Unsolved
This post is more than 5 years old
41 Posts
0
8763
Not able to print on Dell 968w AIO; Printer tech suggested Malware & provided your links
Hello.
A tech was helping me with printer communication issues between my Latitude D630 & 968W AIO; we didn't get anywhere with all of the steps that had worked in the past. Next, he suggested your link: http://en.community.dell.com/support-forums/virus-spyware/f/3521/t/19251122.aspx
Following your steps, I downloaded HiJackThis. When I first clicked "Do a system scan and save logfile", I got a message that stated the following:
"For some reason your system denied write access to the Hosts file. If any hijacked domains are in this file, HiJackThis may not be able to fix this. If that happens, you need to edit the file yourself. To do this, click Start, Run and type: notepad C:\Windows\System32\drivers\etc\hosts and press Enter. Find the line(s) HiJackThis reports and delete them. Save the file as 'hosts.' (with quotes), and reboot. For Vista: simply exit HiJackThis, right click on the HiJackThis icon, choose 'Run as Administrator'. "
Well, folks, I have Vista (32 bit). So I closed HiJackThis, as directed, right-clicked on the HiJackThis icon, and "Run as Administrator" was not listed in the menu. I'm not sure what they were referring to there. So then I tried the first option they listed. Going to Start --> Run and entering notepad C:\Windows\System32\drivers\etc\hosts and 'Enter' just opened a Notepad doc that was a sample. A sentence toward the top reads: This is a sample HOSTS file used by Microsoft TCP/IP for Windows. The HiJackThis directions stating, "Find the line(s) HiJackThis reports and delete them. Save the file as 'hosts.' " didn't seem to be valid. Since neither of their solutions appeared to resolve the issue, I clicked the OK button in the window, and the log continued to fill itself.
So -- running the HiJackThis scan resulted in a Log, but over that is a blank Notepad window, with another window that reads: "Cannot find the C:\Program Files\Trend Micro\HiJack This\hijackthis.log file. Do you want to create a new file?" Choosing "Yes" or "No" results in the same thing: a blank Notepad window. I don't know how to get the Log details into Notepad so that it can be copied.
Do you have any tips for me at this point?
I decided to click "Analyze This" anyway. The only thing that happened was the HJT opened a new window in IE: http://hjt-data.trendmicro.com/hjt/analyzethis/index.php?report=3560990 Not sure why.
I took screen shots of the HJT Log, scrolling through 5 times since I couldn't get the data onto Notepad. I placed the 5 screen shots onto a Word document. The only button I could find to attach anything to this forum message was the "Insert Media" button. I'm not sure if Word is considered to be "media". It didn't stop me from attaching the document. If you don't see the attachment, I could also attach the screen shot jpg files. However, I'm not certain if this forum allows more than one attachment per message.
Thank you!
JJ8765
faith_michele
32 Posts
0
March 10th, 2011 22:00
Hi JJ8765,
Sorry about that. I was trying to have you move on and run the Kaspersky scan if you still had problems with ESET. You do not need to perform both of these scans.
Quote:
Copy & Paste this link http://eset.com/onlinescan into the IE browser that you open as an Administrator.
Quote:
Skip the first bullet (Press Ctrl and click the "ESET Scan Online" link).
Do perform the step in the second bullet.
Skip the 3rd 4th & 5th bullet.
Follow the rest of the bullets.
Thank You,
Faith
JJ8765
41 Posts
0
March 11th, 2011 11:00
Faith,
Thanks -- now I understand!
The ESET resulted in no threats found, so there is no log.
Below are the 2 Notepad files.
OTL.txt:
OTL logfile created on: 3/11/2011 1:29:10 PM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Glory\Desktop
Windows Vista Business Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19019)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 27.00% Memory free
4.00 Gb Paging File | 1.00 Gb Available in Paging File | 23.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 109.70 Gb Total Space | 9.21 Gb Free Space | 8.39% Space Free | Partition Type: NTFS
Drive D: | 2.00 Gb Total Space | 1.40 Gb Free Space | 69.96% Space Free | Partition Type: NTFS
Drive H: | 3.73 Gb Total Space | 0.40 Gb Free Space | 10.64% Space Free | Partition Type: FAT32
Computer Name: GLORY-LAPTOP | User Name: Glory | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011/03/11 13:26:35 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Glory\Desktop\OTL.exe
PRC - [2011/02/27 14:53:56 | 000,304,304 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
PRC - [2011/01/05 11:11:04 | 004,321,112 | ---- | M] (AOL Inc.) -- C:\Program Files\AIM\aim.exe
PRC - [2010/12/15 13:31:20 | 000,460,144 | ---- | M] () -- C:\Program Files\Flip Video\FlipShare\FlipShareService.exe
PRC - [2010/12/15 13:22:42 | 001,085,440 | ---- | M] () -- C:\Program Files\Flip Video\FlipShareServer\FlipShareServer.exe
PRC - [2010/11/10 20:56:23 | 000,043,912 | ---- | M] (WebEx Communications, Inc.) -- C:\Windows\System32\atashost.exe
PRC - [2010/09/23 20:25:49 | 000,349,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrobat.exe
PRC - [2010/03/24 15:42:10 | 000,599,328 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe
PRC - [2010/02/25 18:21:50 | 000,126,392 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton 360\Engine\4.3.0.5\ccsvchst.exe
PRC - [2009/10/24 03:18:54 | 000,360,224 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe
PRC - [2009/09/16 18:33:46 | 000,972,064 | ---- | M] (Intuit Inc.) -- C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
PRC - [2009/09/16 17:22:08 | 000,020,480 | ---- | M] (Intuit) -- C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
PRC - [2009/04/27 14:30:34 | 000,410,280 | ---- | M] () -- C:\Program Files\Dell 968 AIO Printer\memcard.exe
PRC - [2009/04/11 00:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/05/17 03:11:44 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
PRC - [2008/02/22 16:01:38 | 001,193,240 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\QuickSet\quickset.exe
PRC - [2008/02/22 15:54:34 | 000,390,424 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\QuickSet\NicConfigSvc.exe
PRC - [2008/01/11 16:50:16 | 000,030,312 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
PRC - [2008/01/03 12:05:32 | 000,102,400 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\stacsv.exe
PRC - [2007/10/05 09:30:34 | 000,595,184 | ---- | M] ( ) -- C:\Windows\System32\dldocoms.exe
PRC - [2007/09/17 10:56:08 | 000,124,200 | ---- | M] (CyberLink Corp.) -- C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
PRC - [2007/09/14 09:53:16 | 000,218,424 | ---- | M] (Wave Systems Corp.) -- C:\Program Files\Wave Systems Corp\SecureUpgrade.exe
PRC - [2007/05/01 10:12:10 | 000,075,336 | ---- | M] (TechSmith Corporation) -- C:\Program Files\TechSmith\SnagIt 8\SnagPriv.exe
PRC - [2007/05/01 10:12:10 | 000,058,952 | ---- | M] (TechSmith Corporation) -- C:\Program Files\TechSmith\SnagIt 8\TscHelp.exe
PRC - [2007/05/01 10:11:48 | 006,395,464 | ---- | M] (TechSmith Corporation) -- C:\Program Files\TechSmith\SnagIt 8\SnagIt32.exe
PRC - [2007/02/12 12:38:04 | 000,355,096 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2007/02/12 12:37:58 | 000,174,872 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2007/01/29 21:07:18 | 000,050,736 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint\ApMsgFwd.exe
PRC - [2007/01/25 19:34:22 | 000,159,744 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint\Apoint.exe
PRC - [2007/01/01 15:22:02 | 003,739,648 | ---- | M] (Google) -- C:\Program Files\Google\Google Talk\googletalk.exe
PRC - [2006/12/19 13:21:48 | 000,079,432 | ---- | M] (Broadcom Corporation) -- C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe
PRC - [2006/11/02 20:40:12 | 000,174,656 | ---- | M] () -- C:\Windows\System32\PSIService.exe
PRC - [2006/09/08 17:10:22 | 000,040,960 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint\hidfind.exe
PRC - [2006/09/08 17:06:08 | 000,040,960 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint\ApntEx.exe
========== Modules (SafeList) ==========
MOD - [2011/03/11 13:26:35 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Glory\Desktop\OTL.exe
MOD - [2010/12/07 18:12:45 | 000,653,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4148_none_5090ab56bcba71c2\msvcr90.dll
MOD - [2010/12/07 18:12:45 | 000,569,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4148_none_5090ab56bcba71c2\msvcp90.dll
MOD - [2010/09/20 13:26:01 | 000,415,088 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton 360\Engine\4.3.0.5\asoehook.dll
MOD - [2010/08/31 09:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
========== Win32 Services (SafeList) ==========
SRV - [2010/12/15 13:31:20 | 000,460,144 | ---- | M] () [Auto | Running] -- C:\Program Files\Flip Video\FlipShare\FlipShareService.exe -- (FlipShare Service)
SRV - [2010/12/15 13:22:42 | 001,085,440 | ---- | M] () [Auto | Running] -- C:\Program Files\Flip Video\FlipShareServer\FlipShareServer.exe -- (FlipShareServer)
SRV - [2010/11/10 20:56:23 | 000,043,912 | ---- | M] (WebEx Communications, Inc.) [Auto | Running] -- C:\Windows\System32\atashost.exe -- (atashost)
SRV - [2010/02/25 18:21:50 | 000,126,392 | R--- | M] (Symantec Corporation) [Unknown | Running] -- C:\Program Files\Norton 360\Engine\4.3.0.5\ccSvcHst.exe -- (N360)
SRV - [2009/10/24 03:18:54 | 000,360,224 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe -- (PMBDeviceInfoProvider)
SRV - [2009/09/16 17:22:08 | 000,020,480 | ---- | M] (Intuit) [Auto | Running] -- C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe -- (QBCFMonitorService)
SRV - [2008/08/08 16:28:20 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe -- (GoToAssist)
SRV - [2008/05/17 03:11:44 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Running] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2008/02/22 15:54:34 | 000,390,424 | ---- | M] (Dell Inc.) [Auto | Running] -- C:\Program Files\Dell\QuickSet\NicConfigSvc.exe -- (nicconfigsvc)
SRV - [2008/01/19 01:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008/01/11 16:50:16 | 000,030,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc)
SRV - [2008/01/03 12:05:32 | 000,102,400 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\stacsv.exe -- (STacSV)
SRV - [2007/11/08 21:50:10 | 001,552,384 | ---- | M] () [Auto | Stopped] -- C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe -- (tcsd_win32.exe)
SRV - [2007/10/05 09:30:34 | 000,595,184 | ---- | M] ( ) [Auto | Running] -- C:\Windows\System32\dldocoms.exe -- (dldo_device)
SRV - [2007/09/13 13:31:44 | 000,192,512 | ---- | M] (Wave Systems Corp.) [On_Demand | Stopped] -- C:\Program Files\Wave Systems Corp\Authentication Manager\WaveEnrollmentService.exe -- (WaveEnrollmentService)
SRV - [2007/08/31 16:39:18 | 000,486,400 | ---- | M] (Wave Systems Corp.) [On_Demand | Stopped] -- C:\Program Files\Wave Systems Corp\Secure Storage Manager\SecureStorageService.exe -- (SecureStorageService)
SRV - [2007/05/24 06:08:44 | 000,061,440 | ---- | M] (Intuit Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe -- (QBFCService)
SRV - [2007/02/12 12:38:04 | 000,355,096 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R)
SRV - [2006/12/19 13:21:48 | 000,079,432 | ---- | M] (Broadcom Corporation) [Auto | Running] -- C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe -- (ASFIPmon)
SRV - [2006/11/02 20:40:12 | 000,174,656 | ---- | M] () [Auto | Start_Pending] -- C:\Windows\System32\PSIService.exe -- (ProtexisLicensing)
SRV - [2005/11/17 14:18:52 | 001,527,900 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- C:\MAGIX\Common\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Running] -- -- (catchme)
DRV - [2011/03/05 16:53:47 | 001,360,760 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\VirusDefs\20110310.038\NAVEX15.SYS -- (NAVEX15)
DRV - [2011/03/05 16:53:46 | 000,086,008 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\VirusDefs\20110310.038\NAVENG.SYS -- (NAVENG)
DRV - [2011/02/25 15:59:12 | 000,800,376 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\BASHDefs\20110309.001\BHDrvx86.sys -- (BHDrvx86)
DRV - [2010/12/30 20:24:40 | 000,102,448 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2010/12/25 12:00:03 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2010/11/08 18:50:30 | 000,353,912 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\IPSDefs\20110310.002\IDSvix86.sys -- (IDSVix86)
DRV - [2010/07/21 16:52:14 | 000,044,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\dc3d.sys -- (dc3d)
DRV - [2010/07/17 10:19:19 | 000,124,976 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2010/05/05 22:01:59 | 000,339,504 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\Drivers\N360\0403000.005\SYMTDIV.SYS -- (SYMTDIv)
DRV - [2010/04/28 23:03:51 | 000,116,784 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\system32\drivers\N360\0403000.005\Ironx86.SYS -- (SymIRON)
DRV - [2010/04/21 21:02:20 | 000,173,104 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\system32\drivers\N360\0403000.005\SYMEFA.SYS -- (SymEFA)
DRV - [2010/04/21 20:29:50 | 000,325,680 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\Drivers\N360\0403000.005\SRTSP.SYS -- (SRTSP)
DRV - [2010/04/21 20:29:50 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\system32\drivers\N360\0403000.005\SRTSPX.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV - [2010/02/25 18:22:57 | 000,501,888 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\system32\drivers\N360\0403000.005\ccHPx86.sys -- (ccHP)
DRV - [2010/02/03 19:40:47 | 000,328,752 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\N360\0403000.005\SYMDS.SYS -- (SymDS)
DRV - [2008/01/03 12:05:40 | 000,330,240 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2007/11/29 01:18:24 | 000,062,208 | ---- | M] (O2Micro) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\oz776.sys -- (guardian2)
DRV - [2007/09/10 08:54:48 | 000,156,160 | ---- | M] (Wave Systems Corp.) [File_System | Auto | Running] -- C:\Windows\System32\drivers\WavxDMgr.sys -- (WavxDMgr)
DRV - [2007/09/07 08:57:14 | 000,026,608 | ---- | M] (Dell Inc) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\PBADRV.sys -- (PBADRV)
DRV - [2007/02/01 03:22:44 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2006/12/19 13:21:52 | 000,010,480 | ---- | M] (Broadcom Corporation) [Kernel | Auto | Running] -- C:\Program Files\Broadcom\ASFIPMon\BASFND.sys -- (BASFND)
DRV - [2006/12/13 01:51:20 | 000,147,968 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2006/11/02 01:36:43 | 002,028,032 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)
DRV - [2006/11/02 01:30:55 | 000,200,704 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express) Intel(R)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
FF - HKLM\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\IPSFFPlgn\ [2010/07/25 17:49:57 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\coFFPlgn\ [2010/07/17 10:27:45 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.15\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/03/04 16:43:06 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.15\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/03/04 16:43:06 | 000,000,000 | ---D | M]
[2009/03/08 15:56:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Glory\AppData\Roaming\Mozilla\Extensions
[2011/03/05 15:21:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Glory\AppData\Roaming\Mozilla\Firefox\Profiles\c5yutw2i.default\extensions
[2010/12/18 15:45:59 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Glory\AppData\Roaming\Mozilla\Firefox\Profiles\c5yutw2i.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/03/04 09:20:07 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/11/19 11:15:40 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2011/03/04 09:20:07 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2009/03/31 21:47:26 | 000,324,976 | ---- | M] (Symantec Corporation) -- C:\Program Files\Mozilla Firefox\components\coFFPlgn.dll
[2011/03/04 09:19:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
O1 HOSTS File: ([2011/03/07 12:28:20 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (SnagIt Toolbar Loader) - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 8\SnagItBHO.dll (TechSmith Corporation)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\4.3.0.5\coieplg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\4.3.0.5\ipsbho.dll (Symantec Corporation)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll (Google Inc.)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll (Dell Inc.)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\4.3.0.5\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (SnagIt) - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll (TechSmith Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\4.3.0.5\coieplg.dll (Symantec Corporation)
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Acrobat Speed Launch] C:\Program Files\Adobe\Acrobat 8.0\Acrobat\acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Acrobat Synchronizer] C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [Dell 968 AIO Printer Fax Server] C:\Program Files\Dell 968 AIO Printer\fm3032.exe ()
O4 - HKLM..\Run: [dldomon.exe] C:\Program Files\Dell 968 AIO Printer\dldomon.exe ()
O4 - HKLM..\Run: [ECenter] C:\DELL\E-Center\EULALauncher.exe ( )
O4 - HKLM..\Run: [googletalk] C:\Program Files\Google\Google Talk\googletalk.exe (Google)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [MemoryCardManager] C:\Program Files\Dell 968 AIO Printer\memcard.exe ()
O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [PMBVolumeWatcher] C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe (Sony Corporation)
O4 - HKLM..\Run: [SecureUpgrade] C:\Program Files\Wave Systems Corp\SecureUpgrade.exe (Wave Systems Corp.)
O4 - HKLM..\Run: [WavXMgr] C:\Program Files\Wave Systems Corp\Services Manager\DocMgr\bin\WavXDocMgr.exe (Wave Systems Corp.)
O4 - HKCU..\Run: [Aim] C:\Program Files\AIM\aim.exe (AOL Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Append to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll (Google Inc.)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {FF1CD9A3-00CD-45C1-8182-4EEC229A182D} https://www.plaxo.com/activex/plx_upldr-2k-xp.cab (Plaxo Auto-Import Utility)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.87.72.134 68.87.77.134
O18 - Protocol\Handler\intu-help-qb1 {9B0F96C7-2E4B-433e-ABF3-043BA1B54AE3} - C:\Program Files\Intuit\QuickBooks 2008\HelpAsyncPluggableProtocol.dll (TODO: )
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~2\GoogleDesktopNetwork3.dll) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\gemsafe: DllName - C:\Program Files\Gemplus\GemSafe Libraries\BIN\WLEventNotify.dll - C:\Program Files\Gemplus\GemSafe Libraries\BIN\WLEventNotify.dll (Gemplus)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img21.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img21.jpg
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 15:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - File not found
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan.lnk - - File not found
MsConfig - State: "startup" - 2
Drivers32: aux - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: aux1 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: aux2 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: aux3 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: midi - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: midi1 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: midi2 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: midi3 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: midi4 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: midimapper - C:\Windows\System32\midimap.dll (Microsoft Corporation)
Drivers32: mixer - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: mixer1 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: mixer2 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: mixer3 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: mixer4 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: msacm.imaadpcm - C:\Windows\System32\imaadp32.acm (Microsoft Corporation)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.msadpcm - C:\Windows\System32\msadp32.acm (Microsoft Corporation)
Drivers32: msacm.msaudio1 - C:\Windows\System32\msaud32.acm (Microsoft Corporation)
Drivers32: msacm.msg711 - C:\Windows\System32\msg711.acm (Microsoft Corporation)
Drivers32: msacm.msgsm610 - C:\Windows\System32\msgsm32.acm (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.i420 - C:\Windows\System32\iyuv_32.dll (Microsoft Corporation)
Drivers32: vidc.iyuv - C:\Windows\System32\iyuv_32.dll (Microsoft Corporation)
Drivers32: vidc.mrle - C:\Windows\System32\msrle32.dll (Microsoft Corporation)
Drivers32: vidc.msvc - C:\Windows\System32\msvidc32.dll (Microsoft Corporation)
Drivers32: vidc.tscc - C:\Windows\System32\tsccvid.dll (TechSmith Corporation)
Drivers32: vidc.uyvy - C:\Windows\System32\msyuv.dll (Microsoft Corporation)
Drivers32: vidc.yuy2 - C:\Windows\System32\msyuv.dll (Microsoft Corporation)
Drivers32: vidc.yvu9 - C:\Windows\System32\tsbyuv.dll (Microsoft Corporation)
Drivers32: vidc.yvyu - C:\Windows\System32\msyuv.dll (Microsoft Corporation)
Drivers32: wave - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: wave1 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: wave2 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: wave3 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: wave4 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: wavemapper - C:\Windows\System32\msacm32.drv (Microsoft Corporation)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ==========
[2011/03/11 13:26:30 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Glory\Desktop\OTL.exe
[2011/03/11 10:50:03 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2011/03/09 09:06:45 | 000,429,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll
[2011/03/09 09:06:45 | 000,322,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbe.dll
[2011/03/09 09:06:44 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax
[2011/03/09 09:06:44 | 000,153,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbeio.dll
[2011/03/07 12:28:23 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN
[2011/03/07 12:07:51 | 000,161,792 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2011/03/07 12:07:51 | 000,136,704 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2011/03/07 12:07:51 | 000,031,232 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2011/03/07 12:07:38 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2011/03/07 11:52:00 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/03/07 11:51:41 | 000,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe
[2011/03/07 11:51:38 | 000,000,000 | ---D | C] -- C:\32788R22FWJFW
[2011/03/06 13:54:41 | 000,446,464 | ---- | C] (OldTimer Tools) -- C:\Users\Glory\Desktop\TFC.exe
[2011/03/06 08:44:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Printers
[2011/03/06 08:44:22 | 000,000,000 | ---D | C] -- C:\Program Files\Dell 968 AIO Printer
[2011/03/06 08:44:07 | 000,643,072 | ---- | C] ( ) -- C:\Windows\System32\dldopmui.dll
[2011/03/06 08:44:07 | 000,053,248 | ---- | C] ( ) -- C:\Windows\System32\dldoprox.dll
[2011/03/06 08:44:06 | 000,320,752 | ---- | C] ( ) -- C:\Windows\System32\dldoih.exe
[2011/03/06 08:44:05 | 000,983,121 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dldogf.dll
[2011/03/05 12:44:12 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2011/03/05 12:44:12 | 000,000,000 | ---D | C] -- C:\Users\Glory\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
[2011/03/04 16:11:56 | 000,000,000 | ---D | C] -- C:\Users\Glory\AppData\Roaming\Malwarebytes
[2011/03/04 16:11:38 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011/03/04 16:11:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/03/04 16:11:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/03/04 16:11:34 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011/03/04 16:11:33 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/03/04 09:21:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2011/03/04 09:19:58 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll
[2011/03/04 09:19:58 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2011/03/04 09:19:58 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2011/03/04 09:19:58 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2011/03/04 09:10:15 | 000,885,024 | ---- | C] (Sun Microsystems, Inc.) -- C:\Users\Glory\Desktop\jxpiinstall.exe
[2011/02/23 17:43:51 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrsmgr.dll
[2011/02/23 17:43:40 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsmprovhost.exe
[2011/02/23 17:43:39 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrs.exe
[2011/02/23 17:43:39 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrshost.exe
[2011/02/23 17:43:37 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsmplpxy.dll
[2011/02/23 17:43:37 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrssrv.dll
[2011/02/23 17:43:33 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wevtfwd.dll
[2011/02/23 17:43:33 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wecutil.exe
[2011/02/23 17:43:33 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wecapi.dll
[2011/02/23 17:43:33 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmRes.dll
[2011/02/23 17:43:33 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pwrshplugin.dll
[2011/02/23 17:43:20 | 000,252,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSManMigrationPlugin.dll
[2011/02/23 17:43:20 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSManHTTPConfig.exe
[2011/02/23 17:43:20 | 000,241,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrscmd.dll
[2011/02/23 17:43:20 | 000,214,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmWmiPl.dll
[2011/02/23 17:43:20 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmAuto.dll
[2011/02/18 18:29:43 | 000,000,000 | ---D | C] -- C:\Users\Glory\AppData\Local\AOL
[2011/02/18 18:29:43 | 000,000,000 | ---D | C] -- C:\Users\Glory\AppData\Local\AIM
[2011/02/18 18:29:43 | 000,000,000 | ---D | C] -- C:\Users\Glory\AppData\Roaming\acccore
[2011/02/18 18:28:54 | 000,000,000 | ---D | C] -- C:\ProgramData\AIM
[2011/02/18 18:28:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AIM
[2011/02/18 18:28:46 | 000,000,000 | ---D | C] -- C:\Program Files\AIM
[2011/02/18 18:28:44 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Software Update Utility
[2011/02/18 18:28:43 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\AOL
[2011/02/18 17:49:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
[2011/02/18 17:49:52 | 000,000,000 | ---D | C] -- C:\Program Files\FileZilla FTP Client
[2011/02/18 17:42:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP
[2011/02/18 17:41:10 | 000,000,000 | ---D | C] -- C:\Program Files\GIMP-2.0
[2011/02/09 18:57:54 | 002,039,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2011/02/09 18:57:51 | 003,602,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2011/02/09 18:57:50 | 003,550,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2011/02/09 18:57:42 | 001,172,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2011/02/09 18:57:42 | 001,068,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2011/02/09 18:57:41 | 000,979,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFH264Dec.dll
[2011/02/09 18:57:41 | 000,683,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
[2011/02/09 18:57:40 | 001,554,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xpsservices.dll
[2011/02/09 18:57:40 | 000,876,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll
[2011/02/09 18:57:40 | 000,357,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFHEAACdec.dll
[2011/02/09 18:57:40 | 000,288,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll
[2011/02/09 18:57:40 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsRasterService.dll
[2011/02/09 18:57:39 | 000,847,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\OpcServices.dll
[2011/02/09 18:57:39 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxgi.dll
[2011/02/09 18:57:39 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfmp4src.dll
[2011/02/09 18:57:39 | 000,261,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfreadwrite.dll
[2011/02/09 18:57:38 | 002,873,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mf.dll
[2011/02/09 18:57:38 | 001,029,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10.dll
[2011/02/09 18:57:38 | 000,667,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelinesvc.exe
[2011/02/09 18:57:38 | 000,219,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
[2011/02/09 18:57:38 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10core.dll
[2011/02/09 18:57:38 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
[2011/02/09 18:57:37 | 000,486,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10level9.dll
[2011/02/09 18:57:37 | 000,209,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfplat.dll
[2011/02/09 18:57:34 | 000,098,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfps.dll
[2011/02/09 18:57:34 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll
[2011/02/09 18:57:33 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelineprxy.dll
[2011/02/09 18:57:18 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2011/02/09 18:57:18 | 000,602,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2011/02/09 18:57:17 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2011/02/09 18:57:17 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2011/02/09 18:57:17 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2011/02/09 18:57:17 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2011/02/09 18:57:16 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2011/02/09 18:57:16 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2011/02/09 18:57:16 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2011/02/09 18:57:16 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2011/02/09 18:57:16 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2011/02/09 18:57:16 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2011/02/09 18:57:16 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2011/02/09 18:57:16 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2011/02/09 18:57:16 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2011/02/09 18:57:16 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2011/02/09 18:57:16 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2011/02/09 18:57:05 | 000,292,352 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2011/02/09 18:57:05 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2007/09/10 12:46:54 | 001,069,056 | ---- | C] ( ) -- C:\Windows\System32\dldoserv.dll
[2007/09/10 12:43:36 | 000,569,344 | ---- | C] ( ) -- C:\Windows\System32\dldolmpm.dll
[2007/09/10 12:43:28 | 000,339,968 | ---- | C] ( ) -- C:\Windows\System32\dldoiesc.dll
[2007/09/10 12:43:08 | 000,364,544 | ---- | C] ( ) -- C:\Windows\System32\dldocomm.dll
[2007/09/10 12:42:48 | 000,365,808 | ---- | C] ( ) -- C:\Windows\System32\dldocfg.exe
[2007/09/10 12:41:50 | 000,663,552 | ---- | C] ( ) -- C:\Windows\System32\dldohbn3.dll
[2007/09/10 12:41:50 | 000,595,184 | ---- | C] ( ) -- C:\Windows\System32\dldocoms.exe
[2007/09/10 12:41:10 | 000,954,368 | ---- | C] ( ) -- C:\Windows\System32\dldousb1.dll
[2007/09/10 12:40:24 | 000,851,968 | ---- | C] ( ) -- C:\Windows\System32\dldocomc.dll
[2007/09/10 12:36:50 | 000,438,272 | ---- | C] ( ) -- C:\Windows\System32\dldohcp.dll
[2007/09/10 12:36:28 | 000,360,448 | ---- | C] ( ) -- C:\Windows\System32\dldoinpa.dll
[49 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[49 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011/03/11 13:34:03 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/03/11 13:26:35 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Glory\Desktop\OTL.exe
[2011/03/11 12:50:19 | 000,002,657 | ---- | M] () -- C:\Users\Glory\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Outlook 2007.lnk
[2011/03/11 12:30:28 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/03/11 12:30:28 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/03/11 09:57:54 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/03/10 20:34:01 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/03/08 09:39:00 | 000,020,589 | ---- | M] () -- C:\Windows\System32\LexFiles.ulf
[2011/03/08 09:38:37 | 000,001,883 | ---- | M] () -- C:\Users\Public\Desktop\Dell Printer Supplies - Inkjet.LNK
[2011/03/07 12:28:20 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2011/03/07 12:23:32 | 2136,969,216 | -HS- | M] () -- C:\hiberfil.sys
[2011/03/07 11:50:48 | 004,281,741 | R--- | M] () -- C:\Users\Glory\Desktop\ComboFix.exe
[2011/03/06 14:47:44 | 000,002,627 | ---- | M] () -- C:\Users\Glory\Desktop\Microsoft Office Word 2007.lnk
[2011/03/06 14:43:56 | 000,879,069 | ---- | M] () -- C:\Users\Glory\Desktop\SecurityCheck.exe
[2011/03/06 13:54:42 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\Users\Glory\Desktop\TFC.exe
[2011/03/06 08:48:45 | 000,655,022 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/03/06 08:48:45 | 000,123,444 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/03/06 08:33:12 | 000,002,304 | ---- | M] () -- C:\Windows\WinInit.Ini
[2011/03/05 13:06:03 | 000,002,523 | ---- | M] () -- C:\Users\Glory\Desktop\HiJackThis.lnk
[2011/03/04 16:11:39 | 000,000,908 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/03/04 09:19:23 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2011/03/04 09:19:23 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2011/03/04 09:19:22 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll
[2011/03/04 09:19:22 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2011/03/04 09:10:16 | 000,885,024 | ---- | M] (Sun Microsystems, Inc.) -- C:\Users\Glory\Desktop\jxpiinstall.exe
[2011/03/03 18:55:00 | 058,791,152 | ---- | M] () -- C:\Users\Glory\Desktop\R241344.exe
[2011/03/02 12:07:04 | 000,045,056 | ---- | M] () -- C:\Users\Glory\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/03/02 10:01:17 | 000,010,076 | ---- | M] () -- C:\ProgramData\dldo
[2011/02/18 18:29:10 | 000,000,371 | -H-- | M] () -- C:\IPH.PH
[2011/02/18 18:28:54 | 000,001,720 | ---- | M] () -- C:\Users\Glory\Application Data\Microsoft\Internet Explorer\Quick Launch\AIM.lnk
[2011/02/18 18:28:53 | 000,001,696 | ---- | M] () -- C:\Users\Public\Desktop\AIM.lnk
[2011/02/18 17:49:57 | 000,001,787 | ---- | M] () -- C:\Users\Public\Desktop\FileZilla Client.lnk
[2011/02/18 17:42:16 | 000,000,902 | ---- | M] () -- C:\Users\Public\Desktop\GIMP 2.lnk
[2011/02/10 03:27:26 | 000,388,800 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[49 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[49 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011/03/07 12:07:51 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe
[2011/03/07 12:07:51 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2011/03/07 12:07:51 | 000,089,088 | ---- | C] () -- C:\Windows\MBR.exe
[2011/03/07 12:07:51 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2011/03/07 12:07:51 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011/03/07 11:50:45 | 004,281,741 | R--- | C] () -- C:\Users\Glory\Desktop\ComboFix.exe
[2011/03/06 14:43:54 | 000,879,069 | ---- | C] () -- C:\Users\Glory\Desktop\SecurityCheck.exe
[2011/03/06 08:47:09 | 000,001,883 | ---- | C] () -- C:\Users\Public\Desktop\Dell Printer Supplies - Inkjet.LNK
[2011/03/06 08:46:30 | 000,045,056 | ---- | C] () -- C:\Windows\System32\DLDOPMON.DLL
[2011/03/06 08:46:30 | 000,032,768 | ---- | C] () -- C:\Windows\System32\DLDOFXPU.DLL
[2011/03/06 08:46:09 | 000,049,152 | ---- | C] () -- C:\Windows\System32\dldooem.dll
[2011/03/06 08:46:09 | 000,012,288 | ---- | C] () -- C:\Windows\System32\DLDOPMRC.DLL
[2011/03/06 08:44:09 | 000,348,160 | ---- | C] () -- C:\Windows\System32\dldoinst.dll
[2011/03/06 08:44:08 | 000,503,808 | ---- | C] () -- C:\Windows\System32\dldoutil.dll
[2011/03/06 08:44:07 | 000,143,360 | ---- | C] () -- C:\Windows\System32\dldojswr.dll
[2011/03/06 08:44:06 | 000,691,756 | ---- | C] () -- C:\Windows\System32\DLDOhelp.chm
[2011/03/06 08:44:06 | 000,176,128 | ---- | C] () -- C:\Windows\System32\dldoinsb.dll
[2011/03/06 08:44:06 | 000,176,128 | ---- | C] () -- C:\Windows\System32\dldoins.dll
[2011/03/06 08:44:06 | 000,106,496 | ---- | C] () -- C:\Windows\System32\dldoinsr.dll
[2011/03/06 08:44:05 | 000,208,896 | ---- | C] () -- C:\Windows\System32\dldogrd.dll
[2011/03/06 08:44:05 | 000,086,016 | ---- | C] () -- C:\Windows\System32\dldocub.dll
[2011/03/06 08:44:05 | 000,077,824 | ---- | C] () -- C:\Windows\System32\dldocu.dll
[2011/03/06 08:44:05 | 000,036,864 | ---- | C] () -- C:\Windows\System32\dldocur.dll
[2011/03/06 08:44:04 | 000,077,906 | ---- | C] () -- C:\Windows\System32\dldocfg.dll
[2011/03/05 12:44:13 | 000,002,523 | ---- | C] () -- C:\Users\Glory\Desktop\HiJackThis.lnk
[2011/03/04 16:11:38 | 000,000,908 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/02/23 17:43:21 | 000,201,184 | ---- | C] () -- C:\Windows\System32\winrm.vbs
[2011/02/23 17:43:21 | 000,004,675 | ---- | C] () -- C:\Windows\System32\wsmanconfig_schema.xml
[2011/02/23 17:43:21 | 000,002,426 | ---- | C] () -- C:\Windows\System32\WsmTxt.xsl
[2011/02/18 18:28:53 | 000,001,720 | ---- | C] () -- C:\Users\Glory\Application Data\Microsoft\Internet Explorer\Quick Launch\AIM.lnk
[2011/02/18 18:28:53 | 000,001,696 | ---- | C] () -- C:\Users\Public\Desktop\AIM.lnk
[2011/02/18 18:28:24 | 000,000,371 | -H-- | C] () -- C:\IPH.PH
[2011/02/18 17:49:57 | 000,001,787 | ---- | C] () -- C:\Users\Public\Desktop\FileZilla Client.lnk
[2011/02/18 17:42:16 | 000,000,902 | ---- | C] () -- C:\Users\Public\Desktop\GIMP 2.lnk
[2010/11/19 11:16:42 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/01/05 19:08:04 | 000,000,418 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2009/09/16 16:06:04 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009/09/16 16:06:03 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/09/16 16:04:57 | 000,062,976 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2009/08/03 14:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/08/03 14:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\System32\OGAEXEC.exe
[2009/05/27 18:49:37 | 000,001,356 | ---- | C] () -- C:\Users\Glory\AppData\Local\d3d9caps.dat
[2008/12/01 16:57:35 | 000,003,140 | -HS- | C] () -- C:\Windows\System32\KGyGaAvL.sys
[2008/12/01 16:57:35 | 000,000,088 | RHS- | C] () -- C:\Windows\System32\2668F47E93.sys
[2008/09/29 02:01:20 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2008/09/05 17:46:11 | 000,010,076 | ---- | C] () -- C:\ProgramData\dldo
[2008/08/08 16:45:47 | 000,002,304 | ---- | C] () -- C:\Windows\WinInit.Ini
[2008/06/26 17:33:32 | 000,010,240 | ---- | C] () -- C:\Windows\System32\vidx16.dll
[2008/06/26 17:32:07 | 000,002,770 | ---- | C] () -- C:\Windows\mgxoschk.ini
[2008/06/26 17:31:04 | 000,045,056 | ---- | C] () -- C:\Users\Glory\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/06/15 16:54:41 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2008/06/08 12:49:31 | 000,000,000 | ---- | C] () -- C:\Users\Glory\AppData\Local\WavXMapDrive.bat
[2008/05/17 10:25:32 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1409.dll
[2008/05/17 10:25:31 | 001,953,696 | ---- | C] () -- C:\Windows\System32\igklg400.dll
[2008/05/17 10:25:31 | 001,533,360 | ---- | C] () -- C:\Windows\System32\igklg450.dll
[2008/05/17 10:25:31 | 000,104,636 | ---- | C] () -- C:\Windows\System32\igmedcompkrn.dll
[2008/05/17 03:02:51 | 000,054,784 | ---- | C] () -- C:\Windows\System32\bcmwlrmt.dll
[2008/05/17 03:02:50 | 000,024,064 | ---- | C] () -- C:\Windows\System32\WLTRYSVC.EXE
[2008/05/17 02:54:02 | 000,080,368 | ---- | C] () -- C:\Windows\System32\pbadrvdll.dll
[2008/05/17 02:53:59 | 000,143,360 | ---- | C] () -- C:\Windows\System32\bioapi_mds300.dll
[2008/05/17 02:53:59 | 000,106,496 | ---- | C] () -- C:\Windows\System32\bioapi100.dll
[2007/09/13 13:42:30 | 000,499,712 | ---- | C] () -- C:\Windows\System32\AmRes_ru.dll
[2007/09/13 13:42:30 | 000,471,040 | ---- | C] () -- C:\Windows\System32\AmRes_pt-BR.dll
[2007/09/13 13:42:28 | 000,487,424 | ---- | C] () -- C:\Windows\System32\AmRes_it.dll
[2007/09/13 13:42:28 | 000,487,424 | ---- | C] () -- C:\Windows\System32\AmRes_fr.dll
[2007/09/13 13:42:28 | 000,462,848 | ---- | C] () -- C:\Windows\System32\AmRes_ko.dll
[2007/09/13 13:42:28 | 000,458,752 | ---- | C] () -- C:\Windows\System32\AmRes_ja.dll
[2007/09/13 13:42:26 | 000,487,424 | ---- | C] () -- C:\Windows\System32\AmRes_es.dll
[2007/09/13 13:42:26 | 000,487,424 | ---- | C] () -- C:\Windows\System32\AmRes_de.dll
[2007/09/13 13:42:26 | 000,466,944 | ---- | C] () -- C:\Windows\System32\AmRes_en.dll
[2007/09/13 13:42:26 | 000,434,176 | ---- | C] () -- C:\Windows\System32\AmRes_zh-CHT.dll
[2007/09/13 13:36:24 | 000,438,272 | ---- | C] () -- C:\Windows\System32\AmRes_zh-CHS.dll
[2007/09/13 13:32:36 | 000,176,128 | ---- | C] () -- C:\Windows\System32\CacheFP.exe
[2007/09/12 14:05:08 | 000,102,400 | ---- | C] () -- C:\Windows\System32\Internationalization_pt.dll
[2007/09/12 14:04:46 | 000,086,016 | ---- | C] () -- C:\Windows\System32\Internationalization_zh-CHT.dll
[2007/09/12 14:04:26 | 000,090,112 | ---- | C] () -- C:\Windows\System32\Internationalization_ko.dll
[2007/09/12 14:04:06 | 000,102,400 | ---- | C] () -- C:\Windows\System32\Internationalization_es.dll
[2007/09/12 14:03:44 | 000,098,304 | ---- | C] () -- C:\Windows\System32\Internationalization_ru.dll
[2007/09/12 14:03:24 | 000,090,112 | ---- | C] () -- C:\Windows\System32\Internationalization_ja.dll
[2007/09/12 14:03:04 | 000,102,400 | ---- | C] () -- C:\Windows\System32\Internationalization_it.dll
[2007/09/12 14:02:44 | 000,102,400 | ---- | C] () -- C:\Windows\System32\Internationalization_de.dll
[2007/09/12 14:02:22 | 000,102,400 | ---- | C] () -- C:\Windows\System32\Internationalization_fr.dll
[2007/09/12 14:02:02 | 000,086,016 | ---- | C] () -- C:\Windows\System32\Internationalization_zh-CHS.dll
[2007/09/10 08:53:26 | 000,262,144 | ---- | C] () -- C:\Windows\System32\wxvault.dll
[2007/09/06 16:40:36 | 000,692,224 | ---- | C] () -- C:\Windows\System32\dldodrs.dll
[2007/08/31 14:51:12 | 000,065,536 | ---- | C] () -- C:\Windows\System32\dldocaps.dll
[2007/06/15 09:19:20 | 000,835,584 | ---- | C] () -- C:\Windows\System32\DemoLicense.dll
[2007/06/14 16:45:06 | 000,069,632 | ---- | C] () -- C:\Windows\System32\dldocnv4.dll
[2006/11/09 22:45:20 | 000,000,000 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2006/11/02 20:40:12 | 000,174,656 | ---- | C] () -- C:\Windows\System32\PSIService.exe
[2006/11/02 06:56:48 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 06:47:43 | 000,388,800 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 04:33:01 | 000,655,022 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 04:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 04:33:01 | 000,123,444 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 04:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 04:25:44 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2006/11/02 04:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 02:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 02:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 01:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 01:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006/08/14 10:02:10 | 000,072,192 | ---- | C] () -- C:\Windows\System32\xltZlib.dll
[2004/12/21 10:13:56 | 000,191,136 | ---- | C] () -- C:\Windows\System32\plx_upldr.dll
[2004/09/10 12:34:00 | 000,917,504 | ---- | C] () -- C:\Windows\System32\lmgr10.dll
[2004/09/10 12:34:00 | 000,057,344 | ---- | C] () -- C:\Windows\System32\ADsSecurity.dll
========== LOP Check ==========
[2008/09/05 19:08:52 | 000,000,000 | ---D | M] -- C:\Users\Glory\AppData\Roaming\968 Series
[2011/02/18 18:29:43 | 000,000,000 | ---D | M] -- C:\Users\Glory\AppData\Roaming\acccore
[2009/12/15 21:00:40 | 000,000,000 | ---D | M] -- C:\Users\Glory\AppData\Roaming\AnvSoft
[2010/12/23 10:33:27 | 000,000,000 | ---D | M] -- C:\Users\Glory\AppData\Roaming\Flip Video
[2011/01/11 20:50:50 | 000,000,000 | ---D | M] -- C:\Users\Glory\AppData\Roaming\JonathanLeger.com
[2008/06/26 17:42:42 | 000,000,000 | ---D | M] -- C:\Users\Glory\AppData\Roaming\MAGIX
[2009/06/20 18:35:39 | 000,000,000 | ---D | M] -- C:\Users\Glory\AppData\Roaming\Mobipocket
[2011/01/14 15:25:01 | 000,000,000 | ---D | M] -- C:\Users\Glory\AppData\Roaming\Moyea
[2010/12/11 12:50:39 | 000,000,000 | ---D | M] -- C:\Users\Glory\AppData\Roaming\Sony
[2010/12/11 12:50:12 | 000,000,000 | ---D | M] -- C:\Users\Glory\AppData\Roaming\Sony Creative Software Inc
[2010/09/20 15:55:04 | 000,000,000 | ---D | M] -- C:\Users\Glory\AppData\Roaming\Tific
[2009/03/07 17:51:00 | 000,000,000 | ---D | M] -- C:\Users\Glory\AppData\Roaming\TweetDeckFast.F9107117265DB7542C1A806C8DB837742CE14C21.1
[2011/03/07 12:20:52 | 000,032,556 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Custom Scans ==========
< %systemroot%\system32\*.dll /lockedfiles >
[2007/12/08 16:34:10 | 000,054,784 | ---- | M] () Unable to obtain MD5 -- C:\Windows\System32\bcmwlrmt.dll
[2009/03/08 05:31:42 | 000,348,160 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtmsft.dll
[2009/03/08 05:31:37 | 000,216,064 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtrans.dll
[2010/12/18 00:22:10 | 000,184,320 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\iepeers.dll
< %systemroot%\system32\*.sys /90 >
[2010/12/31 07:57:01 | 002,039,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\System32\config\*.sav >
[2006/11/02 04:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2006/11/02 04:34:05 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2006/11/02 04:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006/11/02 04:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006/11/02 04:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV
< %SYSTEMDRIVE%\*.* >
[2006/09/18 15:43:36 | 000,000,024 | ---- | M] () -- C:\autoexec.bat
[2009/12/15 20:59:59 | 015,672,013 | ---- | M] (Any-Video-Converter.com ) -- C:\avc-free.exe
[2009/04/11 00:36:36 | 000,333,257 | RHS- | M] () -- C:\bootmgr
[2011/03/07 12:35:39 | 000,018,787 | ---- | M] () -- C:\ComboFix.txt
[2006/09/18 15:43:37 | 000,000,010 | ---- | M] () -- C:\config.sys
[2008/05/17 10:25:39 | 000,004,701 | RH-- | M] () -- C:\dell.sdr
[2011/03/02 09:29:43 | 000,000,854 | ---- | M] () -- C:\dldo.log
[2010/12/25 19:14:34 | 000,000,425 | ---- | M] () -- C:\dldojswx.log
[2008/09/05 17:46:09 | 000,000,630 | ---- | M] () -- C:\dldoPpx.log
[2010/09/11 07:30:11 | 000,000,311 | ---- | M] () -- C:\faxend.log
[2010/09/11 07:30:10 | 000,000,162 | ---- | M] () -- C:\faxendPdoc.log
[2010/09/11 07:30:10 | 000,000,245 | ---- | M] () -- C:\faxfile.log
[2010/12/06 20:12:35 | 000,000,000 | ---- | M] () -- C:\foo.txt
[2011/03/07 12:23:32 | 2136,969,216 | -HS- | M] () -- C:\hiberfil.sys
[2011/02/18 18:29:10 | 000,000,371 | -H-- | M] () -- C:\IPH.PH
[2008/05/17 03:02:47 | 000,022,729 | ---- | M] () -- C:\newfile.enc
[2008/05/17 03:02:47 | 000,022,729 | ---- | M] () -- C:\newkey
[2011/03/10 17:31:07 | 2575,273,984 | -HS- | M] () -- C:\pagefile.sys
< %systemroot%\*. /mp /s >
< %systemroot%\system32\Spool\prtprocs\w32x86\*.dll >
[2008/01/19 01:34:28 | 000,089,600 | ---- | M] (Hewlett-Packard Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\HPZPPLHN.DLL
[2006/11/02 06:36:30 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\jnwppr.dll
< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-03-10 09:05:37
< End of report >
Extras.txt:
OTL Extras logfile created on: 3/11/2011 1:29:10 PM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Glory\Desktop
Windows Vista Business Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19019)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 27.00% Memory free
4.00 Gb Paging File | 1.00 Gb Available in Paging File | 23.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 109.70 Gb Total Space | 9.21 Gb Free Space | 8.39% Space Free | Partition Type: NTFS
Drive D: | 2.00 Gb Total Space | 1.40 Gb Free Space | 69.96% Space Free | Partition Type: NTFS
Drive H: | 3.73 Gb Total Space | 0.40 Gb Free Space | 10.64% Space Free | Partition Type: FAT32
Computer Name: GLORY-LAPTOP | User Name: Glory | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ ]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\ ]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ \shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{24C6DEBC-C588-42FB-B147-92D3D85CF64B}" = lport=24726 | protocol=6 | dir=in | name=flipshareserver |
"{64E4231E-3F1C-4777-A5B0-BB70B56BD39D}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{D1D3212C-2721-411A-B672-38FA3FFF034F}" = lport=24727 | protocol=6 | dir=in | name=flipshareserver |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01C44931-09C5-4A5B-B9E9-0A6D2895A570}" = protocol=6 | dir=in | app=c:\program files\dell 968 aio printer\memcard.exe |
"{11BDBB6C-EA50-4015-9B71-86686C243350}" = protocol=17 | dir=in | app=c:\program files\dell 968 aio printer\memcard.exe |
"{1577F53F-F772-43CD-B65F-660523256791}" = protocol=6 | dir=in | app=c:\program files\dell 968 aio printer\dldomon.exe |
"{1C1984B3-A985-477C-94D9-EB4C5F5A6A09}" = protocol=6 | dir=in | app=c:\windows\system32\dldocoms.exe |
"{2108BB00-C3E7-4C89-98D2-F7182CF4FCED}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{21435B1E-5F2F-48EA-B236-9A5E29B68AB4}" = protocol=6 | dir=in | app=c:\program files\dell 968 aio printer\dldoaiox.exe |
"{23841A29-0595-4E10-BF38-20E87F6689AA}" = protocol=17 | dir=in | app=c:\program files\dell 968 aio printer\dldomon.exe |
"{24E58AC8-07BF-4268-9607-DDF99FD2585B}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\dldojswx.exe |
"{2762F2D1-CBEA-4050-9AFD-76B22144CE74}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{3D0ADE7C-AFD4-4516-A403-3EE42DA52C8F}" = protocol=6 | dir=in | app=c:\program files\dell 968 aio printer\dldomon.exe |
"{40A2A7DD-ED86-41B4-BB8C-8F3F7757D614}" = protocol=6 | dir=in | app=c:\program files\aim\aim.exe |
"{413EFCBA-A6D7-4554-A4DC-B0B86AF98E62}" = protocol=17 | dir=in | app=c:\windows\system32\dldocoms.exe |
"{4489093A-D85F-45D9-AB10-34AB022256EB}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{54B20571-15FB-40C0-AF1C-5EA06DCDF03E}" = protocol=17 | dir=in | app=c:\windows\system32\dldocoms.exe |
"{7534D317-3781-4505-93CD-BFAE52CC22B2}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{8F40AF69-8815-47CD-972B-A9E3783AC508}" = protocol=17 | dir=in | app=c:\program files\dell 968 aio printer\memcard.exe |
"{A5D9993D-49A9-4116-AF1C-B542BC3AEF77}" = protocol=6 | dir=in | app=c:\program files\google\google talk\googletalk.exe |
"{A906B6E3-6605-4A1F-8DBC-BD3009B792D1}" = protocol=17 | dir=in | app=c:\program files\google\google talk\googletalk.exe |
"{AA4BDEEE-0387-4278-A4C7-566509D525EF}" = protocol=6 | dir=in | app=c:\program files\dell 968 aio printer\memcard.exe |
"{ABD3D1E1-DBBC-4FFB-8C9B-30FC6F5AFCF2}" = protocol=17 | dir=in | app=c:\program files\aim\aim.exe |
"{AC3AC5D3-75F9-4CA4-A0E8-8A7C7083D752}" = protocol=6 | dir=in | app=c:\program files\dell 968 aio printer\dldoaiox.exe |
"{B2266CE0-84B4-4776-B977-E75A22CFB1F9}" = dir=in | app=c:\program files\cyberlink\powerdvd dx\powerdvd.exe |
"{B985CC97-0C83-44E0-9C79-7870098F64E9}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{C032848E-1DB0-406F-B455-6DDF04879369}" = dir=in | app=c:\program files\cyberlink\powerdvd dx\pdvddxsrv.exe |
"{CD36C032-0029-401F-9DF5-C05E51622B33}" = protocol=6 | dir=in | app=c:\windows\system32\dldocoms.exe |
"{D5B0D7E8-28CD-4647-84D9-9CBE4759357D}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\dldojswx.exe |
"{D908A176-CE95-4CC9-AE9F-46F35F80A0B1}" = protocol=17 | dir=in | app=c:\program files\dell 968 aio printer\dldoaiox.exe |
"{ED304DE7-0FBE-45FE-855D-1A3B8DDD8424}" = protocol=17 | dir=in | app=c:\program files\dell 968 aio printer\dldomon.exe |
"{FF0923B0-C2C9-4FA3-88A8-5B594506B930}" = protocol=17 | dir=in | app=c:\program files\dell 968 aio printer\dldoaiox.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00F93853-D9D3-4795-A89E-84CCBA0205C9}" = Microsoft IntelliPoint 8.0
"{0394CDC8-FABD-4ED8-B104-03393876DFDF}" = Roxio Creator Tools
"{07159635-9DFE-4105-BFC0-2817DB540C68}" = Roxio Activation Module
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{07D618CD-B016-438A-ADC9-A75BD23F85CE}" = Wave Support Software
"{0B0A2153-58A6-4244-B458-25EDF5FCD809}" = Private Information Manager
"{0C34B801-6AEC-4667-B053-03A67E2D0415}" = Apple Application Support
"{0D397393-9B50-4C52-84D5-77E344289F87}" = Roxio Creator Data
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{206FD69B-F9FE-4164-81BD-D52552BC9C23}" = GearDrvs
"{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk" = Google Talk (remove only)
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216024FF}" = Java(TM) 6 Update 24
"{27CE7F06-7EAF-43E7-BD07-66D4767465C5}" = DLCO_AIOC
"{27E25625-DB51-42E6-BEB7-0C8DC878770C}" = Broadcom ASF Management Applications
"{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}" = Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
"{30417074-74FA-46C5-8DF1-CEB6A379D83A}" = DLCO_Pubs
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{342126E1-173C-4585-BFBE-3EBDD20E3E9E}" = Mobipocket Reader 6.2
"{37B03AA0-B125-4649-900C-F26E1081F163}" = Camtasia Studio 7
"{3A6BE9F4-5FC8-44BB-BE7B-32A29607FEF6}" = Preboot Manager
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
"{420DFB63-8AE7-F7D6-E4B4-AB6D140221F4}" = FlipShare
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B6AD248-D3BF-426A-8D64-847288154F13}" = QuickSet
"{4BF18ED6-C888-4BCF-A4AF-AC7A16305BC1}" = GemSafe Standard Edition 5.1
"{4E5386F5-C0F6-4532-A54A-374865AEAB71}" = Cisco PEAP Module
"{4FC753CF-6673-47BF-9479-48BB0CD99B84}" = DLCO_MCM
"{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies
"{51AE9E42-640D-4C14-A9B6-43F64AA4E3E2}" = Document Manager Lite
"{53333479-6A52-4816-8497-5C52B67ED339}" = EMBASSY Security Setup
"{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English)
"{5A3F6A80-7913-475E-8B96-477A952CFA43}" = SupportSoft Assisted Service
"{5E39FDEE-7676-4BB7-9E2B-8224D7D74406}_is1" = Moyea Video Converter version 2.5.1.1757
"{5EC5F187-9D2B-4051-8906-88656819A869}" = Dell Drivers MSI
"{619CDD8A-14B6-43A1-AB6C-0F4EE48CE048}" = Roxio Creator Copy
"{62230596-37E5-4618-A329-0D21F529A86F}" = Browser Address Error Redirector
"{6567F265-62EC-4BA9-9629-6B483B608854}" = SmarterMail Sync for Outlook 2003 and above
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6B7B6D4D-8F9B-4CB3-8CA4-BCA9CC4C1A22}" = EDocs
"{6E19B918-2820-74A9-3CE0-9BAD5E1D360C}" = TweetDeck
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7670D32F-DAE6-4E49-8C8B-B3F08B5B1686}" = Microsoft SQL Server Native Client
"{76F9CF97-FC4B-4E20-B363-D127C888448F}" = Cisco LEAP Module
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
"{8292F88E-2DB7-456B-A8F1-9079B7432A1E}" = DVD Architect Studio 5.0
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83FFCFC7-88C6-41C6-8752-958A45325C82}" = Roxio Creator Audio
"{880AF49C-34F7-4285-A8AD-8F7A3D1C33DC}" = Roxio Creator BDAV Plugin
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8D337F77-BE7F-41A2-A7CB-D5A63FD7049B}" = Sonic CinePlayer Decoder Pack
"{8ECB8220-F422-4BEB-9596-97033C533702}" = QuickBooks Pro 2008
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROHYBRIDR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROHYBRIDR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_PROHYBRIDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_PROHYBRIDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90170409-6000-11D3-8CFE-0050048383C9}" = Microsoft FrontPage 2002
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel(R) Matrix Storage Manager
"{90A40409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components
"{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9593C6E5-205E-45C3-B785-05CF146CA76A}" = biolsp patch
"{9EDA3DD1-130D-4EE1-A3D2-5A3D795CC8C9}" = MFCLOC
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Dell Touchpad
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A429C2AE-EBF1-4F81-A221-1C115CAADDAD}" = QuickTime
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A939D341-5A04-4E0A-BB55-3E65B386432D}" = Microsoft Office Small Business Connectivity Components
"{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support
"{ABBA2EA4-740E-4052-902B-9CA70B081E3F}" = Dell Embassy Trust Suite by Wave Systems
"{AC76BA86-1033-0000-BA7E-000000000003}" = Adobe Acrobat 8 Standard
"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B32C4059-6E7A-41EF-AD20-56DF1872B923}" = Business Contact Manager for Outlook 2007 SP2
"{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}" = PMB
"{BF53252E-4AB2-4C7F-A0FD-6100755745E3}" = Cisco EAP-FAST Module
"{C7340571-7773-4A8C-9EBC-4E4243B38C76}" = Microsoft XML Parser
"{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}" = Roxio Creator DE
"{C99C0593-3B48-41D9-B42F-6E035B320449}" = Broadcom Management Programs
"{CB84F0F2-927B-458D-9DC5-87832E3DC653}" = GearDrvs
"{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}" = Skype Toolbars
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D1E829E9-88B8-47C6-A75E-0D40E2C09D50}" = Secure Update
"{D253C7DF-C490-435E-9260-AAA63325B7AC}" = DLCO_Wireless
"{DA0BF7AB-88EB-4675-8FA1-531EAD938821}" = SnagIt 8
"{DA34FE93-5DC5-48E0-ACC8-A5389E05BB51}" = iTunes
"{DB82351A-E422-4053-A6CE-ACE1590B4334}" = DLCO_Fax4
"{E56D39F8-2A9F-44B4-B068-A72E45A073E6}" = Safari
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0
"{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect
"{E7084B89-69E0-46B3-A118-8F99D06988CD}" = Microsoft SQL Server VSS Writer
"{E738A392-F690-4A9D-808E-7BAF80E0B398}" = ESC Home Page Plugin
"{EB4DF30B-102B-4F0C-927A-D50E037A325D}" = AuthenTec Fingerprint Sensor Minimum Install
"{EC84E3E6-C2D6-4DFB-81E0-448324C8FDF4}" = Security Wizards
"{ECC22AFA-B905-4A6A-8072-10F52B9E09B7}" = Wave Infrastructure Installer
"{EEAFE1E5-076B-430A-96D9-B567792AFA88}" = EMBASSY Security Center
"{EF05BA0F-AC15-4D12-AC5C-276225F5E751}" = Gemalto
"{F1802FA6-54E9-4B24-BD2A-B50866819795}" = EMBASSY Trust Suite by Wave Systems
"{F63A3748-B93D-4360-9AD4-B064481A5C7B}" = Modem Diagnostic Tool
"{FBEC50B7-537C-4A0E-8B0B-F7A8F8BF13CE}" = upekmsi
"{FEC193E4-6C5F-40E9-A249-7D8C8404A9EC}" = NTRU TCG Software Stack
"ActiveTouchMeetingClient" = WebEx
"Adobe Acrobat 8 Standard" = Adobe Acrobat 8.2.5 Standard
"Adobe Acrobat 8 Standard_825" = Adobe Acrobat 8.2.5 - CPSID_83708
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AIM_7" = AIM 7
"Any Video Converter_is1" = Any Video Converter 3.0.1
"Broadcom 802.11b Network Adapter" = Dell Wireless WLAN Card
"Business Contact Manager" = Business Contact Manager for Outlook 2007 SP2
"Cisco Connect" = Cisco Connect
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2C06&SUBSYS_14F1000F" = Conexant HDA D330 MDC V.92 Modem
"Dell 968 AIO Printer" = Dell 968 AIO Printer
"ESET Online Scanner" = ESET Online Scanner v3
"FileZilla Client" = FileZilla Client 3.3.5.1
"Google Desktop" = Google Desktop
"GoToAssist" = GoToAssist 8.0.0.514
"InstallShield_{07D618CD-B016-438A-ADC9-A75BD23F85CE}" = Wave Support Software
"InstallShield_{0B0A2153-58A6-4244-B458-25EDF5FCD809}" = Private Information Manager
"InstallShield_{51AE9E42-640D-4C14-A9B6-43F64AA4E3E2}" = Document Manager Lite
"InstallShield_{53333479-6A52-4816-8497-5C52B67ED339}" = EMBASSY Security Setup
"InstallShield_{D1E829E9-88B8-47C6-A75E-0D40E2C09D50}" = Secure Update
"InstallShield_{E738A392-F690-4A9D-808E-7BAF80E0B398}" = ESC Home Page Plugin
"InstallShield_{EC84E3E6-C2D6-4DFB-81E0-448324C8FDF4}" = Security Wizards
"InstallShield_{EEAFE1E5-076B-430A-96D9-B567792AFA88}" = EMBASSY Security Center
"InstantArticleWizard" = InstantArticleWizard
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Mihov Image Resizer" = Mihov Image Resizer 1.1 (remove only)
"Mozilla Firefox (3.6.15)" = Mozilla Firefox (3.6.15)
"N360" = Norton 360
"PROHYBRIDR" = 2007 Microsoft Office system
"Revo Uninstaller" = Revo Uninstaller 1.83
"SoftwareUpdUtility" = Download Updater (AOL LLC)
"WinGimp-2.0_is1" = GIMP 2.6.11
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"309a46b1dc89b774" = Dell Driver Download Manager
"f031ef6ac137efc5" = Dell Driver Download Manager - 1
"GoToMeeting" = GoToMeeting 4.5.0.457
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 1/17/2010 8:18:40 PM | Computer Name = Glory-laptop | Source = Microsoft-Windows-CAPI2 | ID = 131585
Description =
Error - 1/17/2010 8:18:40 PM | Computer Name = Glory-laptop | Source = Microsoft-Windows-CAPI2 | ID = 131585
Description =
Error - 1/17/2010 8:18:40 PM | Computer Name = Glory-laptop | Source = Broadcom ASF IP and SMBIOS Mailbox Monitor | ID = 0
Description =
Error - 1/17/2010 8:27:31 PM | Computer Name = Glory-laptop | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18865, time stamp
0x4b077416, faulting module jscript.dll, version 5.8.6001.18795, time stamp 0x4a29f842,
exception code 0xc0000005, fault offset 0x00014f84, process id 0x1370, application
start time 0x01ca97d44757112a.
Error - 1/17/2010 8:34:52 PM | Computer Name = Glory-laptop | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18865, time stamp
0x4b077416, faulting module ntdll.dll, version 6.0.6002.18005, time stamp 0x49e03821,
exception code 0xc0000005, fault offset 0x00042775, process id 0x1590, application
start time 0x01ca97d5097fb7ca.
Error - 1/18/2010 12:40:01 AM | Computer Name = Glory-laptop | Source = Broadcom ASF IP and SMBIOS Mailbox Monitor | ID = 0
Description =
Error - 1/18/2010 12:45:02 AM | Computer Name = Glory-laptop | Source = Broadcom ASF IP and SMBIOS Mailbox Monitor | ID = 0
Description =
Error - 1/18/2010 12:50:01 AM | Computer Name = Glory-laptop | Source = Broadcom ASF IP and SMBIOS Mailbox Monitor | ID = 0
Description =
Error - 1/18/2010 12:55:01 AM | Computer Name = Glory-laptop | Source = Broadcom ASF IP and SMBIOS Mailbox Monitor | ID = 0
Description =
Error - 1/18/2010 1:00:02 AM | Computer Name = Glory-laptop | Source = Broadcom ASF IP and SMBIOS Mailbox Monitor | ID = 0
Description =
[ OSession Events ]
Error - 5/8/2010 2:43:17 PM | Computer Name = Glory-laptop | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 761
seconds with 0 seconds of active time. This session ended with a crash.
Error - 5/9/2010 1:08:26 PM | Computer Name = Glory-laptop | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 18
seconds with 0 seconds of active time. This session ended with a crash.
Error - 5/11/2010 6:30:52 PM | Computer Name = Glory-laptop | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 14
seconds with 0 seconds of active time. This session ended with a crash.
Error - 5/17/2010 10:16:39 PM | Computer Name = Glory-laptop | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 43
seconds with 0 seconds of active time. This session ended with a crash.
Error - 5/25/2010 6:12:18 PM | Computer Name = Glory-laptop | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 510370
seconds with 720 seconds of active time. This session ended with a crash.
Error - 5/25/2010 9:07:52 PM | Computer Name = Glory-laptop | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 29
seconds with 0 seconds of active time. This session ended with a crash.
Error - 5/26/2010 7:04:43 PM | Computer Name = Glory-laptop | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 91
seconds with 0 seconds of active time. This session ended with a crash.
Error - 5/27/2010 9:34:04 PM | Computer Name = Glory-laptop | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 227
seconds with 120 seconds of active time. This session ended with a crash.
Error - 8/30/2010 10:30:21 PM | Computer Name = Glory-laptop | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6535.5005, Microsoft Office Version: 12.0.6425.1000. This session lasted 16775
seconds with 180 seconds of active time. This session ended with a crash.
Error - 10/27/2010 8:09:11 AM | Computer Name = Glory-laptop | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.6500.5000, Microsoft Office Version: 12.0.6425.1000. This session
lasted 35 seconds with 0 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 3/11/2011 11:57:55 AM | Computer Name = Glory-laptop | Source = Service Control Manager | ID = 7000
Description =
Error - 3/11/2011 11:57:55 AM | Computer Name = Glory-laptop | Source = Service Control Manager | ID = 7000
Description =
Error - 3/11/2011 11:57:56 AM | Computer Name = Glory-laptop | Source = Service Control Manager | ID = 7000
Description =
Error - 3/11/2011 11:57:57 AM | Computer Name = Glory-laptop | Source = Service Control Manager | ID = 7000
Description =
Error - 3/11/2011 11:58:18 AM | Computer Name = Glory-laptop | Source = Service Control Manager | ID = 7000
Description =
Error - 3/11/2011 11:58:45 AM | Computer Name = Glory-laptop | Source = Service Control Manager | ID = 7000
Description =
Error - 3/11/2011 11:58:46 AM | Computer Name = Glory-laptop | Source = Service Control Manager | ID = 7000
Description =
Error - 3/11/2011 11:58:47 AM | Computer Name = Glory-laptop | Source = Service Control Manager | ID = 7000
Description =
Error - 3/11/2011 11:58:48 AM | Computer Name = Glory-laptop | Source = Service Control Manager | ID = 7000
Description =
Error - 3/11/2011 11:58:49 AM | Computer Name = Glory-laptop | Source = Service Control Manager | ID = 7000
Description =
< End of report >
JJ8765
41 Posts
0
March 12th, 2011 11:00
Faith,
Two questions -
First, I'm suddenly (since yesterday, I believe) not able to open PDF files. Did one of the programs do that? How do I "undo" that so that I can open these files?
Second, can I uninstall the programs you've asked me to download?
Thank you.
JJ8765
faith_michele
32 Posts
0
March 12th, 2011 18:00
Hi JJ8765,
Your logs are clean. I do not see anything that was removed with ComboFix that would have caused a problem with Adobe Acrobat. Try to uninstall and reinstall Adobe Acrobat. Let's hold off on the clean up until after I look at your Event Viewer logs.
First
Please answer these questions with your response.
1. Did you install any Windows Updates?
2. Did you clear the Print Spooler? Are you able to print?
Second
I need you to go to the administrative tools.
Click Start>Type Event Viewer in the search box>double-click Event Viewer found in the the results.
Over on the left hand side expand the window category and then click on System. Then up at the top click on Action and then click on Save Events As, type in system as the file name, make sure file type EVTX is selected, and then navigate so it will save the file to your desktop, then click save. Over on the left hand side, click on Application. Then up at the top click on Action and then click on Save Events As, type in application as the file name, make sure file type EVTX is selected, and then navigate so it will save the file to your desktop, then click save. Zip them both up into a single zip file, post them back here in your next reply as attachments.
Third
Run DDS again and post the DDS.txt & Attach.txt logs.
Review What to include in your response.
1. Let me know if you experienced any errors with the instructions and tell me exactly what problems you are still experiencing.
2. The answers to the questions in the First Step.
3. The system.evtx & application.evtx (zip file) attached .
4. The DDS.txt & Attach.txt logs (may take several posts).
Thank you,
Faith
JJ8765
41 Posts
0
March 13th, 2011 14:00
Faith,
Thank you for the update. I uninstalled and reinstalled Adobe Acrobat and now I can open pdf files.
1)
I have not installed Windows updates myself since weeks before I first reported the printer issue. I believe the PC did a Windows update overnight in early February (around Feb 10th) & that kept me from opening QuickBooks, so I researched it and uninstalled the update that occurred on 2/9/11. Most nights I power the PC down. Even on the nights since when I haven't powered down, I can tell that the machine didn't do an automatic update because, when it does, it reboots, and it hasn't done that on its own since 2/9.
I have cleared the print spooler myself many times since this printer issue started, including most times before the uninstall/reinstall of the printer driver. The spooler is currently empty. (I ran it through the stop/start process anyway.) Even though the printer is listed as a valid printer, when I tried to print, I still get the message stating the PC and printer communication isn't there.
2) The Zip of the EVTX files is attached
http://en.community.dell.com/cfs-file.ashx/__key/CommunityServer.Discussions.Components.Files/3521/7230.system_2D00_application.zip
3)
DDS.txt:
.
DDS (Ver_11-03-05.01) - NTFSx86
Run by Glory at 14:57:04.60 on Sun 03/13/2011
Internet Explorer: 8.0.6001.19019 BrowserJavaVersion: 1.6.0_24
Microsoft® Windows Vista™ Business 6.0.6002.2.1252.1.1033.18.2037.594 [GMT -5:00]
.
AV: Norton 360 *Disabled/Updated* {88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855}
SP: Norton 360 *Enabled/Updated* {33A8BBD2-AA01-20A2-213B-0B8EB45B02E8}
FW: Norton 360 *Disabled* {B0F2DB13-C654-2E74-30D4-99C9310F0F2E}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\WLTRYSVC.EXE
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\bcmwltry.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe
C:\Windows\system32\atashost.exe
C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\dldocoms.exe
C:\Program Files\Flip Video\FlipShare\FlipShareService.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\System32\WLTRAY.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Google\Google Talk\googletalk.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\Wave Systems Corp\SecureUpgrade.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\Flip Video\FlipShareServer\FlipShareServer.exe
C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe
C:\Program Files\Dell 968 AIO Printer\dldomon.exe
C:\Program Files\Dell 968 AIO Printer\memcard.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Program Files\Norton 360\Engine\4.3.0.5\ccSvcHst.exe
C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\PSIService.exe
C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
C:\Windows\system32\locator.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Windows\system32\STacSV.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\dllhost.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\DllHost.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Norton 360\Engine\4.3.0.5\ccSvcHst.exe
C:\Windows\System32\msdtc.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Users\Glory\AppData\Local\Google\Update\1.2.183.39\GoogleCrashHandler.exe
C:\Program Files\Apoint\ApMsgFwd.exe
C:\Program Files\Apoint\HidFind.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Adobe\Reader 10.0\Reader\AcroRd32.exe
C:\Program Files\Adobe\Reader 10.0\Reader\AcroRd32.exe
C:\Users\Glory\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Glory\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\TechSmith\SnagIt 8\SnagIt32.exe
C:\Program Files\TechSmith\SnagIt 8\TSCHelp.exe
C:\Program Files\TechSmith\SnagIt 8\SnagPriv.exe
C:\Windows\system32\SearchIndexer.exe
C:\Users\Glory\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Glory\Downloads\dds.scr
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Users\Glory\Downloads\dds.scr
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
BHO: SnagIt Toolbar Loader: {00c6482d-c502-44c8-8409-fce54ad9c208} - c:\program files\techsmith\snagit 8\SnagItBHO.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - c:\program files\norton 360\engine\4.3.0.5\coIEPlg.dll
BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - c:\program files\norton 360\engine\4.3.0.5\IPSBHO.DLL
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Skype Plug-In: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.6.6209.1142\swg.dll
BHO: CBrowserHelperObject Object: {ca6319c0-31b7-401e-a518-a07c3db8f777} - c:\program files\dell\bae\BAE.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - c:\program files\norton 360\engine\4.3.0.5\coIEPlg.dll
TB: SnagIt: {8ff5e183-abde-46eb-b09e-d2aab95cabe3} - c:\program files\techsmith\snagit 8\SnagItIEAddin.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
uRun: [Aim] "c:\program files\aim\aim.exe" /d locale=en-US
uRun: [Google Update] "c:\users\glory\appdata\local\google\update\GoogleUpdate.exe" /c
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [Broadcom Wireless Manager UI] c:\windows\system32\WLTRAY.exe
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [googletalk] c:\program files\google\google talk\googletalk.exe /autostart
mRun: [Apoint] c:\program files\apoint\Apoint.exe
mRun: [SecureUpgrade] c:\program files\wave systems corp\SecureUpgrade.exe
mRun: [IAAnotif] "c:\program files\intel\intel matrix storage manager\Iaanotif.exe"
mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup
mRun: [ECenter] c:\dell\e-center\EULALauncher.exe
mRun: [WavXMgr] c:\program files\wave systems corp\services manager\docmgr\bin\WavXDocMgr.exe
mRun: [PDVDDXSrv] "c:\program files\cyberlink\powerdvd dx\PDVDDXSrv.exe"
mRun: [IntelliPoint] "c:\program files\microsoft intellipoint\ipoint.exe"
mRun: [PMBVolumeWatcher] c:\program files\sony\pmb\PMBVolumeWatcher.exe
mRun: [dldomon.exe] "c:\program files\dell 968 aio printer\dldomon.exe"
mRun: [MemoryCardManager] "c:\program files\dell 968 aio printer\memcard.exe"
mRun: [Dell 968 AIO Printer Fax Server] "c:\program files\dell 968 aio printer\fm3032.exe" /s
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 10.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\digita~1.lnk - c:\program files\digital line detect\DLG.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office10\OSA.EXE
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\quickb~1.lnk - c:\program files\common files\intuit\quickbooks\qbupdate\qbupdate.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\quickset.lnk - c:\program files\dell\quickset\quickset.exe
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~1\office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~1\office12\REFIEBAR.DLL
DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - hxxp://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {FF1CD9A3-00CD-45C1-8182-4EEC229A182D} - hxxps://www.plaxo.com/activex/plx_upldr-2k-xp.cab
Handler: intu-help-qb1 - {9B0F96C7-2E4B-433e-ABF3-043BA1B54AE3} - c:\program files\intuit\quickbooks 2008\HelpAsyncPluggableProtocol.dll
Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - c:\windows\system32\mscoree.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: gemsafe - c:\program files\gemplus\gemsafe libraries\bin\WLEventNotify.dll
Notify: igfxcui - igfxdev.dll
AppInit_DLLs: c:\progra~1\google\google~2\GoogleDesktopNetwork3.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\glory\appdata\roaming\mozilla\firefox\profiles\c5yutw2i.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - plugin: c:\program files\google\update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdnu.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdnupdater2.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
.
---- FIREFOX POLICIES ----
FF - user.js: network.protocol-handler.warn-external.dnupdate - false
.
============= SERVICES / DRIVERS ===============
.
R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\n360\0403000.005\symds.sys [2010-9-23 328752]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\n360\0403000.005\symefa.sys [2010-9-23 173104]
R1 BHDrvx86;BHDrvx86;c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_4.1.0.32\definitions\bashdefs\20110309.001\BHDrvx86.sys [2011-3-10 800376]
R1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\n360\0403000.005\cchpx86.sys [2010-9-23 501888]
R1 IDSVix86;IDSVix86;c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_4.1.0.32\definitions\ipsdefs\20110311.001\IDSvix86.sys [2011-3-12 353912]
R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\n360\0403000.005\ironx86.sys [2010-9-23 116784]
R1 SYMTDIv;Symantec Vista Network Dispatch Driver;c:\windows\system32\drivers\n360\0403000.005\symtdiv.sys [2010-9-23 339504]
R2 ASFIPmon;Broadcom ASF IP and SMBIOS Mailbox Monitor;c:\program files\broadcom\asfipmon\AsfIpMon.exe [2006-12-19 79432]
R2 atashost;WebEx Service Host for Support Center;c:\windows\system32\atashost.exe [2010-11-10 43912]
R2 dldo_device;dldo_device;c:\windows\system32\dldocoms.exe -service --> c:\windows\system32\dldocoms.exe -service [?]
R2 FlipShareServer;FlipShare Server;c:\program files\flip video\flipshareserver\FlipShareServer.exe [2010-12-15 1085440]
R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-6-19 21504]
R2 N360;Norton 360;c:\program files\norton 360\engine\4.3.0.5\ccsvchst.exe [2010-9-23 126392]
R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files\sony\pmb\PMBDeviceInfoProvider.exe [2009-10-24 360224]
R2 Wave UCSPlus;Wave UCSPlus;c:\windows\system32\dllhost.exe [2006-11-2 7168]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2008-5-17 179712]
R3 dc3d;MS Hardware Device Detection Driver;c:\windows\system32\drivers\dc3d.sys [2010-7-21 44432]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2011-1-1 102448]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-2-4 135664]
S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\magix\common\database\bin\fbserver.exe [2008-6-26 1527900]
S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\google\google desktop search\GoogleDesktop.exe [2008-5-17 30192]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
.
=============== Created Last 30 ================
.
2011-03-11 16:50:03 -------- d-----w- c:\program files\ESET
2011-03-09 15:06:48 677888 ----a-w- c:\windows\system32\mstsc.exe
2011-03-09 15:06:48 2067968 ----a-w- c:\windows\system32\mstscax.dll
2011-03-09 15:06:45 429056 ----a-w- c:\windows\system32\EncDec.dll
2011-03-09 15:06:45 322560 ----a-w- c:\windows\system32\sbe.dll
2011-03-09 15:06:44 177664 ----a-w- c:\windows\system32\mpg2splt.ax
2011-03-09 15:06:44 153088 ----a-w- c:\windows\system32\sbeio.dll
2011-03-07 18:28:23 -------- d-----w- C:\$RECYCLE.BIN
2011-03-07 18:07:51 98816 ----a-w- c:\windows\sed.exe
2011-03-07 18:07:51 89088 ----a-w- c:\windows\MBR.exe
2011-03-07 18:07:51 256512 ----a-w- c:\windows\PEV.exe
2011-03-07 18:07:51 161792 ----a-w- c:\windows\SWREG.exe
2011-03-06 14:46:30 45056 ----a-w- c:\windows\system32\DLDOPMON.DLL
2011-03-06 14:46:30 32768 ----a-w- c:\windows\system32\DLDOFXPU.DLL
2011-03-06 14:46:09 49152 ----a-w- c:\windows\system32\dldooem.dll
2011-03-06 14:46:09 12288 ----a-w- c:\windows\system32\DLDOPMRC.DLL
2011-03-06 05:01:43 562871 ----a-w- c:\progra~2\SPL646A.tmp
2011-03-06 04:31:44 2602137 ----a-w- c:\progra~2\SPLEE50.tmp
2011-03-06 03:54:52 5816236 ----a-w- c:\progra~2\SPL2FE6.tmp
2011-03-05 18:44:14 388096 ----a-r- c:\users\glory\appdata\roaming\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe
2011-03-05 18:44:12 -------- d-----w- c:\program files\Trend Micro
2011-03-04 22:11:56 -------- d-----w- c:\users\glory\appdata\roaming\Malwarebytes
2011-03-04 22:11:38 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-03-04 22:11:37 -------- d-----w- c:\progra~2\Malwarebytes
2011-03-04 22:11:34 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-03-04 22:11:33 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-03-04 15:19:58 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-03-04 15:19:58 472808 ----a-w- c:\program files\mozilla firefox\plugins\npdeployJava1.dll
2011-02-19 00:29:43 -------- d-----w- c:\users\glory\appdata\local\AOL
2011-02-19 00:29:43 -------- d-----w- c:\users\glory\appdata\local\AIM
2011-02-19 00:28:54 -------- d-----w- c:\progra~2\AIM
2011-02-19 00:28:46 -------- d-----w- c:\program files\AIM
2011-02-19 00:28:44 -------- d-----w- c:\program files\common files\Software Update Utility
2011-02-19 00:28:43 -------- d-----w- c:\program files\common files\AOL
2011-02-18 23:41:10 -------- d-----w- c:\program files\GIMP-2.0
.
==================== Find3M ====================
.
2011-01-20 16:08:16 478720 ----a-w- c:\windows\system32\dxgi.dll
2011-01-20 16:08:06 219648 ----a-w- c:\windows\system32\d3d10_1core.dll
2011-01-20 16:08:06 189952 ----a-w- c:\windows\system32\d3d10core.dll
2011-01-20 16:08:06 160768 ----a-w- c:\windows\system32\d3d10_1.dll
2011-01-20 16:08:06 1029120 ----a-w- c:\windows\system32\d3d10.dll
2011-01-20 16:07:58 37376 ----a-w- c:\windows\system32\cdd.dll
2011-01-20 16:07:42 258048 ----a-w- c:\windows\system32\winspool.drv
2011-01-20 16:07:16 586240 ----a-w- c:\windows\system32\stobject.dll
2011-01-20 16:06:38 2873344 ----a-w- c:\windows\system32\mf.dll
2011-01-20 16:06:35 26112 ----a-w- c:\windows\system32\printfilterpipelineprxy.dll
2011-01-20 16:04:54 98816 ----a-w- c:\windows\system32\mfps.dll
2011-01-20 16:04:54 209920 ----a-w- c:\windows\system32\mfplat.dll
2011-01-20 14:28:38 1554432 ----a-w- c:\windows\system32\xpsservices.dll
2011-01-20 14:27:50 876032 ----a-w- c:\windows\system32\XpsPrint.dll
2011-01-20 14:26:30 667648 ----a-w- c:\windows\system32\printfilterpipelinesvc.exe
2011-01-20 14:25:25 847360 ----a-w- c:\windows\system32\OpcServices.dll
2011-01-20 14:24:32 288768 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2011-01-20 14:24:26 135680 ----a-w- c:\windows\system32\XpsRasterService.dll
2011-01-20 14:15:10 979456 ----a-w- c:\windows\system32\MFH264Dec.dll
2011-01-20 14:14:39 357376 ----a-w- c:\windows\system32\MFHEAACdec.dll
2011-01-20 14:14:03 302592 ----a-w- c:\windows\system32\mfmp4src.dll
2011-01-20 14:14:03 261632 ----a-w- c:\windows\system32\mfreadwrite.dll
2011-01-20 14:12:46 1172480 ----a-w- c:\windows\system32\d3d10warp.dll
2011-01-20 14:11:34 486400 ----a-w- c:\windows\system32\d3d10level9.dll
2011-01-20 13:47:51 683008 ----a-w- c:\windows\system32\d2d1.dll
2011-01-20 13:44:05 1068544 ----a-w- c:\windows\system32\DWrite.dll
2011-01-20 13:44:03 797184 ----a-w- c:\windows\system32\FntCache.dll
2011-01-08 08:47:50 34304 ----a-w- c:\windows\system32\atmlib.dll
2011-01-08 06:28:49 292352 ----a-w- c:\windows\system32\atmfd.dll
2010-12-31 13:57:01 2039808 ----a-w- c:\windows\system32\win32k.sys
2010-12-28 15:55:03 413696 ----a-w- c:\windows\system32\odbc32.dll
2010-12-26 00:11:06 521220 ----a-w- c:\progra~2\SPL8AF0.tmp
2010-12-25 16:57:17 467502 ----a-w- c:\progra~2\SPL58B1.tmp
2010-12-25 16:31:38 467502 ----a-w- c:\progra~2\SPLDFCA.tmp
2010-12-25 16:28:13 467502 ----a-w- c:\progra~2\SPLBEF7.tmp
2010-12-21 01:02:30 2336550 ----a-w- c:\progra~2\SPLFBAD.tmp
2010-12-20 22:58:06 862892 ----a-w- c:\progra~2\SPL1447.tmp
2010-12-20 22:53:44 862892 ----a-w- c:\progra~2\SPL169C.tmp
2010-12-18 06:27:04 916480 ----a-w- c:\windows\system32\wininet.dll
2010-12-18 06:22:41 43520 ----a-w- c:\windows\system32\licmgr10.dll
2010-12-18 06:22:27 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2010-12-18 06:22:11 71680 ----a-w- c:\windows\system32\iesetup.dll
2010-12-18 06:22:11 109056 ----a-w- c:\windows\system32\iesysprep.dll
2010-12-18 05:25:26 385024 ----a-w- c:\windows\system32\html.iec
2010-12-18 04:48:39 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2010-12-18 04:47:11 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2010-12-14 14:49:23 1169408 ----a-w- c:\windows\system32\sdclt.exe
.
============= FINISH: 14:57:37.00 ===============
Attach.txt:
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_11-03-05.01)
.
Microsoft® Windows Vista™ Business
Boot Device: \Device\HarddiskVolume3
Install Date: 5/17/2008 3:32:50 AM
System Uptime: 3/13/2011 2:19:30 PM (0 hours ago)
.
Motherboard: Dell Inc. | | 0KU184
Processor: Intel(R) Core(TM)2 Duo CPU T7250 @ 2.00GHz | Microprocessor | 1600/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 110 GiB total, 13.013 GiB free.
D: is FIXED (NTFS) - 2 GiB total, 1.399 GiB free.
E: is CDROM ()
H: is Removable
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP1274: 3/13/2011 2:28:44 PM - Installed Adobe Reader X.
.
==== Installed Programs ======================
.
2007 Microsoft Office system
ABBYY FineReader 6.0 Sprint
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader X (10.0.1)
AIM 7
Any Video Converter 3.0.1
Apple Application Support
Apple Mobile Device Support
Apple Software Update
AuthenTec Fingerprint Sensor Minimum Install
biolsp patch
Bonjour
Broadcom ASF Management Applications
Broadcom Management Programs
Browser Address Error Redirector
Business Contact Manager for Outlook 2007 SP2
Camtasia Studio 7
Cisco Connect
Cisco EAP-FAST Module
Cisco LEAP Module
Cisco PEAP Module
Conexant HDA D330 MDC V.92 Modem
Dell 968 AIO Printer
Dell Driver Download Manager
Dell Driver Download Manager - 1
Dell Drivers MSI
Dell Embassy Trust Suite by Wave Systems
Dell Getting Started Guide
Dell Touchpad
Dell Wireless WLAN Card
Digital Line Detect
DLCO_AIOC
DLCO_Fax4
DLCO_MCM
DLCO_Pubs
DLCO_Wireless
Document Manager Lite
Download Updater (AOL LLC)
DVD Architect Studio 5.0
EDocs
EMBASSY Security Center
EMBASSY Security Setup
EMBASSY Trust Suite by Wave Systems
ESC Home Page Plugin
ESET Online Scanner v3
FileZilla Client 3.3.5.1
FlipShare
GearDrvs
Gemalto
GemSafe Standard Edition 5.1
GIMP 2.6.11
Google Chrome
Google Desktop
Google Talk (remove only)
Google Toolbar for Internet Explorer
Google Update Helper
GoToAssist 8.0.0.514
GoToMeeting 4.5.0.457
HiJackThis
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
InstantArticleWizard
Intel(R) Matrix Storage Manager
iTunes
Java Auto Updater
Java(TM) 6 Update 24
Malwarebytes' Anti-Malware
MFCLOC
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft FrontPage 2002
Microsoft IntelliPoint 8.0
Microsoft Office 2003 Web Components
Microsoft Office 2007 Primary Interop Assemblies
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Professional Hybrid 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Small Business Connectivity Components
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft SQL Server 2005
Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
Microsoft SQL Server Native Client
Microsoft SQL Server Setup Support Files (English)
Microsoft SQL Server VSS Writer
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft XML Parser
Mihov Image Resizer 1.1 (remove only)
Mobipocket Reader 6.2
Modem Diagnostic Tool
Moyea Video Converter version 2.5.1.1757
Mozilla Firefox (3.6.15)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB941833)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
NetWaiting
Norton 360
NTRU TCG Software Stack
OGA Notifier 2.0.0048.0
PMB
PowerDVD
Preboot Manager
Private Information Manager
QuickBooks Pro 2008
QuickSet
QuickTime
Revo Uninstaller 1.83
Roxio Activation Module
Roxio Creator Audio
Roxio Creator BDAV Plugin
Roxio Creator Copy
Roxio Creator Data
Roxio Creator DE
Roxio Creator Tools
Roxio Express Labeler 3
Roxio Update Manager
Safari
Secure Update
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2288931)
Security Update for 2007 Microsoft Office System (KB2289158)
Security Update for 2007 Microsoft Office System (KB2344875)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Microsoft Office Access 2007 (KB979440)
Security Update for Microsoft Office Excel 2007 (KB2345035)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB982158)
Security Update for Microsoft Office PowerPoint Viewer (KB2413381)
Security Update for Microsoft Office Publisher 2007 (KB2284697)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2344993)
Security Wizards
Skype Toolbars
Skype™ 5.0
SmarterMail Sync for Outlook 2003 and above
SnagIt 8
Sonic CinePlayer Decoder Pack
SupportSoft Assisted Service
TweetDeck
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Outlook 2007 (KB2412171)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update for Outlook 2007 Junk Email Filter (KB2508979)
upekmsi
Wave Infrastructure Installer
Wave Support Software
WebEx
.
==== Event Viewer Messages From Past Week ========
.
3/9/2011 5:46:58 PM, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
3/8/2011 9:38:40 AM, Error: Service Control Manager [7030] - The dldo_device service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
3/8/2011 11:07:42 AM, Error: Microsoft-Windows-PrintSpooler [6161] - The document Microsoft Word - How to Use a CSV File for Kunaki Uploads.docx, owned by Glory, failed to print on printer Dell 968 AIO Printer XPS. Try to print the document again, or restart the print spooler. Data type: RAW. Size of the spool file in bytes: 302354. Number of bytes printed: 302354. Total number of pages in the document: 1. Number of pages printed: 1. Client computer: \\GLORY-LAPTOP. Win32 error code returned by the print processor: 1726. The remote procedure call failed.
3/7/2011 4:21:31 AM, Error: i8042prt [40] - An error occurred while trying to acquire the device ID of the mouse
3/7/2011 4:21:31 AM, Error: i8042prt [22] - Could not set the mouse sample rate.
3/7/2011 12:27:52 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the TrkWks service.
3/7/2011 12:27:22 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SysMain service.
3/7/2011 12:19:52 PM, Error: Service Control Manager [7030] - The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
3/7/2011 12:14:21 PM, Error: Ntfs [55] - The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume OS.
3/7/2011 12:09:44 PM, Error: Service Control Manager [7034] - The Dell Wireless WLAN Tray Service service terminated unexpectedly. It has done this 1 time(s).
3/7/2011 12:09:13 PM, Error: Service Control Manager [7034] - The XAudioService service terminated unexpectedly. It has done this 1 time(s).
3/6/2011 2:11:57 PM, Error: Service Control Manager [7034] - The Diagnostic System Host service terminated unexpectedly. It has done this 1 time(s).
3/6/2011 2:11:57 PM, Error: Service Control Manager [7031] - The WLAN AutoConfig service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
3/6/2011 2:11:57 PM, Error: Service Control Manager [7031] - The Windows Driver Foundation - User-mode Driver Framework service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
3/6/2011 2:11:57 PM, Error: Service Control Manager [7031] - The Windows Audio Endpoint Builder service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
3/6/2011 2:11:57 PM, Error: Service Control Manager [7031] - The Tablet PC Input Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
3/6/2011 2:11:57 PM, Error: Service Control Manager [7031] - The Superfetch service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
3/6/2011 2:11:57 PM, Error: Service Control Manager [7031] - The ReadyBoost service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
3/6/2011 2:11:57 PM, Error: Service Control Manager [7031] - The Program Compatibility Assistant Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
3/6/2011 2:11:57 PM, Error: Service Control Manager [7031] - The Portable Device Enumerator Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
3/6/2011 2:11:57 PM, Error: Service Control Manager [7031] - The PnP-X IP Bus Enumerator service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
3/6/2011 2:11:57 PM, Error: Service Control Manager [7031] - The Offline Files service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
3/6/2011 2:11:57 PM, Error: Service Control Manager [7031] - The Network Connections service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 100 milliseconds: Restart the service.
3/6/2011 2:11:57 PM, Error: Service Control Manager [7031] - The Human Interface Device Access service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
3/6/2011 2:11:57 PM, Error: Service Control Manager [7031] - The Distributed Link Tracking Client service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
3/6/2011 2:11:57 PM, Error: Service Control Manager [7031] - The Desktop Window Manager Session Manager service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
3/6/2011 12:09:07 AM, Error: Microsoft-Windows-PrintSpooler [6161] - The document Microsoft Word - Dell Printer Problem Offline - 2011-03-05.docx, owned by Glory, failed to print on printer Dell 968 AIO Printer (Copy 1). Try to print the document again, or restart the print spooler. Data type: LEMF. Size of the spool file in bytes: 517971. Number of bytes printed: 517971. Total number of pages in the document: 1. Number of pages printed: 0. Client computer: \\GLORY-LAPTOP. Win32 error code returned by the print processor: 0. The operation completed successfully.
3/6/2011 10:40:20 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.
3/6/2011 1:57:33 PM, Error: EventLog [6008] - The previous system shutdown at 1:56:18 PM on 3/6/2011 was unexpected.
3/6/2011 1:57:14 PM, Error: volmgr [49] - Configuring the Page file for crash dump failed. Make sure there is a page file on the boot partition and that is large enough to contain all physical memory.
3/13/2011 2:38:01 PM, Error: Application Popup [1801] - The hardware has reported an uncorrectable memory error.
3/13/2011 2:31:41 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.
3/13/2011 2:31:41 PM, Error: Service Control Manager [7000] - The Windows Search service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
3/13/2011 2:31:41 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
3/13/2011 2:23:13 PM, Error: Service Control Manager [7000] - The BCM42RLY service failed to start due to the following error: The system cannot find the file specified.
3/13/2011 2:22:15 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Dell Internal Network Card Power Management service to connect.
3/13/2011 2:22:15 PM, Error: Service Control Manager [7001] - The NTRU TSS v1.2.1.25 TCS service depends on the TPM Base Services service which failed to start because of the following error: The operation completed successfully.
3/13/2011 2:20:04 PM, Error: volsnap [25] - The shadow copies of volume C: were deleted because the shadow copy storage could not grow in time. Consider reducing the IO load on the system or choose a shadow copy storage volume that is not being shadow copied.
3/13/2011 2:17:40 PM, Error: Service Control Manager [7034] - The Dell Internal Network Card Power Management service terminated unexpectedly. It has done this 1 time(s).
3/13/2011 2:16:31 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service.
3/12/2011 6:11:59 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the FlipShare Service service.
3/10/2011 3:14:23 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the STacSV service.
3/10/2011 12:04:03 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Volume Shadow Copy service to connect.
3/10/2011 12:04:03 AM, Error: Service Control Manager [7000] - The Volume Shadow Copy service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
3/10/2011 12:04:03 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service VSS with arguments "" in order to run the server: {E579AB5F-1CC4-44B4-BED9-DE0991FF0623}
.
==== End Of File ===========================
faith_michele
32 Posts
0
March 14th, 2011 04:00
Hi JJ8765,
I only recieved one Application & one System event. Please follow the instructions again and save all of your Application & System events for me to review.
Click Start>Type Event Viewer in the search box>double-click Event Viewer found in the results.
Over on the left hand side expand the window category and then click on System. Then up at the top click on Action and then click on Save Events As, type in system as the file name, make sure file type EVTX is selected, and then navigate so it will save the file to your desktop, then click save. Over on the left hand side, click on Application. Then up at the top click on Action and then click on Save Events As, type in application as the file name, make sure file type EVTX is selected, and then navigate so it will save the file to your desktop, then click save. Zip them both up into a single zip file, post them back here in your next reply as attachments.
Thank you,
Faith
JJ8765
41 Posts
0
March 14th, 2011 10:00
Faith,
I don't understand.
Everything you wrote, I did, step by step.
All that resulted, I sent to you: Your steps gave me one file named "system.evtx" and one file named "application.evtx". That is what I got. That is what is in the Zip folder.
I don't understand how you expected the steps to give me more than one "system.evtx" file and more than one "application.evtx" file:
"Over on the left hand side expand the window category and then click on System. Then up at the top click on Action and then click on Save Events As, type in system as the file name, make sure file type EVTX is selected, and then navigate so it will save the file to your desktop, then click save. (NOTE: That is one file)
Over on the left hand side,click on Application. Then up at the top click on Action and then click on Save Events As, type in application as the file name, make sure file type EVTX is selected, and then navigate so it will save the file to your desktop, then click save. (NOTE: That is also one file, not multiple files.) Zip them both (NOTE: "both" refers to two files) up into a single zip file, post them back here in your next reply as attachments."
I zipped both files into the zip folder. I opened the zip folder in the screen shot above to show its contents.
Can you be clearer about what you mean?
Thank you.
JJ8765
faith_michele
32 Posts
0
March 14th, 2011 20:00
Hi JJ8765,
You are absolutely correct about the .evtx files being one file each. What I was trying to explain to you was that there is normally more than one event in each of these files. When you expand the Application & System category in the Event Viewer, tell me how many events are present for each category of Windows Logs (Application & System).
Also, when you tried these steps for you printer - does it prompt you to choose between the AIO and XPS (when you load the All-In-One Center and choose not to remove the XPS driver, you will be asked which printer to use, as you will now have two printers (drivers) installed on that port)?
Having a problem with that pesky Print Pipeline Filter Error with the AIO 968 running Vista 32-bit
Did you previously have a Lexmark Printer installed?
Thank You,
Faith
PudgyOne
9 Legend
9 Legend
•
30.3K Posts
0
March 15th, 2011 02:00
Faith,
Most Dell Inkjet Printers are made for Dell by Lexmark. Sometimes there are some Lexmark files.
Rick
faith_michele
32 Posts
0
March 15th, 2011 17:00
Hi JJ8765,
A big thanks goes to Rick for keeping me straight and explaining about the Lexmark files for a Dell Printer. The reason I am asking to look at the event viewer logs is to see what specific errors are related to the printer communication problem. Sometimes event logs that are logged right before of after the problem gives away specific clues that can be further researched.
If it is not possible to do this, then please proceed as follows:
To try and fix these event errors that show in your DDS log-
Quote:
Quote:
Please try these steps-
---Run sfc /scannow from the elevated Command Prompt
1. To open an elevated Command Prompt - Open the Start Menu.
2. Click on All Programs and Accessories.
3. Right click on Command Prompt and click Run as administrator.
4. Click on Continue in the UAC prompt.
5. In the command prompt, type in sfc /scannow >Enter>allow it to run.
Related screenshots - Verify the Integrity of Windows Vista System Files
---Then run chkdsk /f-
1. Open an elevated Command Prompt (Steps 1-4 above).
2. In the command prompt, type in chkdsk /f >Enter>If prompted to run it on restart, Type in Y for yes>Reboot and allow it to run.
Please let me know how this works for you.
Thank You,
Faith
JJ8765
41 Posts
0
March 15th, 2011 19:00
Faith,
I tried the evtx files again. I may have done them correctly this time.
http://en.community.dell.com/cfs-file.ashx/__key/CommunityServer.Discussions.Components.Files/3521/4111.system_2D00_application-2011_2D00_03_2D00_15.zip
When I uninstall and reinstall the printer driver, Dell doesn't give me a choice between "Dell 968w AIO Printer" or "Dell 968 AIO Printer XPS". It only started giving me the XPS in the last few months. The driver that is available on the support.Dell.com site is R241344, which is the driver that has been available for months:
This printer driver was released on October 4, 2009. I've "re-downloaded" twice, but it's the same printer driver.
In the time I've had this printer and have had to reinstall the printer driver (probably 25 times in -- it will be 3 years in May 2011), I've only recently seen the Lexmark name on a screen or two during the install process and, as mentioned above, I have only in the past couple months seen the "XPS" install itself, but it doesn't give me a choice.
This is the window I get after the R241344 icon runs through its unzip. A window or two after this shows the Lexmark name somewhere, but it happens so fast that I don't recall exactly which window displays it. At no time do I get a choice for "XPS" or not.
Thank you.
JJ8765
faith_michele
32 Posts
0
March 16th, 2011 17:00
Hi JJ8765,
I am still reviewing your Event Viewer logs. They were correct this time. Good Job!
Please run the chkdsk & sfc /scannow according to the previous instructions.
You might need to run the chkdsk first. That is okay.
Try to Repair your QuickBooks installation if this option is available.
Thanks,
Faith
JJ8765
41 Posts
0
March 16th, 2011 19:00
Faith,
I ran the chkdsk/f and sfc /scannow.
Was there supposed to be some output from either of those processes?
The chkdsk didn't have a message when it completed. The sfc /scannow message at the end was:
Windows Resource Protection found corrupt files but was unable to fix some of them. Details are included in the CBS.Log windir\Logs\CBS\CBS.log
I don't know what that means. I did a search for windir\Logs\CBS\CBS.log on the C drive that resulted in nothing. Then I searched on CBS.log -- there was one file. When I tried to click on it, it gave me the message, "Access denied."
I don't know anything about repairing the QuickBooks installation. How is that done?
Thank you.
JJ8765
faith_michele
32 Posts
0
March 17th, 2011 15:00
Hi JJ8765,
Here is a link on the QuickBooks Repair.
For the SFC log:
Start - type in Search box -> CMD find at top - Right Click on - RUN AS ADMIN
Put the command from below (copy and paste it) into that box and then hit enter.
findstr /c:"[SR]" %windir%\logs\cbs\cbs.log >sfcdetails.txt
That creates the sfcdetails.txt file in the folder you are in when you run it.
So if you are in C:\Windows\System32> then you will need to look in that folder for the file.
You might need to un-hide files & folders. How to see hidden files in Windows Vista (scroll down)
Copy & Paste the errors into a reply to this post.
NOTE : there probably are duplicates so please only post each section of errors once. We do not need all the good entries, only the error entries.
More information if needed. How to analyze the log file entries that the Microsoft Windows Resource Checker (SFC.exe) program generates in Windows Vista
The dskchk will show up in your Event Viewer. Please attach new Event Viewer files (zipped Application & System).
Are you using a KVM switch?
Thank You,
Faith
JJ8765
41 Posts
0
March 18th, 2011 13:00
Faith,
I couldn't get very far this time.
Regarding these instructions:
For the SFC log:
Start - type in Search box -> CMD find at top - Right Click on - RUN AS ADMIN
Put the command from below (copy and paste it) into that box and then hit enter.
findstr /c:"[SR]" %windir%\logs\cbs\cbs.log >sfcdetails.txt
When I copied the string you typed above, I used Ctrl+C. Then I went to the CMD box. At the place where the cursor was blinking, I typed Ctrl+V to paste. However, the CMD box took that literally, and what was there? ^V
Is there a special way to paste copied text into the CMD box? If so, please advise.
Regarding this instruction:
That creates the sfcdetails.txt file in the folder you are in when you run it.
How am I "in a folder" at that point? What does that mean? I've not heard of it referred to in that way before. (If I'm in a Word document that's been saved, yes, then I know what folder I'm in. But if I run a process, how am I already in a folder?)
Regarding the QuickBooks repair, in the middle of it, I got the following:
Maybe it shouldn't surprise me, since Quickbooks updates itself on my PC regularly. It seems to be saying that the patch this process was trying to apply is already applied. Does that sound right?
Thank you.
JJ8765