Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Userinit.exe fails to initialize on reinstalled XP Home software

Started by jefflevitan , Mar 27 2011 10:11 PM

  • Please log in to reply

#1
jefflevitan
Posted 27 March 2011 - 10:11 PM

jefflevitan

    New Member

  • Member
  • Pip
  • 5 posts
I reinstalled Windows XP home on a desktop I have from 2004. I updated all updates from SP1 and SP2 and security updates up to but not including SP3. The computer will now only boot in safemode as the owner. adminstrator in safemode does not work. Trying to boot in Normal mode returns...Userinit.exe failed to initialize. Reading Geeks to Go suggests a corrupted userinit.exe file or malware. This is a fresh install but I ran combofix anyway and it found nothing. I copied over a new copy of userinit.exe from my D: partion and that did not help. I checked the registry and found userinit.exe in the correct place. And Userinit.exe is correctly located in the systems32 folder.

I am at my wits end here. What am I missing?
  • 0

Advertisements

#2
RKinner
Posted 29 March 2011 - 07:36 PM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP
What make and model PC?

Ron
  • 0

#3
jefflevitan
Posted 29 March 2011 - 07:47 PM

jefflevitan

    New Member

  • Topic Starter
  • Member
  • Pip
  • 5 posts
compaq presario sr1010 nx running windows xp home
  • 0

#4
RKinner
Posted 29 March 2011 - 07:57 PM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP
Download and install:
Spring 2004 Original Chipset Driver Collection
http://h10025.www1.h...403786&sw_lang=

Userinit tries to activate the network and XP probably doesn't realize what chipset it has so can't get the network to run.

You may need other drivers:
http://h10025.www1.h...uct=403786#N228

Right click on My Computer and select Manage then Device Manager. In the right pane look for yellow or red marked items. These probably need a driver.
  • 0

#5
jefflevitan
Posted 30 March 2011 - 06:38 AM

jefflevitan

    New Member

  • Topic Starter
  • Member
  • Pip
  • 5 posts
Hi- Thanks for your help. Here is what I found so far. I downloaded the package you suggested. In the instructions it says to open the other tab and add the drivers. There is no other tab in my device manager. But I did open the hidden files and the only plug n play process that had a problem was SYMTDI. Google says this is related to Norton so I disabled it since I could not uninstall because I can only boot in safe mode. I then rebooted normally. Got to the users and selected owner which works in safe mode. The system appeared to start..screen went blue, had mouse pointer and hourglass cycled on and off. Nothing happened. Rebooted to safe mode and went back to device manager location and found the event log. There were several errors listed from when I tried to boot. One was the SYMTDI error since I disabled it. The other is:
"The following boot-start or system-start driver(s) failed to load:
Fips
intelppm
SAVRT
SAVRTPEL"

I don't know if these are what is causing the problem but this is what is there.

Suggestions as to next steps?

Thanks for your help. Very frustrating since you can't really see what is going on.

Jeff
  • 0

#6
RKinner
Posted 30 March 2011 - 08:06 AM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP
I've never run the Compaq file. Normally I just get the intel chipset installation utility straight from intel. They have a tool which will identify the chipset and tell you which utility to run:
http://www.intel.com...otlight_dctop10

SAVRT and SAVRTPEL are also leftover from Norton so I'm guessing you just did a repair install rather than a wipe and install. This doesn't replace the whole registry so you can still have problems.

Norton removal tool might be of use: ftp://ftp.symantec.com/public/english_us_canada/removal_tools/Norton_Removal_Tool.exe

I'm thinking that your system is trying to load something else so run OTL per step 2 of
http://www.geekstogo...uide-t2852.html and copy and paste both logs.

Ron
  • 0

#7
jefflevitan
Posted 30 March 2011 - 10:31 AM

jefflevitan

    New Member

  • Topic Starter
  • Member
  • Pip
  • 5 posts
Hi Ron- My reply to you does not seem to have gone thru. Good news. I can log on with Normal start up after using the Symantec removal tool you provided. The computer still is boggy so I ran the OTL tool as suggested and have pasted the logs below. I don't really know what I am looking at but there seem to be a bunch of stuff that is "extra". I look forward to you next recommendations.
Jeff

OTL logfile created on: 3/30/2011 12:07:49 PM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Owner\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

247.00 Mb Total Physical Memory | 29.00 Mb Available Physical Memory | 12.00% Memory free
606.00 Mb Paging File | 318.00 Mb Available in Paging File | 52.00% Paging File free
Paging file location(s): C:\pagefile.sys 372 744 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 33.11 Gb Total Space | 15.91 Gb Free Space | 48.06% Space Free | Partition Type: NTFS
Drive D: | 4.14 Gb Total Space | 0.62 Gb Free Space | 14.88% Space Free | Partition Type: FAT32

Computer Name: YOUR-XB2X7J77GN | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/03/30 12:07:16 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
PRC - [2008/04/14 05:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2004/07/03 10:15:20 | 000,036,864 | ---- | M] () -- C:\Program Files\SEC\MagicTune3.5_Client\GammaTray.exe
PRC - [2004/01/26 09:20:44 | 000,016,384 | ---- | M] () -- C:\Program Files\Compaq Connections\1940576\Program\BackWeb-1940576.exe
PRC - [2003/08/21 07:15:48 | 000,483,328 | ---- | M] (Hewlett-Packard) -- C:\WINDOWS\system32\hphmon05.exe
PRC - [2002/04/12 15:39:24 | 000,155,715 | ---- | M] () -- C:\Program Files\SEC\Natural Color\NaturalColorLoad.exe


========== Modules (SafeList) ==========

MOD - [2011/03/30 12:07:16 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
MOD - [2010/08/23 12:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2004/01/26 09:20:44 | 000,024,576 | ---- | M] (BackWeb) -- C:\Documents and Settings\Owner\Local Settings\temp\IadHide4.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)


========== Driver Services (SafeList) ==========

DRV - [2004/10/07 21:16:04 | 000,035,840 | ---- | M] (Oak Technology Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\AFS2K.SYS -- (AFS2K)
DRV - [2004/10/01 11:24:02 | 002,279,424 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2004/06/29 10:07:18 | 001,268,204 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2003/12/12 10:54:14 | 000,391,424 | ---- | M] (Sensaura Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ALCXSENS.SYS -- (ALCXSENS)
DRV - [2003/12/06 06:13:42 | 000,429,440 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sisgrp.sys -- (SiS315)
DRV - [2003/12/05 20:25:54 | 000,011,392 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\srvkp.sys -- (SiSkp)
DRV - [2003/12/02 22:23:20 | 000,142,336 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\fasttx2k.sys -- (fasttx2k)
DRV - [2003/09/03 03:51:00 | 000,021,120 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\nv_agp.sys -- (nv_agp)
DRV - [2003/07/18 20:58:20 | 000,036,992 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\SISAGPX.sys -- (SISAGP)
DRV - [2003/07/02 15:42:00 | 000,027,904 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\viaagp1.sys -- (viaagp1)
DRV - [2003/04/28 10:13:06 | 000,009,856 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)
DRV - [2002/10/04 21:04:10 | 000,046,976 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\R8139n51.sys -- (rtl8139)
DRV - [2002/07/30 01:43:50 | 000,023,808 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\PS2.sys -- (Ps2)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-qus10.hpwis.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = localhost



O1 HOSTS File: ([2011/03/27 23:26:21 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (CNavExtBho Class) - {BDF3E430-B101-42AD-A544-FADC6B084872} - File not found
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Norton AntiVirus) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - File not found
O4 - HKLM..\Run: [HPHmon05] C:\WINDOWS\system32\hphmon05.exe (Hewlett-Packard)
O4 - HKLM..\Run: [HPHUPD05] c:\Program Files\HP\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe (Hewlett-Packard)
O4 - HKLM..\Run: [PS2] C:\WINDOWS\system32\ps2.EXE (Hewlett-Packard Company)
O4 - HKLM..\Run: [Recguard] C:\WINDOWS\SMINST\Recguard.exe ()
O4 - HKLM..\Run: [Reminder] C:\Windows\Creator\Remind_XP.exe (SoftThinks)
O4 - HKLM..\Run: [UpdateManager] C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe (Sonic Solutions)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Color Calibration.lnk = C:\Program Files\SEC\MagicTune3.5_Client\GammaTray.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Compaq Connections.lnk = C:\Program Files\Compaq Connections\1940576\Program\BackWeb-1940576.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Help and Support.lnk = File not found
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\MagicTune3.5.lnk = C:\Program Files\SEC\MagicTune3.5_Client\MagicTuneTray.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\NaturalColorLoad.lnk = C:\Program Files\SEC\Natural Color\NaturalColorLoad.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - File not found
O15 - HKCU\..Trusted Domains: microsoft.com ([social.msdn] http in Trusted sites)
O15 - HKCU\..Trusted Domains: microsoft.com ([windowsupdate] http in Trusted sites)
O15 - HKCU\..Trusted Domains: windowsupdate.com ([]http in Trusted sites)
O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} https://support.micr...veX/MSDcode.cab (Microsoft Data Collection Control)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.mi...b?1301264151640 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.4.2_03)
O16 - DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.4.2_03)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/01/26 05:28:24 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2001/07/27 14:07:38 | 000,000,000 | -HS- | M] () - D:\AUTOEXEC.BAT -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/03/30 12:07:12 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
[2011/03/30 11:57:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2011/03/29 12:59:38 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2011/03/29 09:55:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2011/03/29 09:17:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\scripting
[2011/03/29 09:17:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\l2schemas
[2011/03/29 09:17:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en
[2011/03/29 09:10:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\network diagnostic
[2011/03/27 23:34:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2011/03/27 23:07:03 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2011/03/27 23:07:03 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2011/03/27 23:07:03 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2011/03/27 23:07:03 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2011/03/27 23:06:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2011/03/27 23:04:56 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/03/27 22:57:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\PackageAware
[2011/03/27 18:13:57 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Owner\IECompatCache
[2011/03/27 18:13:18 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Owner\PrivacIE
[2011/03/26 16:45:35 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Owner\IETldCache
[2011/03/26 14:55:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
[2011/03/26 14:53:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\WBEM
[2011/03/26 14:51:05 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2011/03/26 14:51:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en-US
[2011/03/25 15:43:53 | 000,000,000 | ---D | C] -- C:\Program Files\SymNetDrv
[2011/03/19 14:55:09 | 000,000,000 | RHSD | C] -- C:\WINDOWS\System32\dllcache
[2011/03/19 14:45:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\bits
[2011/03/19 14:39:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\PreInstall
[2011/03/19 13:28:55 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution
[2011/03/19 13:28:15 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2011/03/19 13:27:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\setupupd
[2011/03/19 13:14:18 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Owner\Recent
[5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/03/30 12:11:00 | 000,000,422 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{0D67998B-DFC4-40E3-8A70-9F84E40B8C72}.job
[2011/03/30 12:07:16 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
[2011/03/30 11:55:51 | 000,000,248 | ---- | M] () -- C:\WINDOWS\System\hpsysdrv.dat
[2011/03/30 11:55:32 | 000,381,692 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/03/30 11:55:32 | 000,053,436 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/03/30 11:54:38 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2011/03/30 11:53:56 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/03/30 11:53:53 | 259,575,808 | -HS- | M] () -- C:\hiberfil.sys
[2011/03/30 11:53:53 | 000,143,624 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/03/30 11:44:08 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/03/29 21:52:40 | 000,001,498 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Spider Solitaire.lnk
[2011/03/29 18:45:21 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/03/29 13:04:34 | 000,000,281 | RHS- | M] () -- C:\boot.ini
[2011/03/29 09:09:52 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2011/03/27 23:26:21 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011/03/27 23:06:18 | 004,303,772 | R--- | M] () -- C:\Documents and Settings\Owner\Desktop\ComboFixfix.exe
[2011/03/27 20:39:36 | 000,001,999 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\progress.xml
[2011/03/27 20:39:35 | 000,208,264 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\result.cab
[2011/03/27 17:35:40 | 000,000,104 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Shortcut to &Search.lnk
[2011/03/27 17:27:37 | 000,000,104 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Shortcut to Internet Explorer.lnk
[2011/03/27 13:32:58 | 000,000,104 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Shortcut (2) to &Run....lnk
[2011/03/27 13:32:12 | 000,000,104 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Shortcut to &Run....lnk
[2011/03/26 16:47:40 | 000,000,823 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/03/25 20:12:50 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2011/03/20 19:30:25 | 000,928,574 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\moodle.colgate.edu-file.php-2598-week_9-Schalet_2010_cross-cultural_sexuality0001.mdi
[2011/03/20 19:25:17 | 000,892,358 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\moodle.colgate.edu-file.php-2598-week_9-Schalet_2010_cross-cultural_sexuality.mdi
[2011/03/20 19:20:20 | 000,026,026 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\www.nytimes.com-2010-11-07-education-07sex-grades-t.mdi
[2011/03/19 15:16:22 | 000,001,487 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Solitaire.lnk
[2011/03/19 14:58:41 | 000,000,889 | -H-- | M] () -- C:\WINDOWS\QUICKEN.INI
[2011/03/19 13:08:45 | 000,003,610 | RHS- | M] () -- C:\WINDOWS\System32\drivers\HP_DW254A-ABA SR1010N NA510_YC_Pres_QMXK417_E42NAheRET3_4_IGamila Giovani Neon series_SMICRO-STAR INTERNATIONAL CO., LTD_V030_B3.08_T040225_WXH1_L409_M248_J40_7Intel_8Celeron_92.7_1_N10EC8139_P_Z11C1048C_K_A808624C5.MRK
[2011/03/19 12:58:45 | 000,000,993 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2011/03/19 12:41:10 | 000,000,196 | RHS- | M] () -- C:\BOOT.BAK
[5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/03/30 10:59:37 | 259,575,808 | -HS- | C] () -- C:\hiberfil.sys
[2011/03/29 13:04:33 | 000,001,903 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Compaq Connections.lnk
[2011/03/29 13:04:33 | 000,001,808 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
[2011/03/29 13:04:33 | 000,001,587 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\MagicTune3.5.lnk
[2011/03/29 13:04:33 | 000,001,559 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Color Calibration.lnk
[2011/03/29 13:04:33 | 000,000,655 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\NaturalColorLoad.lnk
[2011/03/29 09:18:35 | 000,010,457 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.hta
[2011/03/29 09:18:35 | 000,001,771 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.css
[2011/03/29 09:18:35 | 000,000,855 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpocm.inf
[2011/03/29 09:18:35 | 000,000,420 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmploc.js
[2011/03/29 09:18:34 | 000,613,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplayer.chm
[2011/03/29 09:18:34 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud9.wav
[2011/03/29 09:18:34 | 000,067,374 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplayer.adm
[2011/03/29 09:18:34 | 000,023,195 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplay.chm
[2011/03/29 09:18:33 | 000,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud7.wav
[2011/03/29 09:18:33 | 000,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud6.wav
[2011/03/29 09:18:33 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud8.wav
[2011/03/29 09:18:32 | 000,354,468 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud1.wav
[2011/03/29 09:18:32 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud3.wav
[2011/03/29 09:18:32 | 000,086,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud5.wav
[2011/03/29 09:18:32 | 000,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud4.wav
[2011/03/29 09:18:32 | 000,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud2.wav
[2011/03/29 09:18:32 | 000,029,070 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmp.inf
[2011/03/29 09:18:31 | 000,300,969 | ---- | C] () -- C:\WINDOWS\System32\dllcache\viz.wmv
[2011/03/29 09:18:31 | 000,023,829 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tourbg.gif
[2011/03/29 09:18:31 | 000,017,489 | ---- | C] () -- C:\WINDOWS\System32\dllcache\videobg.gif
[2011/03/29 09:18:31 | 000,017,272 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmdm.inf
[2011/03/29 09:18:31 | 000,008,677 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm7.gif
[2011/03/29 09:18:31 | 000,007,892 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm9.gif
[2011/03/29 09:18:31 | 000,007,636 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm2.gif
[2011/03/29 09:18:31 | 000,007,369 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm4.gif
[2011/03/29 09:18:31 | 000,006,769 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmfsdk.inf
[2011/03/29 09:18:31 | 000,006,241 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm3.gif
[2011/03/29 09:18:31 | 000,006,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm6.gif
[2011/03/29 09:18:31 | 000,005,789 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm1.gif
[2011/03/29 09:18:31 | 000,005,290 | ---- | C] () -- C:\WINDOWS\System32\dllcache\vidsamp.gif
[2011/03/29 09:18:31 | 000,004,193 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm8.gif
[2011/03/29 09:18:31 | 000,003,187 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tour.js
[2011/03/29 09:18:31 | 000,002,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm5.gif
[2011/03/29 09:18:31 | 000,002,469 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplay.gif
[2011/03/29 09:18:31 | 000,002,450 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpause.gif
[2011/03/29 09:18:31 | 000,002,375 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplayh.gif
[2011/03/29 09:18:31 | 000,002,371 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpauseh.gif
[2011/03/29 09:18:31 | 000,001,398 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taon.gif
[2011/03/29 09:18:31 | 000,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taonh.gif
[2011/03/29 09:18:31 | 000,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoff.gif
[2011/03/29 09:18:31 | 000,001,367 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoffh.gif
[2011/03/29 09:18:30 | 000,572,557 | ---- | C] () -- C:\WINDOWS\System32\dllcache\rtuner.wmv
[2011/03/29 09:18:30 | 000,375,519 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nuskin.wmv
[2011/03/29 09:18:30 | 000,077,307 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plyr_err.chm
[2011/03/29 09:18:30 | 000,066,725 | ---- | C] () -- C:\WINDOWS\System32\dllcache\revert.wmz
[2011/03/29 09:18:30 | 000,001,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst6.wpl
[2011/03/29 09:18:30 | 000,001,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst5.wpl
[2011/03/29 09:18:30 | 000,001,474 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst3.wpl
[2011/03/29 09:18:30 | 000,001,451 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst12.wpl
[2011/03/29 09:18:30 | 000,001,448 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst4.wpl
[2011/03/29 09:18:30 | 000,001,250 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst1.wpl
[2011/03/29 09:18:30 | 000,001,148 | ---- | C] () -- C:\WINDOWS\System32\dllcache\snd.htm
[2011/03/29 09:18:30 | 000,001,049 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst2.wpl
[2011/03/29 09:18:30 | 000,001,046 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst7.wpl
[2011/03/29 09:18:30 | 000,001,036 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst8.wpl
[2011/03/29 09:18:30 | 000,000,908 | ---- | C] () -- C:\WINDOWS\System32\dllcache\skins.inf
[2011/03/29 09:18:30 | 000,000,789 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst11.wpl
[2011/03/29 09:18:30 | 000,000,787 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst10.wpl
[2011/03/29 09:18:30 | 000,000,784 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst9.wpl
[2011/03/29 09:18:30 | 000,000,783 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst13.wpl
[2011/03/29 09:18:30 | 000,000,775 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst14.wpl
[2011/03/29 09:18:30 | 000,000,733 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst15.wpl
[2011/03/29 09:18:29 | 000,022,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npds.zip
[2011/03/29 09:18:29 | 000,018,286 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.inf
[2011/03/29 09:18:29 | 000,002,778 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogoh.gif
[2011/03/29 09:18:29 | 000,002,545 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogo.gif
[2011/03/29 09:18:29 | 000,000,403 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npdrmv2.zip
[2011/03/29 09:18:28 | 000,457,607 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mdlib.wmv
[2011/03/29 09:18:28 | 000,005,971 | ---- | C] () -- C:\WINDOWS\System32\dllcache\events.js
[2011/03/29 09:18:27 | 000,381,425 | ---- | C] () -- C:\WINDOWS\System32\dllcache\copycd.wmv
[2011/03/29 09:18:27 | 000,184,959 | ---- | C] () -- C:\WINDOWS\System32\dllcache\compact.wmz
[2011/03/29 09:18:27 | 000,009,585 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.css
[2011/03/29 09:18:27 | 000,008,298 | ---- | C] () -- C:\WINDOWS\System32\dllcache\contents.htm
[2011/03/29 09:18:27 | 000,006,878 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.js
[2011/03/29 09:18:27 | 000,000,999 | ---- | C] () -- C:\WINDOWS\System32\dllcache\bktrh.gif
[2011/03/29 09:18:27 | 000,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnth.gif
[2011/03/29 09:18:27 | 000,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnt.gif
[2011/03/29 09:18:27 | 000,000,772 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cntd.gif
[2011/03/29 09:18:27 | 000,000,760 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapph.gif
[2011/03/29 09:18:27 | 000,000,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapp.gif
[2011/03/29 09:13:06 | 000,844,314 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdxm.ocx
[2011/03/29 09:13:06 | 000,498,742 | ---- | C] () -- C:\WINDOWS\System32\dllcache\dxmasf.dll
[2011/03/29 09:13:06 | 000,004,126 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdxmlc.dll
[2011/03/27 23:07:03 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011/03/27 23:07:03 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011/03/27 23:07:03 | 000,089,088 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011/03/27 23:07:03 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011/03/27 23:07:03 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011/03/27 23:06:09 | 004,303,772 | R--- | C] () -- C:\Documents and Settings\Owner\Desktop\ComboFixfix.exe
[2011/03/27 21:40:06 | 000,001,999 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\progress.xml
[2011/03/27 20:39:51 | 000,208,264 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\result.cab
[2011/03/27 18:13:53 | 000,000,422 | -H-- | C] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{0D67998B-DFC4-40E3-8A70-9F84E40B8C72}.job
[2011/03/27 17:35:40 | 000,000,104 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Shortcut to &Search.lnk
[2011/03/27 17:27:37 | 000,000,104 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Shortcut to Internet Explorer.lnk
[2011/03/27 13:32:58 | 000,000,104 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Shortcut (2) to &Run....lnk
[2011/03/27 13:32:12 | 000,000,104 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Shortcut to &Run....lnk
[2011/03/26 16:47:39 | 000,000,811 | ---- | C] () -- C:\Documents and Settings\Owner\Start Menu\Programs\Internet Explorer.lnk
[2011/03/25 20:39:22 | 000,000,823 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/03/25 15:41:06 | 000,001,498 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Spider Solitaire.lnk
[2011/03/20 19:30:13 | 000,928,574 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\moodle.colgate.edu-file.php-2598-week_9-Schalet_2010_cross-cultural_sexuality0001.mdi
[2011/03/20 19:25:18 | 000,892,358 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\moodle.colgate.edu-file.php-2598-week_9-Schalet_2010_cross-cultural_sexuality.mdi
[2011/03/20 19:20:19 | 000,026,026 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\www.nytimes.com-2010-11-07-education-07sex-grades-t.mdi
[2011/03/20 12:50:47 | 000,067,866 | ---- | C] () -- C:\WINDOWS\System32\drivers\netwlan5.img
[2011/03/20 12:50:47 | 000,007,208 | ---- | C] () -- C:\WINDOWS\System32\secupd.sig
[2011/03/20 12:50:47 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2011/03/20 12:50:02 | 000,057,667 | ---- | C] () -- C:\WINDOWS\System32\ieuinit.inf
[2011/03/20 12:49:31 | 000,129,045 | ---- | C] () -- C:\WINDOWS\System32\drivers\cxthsfs2.cty
[2011/03/20 12:49:13 | 000,064,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\ativmc20.cod
[2011/03/19 13:08:45 | 000,003,610 | RHS- | C] () -- C:\WINDOWS\System32\drivers\HP_DW254A-ABA SR1010N NA510_YC_Pres_QMXK417_E42NAheRET3_4_IGamila Giovani Neon series_SMICRO-STAR INTERNATIONAL CO., LTD_V030_B3.08_T040225_WXH1_L409_M248_J40_7Intel_8Celeron_92.7_1_N10EC8139_P_Z11C1048C_K_A808624C5.MRK
[2011/03/19 12:45:14 | 000,000,104 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Help and Support.lnk
[2006/07/16 23:56:36 | 000,000,206 | -H-- | C] () -- C:\WINDOWS\HPGdiPlus.ini
[2006/05/17 19:31:55 | 000,000,028 | -H-- | C] () -- C:\WINDOWS\atid.ini
[2006/04/17 10:20:41 | 000,000,175 | -H-- | C] () -- C:\WINDOWS\hpbafd.ini
[2006/04/17 10:07:27 | 000,000,063 | -H-- | C] () -- C:\WINDOWS\mdm.ini
[2005/06/18 10:36:27 | 000,000,431 | -H-- | C] () -- C:\WINDOWS\BrmfBidi.ini
[2004/11/01 21:58:08 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\VPC32.INI
[2004/09/17 22:22:19 | 000,000,059 | -H-- | C] () -- C:\WINDOWS\wininit.ini
[2004/09/17 22:22:09 | 000,000,045 | -H-- | C] () -- C:\WINDOWS\IEDKLHHQ.ini
[2004/05/02 18:27:58 | 000,007,325 | -H-- | C] () -- C:\WINDOWS\hpdj3600.ini
[2004/05/02 18:27:37 | 000,000,470 | -H-- | C] () -- C:\WINDOWS\hpbvspst.ini
[2004/02/04 15:12:22 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/02/04 15:12:21 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/02/04 15:11:12 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/02/04 15:10:39 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004/02/04 14:37:37 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/02/04 14:37:37 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/02/04 14:37:34 | 000,004,490 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/02/04 14:37:29 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004/02/04 14:37:23 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2004/01/28 22:21:05 | 000,000,451 | -H-- | C] () -- C:\WINDOWS\VGAsetup.ini
[2004/01/28 22:21:05 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\VGAunistlog.ini
[2004/01/27 06:47:39 | 000,000,061 | -H-- | C] () -- C:\WINDOWS\smscfg.ini
[2004/01/27 06:26:18 | 000,000,051 | ---- | C] () -- C:\WINDOWS\System32\mshrml.ini
[2004/01/26 09:32:19 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\JAWTAccessBridge.dll
[2004/01/26 09:31:25 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\PcdrKernelModeServices.dll
[2004/01/26 09:31:25 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\ProgressTrace.dll
[2004/01/26 09:27:36 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\fusioncache.dat
[2004/01/26 09:23:22 | 000,167,936 | ---- | C] () -- C:\WINDOWS\System32\PCDrJNI_1_1.dll
[2004/01/26 09:20:44 | 000,090,112 | RH-- | C] () -- C:\WINDOWS\bwUnin-6.2.3.66L.exe
[2004/01/26 09:17:11 | 000,029,216 | ---- | C] () -- C:\WINDOWS\System32\CHODDI.SYS
[2004/01/26 09:16:36 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\syscontr.dll
[2004/01/26 09:16:00 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\hpreg.dll
[2004/01/26 09:00:28 | 000,000,376 | -H-- | C] () -- C:\WINDOWS\ODBC.INI
[2004/01/26 08:46:03 | 000,000,889 | -H-- | C] () -- C:\WINDOWS\QUICKEN.INI
[2004/01/26 07:42:19 | 000,006,848 | ---- | C] () -- C:\WINDOWS\System32\hphmon05.dat
[2004/01/26 07:42:12 | 000,018,341 | -H-- | C] () -- C:\WINDOWS\HPHins01.dat
[2004/01/26 07:42:12 | 000,004,308 | -H-- | C] () -- C:\WINDOWS\hphmdl01.dat
[2004/01/26 07:31:29 | 000,028,885 | -H-- | C] () -- C:\WINDOWS\hpoins03.dat
[2004/01/26 07:31:28 | 000,034,468 | -H-- | C] () -- C:\WINDOWS\hpomdl03.dat
[2004/01/26 07:11:28 | 000,016,306 | -H-- | C] () -- C:\WINDOWS\hpqins01.dat
[2004/01/26 07:11:28 | 000,002,673 | -H-- | C] () -- C:\WINDOWS\hpimdl01.dat
[2004/01/26 06:56:30 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004/01/26 06:47:59 | 000,001,040 | ---- | C] () -- C:\WINDOWS\System32\drivers\alcxinit.dat
[2004/01/26 06:42:46 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\sis760.bin
[2004/01/26 06:42:46 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\sis741.bin
[2004/01/26 06:42:46 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\sis660.bin
[2004/01/26 06:24:30 | 000,028,779 | ---- | C] () -- C:\WINDOWS\System32\javaw.exe
[2004/01/26 06:24:30 | 000,024,681 | ---- | C] () -- C:\WINDOWS\System32\java.exe
[2004/01/26 06:14:16 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2004/01/26 06:02:59 | 000,299,073 | ---- | C] () -- C:\WINDOWS\System32\PythonCOM22.dll
[2004/01/26 06:02:59 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\PyWinTypes22.dll
[2004/01/26 06:02:33 | 000,016,896 | ---- | C] () -- C:\WINDOWS\System32\bcbmm.dll
[2004/01/26 05:33:52 | 000,000,802 | -H-- | C] () -- C:\WINDOWS\orun32.ini
[2004/01/26 05:31:29 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2004/01/26 05:24:27 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2004/01/26 04:11:44 | 000,000,553 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2004/01/26 04:10:28 | 000,381,692 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/01/26 04:10:28 | 000,053,436 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/01/25 21:17:53 | 000,004,161 | -H-- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004/01/25 21:16:44 | 000,143,624 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2003/09/23 04:19:42 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2003/05/16 01:15:18 | 000,225,209 | ---- | C] () -- C:\WINDOWS\System32\C9930A.bin
[2003/03/07 02:53:16 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\hpnvr82.dll
[2003/03/06 06:28:38 | 000,000,309 | -H-- | C] () -- C:\WINDOWS\hpfins01.dat
[2003/01/08 02:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002/11/14 23:58:04 | 000,200,192 | ---- | C] () -- C:\WINDOWS\System32\ir50_qc.dll
[2002/11/14 23:58:04 | 000,183,808 | ---- | C] () -- C:\WINDOWS\System32\ir50_qcx.dll
[2002/11/14 23:58:02 | 000,755,200 | ---- | C] () -- C:\WINDOWS\System32\ir50_32.dll
[2002/11/14 23:58:02 | 000,338,432 | ---- | C] () -- C:\WINDOWS\System32\ir41_qcx.dll
[2002/11/14 23:58:02 | 000,120,320 | ---- | C] () -- C:\WINDOWS\System32\ir41_qc.dll

========== LOP Check ==========

[2004/05/02 19:36:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MSN Messenger 5.0.0544
[2005/12/18 22:54:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PopCap
[2007/08/26 20:10:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2005/08/29 07:53:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Aim
[2004/01/27 06:26:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\interMute
[2004/05/28 19:30:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Leadertech
[2004/01/26 09:49:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\SampleView
[2004/06/27 17:17:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Template
[2007/01/28 21:21:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Viewpoint
[2011/03/30 12:11:00 | 000,000,422 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{0D67998B-DFC4-40E3-8A70-9F84E40B8C72}.job

========== Purity Check ==========



< End of report >


OTL Extras logfile created on: 3/30/2011 12:07:49 PM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Owner\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

247.00 Mb Total Physical Memory | 29.00 Mb Available Physical Memory | 12.00% Memory free
606.00 Mb Paging File | 318.00 Mb Available in Paging File | 52.00% Paging File free
Paging file location(s): C:\pagefile.sys 372 744 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 33.11 Gb Total Space | 15.91 Gb Free Space | 48.06% Space Free | Partition Type: NTFS
Drive D: | 4.14 Gb Total Space | 0.62 Gb Free Space | 14.88% Space Free | Partition Type: FAT32

Computer Name: YOUR-XB2X7J77GN | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Documents and Settings\Owner\Local Settings\temp\7zSC.tmp\SymNRT.exe" = C:\Documents and Settings\Owner\Local Settings\temp\7zSC.tmp\SymNRT.exe:*:Enabled:Norton Removal Tool
"C:\Program Files\Compaq Connections\1940576\Program\BackWeb-1940576.exe" = C:\Program Files\Compaq Connections\1940576\Program\BackWeb-1940576.exe:*:Enabled:BackWeb-1940576 -- ()


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0861E87B-24D7-4E7C-B11B-54F86E5C5199}" = hpg8200
"{092eeeee-9fdd-4895-a568-0818c96beb6c}" = AiO_Scan
"{09DA4F91-2A09-4232-AB8C-6BC740096DE3}" = Sonic Update Manager
"{14589F05-C658-4594-9429-D437BA688686}" = IntelliMover Data Transfer Demo
"{14B4E017-ACDF-4DB0-9D94-8988F5F0145A}" = hpg4600
"{15B9DC72-73F9-4d99-9E28-848D66DA8D99}" = HP Photo & Imaging 3.5 - HP Devices
"{1D643CD7-4DD6-11D7-A4E0-000874180BB3}" = Microsoft Money 2004
"{1F7473D9-6C0B-4F5A-8FA4-AB8AD78CBE54}" = DocProc
"{1F7CCFA3-D926-4882-B2A5-A0217ED25597}" = PC-Doctor for Windows
"{20CF99FC-2CE7-4AA4-966E-A4B11C0662B4}" = hpg3970
"{257EC58E-03FD-472B-A9B6-93F23A3C4CB0}" = Scan
"{29B39FB2-5ADF-4F94-BC82-13942871DD0D}" = CameraDrivers
"{29B50D30-EAFC-4cea-9F76-3A0E3729E9B0}" = SkinsHP1
"{2A267BC6-F77F-4DD4-825F-7AEB1F68B4B1}" = HpSdpAppCoreApp
"{2E132061-C78A-48D4-A899-1D13B9D189FA}" = Memories Disc Creator 2.0
"{34957B51-9676-41CE-9E52-44AE91B73F1C}" = HP Software Update
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3CF78481-FB7B-4B51-99A2-D5E0CD0B3AAF}" = HPSystemDiagnostics
"{415B8A4E-0EA2-4C69-975C-EEE07B837FD7}" = Unload
"{45B6180B-DCAB-4093-8EE8-6164457517F0}" = Photosmart 140,240,7200,7600,7700,7900 Series
"{48242276-DB89-42e8-9678-BD4280D7B99A}" = Copy
"{483616D1-867E-46F8-BEC7-3C6475933908}" = Adobe Photoshop Album Starter Edition
"{54e854d5-d5d4-452d-9c75-b39f5625b5fb}" = Readme
"{57C7C46A-D35D-492d-A328-4F8C9B5B4B52}" = PrintScreen
"{595D0DE8-C38A-4432-B851-47DECC1A99BD}" = HP Unload DLL Patch
"{60758250-C8CF-47EB-8CB6-E0C3B84D8207}" = PSShortcutsP
"{66C018BD-6F16-4B32-B4CD-1DC1B21FBDFF}" = Zone Deluxe Games
"{7148F0A8-6813-11D6-A77B-00B0D0142030}" = Java 2 Runtime Environment, SE v1.4.2_03
"{723C033E-63EA-4227-BAB2-0AA8693C16EB}" = Director
"{745A92AF-53B4-41A7-91C3-9B026B1D5897}" = InstantShare
"{764D06D8-D8DE-411E-A1C8-D9E9380F8A84}" = Microsoft Works 7.0
"{81DD5688-695A-4c1d-AE7D-368BF857725A}" = TrayApp
"{8777AC6D-89F9-4793-8266-DE406F343E89}" = QFolder
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel® Extreme Graphics Driver
"{8C64E145-54BA-11D6-91B1-00500462BE80}" = Microsoft Money 2004 System Pack
"{91120409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Standard Edition 2003
"{9541FED0-327F-4DF0-8B96-EF57EF622F19}" = RecordNow!
"{9B03C535-3AEA-4ef2-B326-0A01A2207034}" = CreativeProjects
"{9F4EEA0C-7174-4BD3-89AF-7AB2F9F6AEDD}" = hpmdtab
"{AC76BA86-7AD7-1033-7B44-000000000001}" = Adobe Reader 6.0
"{AD17BC8E-4A5D-4E59-8640-10DF36E9EB75}" = hpg5530
"{bb6cac2a-1fa0-471a-bc3c-ade699c39f3c}" = Fax
"{BC339BFD-F550-471a-8D26-4D08126C62F7}" = SkinsHP2
"{c330461f-c4a9-4fc7-af5d-c158e0b56aa7}" = AiOSoftware
"{C6A7AF96-4EB1-4AAE-8318-1AB393C64F88}" = Microsoft Plus! Digital Media Edition
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CBE3E0AF-73BB-4c21-8B96-B09E003EDE7F}" = QuickProjects
"{D0122362-6333-4DE4-93F6-A5A2F3CC101A}" = Compaq Organize
"{E8BFBD0A-8002-4dc9-869C-E495FA9DCE7A}" = PhotoGallery
"{ec7d7a6a-31cb-4810-826f-74171bef44f1}" = AIOMinimal
"{ED869D8B-6C7E-44C7-9F2F-BD5436849C61}" = hpg2436
"{F38FA38A-7E5A-4209-88ED-4DE21CD20EEF}" = HP PSC & OfficeJet 3.0
"{F419D20A-7719-4639-8E30-C073A040D878}" = HP Deskjet Preloaded Printer Drivers
"{FBBF532A-47AC-457d-AC06-0D3163D8911E}" = WebReg
"26DC0ED6-93A7-43C1-8DC5-EC16079580F9" = Orbital from Compaq (remove only)
"29FF6D07-4A15-41F1-9D5E-E0F3A58012C6" = Bounce Symphony from Compaq (remove only)
"2FDCC229-354D-4279-ABEF-CE17E355BFFA" = Five Card Frenzy from Compaq (remove only)
"75528D5F-DD82-402E-BA7C-045B7DC6A712" = Blasterball 2 from Compaq (remove only)
"8A225900-C06D-41DD-B66C-43840D472758" = Otto from Compaq (remove only)
"8BA6F58B-7A91-461F-95F8-E34F8BD8AA4E" = Slyder from Compaq (remove only)
"Agere Systems Soft Modem" = Agere Systems PCI Soft Modem
"BackWeb-1940576 Uninstaller" = Compaq Connections
"C679AA5F-C2C8-4EA8-9CD1-504A39AEC264" = Excavation from Compaq (remove only)
"Compaq Instant Support" = Compaq Instant Support
"FA7F5211-C629-4711-BD82-7DFFB08CB518" = Overball from Compaq (remove only)
"HP Photo & Imaging" = HP Image Zone 3.5
"ie8" = Windows Internet Explorer 8
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"NVIDIA" =
"NVIDIA GART Driver" = NVIDIA GART Driver
"PS2" = PS2
"Python 2.2 combined Win32 extensions" = Python 2.2 combined Win32 extensions
"Python 2.2.1" = Python 2.2.1
"RealPlayer 6.0" = RealOne Player
"SpamSubtract" = SpamSubtract
"ViewpointMediaPlayer" = Viewpoint Media Player (Remove Only)
"Windows XP Service Pack" = Windows XP Service Pack 3

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 3/27/2011 11:31:14 AM | Computer Name = YOUR-XB2X7J77GN | Source = ESENT | ID = 488
Description = wuauclt (816) An attempt to create the file "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\res2.log"
failed with system error 1450 (0x000005aa): "Insufficient system resources exist
to complete the requested service. ". The create file operation will fail with
error -1011 (0xfffffc0d).

Error - 3/27/2011 11:31:14 AM | Computer Name = YOUR-XB2X7J77GN | Source = ESENT | ID = 488
Description = wuauclt (816) An attempt to create the file "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\res2.log"
failed with system error 1450 (0x000005aa): "Insufficient system resources exist
to complete the requested service. ". The create file operation will fail with
error -1011 (0xfffffc0d).

Error - 3/27/2011 11:31:14 AM | Computer Name = YOUR-XB2X7J77GN | Source = ESENT | ID = 488
Description = wuauclt (816) An attempt to create the file "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\res2.log"
failed with system error 1450 (0x000005aa): "Insufficient system resources exist
to complete the requested service. ". The create file operation will fail with
error -1011 (0xfffffc0d).

Error - 3/27/2011 11:31:14 AM | Computer Name = YOUR-XB2X7J77GN | Source = ESENT | ID = 488
Description = wuauclt (816) An attempt to create the file "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\res2.log"
failed with system error 1450 (0x000005aa): "Insufficient system resources exist
to complete the requested service. ". The create file operation will fail with
error -1011 (0xfffffc0d).

Error - 3/27/2011 11:31:14 AM | Computer Name = YOUR-XB2X7J77GN | Source = ESENT | ID = 488
Description = wuauclt (816) An attempt to create the file "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\res2.log"
failed with system error 1450 (0x000005aa): "Insufficient system resources exist
to complete the requested service. ". The create file operation will fail with
error -1011 (0xfffffc0d).

Error - 3/27/2011 11:31:14 AM | Computer Name = YOUR-XB2X7J77GN | Source = ESENT | ID = 488
Description = wuauclt (816) An attempt to create the file "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\res2.log"
failed with system error 1450 (0x000005aa): "Insufficient system resources exist
to complete the requested service. ". The create file operation will fail with
error -1011 (0xfffffc0d).

Error - 3/27/2011 11:31:14 AM | Computer Name = YOUR-XB2X7J77GN | Source = ESENT | ID = 488
Description = wuauclt (816) An attempt to create the file "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\res2.log"
failed with system error 1450 (0x000005aa): "Insufficient system resources exist
to complete the requested service. ". The create file operation will fail with
error -1011 (0xfffffc0d).

Error - 3/27/2011 11:31:14 AM | Computer Name = YOUR-XB2X7J77GN | Source = ESENT | ID = 488
Description = wuauclt (816) An attempt to create the file "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\res2.log"
failed with system error 1450 (0x000005aa): "Insufficient system resources exist
to complete the requested service. ". The create file operation will fail with
error -1011 (0xfffffc0d).

Error - 3/27/2011 11:31:14 AM | Computer Name = YOUR-XB2X7J77GN | Source = ESENT | ID = 488
Description = wuauclt (816) An attempt to create the file "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\res2.log"
failed with system error 1450 (0x000005aa): "Insufficient system resources exist
to complete the requested service. ". The create file operation will fail with
error -1011 (0xfffffc0d).

Error - 3/27/2011 11:31:14 AM | Computer Name = YOUR-XB2X7J77GN | Source = ESENT | ID = 488
Description = wuauclt (816) An attempt to create the file "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\res2.log"
failed with system error 1450 (0x000005aa): "Insufficient system resources exist
to complete the requested service. ". The create file operation will fail with
error -1011 (0xfffffc0d).

[ System Events ]
Error - 3/30/2011 8:21:20 AM | Computer Name = YOUR-XB2X7J77GN | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service EventSystem
with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 3/30/2011 8:22:16 AM | Computer Name = YOUR-XB2X7J77GN | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
Fips intelppm SAVRT SAVRTPEL

Error - 3/30/2011 8:51:46 AM | Computer Name = YOUR-XB2X7J77GN | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service ntmssvc with
arguments "-Service" in order to run the server: {D61A27C6-8F53-11D0-BFA0-00A024151983}

Error - 3/30/2011 9:07:12 AM | Computer Name = YOUR-XB2X7J77GN | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service MSIServer with
arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046}

Error - 3/30/2011 9:07:13 AM | Computer Name = YOUR-XB2X7J77GN | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service MSIServer with
arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046}

Error - 3/30/2011 9:08:05 AM | Computer Name = YOUR-XB2X7J77GN | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service MSIServer with
arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046}

Error - 3/30/2011 9:08:05 AM | Computer Name = YOUR-XB2X7J77GN | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service MSIServer with
arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046}

Error - 3/30/2011 9:10:35 AM | Computer Name = YOUR-XB2X7J77GN | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service MSIServer with
arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046}

Error - 3/30/2011 9:10:36 AM | Computer Name = YOUR-XB2X7J77GN | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service MSIServer with
arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046}

Error - 3/30/2011 10:58:30 AM | Computer Name = YOUR-XB2X7J77GN | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service EventSystem
with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}


< End of report >
  • 0

#8
RKinner
Posted 30 March 2011 - 11:58 PM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP
With only 247.00 Mb Total Physical Memory I would expect it to be very slow. That might have been enough to run XP when it came out but to get decent performance on an XP SP3 you need about 1 Gig. Your PC needs at least 2 512MB (1X512MB) PC2100 NONECC UNBUFFERED 184 PIN DDR DIMM. 2 1GB is the most it can take.

We can clean up a few problems:

Clear the Java Cache by following the instructions on
http://www.java.com/...lugin_cache.xml

You do not have the latest Java.
First go into Control Panel, Add/Remove Software and remove any old versions (which may call themselves: Java Runtime, Runtime Environment, Runtime, JRE, I see: "{7148F0A8-6813-11D6-A77B-00B0D0142030}" = Java 2 Runtime Environment, SE v1.4.2_03

Now delete the folder C:\Program Files\Java

Get the latest at:

http://javadl.sun.co...?BundleId=41723

Save it to your PC then close all browsers and install it. Do not let it install the yahoo toolbar or other foistware.

Copy the text in the code box by highlighting and Ctrl + c 


:Services
HidServ
AppMgmt

:OTL
SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
O2 - BHO: (CNavExtBho Class) - {BDF3E430-B101-42AD-A544-FADC6B084872} - File not found
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Norton AntiVirus) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - File not found
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Help and Support.lnk = File not found
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - File not found
    
:Commands
[purity]
[emptytemp]
[Reboot]
then run OTL and Under the Custom Scans/Fixes box at the bottom, paste (ctrl +v) the text. Verify that you got it all and Then click the Run Fix button at the top
Let the program run unhindered, OTL will reboot the PC when it is done. Save the log and copy and paste it to a reply.

Start, Run, eventvwr.msc, OK to bring up the Event Viewer. Right click on System and Clear Log or Clear All Events, No (we don't want to save the old log), OK. Repeat for Application. Reboot.

1. Please download the Event Viewer Tool by Vino Rosso
http://images.malwar...om/vino/VEW.exe
and save it to your Desktop:
2. Double-click VEW.exe
3. Under 'Select log to query', select:

* System
4. Under 'Select type to list', select:
* Error
* Warning


Then use the 'Number of events' as follows:


1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.


Please post the Output log in your next reply then repeat but select Application.

Ron
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP