/03 16:02:02 | 00,180,258 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20004.nls
[2009/12/03 16:02:02 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20280.nls
[2009/12/03 16:02:02 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20278.nls
[2009/12/03 16:02:02 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20277.nls
[2009/12/03 16:02:02 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20273.nls
[2009/12/03 16:02:02 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20269.nls
[2009/12/03 16:02:02 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20108.nls
[2009/12/03 16:02:02 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20107.nls
[2009/12/03 16:02:02 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20106.nls
[2009/12/03 16:02:02 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20105.nls
[2009/12/03 16:02:01 | 00,189,986 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1361.nls
[2009/12/03 16:02:01 | 00,186,402 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20001.nls
[2009/12/03 16:02:01 | 00,180,258 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20000.nls
[2009/12/03 16:02:01 | 00,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20002.nls
[2009/12/03 16:02:01 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1149.nls
[2009/12/03 16:02:01 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1148.nls
[2009/12/03 16:02:01 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1147.nls
[2009/12/03 16:02:01 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1146.nls
[2009/12/03 16:02:00 | 00,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10008.nls
[2009/12/03 16:02:00 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1145.nls
[2009/12/03 16:02:00 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1144.nls
[2009/12/03 16:02:00 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1143.nls
[2009/12/03 16:02:00 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1142.nls
[2009/12/03 16:02:00 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1141.nls
[2009/12/03 16:02:00 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1140.nls
[2009/12/03 16:02:00 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1047.nls
[2009/12/03 16:02:00 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10021.nls
[2009/12/03 16:01:59 | 00,195,618 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10002.nls
[2009/12/03 16:01:59 | 00,177,698 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10003.nls
[2009/12/03 16:01:59 | 00,162,850 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10001.nls
[2009/12/03 16:01:59 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10005.nls
[2009/12/03 16:01:59 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10004.nls
[2009/12/03 16:01:58 | 00,082,172 | ---- | C] () -- C:\WINDOWS\System32\dllcache\bopomofo.nls
[2009/12/03 16:01:58 | 00,066,728 | ---- | C] () -- C:\WINDOWS\System32\dllcache\big5.nls
[2009/12/03 15:59:17 | 00,000,488 | RH-- | C] () -- C:\WINDOWS\System32\logonui.exe.manifest
[2009/12/03 15:59:10 | 00,000,749 | RH-- | C] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest
[2009/12/03 15:59:10 | 00,000,749 | RH-- | C] () -- C:\WINDOWS\WindowsShell.Manifest
[2009/12/03 15:59:10 | 00,000,749 | RH-- | C] () -- C:\WINDOWS\System32\sapi.cpl.manifest
[2009/12/03 15:59:10 | 00,000,749 | RH-- | C] () -- C:\WINDOWS\System32\nwc.cpl.manifest
[2009/12/03 15:59:10 | 00,000,749 | RH-- | C] () -- C:\WINDOWS\System32\ncpa.cpl.manifest
[2009/12/03 15:49:02 | 00,004,444 | ---- | C] () -- C:\WINDOWS\System32\pid.PNF
[2009/12/03 15:48:29 | 00,144,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\netfx.cat
[2009/12/03 15:48:29 | 00,112,918 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tabletpc.cat
[2009/12/03 15:48:29 | 00,034,747 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mediactr.cat
[2009/12/03 15:48:29 | 00,026,991 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msn7.cat
[2009/12/03 15:48:29 | 00,014,433 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msn9.cat
[2009/12/03 15:48:29 | 00,010,027 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSTSWEB.CAT
[2009/12/03 15:48:29 | 00,008,574 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT
[2009/12/03 15:48:29 | 00,007,710 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2009/12/03 15:48:28 | 02,144,487 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5.CAT
[2009/12/03 15:48:28 | 01,296,669 | ---- | C] () -- C:\WINDOWS\System32\dllcache\SP3.CAT
[2009/12/03 15:48:28 | 00,797,189 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2009/12/03 15:48:28 | 00,399,645 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2009/12/03 15:48:28 | 00,037,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT
[2009/12/03 15:48:28 | 00,034,063 | ---- | C] () -- C:\WINDOWS\System32\dllcache\FP4.CAT
[2009/12/03 15:48:28 | 00,016,535 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IMS.CAT
[2009/12/03 15:48:28 | 00,013,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT
[2009/12/03 15:48:28 | 00,012,363 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSMSGS.CAT
[2009/12/03 15:48:28 | 00,007,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmerrenu.cat
[2009/12/03 15:48:27 | 00,522,220 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5INF.CAT
[2009/12/03 13:09:01 | 00,118,551 | ---- | C] () -- C:\Documents and Settings\Clinton Jones\My Documents\FILTERS #6.JPG
[2009/12/03 13:08:46 | 00,122,590 | ---- | C] () -- C:\Documents and Settings\Clinton Jones\My Documents\FILTERS #5.JPG
[2009/12/03 13:08:35 | 00,070,037 | ---- | C] () -- C:\Documents and Settings\Clinton Jones\My Documents\FILTERS #4.JPG
[2009/12/03 13:08:24 | 00,137,790 | ---- | C] () -- C:\Documents and Settings\Clinton Jones\My Documents\FILTERS #3.JPG
[2009/12/03 13:08:08 | 00,123,122 | ---- | C] () -- C:\Documents and Settings\Clinton Jones\My Documents\FILTERS #2.JPG
[2009/12/03 13:07:47 | 00,146,158 | ---- | C] () -- C:\Documents and Settings\Clinton Jones\My Documents\FILTERS #1.JPG
[2009/12/03 13:07:33 | 00,051,436 | ---- | C] () -- C:\Documents and Settings\Clinton Jones\My Documents\Judy const 001.jpg
[2009/12/01 08:38:11 | 03,103,232 | ---- | C] () -- C:\Documents and Settings\Clinton Jones\My Documents\1 2009 KY IRVINE WWTP.wb3
[2009/11/30 10:46:22 | 05,154,304 | ---- | C] () -- C:\Documents and Settings\Clinton Jones\Desktop\WindowsDefender.msi
[2009/11/30 09:24:06 | 00,001,516 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\AVG Free 9.0.lnk
[2009/11/30 09:13:44 | 00,001,496 | ---- | C] () -- C:\Documents and Settings\Clinton Jones\Desktop\Windows Explorer.lnk
[2009/11/25 14:49:09 | 00,005,332 | ---- | C] () -- C:\WINDOWS\setupapi.old
[2009/11/25 10:22:19 | 00,000,490 | ---- | C] () -- C:\WINDOWS\tasks\Automatic troubleshooting.job
[2009/11/25 08:33:41 | 00,024,576 | ---- | C] () -- C:\Documents and Settings\Clinton Jones\My Documents\Clearwell schedule of values.doc
[2009/08/19 16:02:31 | 00,017,311 | ---- | C] () -- C:\Documents and Settings\Clinton Jones\Local Settings\Application Data\honyjak.bin
[2009/08/19 16:02:31 | 00,016,302 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\jucute.dl
[2009/08/19 16:02:31 | 00,015,156 | ---- | C] () -- C:\Documents and Settings\Clinton Jones\Application Data\hyriq.inf
[2009/08/19 16:02:31 | 00,014,898 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\ikeri.com
[2009/08/19 16:02:31 | 00,013,736 | ---- | C] () -- C:\Documents and Settings\Clinton Jones\Application Data\qavemyzyr._sy
[2009/08/19 16:02:31 | 00,013,519 | ---- | C] () -- C:\Documents and Settings\Clinton Jones\Local Settings\Application Data\keto._dl
[2009/08/19 16:02:31 | 00,013,207 | ---- | C] () -- C:\Documents and Settings\Clinton Jones\Local Settings\Application Data\xefutejod.inf
[2009/08/19 16:02:31 | 00,012,226 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\anuvy.sys
[2009/08/19 16:02:31 | 00,011,770 | ---- | C] () -- C:\Documents and Settings\Clinton Jones\Local Settings\Application Data\ceza.scr
[2009/08/19 16:02:31 | 00,011,194 | ---- | C] () -- C:\Program Files\Common Files\ilig.dat
[2009/08/19 16:02:31 | 00,010,739 | ---- | C] () -- C:\Program Files\Common Files\yruta.dl
[2009/08/19 16:02:31 | 00,010,452 | ---- | C] () -- C:\Program Files\Common Files\tinucife.reg
[2009/08/19 16:02:31 | 00,010,393 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\qesutepu.inf
[2009/08/19 12:48:57 | 00,019,948 | ---- | C] () -- C:\Documents and Settings\Clinton Jones\Application Data\urucydun.dl
[2009/08/19 12:48:57 | 00,014,680 | ---- | C] () -- C:\Documents and Settings\Clinton Jones\Application Data\becyf.exe
[2009/08/19 12:48:57 | 00,013,519 | ---- | C] () -- C:\Documents and Settings\Clinton Jones\Application Data\ebepyt.dat
[2009/08/19 12:44:44 | 00,016,698 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\kyciqufibi.scr
[2009/08/19 12:44:44 | 00,015,348 | ---- | C] () -- C:\Documents and Settings\Clinton Jones\Application Data\geduba.ban
[2009/08/19 12:44:44 | 00,014,049 | ---- | C] () -- C:\Documents and Settings\Clinton Jones\Application Data\efypukyr.lib
[2009/08/19 12:44:44 | 00,011,826 | ---- | C] () -- C:\Documents and Settings\Clinton Jones\Application Data\ikavef.bat
[2009/08/19 12:44:44 | 00,011,782 | ---- | C] () -- C:\Documents and Settings\Clinton Jones\Application Data\yralome.inf
[2009/08/19 12:44:44 | 00,010,144 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\ixag.lib
[2008/10/27 08:02:37 | 00,000,848 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2008/09/10 02:02:31 | 00,000,148 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2008/08/11 16:47:45 | 00,030,848 | ---- | C] () -- C:\WINDOWS\System32\drivers\Kxe63.sys
[2007/05/04 11:33:19 | 00,055,808 | ---- | C] () -- C:\Documents and Settings\Clinton Jones\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/03/30 13:10:30 | 00,001,024 | ---- | C] () -- C:\WINDOWS\System32\grcauth2.dll
[2007/03/30 13:10:30 | 00,001,024 | ---- | C] () -- C:\WINDOWS\System32\grcauth1.dll
[2007/03/30 13:10:30 | 00,000,101 | ---- | C] () -- C:\WINDOWS\System32\prsgrc.dll
[2007/03/30 13:08:45 | 00,000,000 | ---- | C] () -- C:\WINDOWS\PDWinExt.INI
[2006/11/29 16:29:09 | 00,000,321 | ---- | C] () -- C:\WINDOWS\System32\cosmo.ini
[2006/11/29 16:29:03 | 00,069,632 | ---- | C] () -- C:\WINDOWS\System32\sx83p32.dll
[2006/11/29 16:28:05 | 00,022,480 | ---- | C] () -- C:\WINDOWS\System32\PFMAPI16.DLL
[2006/11/29 16:28:05 | 00,020,992 | ---- | C] () -- C:\WINDOWS\System32\PFMAPI32.DLL
[2006/09/28 09:50:52 | 00,000,136 | ---- | C] () -- C:\Documents and Settings\Clinton Jones\Local Settings\Application Data\fusioncache.dat
[2006/02/09 08:24:03 | 00,001,751 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2005/10/05 13:20:05 | 00,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[2005/05/02 09:42:50 | 00,000,634 | ---- | C] () -- C:\WINDOWS\SWWATER.INI
[2005/03/31 13:09:08 | 00,000,047 | ---- | C] () -- C:\WINDOWS\winhlp32.ini
[2005/03/31 13:07:32 | 00,017,552 | ---- | C] () -- C:\WINDOWS\System32\TTYTWIN.DRV
[2005/03/31 12:48:55 | 00,000,036 | ---- | C] () -- C:\WINDOWS\PrmSymPk32.INI
[2005/03/31 12:25:35 | 00,000,989 | ---- | C] () -- C:\WINDOWS\BTI.INI
[2005/03/31 12:25:21 | 00,038,576 | ---- | C] () -- C:\WINDOWS\System32\NWLOCALE.DLL
[2005/03/31 12:25:20 | 00,009,136 | ---- | C] () -- C:\WINDOWS\System32\INETWH16.DLL
[2005/03/22 11:59:18 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2005/03/22 11:57:47 | 00,000,138 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2005/03/22 11:51:06 | 00,000,648 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005/03/22 11:24:46 | 00,000,370 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2004/09/15 23:03:14 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2004/08/11 18:25:56 | 00,000,791 | ---- | C] () -- C:\WINDOWS\ORUN32.INI
[2004/08/04 06:00:00 | 00,001,793 | ---- | C] () -- C:\WINDOWS\System32\FXSPERF.INI
[2003/10/22 21:47:47 | 00,000,308 | ---- | C] () -- C:\WINDOWS\un200drv.ini
[2003/01/07 16:05:08 | 00,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002/02/27 09:41:28 | 00,024,576 | ---- | C] () -- C:\WINDOWS\System32\nsldappr32v50.dll
[2002/02/27 09:41:26 | 00,139,264 | ---- | C] () -- C:\WINDOWS\System32\nsldap32v50.dll
[2002/02/27 09:41:26 | 00,040,960 | ---- | C] () -- C:\WINDOWS\System32\nsldapssl32v50.dll
[2000/09/19 16:45:26 | 00,007,680 | ---- | C] () -- C:\WINDOWS\System32\WLTok32x.dll
[1980/01/01 01:00:00 | 00,012,288 | ---- | C] () -- C:\WINDOWS\System32\e100bmsg.dll

========== LOP Check ==========

[2008/02/06 10:20:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Autodesk
[2009/11/30 09:23:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg9
[2009/03/31 10:35:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Borland
[2009/12/04 13:14:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\F-Secure
[2008/11/13 16:02:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\muvee Technologies
[2009/03/02 13:39:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sage
[2008/04/08 07:37:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SupportSoft
[2009/11/25 10:21:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TuneUp Software
[2009/08/19 15:00:26 | 00,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\{55A29068-F2CE-456C-9148-C869879E2357}
[2009/11/25 10:20:53 | 00,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
[2008/02/06 10:21:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Clinton Jones\Application Data\Autodesk
[2008/02/06 10:21:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Clinton Jones\Application Data\Eos Group
[2008/02/06 10:21:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Clinton Jones\Application Data\Leadertech
[2009/02/27 11:40:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Clinton Jones\Application Data\Sage
[2008/02/06 10:23:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Clinton Jones\Application Data\Template
[2008/02/06 10:23:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Clinton Jones\Application Data\Timberline
[2009/08/19 15:01:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Clinton Jones\Application Data\TuneUp Software
[2009/11/25 10:22:19 | 00,000,490 | ---- | M] () -- C:\WINDOWS\Tasks\Automatic troubleshooting.job

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.exe >
[2009/08/20 07:54:13 | 08,050,536 | ---- | M] (Mozilla) -- C:\Firefox Setup 3.5.2.exe


< MD5 for: AGP440.SYS >
[2008/04/13 13:36:38 | 00,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\SYSTEM32\DRIVERS\agp440.sys
[2004/08/04 00:07:42 | 00,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\I386\AGP440.SYS

< MD5 for: ATAPI.SYS >
[2008/04/14 00:10:32 | 00,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SYSTEM32\DRIVERS\atapi.sys
[2004/08/03 23:59:44 | 00,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\I386\atapi.sys

< MD5 for: EVENTLOG.DLL >
[2008/04/13 19:11:53 | 00,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\SYSTEM32\DLLCACHE\cache\eventlog.dll
[2008/04/14 05:41:54 | 00,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\SYSTEM32\DLLCACHE\eventlog.dll
[2008/04/14 05:41:54 | 00,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\SYSTEM32\eventlog.dll
[2004/08/04 06:00:00 | 00,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\I386\EVENTLOG.DLL

< MD5 for: LOGEVENT.DLL >
[2008/04/13 19:11:53 | 00,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\SYSTEM32\logevent.dll

< MD5 for: NETLOGON.DLL >
[2008/04/13 19:12:01 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\SYSTEM32\DLLCACHE\cache\netlogon.dll
[2008/04/14 05:42:02 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\SYSTEM32\DLLCACHE\netlogon.dll
[2008/04/14 05:42:02 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\SYSTEM32\netlogon.dll
[2004/08/04 06:00:00 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\I386\NETLOGON.DLL

< MD5 for: SCECLI.DLL >
[2004/08/04 06:00:00 | 00,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\I386\SCECLI.DLL
[2008/04/13 19:12:05 | 00,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\SYSTEM32\DLLCACHE\cache\scecli.dll
[2008/04/14 05:42:06 | 00,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\SYSTEM32\DLLCACHE\scecli.dll
[2008/04/14 05:42:06 | 00,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\SYSTEM32\scecli.dll

< %systemroot%\*. /mp /s >

========== Hard Links - Junction Points - Mount Points - Symbolic Links ==========
[C:\WINDOWS\ASSEMBLY\TEMP\TEMP] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\ASSEMBLY\TMP\TMP] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\Cache\Cache] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\Config\Config] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\Connection Wizard\Connection Wizard] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\CSC\d1\d1] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\CSC\d2\d2] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\CSC\d3\d3] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\CSC\d4\d4] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\CSC\d5\d5] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\CSC\d6\d6] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\CSC\d7\d7] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\CSC\d8\d8] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\Help\SBSI\Training\WXPPRO\Cbz\Cbz] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\Help\SBSI\Training\WXPPRO\Lib\Lib] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\Help\SBSI\Training\WXPPRO\Wave\Wave] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\IME\CHSIME\APPLETS\APPLETS] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\IME\CHTIME\Applets\Applets] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\IME\IMEJP\APPLETS\APPLETS] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\IME\IMEJP98\IMEJP98] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\IME\IMJP8_1\APPLETS\APPLETS] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\IME\IMKR6_1\APPLETS\APPLETS] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\IME\IMKR6_1\DICTS\DICTS] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\IME\SHARED\RES\RES] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\JAVA\CLASSES\CLASSES] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\JAVA\TRUSTLIB\TRUSTLIB] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Temporary ASP.NET Files\Bind Logs\Bind Logs] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\MSAPPS\MSINFO\MSINFO] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\PCHEALTH\ERRORREP\QHEADLES\QHEADLES] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\PCHEALTH\ERRORREP\QSIGNOFF\QSIGNOFF] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\PCHEALTH\HELPCTR\BATCH\BATCH] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\PCHEALTH\HELPCTR\Config\CheckPoint\CheckPoint] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\PCHEALTH\HELPCTR\HelpFiles\HelpFiles] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\PCHEALTH\HELPCTR\InstalledSKUs\InstalledSKUs] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\PCHEALTH\HELPCTR\System\DFS\DFS] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\PCHEALTH\HELPCTR\Temp\Temp] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\Registration\CRMLog\CRMLog] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\SoftwareDistribution\AuthCabs\AuthCabs] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\SoftwareDistribution\Download\07a96de176867bc25b7dc839d22b07e2\backup\backup] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\SoftwareDistribution\Download\0dd0244816ffb4b094c1caba4c3b1178\backup\backup] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\SoftwareDistribution\Download\555558d2c7916b118ad5baef62b18136\backup\backup] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\SoftwareDistribution\Download\6913c676e5d33978934caa46c49fdc75\backup\backup] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\SoftwareDistribution\Download\b7f0b2892b21211a5630518d058f48d9\backup\backup] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\SoftwareDistribution\Download\d48a3b967ba5709df048e8f2a49cf8a6\backup\backup] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\SoftwareDistribution\SelfUpdate\Registered\Registered] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\Sun\Java\Deployment\Deployment] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\SYSTEM32\1025\1025] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\SYSTEM32\1028\1028] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\SYSTEM32\1031\1031] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\SYSTEM32\1037\1037] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\SYSTEM32\1041\1041] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\SYSTEM32\1042\1042] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\SYSTEM32\1054\1054] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\SYSTEM32\2052\2052] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\SYSTEM32\3076\3076] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\SYSTEM32\3COM_DMI\3COM_DMI] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\SYSTEM32\appmgmt\MACHINE\MACHINE] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\SYSTEM32\appmgmt\S-1-5-21-3363411251-3085799976-693657748-1006\S-1-5-21-3363411251-3085799976-693657748-1006] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\SYSTEM32\CONFIG\systemprofile\Application Data\Gtek\GTUpdate\AUpdate\Channels\ch1\ch1] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\SYSTEM32\CONFIG\systemprofile\Application Data\Gtek\GTUpdate\AUpdate\Channels\ch2\ch2] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\SYSTEM32\CONFIG\systemprofile\Application Data\Identities\{31391EF3-B3AC-4F12-94D8-DC2DA45E9526}\{31391EF3-B3AC-4F12-94D8-DC2DA45E9526}] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\SYSTEM32\CONFIG\systemprofile\Application Data\Jasc Software Inc\Paint Shop Pro 8\Cache\Cache] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\SYSTEM32\CONFIG\systemprofile\Application Data\Microsoft\Credentials\S-1-5-21-3363411251-3085799976-693657748-500\S-1-5-21-3363411251-3085799976-693657748-500] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\SYSTEM32\CONFIG\systemprofile\Application Data\Microsoft\Credentials\S-1-5-21-861567501-1078081533-725345543-500\S-1-5-21-861567501-1078081533-725345543-500] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\SYSTEM32\CONFIG\systemprofile\Application Data\Microsoft\Crypto\RSA\S-1-5-21-3363411251-3085799976-693657748-500\S-1-5-21-3363411251-3085799976-693657748-500] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\SYSTEM32\CONFIG\systemprofile\Application Data\Microsoft\Media Player\Media Player] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\SYSTEM32\CONFIG\systemprofile\Application Data\Microsoft\SystemCertificates\My\Certificates\Certificates] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\SYSTEM32\CONFIG\systemprofile\Application Data\Microsoft\SystemCertificates\My\CRLs\CRLs] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\SYSTEM32\CONFIG\systemprofile\Application Data\Microsoft\SystemCertificates\My\CTLs\CTLs] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\SYSTEM32\CONFIG\systemprofile\Application Data\rhcte8j0e58t\Quarantine\Autorun\HKCU\RunOnce\RunOnce] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\SYSTEM32\CONFIG\systemprofile\Application Data\rhcte8j0e58t\Quarantine\Autorun\HKLM\RunOnce\RunOnce] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\SYSTEM32\CONFIG\systemprofile\Application Data\rhcte8j0e58t\Quarantine\Autorun\StartMenuAllUsers\StartMenuAllUsers] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\SYSTEM32\CONFIG\systemprofile\Application Data\rhcte8j0e58t\Quarantine\Autorun\StartMenuCurrentUser\StartMenuCurrentUser] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\SYSTEM32\CONFIG\systemprofile\Application Data\rhcte8j0e58t\Quarantine\BrowserObjects\BrowserObjects] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\SYSTEM32\CONFIG\systemprofile\Application Data\rhcte8j0e58t\Quarantine\Packages\Packages] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\SYSTEM32\CONFIG\systemprofile\Application Data\Sun\Java\Deployment\javaws\cache\cache] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\SYSTEM32\CONFIG\systemprofile\Desktop\Desktop] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\SYSTEM32\CONFIG\systemprofile\Local Settings\Application Data\Microsoft\CD Burning\CD Burning] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\SYSTEM32\CONFIG\systemprofile\Local Settings\Application Data\Microsoft\Credentials\S-1-5-21-3363411251-3085799976-693657748-500\S-1-5-21-3363411251-3085799976-693657748-500] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\SYSTEM32\CONFIG\systemprofile\Local Settings\Application Data\Microsoft\Credentials\S-1-5-21-861567501-1078081533-725345543-500\S-1-5-21-861567501-1078081533-725345543-500] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\SYSTEM32\CONFIG\systemprofile\Local Settings\Application Data\Microsoft\OFFICE\OFFICE] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\SYSTEM32\CONFIG\systemprofile\My Documents\My Pictures\Jasc Paint Shop Photo Album Images\Jasc Paint Shop Photo Album Images] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\SYSTEM32\CONFIG\systemprofile\My Documents\My PSP8 Files\Workspaces\Workspaces] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\SYSTEM32\CONFIG\systemprofile\NetHood\NetHood] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\SYSTEM32\CONFIG\systemprofile\PrintHood\PrintHood] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\SYSTEM32\DHCP\DHCP] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\SYSTEM32\DRIVERS\DISDN\DISDN] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\SYSTEM32\EXPORT\EXPORT] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\SYSTEM32\FxsTmp\FxsTmp] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\SYSTEM32\IME\CINTLGNT\CINTLGNT] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\SYSTEM32\IME\PINTLGNT\PINTLGNT] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\SYSTEM32\IME\TINTLGNT\TINTLGNT] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\SYSTEM32\LogFiles\WUDF\WUDF] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\SYSTEM32\Microsoft\Crypto\RSA\MachineKeys\MachineKeys] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\SYSTEM32\MUI\DISPSPEC\DISPSPEC] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\SYSTEM32\OOBE\HTML\ISPSGNUP\ISPSGNUP] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\SYSTEM32\OOBE\HTML\OEMCUST\OEMCUST] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\SYSTEM32\OOBE\HTML\OEMHW\OEMHW] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\SYSTEM32\OOBE\HTML\OEMREG\OEMREG] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\SYSTEM32\OOBE\SAMPLE\SAMPLE] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\SYSTEM32\ShellExt\ShellExt] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\SYSTEM32\WBEM\MOF\BAD\BAD] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\SYSTEM32\WBEM\SNMP\SNMP] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\SYSTEM32\WINS\WINS] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\SYSTEM32\XIRCOM\XIRCOM] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\WinSxS\InstallTemp\InstallTemp] -> \Device\__max++>\^ -> Mount Point
< End of report >

OTL Extras logfile created on: 12/4/2009 2:15:50 PM - Run 1
OTL by OldTimer - Version 3.1.11.5 Folder = C:\Documents and Settings\Clinton Jones\My Documents\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

502.07 Mb Total Physical Memory | 157.13 Mb Available Physical Memory | 31.30% Memory free
1.20 Gb Paging File | 0.92 Gb Available in Paging File | 77.20% Paging File free
Paging file location(s): c:\pagefile.sys 756 1512 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 145.88 Gb Total Space | 123.87 Gb Free Space | 84.91% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 1.90 Gb Total Space | 0.65 Gb Free Space | 34.05% Space Free | Partition Type: FAT32
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive P: | 385.16 Gb Total Space | 341.30 Gb Free Space | 88.61% Space Free | Partition Type: NTFS
Drive T: | 385.16 Gb Total Space | 341.30 Gb Free Space | 88.61% Space Free | Partition Type: NTFS

Computer Name: CLINTONJ
Current User Name: Clinton
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\PVSW\Bin\w3dbsmgr.exe" = C:\PVSW\Bin\w3dbsmgr.exe:*:Enabled:Database Service Manager -- ()
"C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe" = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe:*:Enabled:EasyShare -- (Eastman Kodak Company)
"C:\Program Files\AVG\AVG8\avgupd.exe" = C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe -- File not found
"C:\Program Files\AVG\AVG9\avgupd.exe" = C:\Program Files\AVG\AVG9\avgupd.exe:*:Enabled:avgupd.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG9\avgnsx.exe" = C:\Program Files\AVG\AVG9\avgnsx.exe:*:Enabled:avgnsx.exe -- (AVG Technologies CZ, s.r.o.)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Yahoo!\Messenger\YPager.exe" = C:\Program Files\Yahoo!\Messenger\YPager.exe:*:Enabled:Yahoo! Messenger -- (Yahoo! Inc.)
"C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe" = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe:*:Enabled:EasyShare -- (Eastman Kodak Company)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0008546E-DF6E-4CC1-AFD0-2CB8E16C95A2}" = Notifier
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{03EDED24-8375-407D-A721-4643D9768BE1}" = kgchlwn
"{0456ebd7-5f67-4ab6-852e-63781e3f389c}" = Macromedia Flash Player
"{05F4647F-39C0-4C65-A9E6-84EB9671CA70}" = Lizardtech Express View Browser Plug-in
"{073F22CE-9A5B-4A40-A604-C7270AC6BF34}" = ESSSONIC
"{09DA4F91-2A09-4232-AB8C-6BC740096DE3}" = Sonic Update Manager
"{0EB5D9B7-8E6C-4A9E-B74F-16B7EE89A67B}" = Microsoft Plus! Photo Story 2 LE
"{11F3F858-4131-4FFA-A560-3FE282933B6E}" = kgchday
"{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}" = Sonic DLA
"{121634B0-2F4B-11D3-ADA3-00C04F52DD52}" = Windows Installer Clean Up
"{14D4ED84-6A9A-45A0-96F6-1753768C3CB5}" = ESSPCD
"{17334AAF-C9E7-483B-9F45-E3FCAF07FFA7}" = Intel® PROSet for Wired Connections
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1EBB57D4-63FF-87CC-A0F0-D73982CF6008}" = Adobe Media Player
"{2D03B6F8-DF36-4980-B7B6-5B93D5BA3A8F}" = essvatgt
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java™ 6 Update 5
"{33BB4982-DC52-4886-A03B-F4C5C80BEE89}" = Windows Media Player 10
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35BDEFF1-A610-4956-A00D-15453C116395}" = Internet Explorer Default Page
"{4B9F45E8-E3CE-40B4-9463-80A9B3481DEF}" = Banctec Service Agreement
"{56AB063D-1450-4BDE-9F0D-E9C693429C51}" = netbrdg
"{5783F2D7-4009-0409-0002-0060B0CE6BBA}" = AutoCAD LT 2006 - English
"{5905F42D-3F5F-4916-ADA6-94A3646AEE76}" = Dell Driver Reset Tool
"{605A4E39-613C-4A12-B56F-DEFBE6757237}" = SHASTA
"{65D85050-5610-4A91-A3B1-D5C744291AD4}" = PCDADDIN
"{693C08A7-9E76-43FF-B11E-9A58175474C4}" = kgckids
"{6E45BA47-383C-4C1E-8ED0-0D4845C293D7}" = Microsoft Plus! Digital Media Edition Installer
"{7148F0A8-6813-11D6-A77B-00B0D0142030}" = Java 2 Runtime Environment, SE v1.4.2_03
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{74F7662C-B1DB-489E-A8AC-07A06B24978B}" = Dell System Restore
"{7EFA5E6F-74F7-4AFB-8AEA-AA790BD3A76D}" = DellSupport
"{82CA0A0C-A3EC-4167-B694-909205B2EDEC}" = muvee Plugin 1.0
"{8943CE61-53BD-475E-90E1-A580869E98A2}" = staticcr
"{8A502E38-29C9-49FA-BCFA-D727CA062589}" = ESSTOOLS
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel® Graphics Media Accelerator Driver
"{8A8664E1-84C8-4936-891C-BC1F07797549}" = kgcvday
"{8E92D746-CD9F-4B90-9668-42B74C14F765}" = ESSini
"{90AF0409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office PowerPoint Viewer 2003
"{91130409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Basic Edition 2003
"{91517631-A9F3-4B7C-B482-43E0068FD55A}" = ESSgui
"{9541FED0-327F-4DF0-8B96-EF57EF622F19}" = Sonic RecordNow!
"{999D43F4-9709-4887-9B1A-83EBB15A8370}" = VPRINTOL
"{9BD54685-1496-46A5-AB62-357CD140ED8B}" = kgcinvt
"{9D8FEE90-0377-49A9-AEFB-525BDE549BA4}" = ESScore
"{A1588373-1D86-4D44-86C9-78ABD190F9CC}" = kgcmove
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{AC76BA86-0000-0000-0000-6028747ADE01}" = Adobe Acrobat - Reader 6.0.2 Update
"{AC76BA86-7AD7-1033-7B44-A00000000001}" = Adobe Reader 6.0.1
"{AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD}" = ESSCDBK
"{B135D220-5B92-4873-9212-8554A40D3965}" = Sage Timberline Estimating
"{B162D0A6-9A1D-4B7C-91A5-88FB48113C45}" = OfotoXMI
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992}" = CCScore
"{B997C2A0-4383-41BF-B76E-9B8B7ECFB267}" = KSU
"{C99DCDA4-7407-4F72-A77E-C81C551D0C4E}" = PCDHELP
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{D32470A1-B10C-4059-BA53-CF0486F68EBC}" = Kodak EasyShare software
"{DB02F716-6275-42E9-B8D2-83BA2BF5100B}" = SFR
"{E09B48B5-E141-427A-AB0C-D3605127224A}" = Microsoft SQL Server Desktop Engine
"{E18B549C-5D15-45DA-8D8F-8FD2BD946344}" = kgcbaby
"{E3BFEE55-39E2-4BE0-B966-89FE583822C1}" = Dell Support Center
"{E79987F0-0E34-42CC-B8FF-6C860AEEB26A}" = tooltips
"{F07B861C-72B9-40A4-8B1A-AAED4C06A7E8}" = QuickTime
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F22C222C-3CE2-4A4B-A83F-AF4681371ABE}" = kgcbase
"{F4A2E7CC-60CA-4AFA-B67F-AD5E58173C3F}" = SKINXSDK
"{F9593CFB-D836-49BC-BFF1-0E669A411D9F}" = WIRELESS
"{FDF9943A-3D5C-46B3-9679-586BD237DDEE}" = SKIN0001
"{FE3997D3-6B56-4AC4-A99C-9DDFC45359BF}" = TuneUp Utilities Language Pack (en-US)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Atomic Clock Sync" = Atomic Clock Sync
"Autodesk DWF Viewer" = Autodesk DWF Viewer
"AVG9Uninstall" = AVG Free 9.0
"CCleaner" = CCleaner (remove only)
"Corel WordPerfect Suite 8" = Corel WordPerfect Suite 8
"ERUNT_is1" = ERUNT 1.1j
"InstallShield_{B135D220-5B92-4873-9212-8554A40D3965}" = Sage Timberline Estimating
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Mozilla Firefox (3.5.5)" = Mozilla Firefox (3.5.5)
"Pervasive System Analyzer" = Pervasive System Analyzer
"Pervasive.SQL Workgroup" = Pervasive.SQL Workgroup v8.10
"PROSet" = Intel® PRO Network Adapters and Drivers
"RSX2Uninst" = Intel RSX 3D
"SureTrak 3.0" = SureTrak 3.0
"Windows Media Format Runtime" = Windows Media Format Runtime
"Windows Media Player" = Windows Media Player 10
"WinRAR archiver" = WinRAR archiver

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 12/4/2009 2:56:44 PM | Computer Name = CLINTONJ | Source = EventSystem | ID = 4609
Description = The COM+ Event System detected a bad return code during its internal
processing. HRESULT was 80070005 from line 44 of f:\xpsp3\com\com1x\src\events\tier1\eventsystemobj.cpp.
Please contact Microsoft Product Support Services to report this erro

Error - 12/4/2009 2:58:12 PM | Computer Name = CLINTONJ | Source = EventSystem | ID = 4609
Description = The COM+ Event System detected a bad return code during its internal
processing. HRESULT was 80070005 from line 44 of f:\xpsp3\com\com1x\src\events\tier1\eventsystemobj.cpp.
Please contact Microsoft Product Support Services to report this erro

Error - 12/4/2009 2:59:50 PM | Computer Name = CLINTONJ | Source = EventSystem | ID = 4609
Description = The COM+ Event System detected a bad return code during its internal
processing. HRESULT was 80070005 from line 44 of f:\xpsp3\com\com1x\src\events\tier1\eventsystemobj.cpp.
Please contact Microsoft Product Support Services to report this erro

Error - 12/4/2009 2:59:52 PM | Computer Name = CLINTONJ | Source = EventSystem | ID = 4609
Description = The COM+ Event System detected a bad return code during its internal
processing. HRESULT was 80070005 from line 44 of f:\xpsp3\com\com1x\src\events\tier1\eventsystemobj.cpp.
Please contact Microsoft Product Support Services to report this erro

Error - 12/4/2009 2:59:52 PM | Computer Name = CLINTONJ | Source = EventSystem | ID = 4609
Description = The COM+ Event System detected a bad return code during its internal
processing. HRESULT was 80070005 from line 44 of f:\xpsp3\com\com1x\src\events\tier1\eventsystemobj.cpp.
Please contact Microsoft Product Support Services to report this erro

Error - 12/4/2009 2:59:58 PM | Computer Name = CLINTONJ | Source = EventSystem | ID = 4609
Description = The COM+ Event System detected a bad return code during its internal
processing. HRESULT was 80070005 from line 44 of f:\xpsp3\com\com1x\src\events\tier1\eventsystemobj.cpp.
Please contact Microsoft Product Support Services to report this erro

Error - 12/4/2009 2:59:58 PM | Computer Name = CLINTONJ | Source = VSS | ID = 8193
Description = Volume Shadow Copy Service error: Unexpected error calling routine
CoCreateInstance. hr = 0x80040206.

Error - 12/4/2009 3:00:04 PM | Computer Name = CLINTONJ | Source = Userenv | ID = 1054
Description = Windows cannot obtain the domain controller name for your computer
network. (The specified domain either does not exist or could not be contacted.
). Group Policy processing aborted.

Error - 12/4/2009 3:00:20 PM | Computer Name = CLINTONJ | Source = AutoEnrollment | ID = 15
Description = Automatic certificate enrollment for local system failed to contact
the active directory (0x8007054b). The specified domain either does not exist
or could not be contacted. Enrollment will not be performed.

Error - 12/4/2009 3:04:50 PM | Computer Name = CLINTONJ | Source = EventSystem | ID = 4609
Description = The COM+ Event System detected a bad return code during its internal
processing. HRESULT was 80070005 from line 44 of f:\xpsp3\com\com1x\src\events\tier1\eventsystemobj.cpp.
Please contact Microsoft Product Support Services to report this erro

[ Sage Events ]
Error - 3/12/2009 7:55:09 AM | Computer Name = CLINTONJ | Source = Sage.Business Layer | ID = 0
Description = Message Source: tsFactoryManager.FactoryManager GetInitializer No such
Initializer.

Error - 3/12/2009 7:56:54 AM | Computer Name = CLINTONJ | Source = Sage.Business Layer | ID = 0
Description = Message Source: tsFactoryManager.FactoryManager GetInitializer No such
Initializer.

Error - 3/12/2009 7:58:05 AM | Computer Name = CLINTONJ | Source = Sage.Business Layer | ID = 0
Description = Message Source: tsFactoryManager.FactoryManager GetInitializer No such
Initializer.

Error - 3/12/2009 8:10:19 AM | Computer Name = CLINTONJ | Source = Sage.Business Layer | ID = 0
Description = Message Source: tsFactoryManager.FactoryManager GetInitializer No such
Initializer.

Error - 3/12/2009 8:26:17 AM | Computer Name = CLINTONJ | Source = Sage.Business Layer | ID = 0
Description = Message Source: tsFactoryManager.FactoryManager GetInitializer No such
Initializer.

Error - 3/12/2009 9:11:33 AM | Computer Name = CLINTONJ | Source = Sage.Business Layer | ID = 0
Description = Message Source: tsFactoryManager.FactoryManager GetInitializer No such
Initializer.

Error - 3/12/2009 9:15:48 AM | Computer Name = CLINTONJ | Source = Sage.Address Book | ID = 0
Description = Message Source: Timberline.AddressBook.Company IPersistentObjectImpl::Load()

Failed
to locate domain object.

Error - 3/12/2009 9:16:33 AM | Computer Name = CLINTONJ | Source = Sage.Business Layer | ID = 0
Description = Message Source: tsFactoryManager.FactoryManager GetInitializer No such
Initializer.

Error - 3/12/2009 9:23:20 AM | Computer Name = CLINTONJ | Source = Sage.Business Layer | ID = 0
Description = Message Source: tsFactoryManager.FactoryManager GetInitializer No such
Initializer.

Error - 8/20/2009 11:01:04 AM | Computer Name = CLINTONJ | Source = Sage.Business Layer | ID = 0
Description = Message Source: tsFactoryManager.FactoryManager GetInitializer No such
Initializer.

[ System Events ]
Error - 12/3/2009 5:11:04 PM | Computer Name = CLINTONJ | Source = Service Control Manager | ID = 7000
Description = The MSSQLSERVER service failed to start due to the following error:
%%2

Error - 12/3/2009 5:11:04 PM | Computer Name = CLINTONJ | Source = Service Control Manager | ID = 7000
Description = The TuneUp Utilities Service service failed to start due to the following
error: %%3

Error - 12/3/2009 5:25:25 PM | Computer Name = CLINTONJ | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 29 minutes. NtpClient has no source of accurate
time.

Error - 12/3/2009 5:55:26 PM | Computer Name = CLINTONJ | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 59 minutes. NtpClient has no source of accurate
time.

Error - 12/3/2009 6:55:25 PM | Computer Name = CLINTONJ | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 119 minutes. NtpClient has no source of accurate
time.

Error - 12/3/2009 8:55:26 PM | Computer Name = CLINTONJ | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 239 minutes. NtpClient has no source of accurate
time.

Error - 12/4/2009 12:55:26 AM | Computer Name = CLINTONJ | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 479 minutes. NtpClient has no source of accurate
time.

Error - 12/4/2009 7:39:35 AM | Computer Name = CLINTONJ | Source = Srv | ID = 2019
Description = The server was unable to allocate from the system nonpaged pool because
the pool was empty.

Error - 12/4/2009 7:51:35 AM | Computer Name = CLINTONJ | Source = Srv | ID = 2019
Description = The server was unable to allocate from the system nonpaged pool because
the pool was empty.

Error - 12/4/2009 8:03:35 AM | Computer Name = CLINTONJ | Source = Srv | ID = 2019
Description = The server was unable to allocate from the system nonpaged pool because
the pool was empty.

[ TuneUp Events ]
Error - 8/19/2009 4:16:08 PM | Computer Name = CLINTONJ | Source = TuneUp Program Statistics | ID = 131840
Description =

Error - 8/19/2009 4:16:13 PM | Computer Name = CLINTONJ | Source = TuneUp Program Statistics | ID = 131840
Description =

Error - 8/19/2009 4:16:43 PM | Computer Name = CLINTONJ | Source = TuneUp Program Statistics | ID = 131840
Description =

Error - 8/19/2009 4:17:03 PM | Computer Name = CLINTONJ | Source = TuneUp Program Statistics | ID = 131840
Description =


< End of report >
  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP