The D drive is my USB flash that I've already put the Panda Vaccine on. I recently downloaded some tools and put them on the ailing computer with my flash drive, but have not run any of them, yet. I would greatly appreciate some help with this as removal of this type is waaay over my head. Hopefully this time next year I'll have passed GeekU and be helping remove this stuff!
OTL logfile created on: 2/10/2012 1:00:48 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\IT\Desktop
Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.99 Gb Total Physical Memory | 1.30 Gb Available Physical Memory | 65.35% Memory free
3.98 Gb Paging File | 3.13 Gb Available in Paging File | 78.62% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 134.32 Gb Total Space | 63.48 Gb Free Space | 47.26% Space Free | Partition Type: NTFS
Drive D: | 14.53 Gb Total Space | 8.27 Gb Free Space | 56.94% Space Free | Partition Type: FAT32
Computer Name: COMP2 | User Name: IT | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012/02/09 14:50:02 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\IT\Desktop\OTL.exe
PRC - [2011/06/15 14:16:48 | 000,997,920 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2011/04/27 14:39:26 | 000,208,944 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
PRC - [2011/04/27 14:39:26 | 000,011,736 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
PRC - [2011/02/25 00:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010/10/20 17:41:22 | 000,067,904 | ---- | M] (Nalpeiron Ltd.) -- C:\Windows\System32\NLSSRV32.EXE
PRC - [2010/04/14 04:01:34 | 000,015,656 | ---- | M] () -- C:\Program Files\Sage\SIM\Server\Sage.Sim.Server.WindowsService.exe
PRC - [2009/12/06 21:12:00 | 001,590,216 | ---- | M] (UltraVNC) -- C:\Program Files\ultravnc\winvnc.exe
PRC - [2009/10/22 13:48:58 | 000,435,488 | ---- | M] (Pervasive Software Inc.) -- C:\Program Files\Pervasive Software\PSQL\bin\w3dbsmgr.exe
PRC - [2009/04/21 14:37:16 | 002,010,147 | ---- | M] (Great Lakes Data Systems, Inc.) -- C:\Program Files\GLDS\UpgradeManager\UpgradeManagerSvc.exe
PRC - [2009/02/20 10:46:52 | 000,030,312 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
========== Modules (No Company Name) ==========
MOD - [2010/12/23 09:01:48 | 000,139,776 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2010/10/26 17:28:06 | 000,278,928 | ---- | M] () -- C:\Program Files\Smart PDF Converter Pro\ExplorerExt.dll
========== Win32 Services (SafeList) ==========
SRV - [2011/12/24 17:50:18 | 000,652,872 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011/04/27 14:39:26 | 000,208,944 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv)
SRV - [2011/04/27 14:39:26 | 000,011,736 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV - [2010/10/20 17:41:22 | 000,067,904 | ---- | M] (Nalpeiron Ltd.) [Auto | Running] -- C:\Windows\System32\NLSSRV32.EXE -- (nlsX86cc)
SRV - [2010/09/27 16:42:18 | 004,180,576 | ---- | M] (SafeNet Inc.) [Auto | Stopped] -- C:\Windows\System32\hasplms.exe -- (hasplms)
SRV - [2010/05/14 11:18:49 | 001,343,400 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2010/04/14 04:01:34 | 000,015,656 | ---- | M] () [Auto | Running] -- C:\Program Files\Sage\SIM\Server\Sage.Sim.Server.WindowsService.exe -- (SageInstMgrServer)
SRV - [2010/04/07 20:04:58 | 000,107,816 | ---- | M] (Timberline Software Corp.) [Auto | Stopped] -- C:\Program Files\Common Files\Sage\LS1\ServiceHost\1.0\Sage.LS1.ServiceHost.exe -- (Sage.LS1.ServiceHost.1.0) Sage Service Host (v1.0)
SRV - [2010/03/03 17:07:26 | 000,210,944 | ---- | M] (Numara Software, Inc.) [Auto | Stopped] -- C:\Windows\TIREMOTE\TIRemoteService.exe -- (TIRmtSvc)
SRV - [2009/12/06 21:12:00 | 001,590,216 | ---- | M] (UltraVNC) [Auto | Running] -- C:\Program Files\UltraVNC\winvnc.exe -- (winvnc.exe)
SRV - [2009/12/03 12:40:23 | 000,651,720 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009/07/13 20:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)
SRV - [2009/07/13 20:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/13 20:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/07/13 20:14:41 | 000,005,632 | ---- | M] (Oak Technology Inc.) [Auto | Running] -- C:\Windows\System32\hpn.dll -- (emupia)
SRV - [2009/04/21 14:37:16 | 002,010,147 | ---- | M] (Great Lakes Data Systems, Inc.) [Auto | Running] -- C:\Program Files\GLDS\UpgradeManager\UpgradeManagerSvc.exe -- (UpgradeManager)
SRV - [2009/02/20 10:46:52 | 000,030,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc)
SRV - [2007/05/31 15:21:24 | 000,379,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007/05/31 15:21:18 | 000,183,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
SRV - [2005/09/23 06:01:16 | 002,799,808 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x86\msvsmon.exe -- (msvsmon80)
========== Driver Services (SafeList) ==========
DRV - [2011/04/27 14:25:24 | 000,065,024 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2011/04/18 12:18:50 | 000,043,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\MpNWMon.sys -- (MpNWMon)
DRV - [2010/11/23 12:13:10 | 000,047,616 | ---- | M] (Aladdin Knowledge Systems) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\Haspnt.sys -- (Haspnt)
DRV - [2010/11/20 07:30:17 | 000,172,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vpchbus.sys -- (vpcbus)
DRV - [2010/11/20 07:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vmbus.sys -- (vmbus)
DRV - [2010/11/20 07:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010/11/20 07:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\storvsc.sys -- (storvsc)
DRV - [2010/11/20 05:50:38 | 000,078,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vpcusb.sys -- (vpcusb)
DRV - [2010/11/20 05:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 04:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WINUSB)
DRV - [2010/11/20 04:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010/11/20 04:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010/09/27 16:42:24 | 000,356,864 | ---- | M] (SafeNet Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\aksfridge.sys -- (aksfridge)
DRV - [2010/09/27 16:42:16 | 000,238,208 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\akshasp.sys -- (akshasp)
DRV - [2010/09/27 16:42:14 | 000,588,800 | ---- | M] (SafeNet Inc.) [Kernel | Auto | Running] -- C:\Windows\system32\drivers\hardlock.sys -- (Hardlock)
DRV - [2010/09/27 16:42:14 | 000,016,384 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\aksusb.sys -- (aksusb)
DRV - [2010/09/27 16:42:12 | 000,046,336 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\akshhl.sys -- (akshhl)
DRV - [2009/08/05 05:48:28 | 000,273,448 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\k57nd60x.sys -- (k57nd60x) Broadcom NetLink ™
DRV - [2009/07/13 17:09:17 | 004,194,816 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2009/05/11 12:55:12 | 000,084,992 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\basp.sys -- (Blfp)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USREL/1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\IT\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\IT\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\IT\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\IT\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/02/02 16:55:43 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/08/22 13:49:22 | 000,000,000 | ---D | M]
[2011/12/06 12:25:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\IT\AppData\Roaming\mozilla\Extensions
[2011/05/05 15:24:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\IT\AppData\Roaming\mozilla\Firefox\Profiles\d5wusoz7.default\extensions
[2011/12/06 09:13:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\IT\AppData\Roaming\mozilla\Firefox\Profiles\d5wusoz7.default\extensions\{a95d8332-e4b4-6e7f-98ac-20b733364387}
[2011/12/06 12:25:07 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/02/02 16:55:41 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012/01/09 08:17:33 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/01/09 08:17:33 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml
O1 HOSTS File: ([2012/02/08 15:31:27 | 000,000,000 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\CommandBar present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWelcomeScreen = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceStartMenuLogOff = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: QuickLaunchEnabled = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowRun: 1 = aim.exe
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowRun: 2 = icq.exe
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowRun: 3 = msmsgs.exe
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowRun: 4 = msnmsgr.exe
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowRun: 5 = msnmsgs.exe
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowRun: 6 = ypager.exe
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowRun: 7 = yupdater.exe
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableChangePassword = 1
O8 - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Append to Existing PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - %SystemRoot%\System32\winrnr.dll File not found
O13 - gopher Prefix: missing
O16 - DPF: {0CA54D3F-CEAE-48AF-9A2B-31909CB9515D} https://site.cmbchin...oad/CMBEdit.cab (Edit Class)
O16 - DPF: {71D73A47-975F-11D1-AA77-00A0C98D86D4} http://shoretel/shor...oiceMessage.ocx (VoiceMessage Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (GpcContainer Class)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {FA6424B7-D971-11D1-9697-00A0C928D512} http://shoretel/shor...TwentyFour7.ocx (TwentyFour7 Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = OO.NET
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) -C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - Unable to open key or key not present!
O32 - AutoRun File - [2009/06/10 16:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2009/12/17 12:06:36 | 000,000,706 | ---- | M] () - C:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2011/12/22 13:47:36 | 000,000,016 | -H-- | M] () - D:\AUTORUN.INF -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2012/02/10 12:55:14 | 004,733,440 | ---- | C] (AVAST Software) -- C:\Users\IT\Desktop\aswMBR.exe
[2012/02/10 12:55:14 | 002,059,824 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\IT\Desktop\tdsskiller.exe
[2012/02/10 12:55:14 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\IT\Desktop\OTL.exe
[2012/02/10 12:55:13 | 009,502,424 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\IT\Desktop\mbam--setup-1.60.1.1000.exe
[2012/02/08 15:25:10 | 000,083,456 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\serial.sys
[2012/02/08 14:31:18 | 000,000,000 | --SD | C] -- C:\ComboFix
[2012/02/08 14:23:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SmartDraw VP
[2012/02/08 14:21:59 | 000,000,000 | ---D | C] -- C:\Users\IT\Desktop\RK_Quarantine
[2012/02/08 14:21:56 | 004,399,227 | ---- | C] (Swearware) -- C:\Users\IT\Desktop\ComboFix.exe
[2012/02/08 13:36:58 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2012/02/08 08:12:44 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2012/02/08 08:12:44 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2012/02/07 15:11:49 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/02/07 15:03:42 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012/02/07 15:03:42 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012/02/07 15:03:41 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012/02/07 15:02:27 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2012/01/25 10:12:54 | 000,000,000 | ---D | C] -- C:\Users\IT\AppData\Local\Applications
[2012/01/24 10:49:35 | 000,000,000 | ---D | C] -- C:\Windows\System32\1033
[2009/05/04 07:12:48 | 006,224,944 | ---- | C] (PKWARE, Inc. ) -- C:\Program Files\pkreader.exe
========== Files - Modified Within 30 Days ==========
[2012/02/10 13:00:54 | 000,014,256 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/02/10 13:00:54 | 000,014,256 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/02/10 12:53:22 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/02/10 12:53:18 | 1601,937,408 | -HS- | M] () -- C:\hiberfil.sys
[2012/02/09 14:50:02 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\IT\Desktop\OTL.exe
[2012/02/09 14:47:02 | 009,502,424 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\IT\Desktop\mbam--setup-1.60.1.1000.exe
[2012/02/09 14:46:04 | 004,733,440 | ---- | M] (AVAST Software) -- C:\Users\IT\Desktop\aswMBR.exe
[2012/02/09 14:45:08 | 002,059,824 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\IT\Desktop\tdsskiller.exe
[2012/02/09 14:44:40 | 004,399,227 | ---- | M] (Swearware) -- C:\Users\IT\Desktop\ComboFix.exe
[2012/02/08 15:31:27 | 000,000,000 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2012/02/08 14:22:35 | 000,722,810 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/02/08 14:22:35 | 000,145,030 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/02/08 14:14:42 | 001,202,688 | ---- | M] () -- C:\Users\IT\Desktop\RogueKiller.exe
[2012/02/08 13:51:39 | 277,389,603 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012/02/08 12:25:55 | 005,492,736 | ---- | M] () -- C:\Users\IT\Desktop\Deadline_Manager.mdb
[2012/02/08 12:23:00 | 000,000,924 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-823518204-261903793-839522115-5150UA.job
[2012/02/08 08:56:17 | 000,000,158 | ---- | M] () -- C:\Windows\ricdb.ini
[2012/02/08 08:41:33 | 000,000,000 | -HS- | M] () -- C:\Windows\System32\dds_trash_log.cmd
[2012/02/08 08:14:20 | 000,002,679 | ---- | M] () -- C:\Windows\System32\config.nt
[2012/02/08 06:23:00 | 000,000,872 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-823518204-261903793-839522115-5150Core1cc4ec8c6f8f671.job
[2012/02/07 17:17:28 | 000,002,198 | ---- | M] () -- C:\Windows\epplauncher.mif
[2012/02/07 17:02:25 | 172,953,600 | ---- | M] () -- C:\Users\IT\Desktop\Service Department_BE.mdb
[2012/02/07 10:21:40 | 003,271,124 | ---- | M] () -- C:\Users\IT\Desktop\International Property Maintenance Code.pdf
[2012/02/01 16:57:24 | 036,769,792 | ---- | M] () -- C:\Users\IT\Desktop\Service Department.mdb
[2012/02/01 10:31:01 | 000,002,447 | ---- | M] () -- C:\Users\IT\Desktop\s Quick Connect.lnk
[2012/02/01 10:29:28 | 000,072,080 | ---- | M] () -- C:\Users\IT\g2mdlhlpx.exe
[2012/01/23 15:36:05 | 000,000,284 | ---- | M] () -- C:\Users\IT\Desktop\repair.bat
========== Files Created - No Company Name ==========
[2012/02/08 14:23:16 | 000,002,419 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Mobile Device Center.lnk
[2012/02/08 14:23:16 | 000,001,352 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Anytime Upgrade.lnk
[2012/02/08 14:23:16 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2012/02/08 14:23:16 | 000,001,246 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk
[2012/02/08 14:23:16 | 000,001,210 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk
[2012/02/08 14:23:16 | 000,001,064 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinCable.lnk
[2012/02/08 14:23:15 | 000,002,781 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Start Pervasive PSQL Workgroup Engine.lnk
[2012/02/08 14:23:14 | 000,001,330 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk
[2012/02/08 14:23:12 | 000,002,030 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerDVD DX.lnk
[2012/02/08 14:23:11 | 000,001,899 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
[2012/02/08 14:23:11 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2012/02/08 14:23:10 | 000,002,507 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat 9 Standard.lnk
[2012/02/08 14:23:10 | 000,002,495 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crystal Reports XI Release 2 for Sage.lnk
[2012/02/08 14:23:10 | 000,002,465 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Distiller 9.lnk
[2012/02/08 14:23:10 | 000,002,069 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop Lightroom 3.4.lnk
[2012/02/08 14:23:10 | 000,001,979 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Help Documentation.lnk
[2012/02/08 14:23:10 | 000,000,972 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity 1.3 Beta.lnk
[2012/02/08 14:21:56 | 001,202,688 | ---- | C] () -- C:\Users\IT\Desktop\RogueKiller.exe
[2012/02/08 12:16:27 | 005,492,736 | ---- | C] () -- C:\Users\IT\Desktop\Deadline_Manager.mdb
[2012/02/07 15:03:42 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012/02/07 15:03:42 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012/02/07 15:03:42 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012/02/07 15:03:42 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012/02/07 15:03:42 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012/02/07 10:20:08 | 003,271,124 | ---- | C] () -- C:\Users\IT\Desktop\International Property Maintenance Code.pdf
[2012/02/05 09:11:35 | 000,000,000 | -HS- | C] () -- C:\Windows\System32\dds_trash_log.cmd
[2012/02/01 16:44:27 | 036,769,792 | ---- | C] () -- C:\Users\IT\Desktop\Service Department.mdb
[2012/02/01 13:42:39 | 172,953,600 | ---- | C] () -- C:\Users\IT\Desktop\Service Department_BE.mdb
[2012/02/01 10:31:01 | 000,002,447 | ---- | C] () -- C:\Users\IT\Desktop\s Quick Connect.lnk
[2012/02/01 10:29:27 | 000,072,080 | ---- | C] () -- C:\Users\IT\g2mdlhlpx.exe
[2012/01/23 15:36:05 | 000,000,284 | ---- | C] () -- C:\Users\IT\Desktop\repair.bat
[2011/12/09 16:36:06 | 000,094,208 | ---- | C] () -- C:\Windows\TIRHService.exe
[2011/07/26 06:42:41 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011/07/26 06:42:41 | 000,000,000 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2011/06/17 12:10:18 | 000,847,360 | ---- | C] () -- C:\Windows\System32\wodCertificate.dll
[2011/06/17 12:10:17 | 001,986,560 | ---- | C] () -- C:\Windows\System32\pvsdk.dll
[2011/04/28 14:36:59 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2011/04/08 12:03:13 | 000,000,530 | ---- | C] () -- C:\Windows\System32\tx151ic.ini
[2011/01/26 07:52:33 | 000,000,662 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2011/01/06 10:28:51 | 000,000,315 | ---- | C] () -- C:\Windows\SoftWriting.ini
[2010/11/23 12:13:10 | 000,000,383 | ---- | C] () -- C:\Windows\System32\haspdos.sys
[2010/11/23 12:13:05 | 000,024,576 | ---- | C] () -- C:\Windows\System32\hdduinst.exe
[2010/11/23 12:13:04 | 000,153,088 | ---- | C] () -- C:\Windows\System32\UNWISE.EXE
[2010/08/05 12:37:23 | 000,000,000 | ---- | C] () -- C:\Windows\gllink32.INI
[2010/08/04 13:35:20 | 000,000,158 | ---- | C] () -- C:\Windows\ricdb.ini
[2010/07/27 07:45:55 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2010/02/23 12:37:10 | 000,000,795 | ---- | C] () -- C:\Windows\ODBC.INI
[2010/01/12 11:52:54 | 000,155,648 | ---- | C] () -- C:\Windows\System32\ssleay32.dll
[2009/12/17 12:18:41 | 000,023,052 | ---- | C] () -- C:\Windows\System32\emptyregdb.dat
[2009/12/17 10:40:16 | 000,006,604 | R-S- | C] () -- C:\ProgramData\ntuser.pol
[2009/12/03 12:33:13 | 000,140,288 | ---- | C] () -- C:\Windows\System32\igfxtvcx.dll
[2009/10/22 15:38:56 | 000,000,392 | ---- | C] () -- C:\Windows\System32\BTRDRVR.SYS
[2009/08/03 14:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/08/03 14:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\System32\OGAEXEC.exe
[2009/07/13 23:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/13 23:33:53 | 000,449,800 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2009/07/13 21:05:48 | 000,722,810 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2009/07/13 21:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2009/07/13 21:05:48 | 000,145,030 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2009/07/13 21:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2009/07/13 21:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2009/07/13 21:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2009/07/13 18:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 18:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009/07/13 18:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009/06/17 11:13:30 | 000,508,224 | ---- | C] () -- C:\Windows\System32\ICCProfiles.dll
[2009/06/10 16:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2008/11/20 22:17:12 | 000,118,784 | ---- | C] () -- C:\Windows\System32\myodbc3i.exe
[2008/11/20 22:17:12 | 000,106,496 | ---- | C] () -- C:\Windows\System32\myodbc3m.exe
[2007/09/14 14:54:36 | 000,397,312 | ---- | C] () -- C:\Windows\System32\CMBEdit.dll
[2007/08/16 15:17:50 | 000,143,360 | ---- | C] () -- C:\Windows\System32\nsldap32v50.dll
[2006/11/29 01:30:00 | 000,000,530 | ---- | C] () -- C:\Windows\System32\tx13_ic.ini
[2006/10/04 18:32:20 | 000,479,232 | ---- | C] () -- C:\Windows\System32\pfpro.dll
[2006/08/15 09:00:00 | 000,454,656 | R--- | C] () -- C:\Windows\System32\PaintX.dll
[2005/12/21 18:57:04 | 000,024,576 | ---- | C] () -- C:\Windows\System32\nsldappr32v50.dll
[2005/12/21 18:54:34 | 000,040,960 | ---- | C] () -- C:\Windows\System32\nsldapssl32v50.dll
[2003/04/01 18:43:22 | 000,139,264 | ---- | C] () -- C:\Windows\System32\TripleDes.dll
========== LOP Check ==========
[2010/10/28 08:32:44 | 000,000,000 | ---D | M] -- C:\Users\IT\AppData\Roaming\Audacity
[2010/05/12 14:06:10 | 000,000,000 | ---D | M] -- C:\Users\IT\AppData\Roaming\BACS.exe
[2011/01/06 11:19:15 | 000,000,000 | ---D | M] -- C:\Users\IT\AppData\Roaming\Downloaded Installations
[2011/01/26 07:54:46 | 000,000,000 | ---D | M] -- C:\Users\IT\AppData\Roaming\Event 1
[2010/07/12 09:11:07 | 000,000,000 | ---D | M] -- C:\Users\IT\AppData\Roaming\KnowledgeTree
[2012/01/09 14:30:01 | 000,000,000 | ---D | M] -- C:\Users\IT\AppData\Roaming\Macro Recorder
[2011/01/06 11:33:03 | 000,000,000 | ---D | M] -- C:\Users\IT\AppData\Roaming\Nitro PDF
[2010/09/21 09:52:18 | 000,000,000 | ---D | M] -- C:\Users\IT\AppData\Roaming\PO Management
[2012/02/02 13:36:20 | 000,000,000 | ---D | M] -- C:\Users\IT\AppData\Roaming\ShoreWare Client
[2011/01/06 10:22:30 | 000,000,000 | ---D | M] -- C:\Users\IT\AppData\Roaming\Smart PDF Converter Pro
[2010/08/10 08:37:37 | 000,000,000 | ---D | M] -- C:\Users\IT\AppData\Roaming\SmartDraw
[2011/01/06 10:31:27 | 000,000,000 | ---D | M] -- C:\Users\IT\AppData\Roaming\SmartSoftOCRHelper
[2010/08/31 15:24:37 | 000,000,000 | ---D | M] -- C:\Users\IT\AppData\Roaming\SystemTools
[2011/01/26 08:08:06 | 000,000,000 | ---D | M] -- C:\Users\IT\AppData\Roaming\Timberline
[2011/05/04 10:18:38 | 000,000,000 | ---D | M] -- C:\Users\IT\AppData\Roaming\Track-It!
[2011/06/29 08:09:13 | 000,000,000 | ---D | M] -- C:\Users\IT\AppData\Roaming\webex
[2012/02/10 12:53:24 | 000,032,564 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:A4A25FD3
< End of report >
OTL Extras logfile created on: 2/10/2012 1:00:48 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\IT\Desktop
Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.99 Gb Total Physical Memory | 1.30 Gb Available Physical Memory | 65.35% Memory free
3.98 Gb Paging File | 3.13 Gb Available in Paging File | 78.62% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 134.32 Gb Total Space | 63.48 Gb Free Space | 47.26% Space Free | Partition Type: NTFS
Drive D: | 14.53 Gb Total Space | 8.27 Gb Free Space | 56.94% Space Free | Partition Type: FAT32
Computer Name: COMP2 | User Name: IT | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.reg [@ = Regedit.Document] -- c:\Winnt\Regedit.exe %1
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Shoreline Communications\ShoreWare Client\ShoreTel.exe" = C:\Program Files\Shoreline Communications\ShoreWare Client\ShoreTel.exe:*:Enabled:ShoreTel.ShoreTel.App -- (ShoreTel Inc.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0393B40D-D377-41D1-B8F1-F15E73942E21}" = PSC WebClient 10.2B
"{05BFB060-4F22-4710-B0A2-2801A1B606C5}" = Microsoft Antimalware
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Creator Data
"{09760D42-E223-42AD-8C3E-55B47D0DDAC3}" = Roxio Creator DE 10.3
"{0A3238D7-AB32-1030-B717-F3E3F18B4A8C}" = Pervasive PSQL v10 SP3 Workgroup (32-bit)
"{1374CC63-B520-4f3f-98E8-E9020BF01CFF}" = Windows XP Mode
"{1389C6A4-4965-4AEC-9175-08B54A10FA48}" = Microsoft SQL Server 2005 Mobile [ENU] Developer Tools
"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer
"{1CE0168E-6312-4756-BFA2-7482CB674384}" = FAS CE Reader
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Creator Tools
"{21461F67-7C02-407E-9DF2-EF1752F55142}" = Aatrix Forms for Sage Timberline Office
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{247147AE-8C17-4DF0-9465-83C52FF40822}" = FAS 500 Fixed Assets Server
"{26A24AE4-039D-4CA4-87B4-2F83216014FF}" = Java™ 6 Update 17
"{2750B389-A2D2-4953-99CA-27C1F2A8E6FD}" = Microsoft SQL Server 2005 Tools Express Edition
"{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}" = Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
"{2E98C5B7-D64C-4D7E-BFC3-A7D078569F28}" = Broadcom NetXtreme-I Netlink Driver and Management Installer
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{3138EAD3-700B-4A10-B617-B3F8096EE30D}" = Dell Edoc Viewer
"{35343FF7-939B-401A-87B3-FF90A5123D88}" = Microsoft XML Parser and SDK
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3D5044A5-97B8-45C0-B956-BB2376569188}" = Windows Live Movie Maker
"{40928C54-F8EE-420D-BD80-07F2F78CFB0D}" = MySQL Connector/ODBC 3.51
"{437AB8E0-FB69-4222-B280-A64F3DE22591}" = Microsoft Visual Studio 2005 Professional Edition - ENU
"{44D4AF75-6870-41F5-9181-662EA05507E1}" = Microsoft Document Explorer 2005
"{47ECCB1F-2811-49C0-B6A7-26778639ABA0}" = 32 Bit HP CIO Components Installer
"{489F0C61-C7AA-45DA-819F-7ABA6E9A73B7}" = Setup1
"{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies
"{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English)
"{54B6DC7D-8C5B-4DFB-BC15-C010A3326B2B}" = Microsoft Security Client
"{55593B5C-7C45-4C70-ADFA-9CEE5EA6DE4C}" = ShoreTel Communicator
"{5CF6EEE9-86B1-3DB6-A07C-8F6C079C39BA}" = Google Talk Plugin
"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant
"{625386A4-B6B6-4911-A6E8-23189C3F2D15}" = Microsoft .NET Compact Framework 2.0
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD DX
"{68A35043-C55A-4237-88C9-37EE1C63ED71}" = Microsoft Visual J# 2.0 Redistributable Package
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6C531060-84FB-4F96-8F33-29DF020632EB}" = Microsoft .NET Compact Framework 1.0 SP3 Developer
"{6DEF11C0-35FF-4160-A543-FDD336C4DAE5}" = Microsoft SQL Server 2005 Express Edition (SQLEXPRESS)
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{731B0E4D-F4C7-450C-95B0-E1A3176B1C75}" = Dell Backup and Recovery Manager
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Creator Audio
"{7670D32F-DAE6-4E49-8C8B-B3F08B5B1686}" = Microsoft SQL Server Native Client
"{78B75C6D-E53C-424C-BF83-4B63BD4A6682}" = Microsoft Device Emulator version 1.0 - ENU
"{7F2142CA-6DC2-4F55-8F41-A1C1BFE11BBD}" = Microsoft Lync Web App Plug-in
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{86EF9EB6-DE10-4ABB-B221-D61972BB3C09}" = Collaboration Data Objects 1.2.1
"{8896ADF1-4CF6-4DFF-8F7C-D5920AA6ADEE}" = KnowledgeTree Office Add-in
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A2FFE1C-19E1-48D2-BE3A-70B17FCC4072}" = FAS 500 Asset Accounting Client
"{8FB53850-246A-3507-8ADE-0060093FFEA6}" = Visual Studio Tools for the Office system 3.0 Runtime
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROHYBRIDR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROHYBRIDR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_PROHYBRIDR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_PROHYBRIDR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{904CCF62-818D-4675-BC76-D37EB399F917}" = Windows Mobile Device Center
"{90A40409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components
"{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{94FB0978-D094-40C7-91D7-834D39220D4A}" = Crystal Reports XI Release 2 for Sage
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{96A5801E-727B-472D-BB21-4FD05739CDB0}" = Rent Manager Xi
"{99D02E0C-9D2D-456E-AA04-733B57F677CE}" = Report Writer for FAS
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9EDA3DD1-130D-4EE1-A3D2-5A3D795CC8C9}" = MFCLOC
"{A7FE99B6-E077-4F52-BC6A-E24C338F3C23}" = Crystal Reports XI Release 2 .NET 2005 Server
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{A939D341-5A04-4E0A-BB55-3E65B386432D}" = Microsoft Office Small Business Connectivity Components
"{AC76BA86-1033-F400-BA7E-000000000004}" = Adobe Acrobat 9 Standard - English, Français, Deutsch
"{AC76BA86-1033-F400-BA7E-000000000004}_945" = Adobe Acrobat 9.4.5 - CPSID_83708
"{AC76BA86-1033-F400-BA7E-000000000004}{AC76BA86-1033-F400-BA7E-000000000004}" = Adobe Acrobat 9 Standard - English, Français, Deutsch
"{B1A0943F-6FC0-41DD-81B8-BA6535578D96}" = LOANLEDGER
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B26F8176-711A-46D2-8D35-C4AB88F70A5F}" = FAS 500 Asset Inventory Client
"{B32C4059-6E7A-41EF-AD20-56DF1872B923}" = Business Contact Manager for Outlook 2007 SP2
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Creator Copy
"{C378651D-4F97-450E-9D33-8AF8C02FC287}" = Sage Timberline Office Accounting Client
"{CAEAD1E4-A15F-4249-A1B6-9D42080C7361}" = Adobe Photoshop Lightroom 3.4
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CFF8B8E8-E086-4DE0-935F-FE22CAB54F80}" = Microsoft Search Enhancement Pack
"{D1E91805-6812-47AD-AB94-47F87AE50B60}" = Sage Installation Manager SERVER programs
"{D6C75F0B-3BC1-4FC9-B8C5-3F7E8ED059CA}" = Windows Live Photo Gallery
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E7084B89-69E0-46B3-A118-8F99D06988CD}" = Microsoft SQL Server VSS Writer
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Creator DE 10.3
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{F91338D8-3EE8-4E13-AF2E-E3FA08AF0652}" = WebEx Event Manager for Internet Explorer
"Able2Extract Professional v5.0" = Able2Extract Professional v5.0
"ActiveTouchMeetingClient" = WebEx
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AutoHotkey" = AutoHotkey 1.0.48.05
"Business Contact Manager" = Business Contact Manager for Outlook 2007 SP2
"HASP Device Drivers" = HASP Device Drivers
"HDMI" = Intel® Graphics Media Accelerator Driver
"Hyena" = Hyena
"InstallShield_{247147AE-8C17-4DF0-9465-83C52FF40822}" = FAS 500 Fixed Assets Server
"InstallShield_{8A2FFE1C-19E1-48D2-BE3A-70B17FCC4072}" = FAS 500 Asset Accounting Client
"InstallShield_{B26F8176-711A-46D2-8D35-C4AB88F70A5F}" = FAS 500 Asset Inventory Client
"Jenark - Access Property Management" = Jenark - Access Property Management
"LAME for Audacity_is1" = LAME v3.98.2 for Audacity
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.60.0.1800
"Microsoft Document Explorer 2005" = Microsoft Document Explorer 2005
"Microsoft Security Client" = Microsoft Security Essentials
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Microsoft Visual J# 2.0 Redistributable Package" = Microsoft Visual J# 2.0 Redistributable Package
"Microsoft Visual Studio 2005 Professional Edition - ENU" = Microsoft Visual Studio 2005 Professional Edition - ENU
"Mozilla Firefox 10.0 (x86 en-US)" = Mozilla Firefox 10.0 (x86 en-US)
"MWSnap 3" = MWSnap 3
"Numara Track-It! Agent" = Numara Track-It! 9 Agent
"Office Connector" = Office Connector (Remove Only)
"Pervasive PSQL v10 SP3 Workgroup (32-bit)" = Pervasive PSQL v10 SP3 Workgroup (32-bit)
"PROHYBRIDR" = 2007 Microsoft Office system
"SimpleOCR 3.1" = SimpleOCR 3.1
"Smart PDF Converter Pro_is1" = Smart PDF Converter Pro 5.1.0.406
"SystemTools DumpSec" = SystemTools DumpSec
"TurboMeeting" = TurboMeeting
"TVWiz" = Intel® TV Wizard
"Visual Studio Tools for the Office system 3.0 Runtime" = Visual Studio Tools for the Office system 3.0 Runtime
"WinCable Client 1.102.10.0" = WinCable Client 1.102.10.0
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.00 beta 3 (32-bit)
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"5b717b7f9875b7bd" = Numara Track-It! Technician Client
"841a271928d00007" = MortgageAddOns
"cae94a2eefe1185d" = Macro Recorder
"GoToMeeting" = GoToMeeting 4.8.0.723
"JoinMe" = join.me
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 2/8/2012 6:02:10 PM | Computer Name = COMP2.OO.NET | Source = WcesComm | ID = 7
Description = Windows Mobile-based device failed to connect due to Fatal (0x80004005)
failure (see data for failure code).
Error - 2/8/2012 6:02:15 PM | Computer Name = COMP2.OO.NET | Source = WcesComm | ID = 7
Description = Windows Mobile-based device failed to connect due to Fatal (0x80004005)
failure (see data for failure code).
Error - 2/8/2012 6:02:21 PM | Computer Name = COMP2.OO.NET | Source = WcesComm | ID = 7
Description = Windows Mobile-based device failed to connect due to Fatal (0x80004005)
failure (see data for failure code).
Error - 2/8/2012 6:02:26 PM | Computer Name = COMP2.OO.NET | Source = WcesComm | ID = 7
Description = Windows Mobile-based device failed to connect due to Fatal (0x80004005)
failure (see data for failure code).
Error - 2/8/2012 6:02:31 PM | Computer Name = COMP2.OO.NET | Source = WcesComm | ID = 7
Description = Windows Mobile-based device failed to connect due to Fatal (0x80004005)
failure (see data for failure code).
Error - 2/8/2012 6:02:36 PM | Computer Name = COMP2.OO.NET | Source = WcesComm | ID = 7
Description = Windows Mobile-based device failed to connect due to Fatal (0x80004005)
failure (see data for failure code).
Error - 2/8/2012 6:02:41 PM | Computer Name = COMP2.OO.NET | Source = WcesComm | ID = 7
Description = Windows Mobile-based device failed to connect due to Fatal (0x80004005)
failure (see data for failure code).
Error - 2/8/2012 6:02:46 PM | Computer Name = COMP2.OO.NET | Source = WcesComm | ID = 7
Description = Windows Mobile-based device failed to connect due to Fatal (0x80004005)
failure (see data for failure code).
Error - 2/8/2012 6:02:51 PM | Computer Name = COMP2.OO.NET | Source = WcesComm | ID = 7
Description = Windows Mobile-based device failed to connect due to Fatal (0x80004005)
failure (see data for failure code).
Error - 2/8/2012 6:02:56 PM | Computer Name = COMP2.OO.NET | Source = WcesComm | ID = 7
Description = Windows Mobile-based device failed to connect due to Fatal (0x80004005)
failure (see data for failure code).
[ OSession Events ]
Error - 5/17/2010 4:03:00 PM | Computer Name = COMP2.OO.NET | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 202
seconds with 0 seconds of active time. This session ended with a crash.
Error - 6/1/2010 4:51:27 PM | Computer Name = COMP2.OO.NET | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 4619
seconds with 0 seconds of active time. This session ended with a crash.
Error - 11/24/2010 7:16:29 AM | Computer Name = COMP2.OO.NET | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 2500435
seconds with 17160 seconds of active time. This session ended with a crash.
Error - 12/16/2010 9:56:42 AM | Computer Name = COMP2.OO.NET | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 8
seconds with 0 seconds of active time. This session ended with a crash.
Error - 4/1/2011 10:12:55 AM | Computer Name = COMP2.OO.NET | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 164026
seconds with 7980 seconds of active time. This session ended with a crash.
Error - 8/9/2011 2:43:35 PM | Computer Name = COMP2.OO.NET | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6557.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 621
seconds with 240 seconds of active time. This session ended with a crash.
Error - 8/12/2011 4:16:24 PM | Computer Name = COMP2.OO.NET | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6557.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 4662
seconds with 1140 seconds of active time. This session ended with a crash.
Error - 12/19/2011 5:55:10 PM | Computer Name = COMP2.OO.NET | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 15209
seconds with 2460 seconds of active time. This session ended with a crash.
[ Sage Events ]
Error - 6/20/2011 1:02:26 PM | Computer Name = COMP2.OO.NET | Source = Sage Diagnostics | ID = 0
Description = Minidump created at: \\oc03\9.5\Accounting\Misc\Dumps\IA(fc0)-20110620-13021854.dmp
Error - 6/20/2011 1:02:26 PM | Computer Name = COMP2.OO.NET | Source = Sage Diagnostics | ID = 0
Description = Aborted. I/O Error. Pervasive status code 3112. Failure during receive
from the target server. Please refer to the Pervasive documentation for more information
on this status code
Error - 6/20/2011 1:02:28 PM | Computer Name = COMP2.OO.NET | Source = Sage Diagnostics | ID = 0
Description = End Information Assistant
Error - 6/20/2011 1:02:40 PM | Computer Name = COMP2.OO.NET | Source = Sage Diagnostics Exception | ID = 0
Description = An exception is being logged for diagnostic purposes. It is possible
for exceptions to be logged during the normal operation of the software. Exceptions
are included in increasing order of specificity. *********************************************
Exception
Source: Sage Entity Service Exception Message: An error occured while retrieving
the data for entity SecurityUser and operationSet GetSageUser in EntityService::GetEntityData
*********************************************
Exception
Source: Sage.Data.CRE.Provider Exception Message: I/O Error. Pervasive status code
170. . Please refer to the Pervasive documentation for more information on this
status code Exception Stack Trace: at Sage.Data.CRE.tsDbCommand.Execute(Int32&
recordsAffected) at Sage.Data.CRE.PervasiveAccessProvider.FillDataSet(IDbCommand
command) at Sage.Data.AOF.DataAccessProvider.GetDataSet(IDbCommand command)
at Sage.Data.AOF.DataAccessor.GetDataSet(String commandGroup, String commandName,
WorkingSet workingSet) at Sage.Data.AOF.DataAccessor.GetDataTable(String commandGroup,
String commandName, WorkingSet workingSet) at Sage.Data.AOF.DataAccessor.GetDataTable(String
commandName, WorkingSet workingSet) at Sage.Business.AOF.Internal.EntityServiceImpl.InternalGetEntity(String
entityName, String operationSetName, Hashtable parameters, WorkingSet sessionState,
Boolean readOnly, Boolean useLocks, Boolean ignoreEntityBuilders, Boolean schemaOnly,
String connectionType)
Error - 6/20/2011 5:23:48 PM | Computer Name = COMP2.OO.NET | Source = Sage Diagnostics | ID = 0
Description = Minidump created at: \\oc03\9.5\Accounting\Misc\Dumps\TS(2d4)-20110620-17232845.dmp
Error - 6/20/2011 5:23:48 PM | Computer Name = COMP2.OO.NET | Source = Sage Diagnostics | ID = 0
Description = Aborted. I/O Error. Pervasive status code 3110. The network layer is
not connected. Please refer to the Pervasive documentation for more information
on this status code
Error - 6/20/2011 5:23:55 PM | Computer Name = COMP2.OO.NET | Source = Sage Diagnostics | ID = 0
Description = End TS-Main
Error - 6/20/2011 5:24:04 PM | Computer Name = COMP2.OO.NET | Source = Sage Diagnostics Exception | ID = 0
Description = An exception is being logged for diagnostic purposes. It is possible
for exceptions to be logged during the normal operation of the software. Exceptions
are included in increasing order of specificity. *********************************************
Exception
Source: Sage Entity Service Exception Message: An error occured while retrieving
the data for entity SecurityUser and operationSet GetSageUser in EntityService::GetEntityData
*********************************************
Exception
Source: Sage.Data.CRE.Provider Exception Message: I/O Error. Pervasive status code
170. . Please refer to the Pervasive documentation for more information on this
status code Exception Stack Trace: at Sage.Data.CRE.tsDbCommand.Execute(Int32&
recordsAffected) at Sage.Data.CRE.PervasiveAccessProvider.FillDataSet(IDbCommand
command) at Sage.Data.AOF.DataAccessProvider.GetDataSet(IDbCommand command)
at Sage.Data.AOF.DataAccessor.GetDataSet(String commandGroup, String commandName,
WorkingSet workingSet) at Sage.Data.AOF.DataAccessor.GetDataTable(String commandGroup,
String commandName, WorkingSet workingSet) at Sage.Data.AOF.DataAccessor.GetDataTable(String
commandName, WorkingSet workingSet) at Sage.Business.AOF.Internal.EntityServiceImpl.InternalGetEntity(String
entityName, String operationSetName, Hashtable parameters, WorkingSet sessionState,
Boolean readOnly, Boolean useLocks, Boolean ignoreEntityBuilders, Boolean schemaOnly,
String connectionType)
Error - 1/31/2012 3:16:35 PM | Computer Name = COMP2.OO.NET | Source = Sage Diagnostics | ID = 0
Description = Minidump created at: \\oc03\9.5\Accounting\Misc\Dumps\TS(141c)-20120131-14163436.dmp
Error - 1/31/2012 3:16:35 PM | Computer Name = COMP2.OO.NET | Source = Sage Diagnostics | ID = 0
Description = Aborted. You cannot connect to the Pervasive database engine. Verify
that you have a Pervasive Database Engine set up at oc03. If not, refer to
the Technical System Reference guide for further information. This document is available
at \\oc03\9.5\Accounting\WinInst\Documents\TechnicalSystemReference.pdf [TS
2695]
[ System Events ]
Error - 2/10/2012 1:55:02 PM | Computer Name = COMP2.OO.NET | Source = Service Control Manager | ID = 7000
Description = The HTTP service failed to start due to the following error: %%22
Error - 2/10/2012 1:55:02 PM | Computer Name = COMP2.OO.NET | Source = Service Control Manager | ID = 7001
Description = The Function Discovery Provider Host service depends on the HTTP service
which failed to start because of the following error: %%22
Error - 2/10/2012 1:55:02 PM | Computer Name = COMP2.OO.NET | Source = Service Control Manager | ID = 7000
Description = The HTTP service failed to start due to the following error: %%22
Error - 2/10/2012 1:55:02 PM | Computer Name = COMP2.OO.NET | Source = Service Control Manager | ID = 7001
Description = The Function Discovery Provider Host service depends on the HTTP service
which failed to start because of the following error: %%22
Error - 2/10/2012 1:55:02 PM | Computer Name = COMP2.OO.NET | Source = Service Control Manager | ID = 7000
Description = The HTTP service failed to start due to the following error: %%22
Error - 2/10/2012 1:55:02 PM | Computer Name = COMP2.OO.NET | Source = Service Control Manager | ID = 7001
Description = The SSDP Discovery service depends on the HTTP service which failed
to start because of the following error: %%22
Error - 2/10/2012 1:55:51 PM | Computer Name = COMP2.OO.NET | Source = Service Control Manager | ID = 7000
Description = The MBAMProtector service failed to start due to the following error:
%%2
Error - 2/10/2012 1:55:51 PM | Computer Name = COMP2.OO.NET | Source = Service Control Manager | ID = 7001
Description = The MBAMService service depends on the MBAMProtector service which
failed to start because of the following error: %%2
Error - 2/10/2012 1:55:53 PM | Computer Name = COMP2.OO.NET | Source = Service Control Manager | ID = 7023
Description = The Windows Update service terminated with the following error: %%-2147014846
Error - 2/10/2012 2:03:39 PM | Computer Name = COMP2.OO.NET | Source = Service Control Manager | ID = 7023
Description = The Windows Update service terminated with the following error: %%-2147014846
< End of report >
Edited by Dustylady, 27 February 2012 - 08:12 AM.