Skip to main content
Start a Conversation

Unsolved

This post is more than 5 years old

JJ8765

41 Posts

8763

March 5th, 2011 11:00

Not able to print on Dell 968w AIO; Printer tech suggested Malware & provided your links

http://en.community.dell.com/cfs-file.ashx/__key/CommunityServer.Discussions.Components.Files/3521/5241.Dell-Printer-Problems-_2D00_-JJ8765-2011_2D00_03_2D00_05--Attempting-to-use-HiJackThis.docx

Hello.

A tech was helping me with printer communication issues between my Latitude D630 & 968W AIO; we didn't get anywhere with all of the steps that had worked in the past. Next, he suggested your link: http://en.community.dell.com/support-forums/virus-spyware/f/3521/t/19251122.aspx

Following your steps, I downloaded HiJackThis. When I first clicked "Do a system scan and save logfile", I got a message that stated the following:

"For some reason your system denied write access to the Hosts file. If any hijacked domains are in this file, HiJackThis may not be able to fix this. If that happens, you need to edit the file yourself. To do this, click Start, Run and type: notepad C:\Windows\System32\drivers\etc\hosts  and press Enter. Find the line(s) HiJackThis reports and delete them. Save the file as 'hosts.' (with quotes), and reboot.  For Vista: simply exit HiJackThis, right click on the HiJackThis icon, choose 'Run as Administrator'. "

Well, folks, I have Vista (32 bit). So I closed HiJackThis, as directed, right-clicked on the HiJackThis icon, and "Run as Administrator" was not listed in the menu. I'm not sure what they were referring to there. So then I tried the first option they listed. Going to Start --> Run and entering notepad C:\Windows\System32\drivers\etc\hosts  and 'Enter' just opened a Notepad doc that was a sample. A sentence toward the top reads: This is a sample HOSTS file used by Microsoft TCP/IP for Windows. The HiJackThis directions stating, "Find the line(s) HiJackThis reports and delete them. Save the file as 'hosts.' " didn't seem to be valid. Since neither of their solutions appeared to resolve the issue, I clicked the OK button in the window, and the log continued to fill itself.

So -- running the HiJackThis scan resulted in a Log, but over that is a blank Notepad window, with another window that reads: "Cannot find the C:\Program Files\Trend Micro\HiJack This\hijackthis.log file.  Do you want to create a new file?"   Choosing "Yes" or "No" results in the same thing: a blank Notepad window. I don't know how to get the Log details into Notepad so that it can be copied.

Do you have any tips for me at this point?

I decided to click "Analyze This" anyway. The only thing that happened was the HJT opened a new window in IE: http://hjt-data.trendmicro.com/hjt/analyzethis/index.php?report=3560990  Not sure why.

I took screen shots of the HJT Log, scrolling through 5 times since I couldn't get the data onto Notepad. I placed the 5 screen shots onto a Word document. The only button I could find to attach anything to this forum message was the "Insert Media" button. I'm not sure if Word is considered to be "media". It didn't stop me from attaching the document. If you don't see the attachment, I could also attach the screen shot jpg files. However, I'm not certain if this forum allows more than one attachment per message.

Thank you!

JJ8765

faith_michele

32 Posts

March 10th, 2011 22:00

Hi JJ8765,

Sorry about that. I was trying to have you move on and run the Kaspersky scan if you still had problems with ESET. You do not need to perform both of these scans.

Quote:

RE your instructions for Vista users, to right-click IE and "run as admin" - and then do what? Now I've got an open IE window that was opened as "run as admin", but when I follow the other steps, such as to "Press Ctrl and click the "ESET Scan Online" link provided, that opens in its own IE window, too. So what was the point of right-clicking IE and choosing to "run as admin"? ESET is in the other non-admin window.

Copy & Paste this link http://eset.com/onlinescan into the IE browser that you open as an Administrator.

Quote:

These steps are confusing:

* Click the esetOnline.png button.
* For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)

In the second bullet, which steps do you intend for me to skip? Do you mean to skip all of the rest of the bullet points? Do you mean to skip some of them? If only skip some of them, which steps to skip?

Skip the first bullet (Press Ctrl and click the "ESET Scan Online" link).

Do perform the step in the second bullet.

Skip the 3rd 4th & 5th bullet.

Follow the rest of the bullets.

Thank You,

Faith

JJ8765

41 Posts

March 11th, 2011 11:00

Faith,

Thanks -- now I understand!

The ESET resulted in no threats found, so there is no log.

Below are the 2 Notepad files.

OTL.txt:

OTL logfile created on: 3/11/2011 1:29:10 PM - Run 1
OTL by OldTimer - Version 3.2.22.3     Folder = C:\Users\Glory\Desktop
Windows Vista Business Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19019)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 27.00% Memory free
4.00 Gb Paging File | 1.00 Gb Available in Paging File | 23.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 109.70 Gb Total Space | 9.21 Gb Free Space | 8.39% Space Free | Partition Type: NTFS
Drive D: | 2.00 Gb Total Space | 1.40 Gb Free Space | 69.96% Space Free | Partition Type: NTFS
Drive H: | 3.73 Gb Total Space | 0.40 Gb Free Space | 10.64% Space Free | Partition Type: FAT32
 
Computer Name: GLORY-LAPTOP | User Name: Glory | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2011/03/11 13:26:35 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Glory\Desktop\OTL.exe
PRC - [2011/02/27 14:53:56 | 000,304,304 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
PRC - [2011/01/05 11:11:04 | 004,321,112 | ---- | M] (AOL Inc.) -- C:\Program Files\AIM\aim.exe
PRC - [2010/12/15 13:31:20 | 000,460,144 | ---- | M] () -- C:\Program Files\Flip Video\FlipShare\FlipShareService.exe
PRC - [2010/12/15 13:22:42 | 001,085,440 | ---- | M] () -- C:\Program Files\Flip Video\FlipShareServer\FlipShareServer.exe
PRC - [2010/11/10 20:56:23 | 000,043,912 | ---- | M] (WebEx Communications, Inc.) -- C:\Windows\System32\atashost.exe
PRC - [2010/09/23 20:25:49 | 000,349,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrobat.exe
PRC - [2010/03/24 15:42:10 | 000,599,328 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe
PRC - [2010/02/25 18:21:50 | 000,126,392 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton 360\Engine\4.3.0.5\ccsvchst.exe
PRC - [2009/10/24 03:18:54 | 000,360,224 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe
PRC - [2009/09/16 18:33:46 | 000,972,064 | ---- | M] (Intuit Inc.) -- C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
PRC - [2009/09/16 17:22:08 | 000,020,480 | ---- | M] (Intuit) -- C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
PRC - [2009/04/27 14:30:34 | 000,410,280 | ---- | M] () -- C:\Program Files\Dell 968 AIO Printer\memcard.exe
PRC - [2009/04/11 00:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/05/17 03:11:44 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
PRC - [2008/02/22 16:01:38 | 001,193,240 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\QuickSet\quickset.exe
PRC - [2008/02/22 15:54:34 | 000,390,424 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\QuickSet\NicConfigSvc.exe
PRC - [2008/01/11 16:50:16 | 000,030,312 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
PRC - [2008/01/03 12:05:32 | 000,102,400 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\stacsv.exe
PRC - [2007/10/05 09:30:34 | 000,595,184 | ---- | M] ( ) -- C:\Windows\System32\dldocoms.exe
PRC - [2007/09/17 10:56:08 | 000,124,200 | ---- | M] (CyberLink Corp.) -- C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
PRC - [2007/09/14 09:53:16 | 000,218,424 | ---- | M] (Wave Systems Corp.) -- C:\Program Files\Wave Systems Corp\SecureUpgrade.exe
PRC - [2007/05/01 10:12:10 | 000,075,336 | ---- | M] (TechSmith Corporation) -- C:\Program Files\TechSmith\SnagIt 8\SnagPriv.exe
PRC - [2007/05/01 10:12:10 | 000,058,952 | ---- | M] (TechSmith Corporation) -- C:\Program Files\TechSmith\SnagIt 8\TscHelp.exe
PRC - [2007/05/01 10:11:48 | 006,395,464 | ---- | M] (TechSmith Corporation) -- C:\Program Files\TechSmith\SnagIt 8\SnagIt32.exe
PRC - [2007/02/12 12:38:04 | 000,355,096 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2007/02/12 12:37:58 | 000,174,872 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2007/01/29 21:07:18 | 000,050,736 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint\ApMsgFwd.exe
PRC - [2007/01/25 19:34:22 | 000,159,744 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint\Apoint.exe
PRC - [2007/01/01 15:22:02 | 003,739,648 | ---- | M] (Google) -- C:\Program Files\Google\Google Talk\googletalk.exe
PRC - [2006/12/19 13:21:48 | 000,079,432 | ---- | M] (Broadcom Corporation) -- C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe
PRC - [2006/11/02 20:40:12 | 000,174,656 | ---- | M] () -- C:\Windows\System32\PSIService.exe
PRC - [2006/09/08 17:10:22 | 000,040,960 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint\hidfind.exe
PRC - [2006/09/08 17:06:08 | 000,040,960 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint\ApntEx.exe
 
 
========== Modules (SafeList) ==========
 
MOD - [2011/03/11 13:26:35 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Glory\Desktop\OTL.exe
MOD - [2010/12/07 18:12:45 | 000,653,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4148_none_5090ab56bcba71c2\msvcr90.dll
MOD - [2010/12/07 18:12:45 | 000,569,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4148_none_5090ab56bcba71c2\msvcp90.dll
MOD - [2010/09/20 13:26:01 | 000,415,088 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton 360\Engine\4.3.0.5\asoehook.dll
MOD - [2010/08/31 09:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV - [2010/12/15 13:31:20 | 000,460,144 | ---- | M] () [Auto | Running] -- C:\Program Files\Flip Video\FlipShare\FlipShareService.exe -- (FlipShare Service)
SRV - [2010/12/15 13:22:42 | 001,085,440 | ---- | M] () [Auto | Running] -- C:\Program Files\Flip Video\FlipShareServer\FlipShareServer.exe -- (FlipShareServer)
SRV - [2010/11/10 20:56:23 | 000,043,912 | ---- | M] (WebEx Communications, Inc.) [Auto | Running] -- C:\Windows\System32\atashost.exe -- (atashost)
SRV - [2010/02/25 18:21:50 | 000,126,392 | R--- | M] (Symantec Corporation) [Unknown | Running] -- C:\Program Files\Norton 360\Engine\4.3.0.5\ccSvcHst.exe -- (N360)
SRV - [2009/10/24 03:18:54 | 000,360,224 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe -- (PMBDeviceInfoProvider)
SRV - [2009/09/16 17:22:08 | 000,020,480 | ---- | M] (Intuit) [Auto | Running] -- C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe -- (QBCFMonitorService)
SRV - [2008/08/08 16:28:20 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe -- (GoToAssist)
SRV - [2008/05/17 03:11:44 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Running] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2008/02/22 15:54:34 | 000,390,424 | ---- | M] (Dell Inc.) [Auto | Running] -- C:\Program Files\Dell\QuickSet\NicConfigSvc.exe -- (nicconfigsvc)
SRV - [2008/01/19 01:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008/01/11 16:50:16 | 000,030,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc)
SRV - [2008/01/03 12:05:32 | 000,102,400 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\stacsv.exe -- (STacSV)
SRV - [2007/11/08 21:50:10 | 001,552,384 | ---- | M] () [Auto | Stopped] -- C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe -- (tcsd_win32.exe)
SRV - [2007/10/05 09:30:34 | 000,595,184 | ---- | M] ( ) [Auto | Running] -- C:\Windows\System32\dldocoms.exe -- (dldo_device)
SRV - [2007/09/13 13:31:44 | 000,192,512 | ---- | M] (Wave Systems Corp.) [On_Demand | Stopped] -- C:\Program Files\Wave Systems Corp\Authentication Manager\WaveEnrollmentService.exe -- (WaveEnrollmentService)
SRV - [2007/08/31 16:39:18 | 000,486,400 | ---- | M] (Wave Systems Corp.) [On_Demand | Stopped] -- C:\Program Files\Wave Systems Corp\Secure Storage Manager\SecureStorageService.exe -- (SecureStorageService)
SRV - [2007/05/24 06:08:44 | 000,061,440 | ---- | M] (Intuit Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe -- (QBFCService)
SRV - [2007/02/12 12:38:04 | 000,355,096 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R)
SRV - [2006/12/19 13:21:48 | 000,079,432 | ---- | M] (Broadcom Corporation) [Auto | Running] -- C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe -- (ASFIPmon)
SRV - [2006/11/02 20:40:12 | 000,174,656 | ---- | M] () [Auto | Start_Pending] -- C:\Windows\System32\PSIService.exe -- (ProtexisLicensing)
SRV - [2005/11/17 14:18:52 | 001,527,900 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- C:\MAGIX\Common\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Running] --  -- (catchme)
DRV - [2011/03/05 16:53:47 | 001,360,760 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\VirusDefs\20110310.038\NAVEX15.SYS -- (NAVEX15)
DRV - [2011/03/05 16:53:46 | 000,086,008 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\VirusDefs\20110310.038\NAVENG.SYS -- (NAVENG)
DRV - [2011/02/25 15:59:12 | 000,800,376 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\BASHDefs\20110309.001\BHDrvx86.sys -- (BHDrvx86)
DRV - [2010/12/30 20:24:40 | 000,102,448 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2010/12/25 12:00:03 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2010/11/08 18:50:30 | 000,353,912 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\IPSDefs\20110310.002\IDSvix86.sys -- (IDSVix86)
DRV - [2010/07/21 16:52:14 | 000,044,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\dc3d.sys -- (dc3d)
DRV - [2010/07/17 10:19:19 | 000,124,976 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2010/05/05 22:01:59 | 000,339,504 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\Drivers\N360\0403000.005\SYMTDIV.SYS -- (SYMTDIv)
DRV - [2010/04/28 23:03:51 | 000,116,784 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\system32\drivers\N360\0403000.005\Ironx86.SYS -- (SymIRON)
DRV - [2010/04/21 21:02:20 | 000,173,104 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\system32\drivers\N360\0403000.005\SYMEFA.SYS -- (SymEFA)
DRV - [2010/04/21 20:29:50 | 000,325,680 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\Drivers\N360\0403000.005\SRTSP.SYS -- (SRTSP)
DRV - [2010/04/21 20:29:50 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\system32\drivers\N360\0403000.005\SRTSPX.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV - [2010/02/25 18:22:57 | 000,501,888 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\system32\drivers\N360\0403000.005\ccHPx86.sys -- (ccHP)
DRV - [2010/02/03 19:40:47 | 000,328,752 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\N360\0403000.005\SYMDS.SYS -- (SymDS)
DRV - [2008/01/03 12:05:40 | 000,330,240 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2007/11/29 01:18:24 | 000,062,208 | ---- | M] (O2Micro) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\oz776.sys -- (guardian2)
DRV - [2007/09/10 08:54:48 | 000,156,160 | ---- | M] (Wave Systems Corp.) [File_System | Auto | Running] -- C:\Windows\System32\drivers\WavxDMgr.sys -- (WavxDMgr)
DRV - [2007/09/07 08:57:14 | 000,026,608 | ---- | M] (Dell Inc) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\PBADRV.sys -- (PBADRV)
DRV - [2007/02/01 03:22:44 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2006/12/19 13:21:52 | 000,010,480 | ---- | M] (Broadcom Corporation) [Kernel | Auto | Running] -- C:\Program Files\Broadcom\ASFIPMon\BASFND.sys -- (BASFND)
DRV - [2006/12/13 01:51:20 | 000,147,968 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2006/11/02 01:36:43 | 002,028,032 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)
DRV - [2006/11/02 01:30:55 | 000,200,704 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express) Intel(R)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
 
 
FF - HKLM\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\IPSFFPlgn\ [2010/07/25 17:49:57 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\coFFPlgn\ [2010/07/17 10:27:45 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.15\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/03/04 16:43:06 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.15\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/03/04 16:43:06 | 000,000,000 | ---D | M]
 
[2009/03/08 15:56:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Glory\AppData\Roaming\Mozilla\Extensions
[2011/03/05 15:21:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Glory\AppData\Roaming\Mozilla\Firefox\Profiles\c5yutw2i.default\extensions
[2010/12/18 15:45:59 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Glory\AppData\Roaming\Mozilla\Firefox\Profiles\c5yutw2i.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/03/04 09:20:07 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/11/19 11:15:40 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2011/03/04 09:20:07 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2009/03/31 21:47:26 | 000,324,976 | ---- | M] (Symantec Corporation) -- C:\Program Files\Mozilla Firefox\components\coFFPlgn.dll
[2011/03/04 09:19:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
 
O1 HOSTS File: ([2011/03/07 12:28:20 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (SnagIt Toolbar Loader) - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 8\SnagItBHO.dll (TechSmith Corporation)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\4.3.0.5\coieplg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\4.3.0.5\ipsbho.dll (Symantec Corporation)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll (Google Inc.)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll (Dell Inc.)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\4.3.0.5\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (SnagIt) - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll (TechSmith Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\4.3.0.5\coieplg.dll (Symantec Corporation)
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Acrobat Speed Launch] C:\Program Files\Adobe\Acrobat 8.0\Acrobat\acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Acrobat Synchronizer] C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [Dell 968 AIO Printer Fax Server] C:\Program Files\Dell 968 AIO Printer\fm3032.exe ()
O4 - HKLM..\Run: [dldomon.exe] C:\Program Files\Dell 968 AIO Printer\dldomon.exe ()
O4 - HKLM..\Run: [ECenter] C:\DELL\E-Center\EULALauncher.exe ( )
O4 - HKLM..\Run: [googletalk] C:\Program Files\Google\Google Talk\googletalk.exe (Google)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [MemoryCardManager] C:\Program Files\Dell 968 AIO Printer\memcard.exe ()
O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [PMBVolumeWatcher] C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe (Sony Corporation)
O4 - HKLM..\Run: [SecureUpgrade] C:\Program Files\Wave Systems Corp\SecureUpgrade.exe (Wave Systems Corp.)
O4 - HKLM..\Run: [WavXMgr] C:\Program Files\Wave Systems Corp\Services Manager\DocMgr\bin\WavXDocMgr.exe (Wave Systems Corp.)
O4 - HKCU..\Run: [Aim] C:\Program Files\AIM\aim.exe (AOL Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Append to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll (Google Inc.)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {FF1CD9A3-00CD-45C1-8182-4EEC229A182D} https://www.plaxo.com/activex/plx_upldr-2k-xp.cab (Plaxo Auto-Import Utility)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.87.72.134 68.87.77.134
O18 - Protocol\Handler\intu-help-qb1 {9B0F96C7-2E4B-433e-ABF3-043BA1B54AE3} - C:\Program Files\Intuit\QuickBooks 2008\HelpAsyncPluggableProtocol.dll (TODO: )
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~2\GoogleDesktopNetwork3.dll) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\gemsafe: DllName - C:\Program Files\Gemplus\GemSafe Libraries\BIN\WLEventNotify.dll - C:\Program Files\Gemplus\GemSafe Libraries\BIN\WLEventNotify.dll (Gemplus)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img21.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img21.jpg
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 15:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
NetSvcs: FastUserSwitchingCompatibility -  File not found
NetSvcs: Ias -  File not found
NetSvcs: Nla -  File not found
NetSvcs: Ntmssvc -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: SRService -  File not found
NetSvcs: WmdmPmSp -  File not found
NetSvcs: LogonHours -  File not found
NetSvcs: PCAudit -  File not found
NetSvcs: helpsvc -  File not found
NetSvcs: uploadmgr -  File not found
 
MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan.lnk -  - File not found
MsConfig - State: "startup" - 2
 
Drivers32: aux - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: aux1 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: aux2 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: aux3 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: midi - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: midi1 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: midi2 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: midi3 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: midi4 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: midimapper - C:\Windows\System32\midimap.dll (Microsoft Corporation)
Drivers32: mixer - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: mixer1 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: mixer2 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: mixer3 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: mixer4 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: msacm.imaadpcm - C:\Windows\System32\imaadp32.acm (Microsoft Corporation)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.msadpcm - C:\Windows\System32\msadp32.acm (Microsoft Corporation)
Drivers32: msacm.msaudio1 - C:\Windows\System32\msaud32.acm (Microsoft Corporation)
Drivers32: msacm.msg711 - C:\Windows\System32\msg711.acm (Microsoft Corporation)
Drivers32: msacm.msgsm610 - C:\Windows\System32\msgsm32.acm (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.i420 - C:\Windows\System32\iyuv_32.dll (Microsoft Corporation)
Drivers32: vidc.iyuv - C:\Windows\System32\iyuv_32.dll (Microsoft Corporation)
Drivers32: vidc.mrle - C:\Windows\System32\msrle32.dll (Microsoft Corporation)
Drivers32: vidc.msvc - C:\Windows\System32\msvidc32.dll (Microsoft Corporation)
Drivers32: vidc.tscc - C:\Windows\System32\tsccvid.dll (TechSmith Corporation)
Drivers32: vidc.uyvy - C:\Windows\System32\msyuv.dll (Microsoft Corporation)
Drivers32: vidc.yuy2 - C:\Windows\System32\msyuv.dll (Microsoft Corporation)
Drivers32: vidc.yvu9 - C:\Windows\System32\tsbyuv.dll (Microsoft Corporation)
Drivers32: vidc.yvyu - C:\Windows\System32\msyuv.dll (Microsoft Corporation)
Drivers32: wave - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: wave1 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: wave2 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: wave3 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: wave4 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: wavemapper - C:\Windows\System32\msacm32.drv (Microsoft Corporation)
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011/03/11 13:26:30 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Glory\Desktop\OTL.exe
[2011/03/11 10:50:03 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2011/03/09 09:06:45 | 000,429,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll
[2011/03/09 09:06:45 | 000,322,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbe.dll
[2011/03/09 09:06:44 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax
[2011/03/09 09:06:44 | 000,153,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbeio.dll
[2011/03/07 12:28:23 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN
[2011/03/07 12:07:51 | 000,161,792 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2011/03/07 12:07:51 | 000,136,704 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2011/03/07 12:07:51 | 000,031,232 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2011/03/07 12:07:38 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2011/03/07 11:52:00 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/03/07 11:51:41 | 000,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe
[2011/03/07 11:51:38 | 000,000,000 | ---D | C] -- C:\32788R22FWJFW
[2011/03/06 13:54:41 | 000,446,464 | ---- | C] (OldTimer Tools) -- C:\Users\Glory\Desktop\TFC.exe
[2011/03/06 08:44:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Printers
[2011/03/06 08:44:22 | 000,000,000 | ---D | C] -- C:\Program Files\Dell 968 AIO Printer
[2011/03/06 08:44:07 | 000,643,072 | ---- | C] ( ) -- C:\Windows\System32\dldopmui.dll
[2011/03/06 08:44:07 | 000,053,248 | ---- | C] ( ) -- C:\Windows\System32\dldoprox.dll
[2011/03/06 08:44:06 | 000,320,752 | ---- | C] ( ) -- C:\Windows\System32\dldoih.exe
[2011/03/06 08:44:05 | 000,983,121 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dldogf.dll
[2011/03/05 12:44:12 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2011/03/05 12:44:12 | 000,000,000 | ---D | C] -- C:\Users\Glory\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
[2011/03/04 16:11:56 | 000,000,000 | ---D | C] -- C:\Users\Glory\AppData\Roaming\Malwarebytes
[2011/03/04 16:11:38 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011/03/04 16:11:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/03/04 16:11:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/03/04 16:11:34 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011/03/04 16:11:33 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/03/04 09:21:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2011/03/04 09:19:58 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll
[2011/03/04 09:19:58 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2011/03/04 09:19:58 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2011/03/04 09:19:58 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2011/03/04 09:10:15 | 000,885,024 | ---- | C] (Sun Microsystems, Inc.) -- C:\Users\Glory\Desktop\jxpiinstall.exe
[2011/02/23 17:43:51 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrsmgr.dll
[2011/02/23 17:43:40 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsmprovhost.exe
[2011/02/23 17:43:39 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrs.exe
[2011/02/23 17:43:39 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrshost.exe
[2011/02/23 17:43:37 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsmplpxy.dll
[2011/02/23 17:43:37 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrssrv.dll
[2011/02/23 17:43:33 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wevtfwd.dll
[2011/02/23 17:43:33 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wecutil.exe
[2011/02/23 17:43:33 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wecapi.dll
[2011/02/23 17:43:33 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmRes.dll
[2011/02/23 17:43:33 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pwrshplugin.dll
[2011/02/23 17:43:20 | 000,252,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSManMigrationPlugin.dll
[2011/02/23 17:43:20 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSManHTTPConfig.exe
[2011/02/23 17:43:20 | 000,241,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrscmd.dll
[2011/02/23 17:43:20 | 000,214,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmWmiPl.dll
[2011/02/23 17:43:20 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmAuto.dll
[2011/02/18 18:29:43 | 000,000,000 | ---D | C] -- C:\Users\Glory\AppData\Local\AOL
[2011/02/18 18:29:43 | 000,000,000 | ---D | C] -- C:\Users\Glory\AppData\Local\AIM
[2011/02/18 18:29:43 | 000,000,000 | ---D | C] -- C:\Users\Glory\AppData\Roaming\acccore
[2011/02/18 18:28:54 | 000,000,000 | ---D | C] -- C:\ProgramData\AIM
[2011/02/18 18:28:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AIM
[2011/02/18 18:28:46 | 000,000,000 | ---D | C] -- C:\Program Files\AIM
[2011/02/18 18:28:44 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Software Update Utility
[2011/02/18 18:28:43 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\AOL
[2011/02/18 17:49:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
[2011/02/18 17:49:52 | 000,000,000 | ---D | C] -- C:\Program Files\FileZilla FTP Client
[2011/02/18 17:42:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP
[2011/02/18 17:41:10 | 000,000,000 | ---D | C] -- C:\Program Files\GIMP-2.0
[2011/02/09 18:57:54 | 002,039,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2011/02/09 18:57:51 | 003,602,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2011/02/09 18:57:50 | 003,550,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2011/02/09 18:57:42 | 001,172,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2011/02/09 18:57:42 | 001,068,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2011/02/09 18:57:41 | 000,979,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFH264Dec.dll
[2011/02/09 18:57:41 | 000,683,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
[2011/02/09 18:57:40 | 001,554,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xpsservices.dll
[2011/02/09 18:57:40 | 000,876,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll
[2011/02/09 18:57:40 | 000,357,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFHEAACdec.dll
[2011/02/09 18:57:40 | 000,288,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll
[2011/02/09 18:57:40 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsRasterService.dll
[2011/02/09 18:57:39 | 000,847,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\OpcServices.dll
[2011/02/09 18:57:39 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxgi.dll
[2011/02/09 18:57:39 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfmp4src.dll
[2011/02/09 18:57:39 | 000,261,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfreadwrite.dll
[2011/02/09 18:57:38 | 002,873,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mf.dll
[2011/02/09 18:57:38 | 001,029,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10.dll
[2011/02/09 18:57:38 | 000,667,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelinesvc.exe
[2011/02/09 18:57:38 | 000,219,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
[2011/02/09 18:57:38 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10core.dll
[2011/02/09 18:57:38 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
[2011/02/09 18:57:37 | 000,486,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10level9.dll
[2011/02/09 18:57:37 | 000,209,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfplat.dll
[2011/02/09 18:57:34 | 000,098,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfps.dll
[2011/02/09 18:57:34 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll
[2011/02/09 18:57:33 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelineprxy.dll
[2011/02/09 18:57:18 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2011/02/09 18:57:18 | 000,602,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2011/02/09 18:57:17 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2011/02/09 18:57:17 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2011/02/09 18:57:17 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2011/02/09 18:57:17 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2011/02/09 18:57:16 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2011/02/09 18:57:16 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2011/02/09 18:57:16 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2011/02/09 18:57:16 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2011/02/09 18:57:16 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2011/02/09 18:57:16 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2011/02/09 18:57:16 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2011/02/09 18:57:16 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2011/02/09 18:57:16 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2011/02/09 18:57:16 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2011/02/09 18:57:16 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2011/02/09 18:57:05 | 000,292,352 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2011/02/09 18:57:05 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2007/09/10 12:46:54 | 001,069,056 | ---- | C] ( ) -- C:\Windows\System32\dldoserv.dll
[2007/09/10 12:43:36 | 000,569,344 | ---- | C] ( ) -- C:\Windows\System32\dldolmpm.dll
[2007/09/10 12:43:28 | 000,339,968 | ---- | C] ( ) -- C:\Windows\System32\dldoiesc.dll
[2007/09/10 12:43:08 | 000,364,544 | ---- | C] ( ) -- C:\Windows\System32\dldocomm.dll
[2007/09/10 12:42:48 | 000,365,808 | ---- | C] ( ) -- C:\Windows\System32\dldocfg.exe
[2007/09/10 12:41:50 | 000,663,552 | ---- | C] ( ) -- C:\Windows\System32\dldohbn3.dll
[2007/09/10 12:41:50 | 000,595,184 | ---- | C] ( ) -- C:\Windows\System32\dldocoms.exe
[2007/09/10 12:41:10 | 000,954,368 | ---- | C] ( ) -- C:\Windows\System32\dldousb1.dll
[2007/09/10 12:40:24 | 000,851,968 | ---- | C] ( ) -- C:\Windows\System32\dldocomc.dll
[2007/09/10 12:36:50 | 000,438,272 | ---- | C] ( ) -- C:\Windows\System32\dldohcp.dll
[2007/09/10 12:36:28 | 000,360,448 | ---- | C] ( ) -- C:\Windows\System32\dldoinpa.dll
[49 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[49 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2011/03/11 13:34:03 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/03/11 13:26:35 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Glory\Desktop\OTL.exe
[2011/03/11 12:50:19 | 000,002,657 | ---- | M] () -- C:\Users\Glory\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Outlook 2007.lnk
[2011/03/11 12:30:28 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/03/11 12:30:28 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/03/11 09:57:54 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/03/10 20:34:01 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/03/08 09:39:00 | 000,020,589 | ---- | M] () -- C:\Windows\System32\LexFiles.ulf
[2011/03/08 09:38:37 | 000,001,883 | ---- | M] () -- C:\Users\Public\Desktop\Dell Printer Supplies - Inkjet.LNK
[2011/03/07 12:28:20 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2011/03/07 12:23:32 | 2136,969,216 | -HS- | M] () -- C:\hiberfil.sys
[2011/03/07 11:50:48 | 004,281,741 | R--- | M] () -- C:\Users\Glory\Desktop\ComboFix.exe
[2011/03/06 14:47:44 | 000,002,627 | ---- | M] () -- C:\Users\Glory\Desktop\Microsoft Office Word 2007.lnk
[2011/03/06 14:43:56 | 000,879,069 | ---- | M] () -- C:\Users\Glory\Desktop\SecurityCheck.exe
[2011/03/06 13:54:42 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\Users\Glory\Desktop\TFC.exe
[2011/03/06 08:48:45 | 000,655,022 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/03/06 08:48:45 | 000,123,444 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/03/06 08:33:12 | 000,002,304 | ---- | M] () -- C:\Windows\WinInit.Ini
[2011/03/05 13:06:03 | 000,002,523 | ---- | M] () -- C:\Users\Glory\Desktop\HiJackThis.lnk
[2011/03/04 16:11:39 | 000,000,908 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/03/04 09:19:23 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2011/03/04 09:19:23 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2011/03/04 09:19:22 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll
[2011/03/04 09:19:22 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2011/03/04 09:10:16 | 000,885,024 | ---- | M] (Sun Microsystems, Inc.) -- C:\Users\Glory\Desktop\jxpiinstall.exe
[2011/03/03 18:55:00 | 058,791,152 | ---- | M] () -- C:\Users\Glory\Desktop\R241344.exe
[2011/03/02 12:07:04 | 000,045,056 | ---- | M] () -- C:\Users\Glory\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/03/02 10:01:17 | 000,010,076 | ---- | M] () -- C:\ProgramData\dldo
[2011/02/18 18:29:10 | 000,000,371 | -H-- | M] () -- C:\IPH.PH
[2011/02/18 18:28:54 | 000,001,720 | ---- | M] () -- C:\Users\Glory\Application Data\Microsoft\Internet Explorer\Quick Launch\AIM.lnk
[2011/02/18 18:28:53 | 000,001,696 | ---- | M] () -- C:\Users\Public\Desktop\AIM.lnk
[2011/02/18 17:49:57 | 000,001,787 | ---- | M] () -- C:\Users\Public\Desktop\FileZilla Client.lnk
[2011/02/18 17:42:16 | 000,000,902 | ---- | M] () -- C:\Users\Public\Desktop\GIMP 2.lnk
[2011/02/10 03:27:26 | 000,388,800 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[49 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[49 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2011/03/07 12:07:51 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe
[2011/03/07 12:07:51 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2011/03/07 12:07:51 | 000,089,088 | ---- | C] () -- C:\Windows\MBR.exe
[2011/03/07 12:07:51 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2011/03/07 12:07:51 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011/03/07 11:50:45 | 004,281,741 | R--- | C] () -- C:\Users\Glory\Desktop\ComboFix.exe
[2011/03/06 14:43:54 | 000,879,069 | ---- | C] () -- C:\Users\Glory\Desktop\SecurityCheck.exe
[2011/03/06 08:47:09 | 000,001,883 | ---- | C] () -- C:\Users\Public\Desktop\Dell Printer Supplies - Inkjet.LNK
[2011/03/06 08:46:30 | 000,045,056 | ---- | C] () -- C:\Windows\System32\DLDOPMON.DLL
[2011/03/06 08:46:30 | 000,032,768 | ---- | C] () -- C:\Windows\System32\DLDOFXPU.DLL
[2011/03/06 08:46:09 | 000,049,152 | ---- | C] () -- C:\Windows\System32\dldooem.dll
[2011/03/06 08:46:09 | 000,012,288 | ---- | C] () -- C:\Windows\System32\DLDOPMRC.DLL
[2011/03/06 08:44:09 | 000,348,160 | ---- | C] () -- C:\Windows\System32\dldoinst.dll
[2011/03/06 08:44:08 | 000,503,808 | ---- | C] () -- C:\Windows\System32\dldoutil.dll
[2011/03/06 08:44:07 | 000,143,360 | ---- | C] () -- C:\Windows\System32\dldojswr.dll
[2011/03/06 08:44:06 | 000,691,756 | ---- | C] () -- C:\Windows\System32\DLDOhelp.chm
[2011/03/06 08:44:06 | 000,176,128 | ---- | C] () -- C:\Windows\System32\dldoinsb.dll
[2011/03/06 08:44:06 | 000,176,128 | ---- | C] () -- C:\Windows\System32\dldoins.dll
[2011/03/06 08:44:06 | 000,106,496 | ---- | C] () -- C:\Windows\System32\dldoinsr.dll
[2011/03/06 08:44:05 | 000,208,896 | ---- | C] () -- C:\Windows\System32\dldogrd.dll
[2011/03/06 08:44:05 | 000,086,016 | ---- | C] () -- C:\Windows\System32\dldocub.dll
[2011/03/06 08:44:05 | 000,077,824 | ---- | C] () -- C:\Windows\System32\dldocu.dll
[2011/03/06 08:44:05 | 000,036,864 | ---- | C] () -- C:\Windows\System32\dldocur.dll
[2011/03/06 08:44:04 | 000,077,906 | ---- | C] () -- C:\Windows\System32\dldocfg.dll
[2011/03/05 12:44:13 | 000,002,523 | ---- | C] () -- C:\Users\Glory\Desktop\HiJackThis.lnk
[2011/03/04 16:11:38 | 000,000,908 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/02/23 17:43:21 | 000,201,184 | ---- | C] () -- C:\Windows\System32\winrm.vbs
[2011/02/23 17:43:21 | 000,004,675 | ---- | C] () -- C:\Windows\System32\wsmanconfig_schema.xml
[2011/02/23 17:43:21 | 000,002,426 | ---- | C] () -- C:\Windows\System32\WsmTxt.xsl
[2011/02/18 18:28:53 | 000,001,720 | ---- | C] () -- C:\Users\Glory\Application Data\Microsoft\Internet Explorer\Quick Launch\AIM.lnk
[2011/02/18 18:28:53 | 000,001,696 | ---- | C] () -- C:\Users\Public\Desktop\AIM.lnk
[2011/02/18 18:28:24 | 000,000,371 | -H-- | C] () -- C:\IPH.PH
[2011/02/18 17:49:57 | 000,001,787 | ---- | C] () -- C:\Users\Public\Desktop\FileZilla Client.lnk
[2011/02/18 17:42:16 | 000,000,902 | ---- | C] () -- C:\Users\Public\Desktop\GIMP 2.lnk
[2010/11/19 11:16:42 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/01/05 19:08:04 | 000,000,418 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2009/09/16 16:06:04 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009/09/16 16:06:03 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/09/16 16:04:57 | 000,062,976 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2009/08/03 14:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/08/03 14:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\System32\OGAEXEC.exe
[2009/05/27 18:49:37 | 000,001,356 | ---- | C] () -- C:\Users\Glory\AppData\Local\d3d9caps.dat
[2008/12/01 16:57:35 | 000,003,140 | -HS- | C] () -- C:\Windows\System32\KGyGaAvL.sys
[2008/12/01 16:57:35 | 000,000,088 | RHS- | C] () -- C:\Windows\System32\2668F47E93.sys
[2008/09/29 02:01:20 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2008/09/05 17:46:11 | 000,010,076 | ---- | C] () -- C:\ProgramData\dldo
[2008/08/08 16:45:47 | 000,002,304 | ---- | C] () -- C:\Windows\WinInit.Ini
[2008/06/26 17:33:32 | 000,010,240 | ---- | C] () -- C:\Windows\System32\vidx16.dll
[2008/06/26 17:32:07 | 000,002,770 | ---- | C] () -- C:\Windows\mgxoschk.ini
[2008/06/26 17:31:04 | 000,045,056 | ---- | C] () -- C:\Users\Glory\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/06/15 16:54:41 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2008/06/08 12:49:31 | 000,000,000 | ---- | C] () -- C:\Users\Glory\AppData\Local\WavXMapDrive.bat
[2008/05/17 10:25:32 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1409.dll
[2008/05/17 10:25:31 | 001,953,696 | ---- | C] () -- C:\Windows\System32\igklg400.dll
[2008/05/17 10:25:31 | 001,533,360 | ---- | C] () -- C:\Windows\System32\igklg450.dll
[2008/05/17 10:25:31 | 000,104,636 | ---- | C] () -- C:\Windows\System32\igmedcompkrn.dll
[2008/05/17 03:02:51 | 000,054,784 | ---- | C] () -- C:\Windows\System32\bcmwlrmt.dll
[2008/05/17 03:02:50 | 000,024,064 | ---- | C] () -- C:\Windows\System32\WLTRYSVC.EXE
[2008/05/17 02:54:02 | 000,080,368 | ---- | C] () -- C:\Windows\System32\pbadrvdll.dll
[2008/05/17 02:53:59 | 000,143,360 | ---- | C] () -- C:\Windows\System32\bioapi_mds300.dll
[2008/05/17 02:53:59 | 000,106,496 | ---- | C] () -- C:\Windows\System32\bioapi100.dll
[2007/09/13 13:42:30 | 000,499,712 | ---- | C] () -- C:\Windows\System32\AmRes_ru.dll
[2007/09/13 13:42:30 | 000,471,040 | ---- | C] () -- C:\Windows\System32\AmRes_pt-BR.dll
[2007/09/13 13:42:28 | 000,487,424 | ---- | C] () -- C:\Windows\System32\AmRes_it.dll
[2007/09/13 13:42:28 | 000,487,424 | ---- | C] () -- C:\Windows\System32\AmRes_fr.dll
[2007/09/13 13:42:28 | 000,462,848 | ---- | C] () -- C:\Windows\System32\AmRes_ko.dll
[2007/09/13 13:42:28 | 000,458,752 | ---- | C] () -- C:\Windows\System32\AmRes_ja.dll
[2007/09/13 13:42:26 | 000,487,424 | ---- | C] () -- C:\Windows\System32\AmRes_es.dll
[2007/09/13 13:42:26 | 000,487,424 | ---- | C] () -- C:\Windows\System32\AmRes_de.dll
[2007/09/13 13:42:26 | 000,466,944 | ---- | C] () -- C:\Windows\System32\AmRes_en.dll
[2007/09/13 13:42:26 | 000,434,176 | ---- | C] () -- C:\Windows\System32\AmRes_zh-CHT.dll
[2007/09/13 13:36:24 | 000,438,272 | ---- | C] () -- C:\Windows\System32\AmRes_zh-CHS.dll
[2007/09/13 13:32:36 | 000,176,128 | ---- | C] () -- C:\Windows\System32\CacheFP.exe
[2007/09/12 14:05:08 | 000,102,400 | ---- | C] () -- C:\Windows\System32\Internationalization_pt.dll
[2007/09/12 14:04:46 | 000,086,016 | ---- | C] () -- C:\Windows\System32\Internationalization_zh-CHT.dll
[2007/09/12 14:04:26 | 000,090,112 | ---- | C] () -- C:\Windows\System32\Internationalization_ko.dll
[2007/09/12 14:04:06 | 000,102,400 | ---- | C] () -- C:\Windows\System32\Internationalization_es.dll
[2007/09/12 14:03:44 | 000,098,304 | ---- | C] () -- C:\Windows\System32\Internationalization_ru.dll
[2007/09/12 14:03:24 | 000,090,112 | ---- | C] () -- C:\Windows\System32\Internationalization_ja.dll
[2007/09/12 14:03:04 | 000,102,400 | ---- | C] () -- C:\Windows\System32\Internationalization_it.dll
[2007/09/12 14:02:44 | 000,102,400 | ---- | C] () -- C:\Windows\System32\Internationalization_de.dll
[2007/09/12 14:02:22 | 000,102,400 | ---- | C] () -- C:\Windows\System32\Internationalization_fr.dll
[2007/09/12 14:02:02 | 000,086,016 | ---- | C] () -- C:\Windows\System32\Internationalization_zh-CHS.dll
[2007/09/10 08:53:26 | 000,262,144 | ---- | C] () -- C:\Windows\System32\wxvault.dll
[2007/09/06 16:40:36 | 000,692,224 | ---- | C] () -- C:\Windows\System32\dldodrs.dll
[2007/08/31 14:51:12 | 000,065,536 | ---- | C] () -- C:\Windows\System32\dldocaps.dll
[2007/06/15 09:19:20 | 000,835,584 | ---- | C] () -- C:\Windows\System32\DemoLicense.dll
[2007/06/14 16:45:06 | 000,069,632 | ---- | C] () -- C:\Windows\System32\dldocnv4.dll
[2006/11/09 22:45:20 | 000,000,000 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2006/11/02 20:40:12 | 000,174,656 | ---- | C] () -- C:\Windows\System32\PSIService.exe
[2006/11/02 06:56:48 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 06:47:43 | 000,388,800 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 04:33:01 | 000,655,022 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 04:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 04:33:01 | 000,123,444 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 04:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 04:25:44 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2006/11/02 04:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 02:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 02:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 01:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 01:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006/08/14 10:02:10 | 000,072,192 | ---- | C] () -- C:\Windows\System32\xltZlib.dll
[2004/12/21 10:13:56 | 000,191,136 | ---- | C] () -- C:\Windows\System32\plx_upldr.dll
[2004/09/10 12:34:00 | 000,917,504 | ---- | C] () -- C:\Windows\System32\lmgr10.dll
[2004/09/10 12:34:00 | 000,057,344 | ---- | C] () -- C:\Windows\System32\ADsSecurity.dll
 
========== LOP Check ==========
 
[2008/09/05 19:08:52 | 000,000,000 | ---D | M] -- C:\Users\Glory\AppData\Roaming\968 Series
[2011/02/18 18:29:43 | 000,000,000 | ---D | M] -- C:\Users\Glory\AppData\Roaming\acccore
[2009/12/15 21:00:40 | 000,000,000 | ---D | M] -- C:\Users\Glory\AppData\Roaming\AnvSoft
[2010/12/23 10:33:27 | 000,000,000 | ---D | M] -- C:\Users\Glory\AppData\Roaming\Flip Video
[2011/01/11 20:50:50 | 000,000,000 | ---D | M] -- C:\Users\Glory\AppData\Roaming\JonathanLeger.com
[2008/06/26 17:42:42 | 000,000,000 | ---D | M] -- C:\Users\Glory\AppData\Roaming\MAGIX
[2009/06/20 18:35:39 | 000,000,000 | ---D | M] -- C:\Users\Glory\AppData\Roaming\Mobipocket
[2011/01/14 15:25:01 | 000,000,000 | ---D | M] -- C:\Users\Glory\AppData\Roaming\Moyea
[2010/12/11 12:50:39 | 000,000,000 | ---D | M] -- C:\Users\Glory\AppData\Roaming\Sony
[2010/12/11 12:50:12 | 000,000,000 | ---D | M] -- C:\Users\Glory\AppData\Roaming\Sony Creative Software Inc
[2010/09/20 15:55:04 | 000,000,000 | ---D | M] -- C:\Users\Glory\AppData\Roaming\Tific
[2009/03/07 17:51:00 | 000,000,000 | ---D | M] -- C:\Users\Glory\AppData\Roaming\TweetDeckFast.F9107117265DB7542C1A806C8DB837742CE14C21.1
[2011/03/07 12:20:52 | 000,032,556 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
 
< %systemroot%\system32\*.dll /lockedfiles >
[2007/12/08 16:34:10 | 000,054,784 | ---- | M] () Unable to obtain MD5 -- C:\Windows\System32\bcmwlrmt.dll
[2009/03/08 05:31:42 | 000,348,160 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtmsft.dll
[2009/03/08 05:31:37 | 000,216,064 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtrans.dll
[2010/12/18 00:22:10 | 000,184,320 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\iepeers.dll
 
< %systemroot%\system32\*.sys /90 >
[2010/12/31 07:57:01 | 002,039,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
 
< %systemroot%\Tasks\*.job /lockedfiles >
 
< %systemroot%\System32\config\*.sav  >
[2006/11/02 04:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2006/11/02 04:34:05 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2006/11/02 04:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006/11/02 04:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006/11/02 04:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV
 
< %SYSTEMDRIVE%\*.* >
[2006/09/18 15:43:36 | 000,000,024 | ---- | M] () -- C:\autoexec.bat
[2009/12/15 20:59:59 | 015,672,013 | ---- | M] (Any-Video-Converter.com                                     ) -- C:\avc-free.exe
[2009/04/11 00:36:36 | 000,333,257 | RHS- | M] () -- C:\bootmgr
[2011/03/07 12:35:39 | 000,018,787 | ---- | M] () -- C:\ComboFix.txt
[2006/09/18 15:43:37 | 000,000,010 | ---- | M] () -- C:\config.sys
[2008/05/17 10:25:39 | 000,004,701 | RH-- | M] () -- C:\dell.sdr
[2011/03/02 09:29:43 | 000,000,854 | ---- | M] () -- C:\dldo.log
[2010/12/25 19:14:34 | 000,000,425 | ---- | M] () -- C:\dldojswx.log
[2008/09/05 17:46:09 | 000,000,630 | ---- | M] () -- C:\dldoPpx.log
[2010/09/11 07:30:11 | 000,000,311 | ---- | M] () -- C:\faxend.log
[2010/09/11 07:30:10 | 000,000,162 | ---- | M] () -- C:\faxendPdoc.log
[2010/09/11 07:30:10 | 000,000,245 | ---- | M] () -- C:\faxfile.log
[2010/12/06 20:12:35 | 000,000,000 | ---- | M] () -- C:\foo.txt
[2011/03/07 12:23:32 | 2136,969,216 | -HS- | M] () -- C:\hiberfil.sys
[2011/02/18 18:29:10 | 000,000,371 | -H-- | M] () -- C:\IPH.PH
[2008/05/17 03:02:47 | 000,022,729 | ---- | M] () -- C:\newfile.enc
[2008/05/17 03:02:47 | 000,022,729 | ---- | M] () -- C:\newkey
[2011/03/10 17:31:07 | 2575,273,984 | -HS- | M] () -- C:\pagefile.sys
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\system32\Spool\prtprocs\w32x86\*.dll >
[2008/01/19 01:34:28 | 000,089,600 | ---- | M] (Hewlett-Packard Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\HPZPPLHN.DLL
[2006/11/02 06:36:30 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\jnwppr.dll
 
< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >
 
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-03-10 09:05:37

< End of report >

 

Extras.txt:

OTL Extras logfile created on: 3/11/2011 1:29:10 PM - Run 1
OTL by OldTimer - Version 3.2.22.3     Folder = C:\Users\Glory\Desktop
Windows Vista Business Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19019)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 27.00% Memory free
4.00 Gb Paging File | 1.00 Gb Available in Paging File | 23.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 109.70 Gb Total Space | 9.21 Gb Free Space | 8.39% Space Free | Partition Type: NTFS
Drive D: | 2.00 Gb Total Space | 1.40 Gb Free Space | 69.96% Space Free | Partition Type: NTFS
Drive H: | 3.73 Gb Total Space | 0.40 Gb Free Space | 10.64% Space Free | Partition Type: FAT32
 
Computer Name: GLORY-LAPTOP | User Name: Glory | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ ]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\ ]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ \shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{24C6DEBC-C588-42FB-B147-92D3D85CF64B}" = lport=24726 | protocol=6 | dir=in | name=flipshareserver |
"{64E4231E-3F1C-4777-A5B0-BB70B56BD39D}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{D1D3212C-2721-411A-B672-38FA3FFF034F}" = lport=24727 | protocol=6 | dir=in | name=flipshareserver |
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01C44931-09C5-4A5B-B9E9-0A6D2895A570}" = protocol=6 | dir=in | app=c:\program files\dell 968 aio printer\memcard.exe |
"{11BDBB6C-EA50-4015-9B71-86686C243350}" = protocol=17 | dir=in | app=c:\program files\dell 968 aio printer\memcard.exe |
"{1577F53F-F772-43CD-B65F-660523256791}" = protocol=6 | dir=in | app=c:\program files\dell 968 aio printer\dldomon.exe |
"{1C1984B3-A985-477C-94D9-EB4C5F5A6A09}" = protocol=6 | dir=in | app=c:\windows\system32\dldocoms.exe |
"{2108BB00-C3E7-4C89-98D2-F7182CF4FCED}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{21435B1E-5F2F-48EA-B236-9A5E29B68AB4}" = protocol=6 | dir=in | app=c:\program files\dell 968 aio printer\dldoaiox.exe |
"{23841A29-0595-4E10-BF38-20E87F6689AA}" = protocol=17 | dir=in | app=c:\program files\dell 968 aio printer\dldomon.exe |
"{24E58AC8-07BF-4268-9607-DDF99FD2585B}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\dldojswx.exe |
"{2762F2D1-CBEA-4050-9AFD-76B22144CE74}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{3D0ADE7C-AFD4-4516-A403-3EE42DA52C8F}" = protocol=6 | dir=in | app=c:\program files\dell 968 aio printer\dldomon.exe |
"{40A2A7DD-ED86-41B4-BB8C-8F3F7757D614}" = protocol=6 | dir=in | app=c:\program files\aim\aim.exe |
"{413EFCBA-A6D7-4554-A4DC-B0B86AF98E62}" = protocol=17 | dir=in | app=c:\windows\system32\dldocoms.exe |
"{4489093A-D85F-45D9-AB10-34AB022256EB}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{54B20571-15FB-40C0-AF1C-5EA06DCDF03E}" = protocol=17 | dir=in | app=c:\windows\system32\dldocoms.exe |
"{7534D317-3781-4505-93CD-BFAE52CC22B2}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{8F40AF69-8815-47CD-972B-A9E3783AC508}" = protocol=17 | dir=in | app=c:\program files\dell 968 aio printer\memcard.exe |
"{A5D9993D-49A9-4116-AF1C-B542BC3AEF77}" = protocol=6 | dir=in | app=c:\program files\google\google talk\googletalk.exe |
"{A906B6E3-6605-4A1F-8DBC-BD3009B792D1}" = protocol=17 | dir=in | app=c:\program files\google\google talk\googletalk.exe |
"{AA4BDEEE-0387-4278-A4C7-566509D525EF}" = protocol=6 | dir=in | app=c:\program files\dell 968 aio printer\memcard.exe |
"{ABD3D1E1-DBBC-4FFB-8C9B-30FC6F5AFCF2}" = protocol=17 | dir=in | app=c:\program files\aim\aim.exe |
"{AC3AC5D3-75F9-4CA4-A0E8-8A7C7083D752}" = protocol=6 | dir=in | app=c:\program files\dell 968 aio printer\dldoaiox.exe |
"{B2266CE0-84B4-4776-B977-E75A22CFB1F9}" = dir=in | app=c:\program files\cyberlink\powerdvd dx\powerdvd.exe |
"{B985CC97-0C83-44E0-9C79-7870098F64E9}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{C032848E-1DB0-406F-B455-6DDF04879369}" = dir=in | app=c:\program files\cyberlink\powerdvd dx\pdvddxsrv.exe |
"{CD36C032-0029-401F-9DF5-C05E51622B33}" = protocol=6 | dir=in | app=c:\windows\system32\dldocoms.exe |
"{D5B0D7E8-28CD-4647-84D9-9CBE4759357D}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\dldojswx.exe |
"{D908A176-CE95-4CC9-AE9F-46F35F80A0B1}" = protocol=17 | dir=in | app=c:\program files\dell 968 aio printer\dldoaiox.exe |
"{ED304DE7-0FBE-45FE-855D-1A3B8DDD8424}" = protocol=17 | dir=in | app=c:\program files\dell 968 aio printer\dldomon.exe |
"{FF0923B0-C2C9-4FA3-88A8-5B594506B930}" = protocol=17 | dir=in | app=c:\program files\dell 968 aio printer\dldoaiox.exe |
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00F93853-D9D3-4795-A89E-84CCBA0205C9}" = Microsoft IntelliPoint 8.0
"{0394CDC8-FABD-4ED8-B104-03393876DFDF}" = Roxio Creator Tools
"{07159635-9DFE-4105-BFC0-2817DB540C68}" = Roxio Activation Module
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{07D618CD-B016-438A-ADC9-A75BD23F85CE}" = Wave Support Software
"{0B0A2153-58A6-4244-B458-25EDF5FCD809}" = Private Information Manager
"{0C34B801-6AEC-4667-B053-03A67E2D0415}" = Apple Application Support
"{0D397393-9B50-4C52-84D5-77E344289F87}" = Roxio Creator Data
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{206FD69B-F9FE-4164-81BD-D52552BC9C23}" = GearDrvs
"{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk" = Google Talk (remove only)
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216024FF}" = Java(TM) 6 Update 24
"{27CE7F06-7EAF-43E7-BD07-66D4767465C5}" = DLCO_AIOC
"{27E25625-DB51-42E6-BEB7-0C8DC878770C}" = Broadcom ASF Management Applications
"{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}" = Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
"{30417074-74FA-46C5-8DF1-CEB6A379D83A}" = DLCO_Pubs
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{342126E1-173C-4585-BFBE-3EBDD20E3E9E}" = Mobipocket Reader 6.2
"{37B03AA0-B125-4649-900C-F26E1081F163}" = Camtasia Studio 7
"{3A6BE9F4-5FC8-44BB-BE7B-32A29607FEF6}" = Preboot Manager
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
"{420DFB63-8AE7-F7D6-E4B4-AB6D140221F4}" = FlipShare
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B6AD248-D3BF-426A-8D64-847288154F13}" = QuickSet
"{4BF18ED6-C888-4BCF-A4AF-AC7A16305BC1}" = GemSafe Standard Edition 5.1
"{4E5386F5-C0F6-4532-A54A-374865AEAB71}" = Cisco PEAP Module
"{4FC753CF-6673-47BF-9479-48BB0CD99B84}" = DLCO_MCM
"{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies
"{51AE9E42-640D-4C14-A9B6-43F64AA4E3E2}" = Document Manager Lite
"{53333479-6A52-4816-8497-5C52B67ED339}" = EMBASSY Security Setup
"{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English)
"{5A3F6A80-7913-475E-8B96-477A952CFA43}" = SupportSoft Assisted Service
"{5E39FDEE-7676-4BB7-9E2B-8224D7D74406}_is1" = Moyea Video Converter version 2.5.1.1757
"{5EC5F187-9D2B-4051-8906-88656819A869}" = Dell Drivers MSI
"{619CDD8A-14B6-43A1-AB6C-0F4EE48CE048}" = Roxio Creator Copy
"{62230596-37E5-4618-A329-0D21F529A86F}" = Browser Address Error Redirector
"{6567F265-62EC-4BA9-9629-6B483B608854}" = SmarterMail Sync for Outlook 2003 and above
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6B7B6D4D-8F9B-4CB3-8CA4-BCA9CC4C1A22}" = EDocs
"{6E19B918-2820-74A9-3CE0-9BAD5E1D360C}" = TweetDeck
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7670D32F-DAE6-4E49-8C8B-B3F08B5B1686}" = Microsoft SQL Server Native Client
"{76F9CF97-FC4B-4E20-B363-D127C888448F}" = Cisco LEAP Module
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
"{8292F88E-2DB7-456B-A8F1-9079B7432A1E}" = DVD Architect Studio 5.0
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83FFCFC7-88C6-41C6-8752-958A45325C82}" = Roxio Creator Audio
"{880AF49C-34F7-4285-A8AD-8F7A3D1C33DC}" = Roxio Creator BDAV Plugin
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8D337F77-BE7F-41A2-A7CB-D5A63FD7049B}" = Sonic CinePlayer Decoder Pack
"{8ECB8220-F422-4BEB-9596-97033C533702}" = QuickBooks Pro 2008
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROHYBRIDR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROHYBRIDR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_PROHYBRIDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_PROHYBRIDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90170409-6000-11D3-8CFE-0050048383C9}" = Microsoft FrontPage 2002
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel(R) Matrix Storage Manager
"{90A40409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components
"{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9593C6E5-205E-45C3-B785-05CF146CA76A}" = biolsp patch
"{9EDA3DD1-130D-4EE1-A3D2-5A3D795CC8C9}" = MFCLOC
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Dell Touchpad
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A429C2AE-EBF1-4F81-A221-1C115CAADDAD}" = QuickTime
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A939D341-5A04-4E0A-BB55-3E65B386432D}" = Microsoft Office Small Business Connectivity Components
"{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support
"{ABBA2EA4-740E-4052-902B-9CA70B081E3F}" = Dell Embassy Trust Suite by Wave Systems
"{AC76BA86-1033-0000-BA7E-000000000003}" = Adobe Acrobat  8 Standard
"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B32C4059-6E7A-41EF-AD20-56DF1872B923}" = Business Contact Manager for Outlook 2007 SP2
"{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}" = PMB
"{BF53252E-4AB2-4C7F-A0FD-6100755745E3}" = Cisco EAP-FAST Module
"{C7340571-7773-4A8C-9EBC-4E4243B38C76}" = Microsoft XML Parser
"{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}" = Roxio Creator DE
"{C99C0593-3B48-41D9-B42F-6E035B320449}" = Broadcom Management Programs
"{CB84F0F2-927B-458D-9DC5-87832E3DC653}" = GearDrvs
"{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}" = Skype Toolbars
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D1E829E9-88B8-47C6-A75E-0D40E2C09D50}" = Secure Update
"{D253C7DF-C490-435E-9260-AAA63325B7AC}" = DLCO_Wireless
"{DA0BF7AB-88EB-4675-8FA1-531EAD938821}" = SnagIt 8
"{DA34FE93-5DC5-48E0-ACC8-A5389E05BB51}" = iTunes
"{DB82351A-E422-4053-A6CE-ACE1590B4334}" = DLCO_Fax4
"{E56D39F8-2A9F-44B4-B068-A72E45A073E6}" = Safari
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0
"{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect
"{E7084B89-69E0-46B3-A118-8F99D06988CD}" = Microsoft SQL Server VSS Writer
"{E738A392-F690-4A9D-808E-7BAF80E0B398}" = ESC Home Page Plugin
"{EB4DF30B-102B-4F0C-927A-D50E037A325D}" = AuthenTec Fingerprint Sensor Minimum Install
"{EC84E3E6-C2D6-4DFB-81E0-448324C8FDF4}" = Security Wizards
"{ECC22AFA-B905-4A6A-8072-10F52B9E09B7}" = Wave Infrastructure Installer
"{EEAFE1E5-076B-430A-96D9-B567792AFA88}" = EMBASSY Security Center
"{EF05BA0F-AC15-4D12-AC5C-276225F5E751}" = Gemalto
"{F1802FA6-54E9-4B24-BD2A-B50866819795}" = EMBASSY Trust Suite by Wave Systems
"{F63A3748-B93D-4360-9AD4-B064481A5C7B}" = Modem Diagnostic Tool
"{FBEC50B7-537C-4A0E-8B0B-F7A8F8BF13CE}" = upekmsi
"{FEC193E4-6C5F-40E9-A249-7D8C8404A9EC}" = NTRU TCG Software Stack
"ActiveTouchMeetingClient" = WebEx
"Adobe Acrobat  8 Standard" = Adobe Acrobat 8.2.5 Standard
"Adobe Acrobat  8 Standard_825" = Adobe Acrobat 8.2.5 - CPSID_83708
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AIM_7" = AIM 7
"Any Video Converter_is1" = Any Video Converter 3.0.1
"Broadcom 802.11b Network Adapter" = Dell Wireless WLAN Card
"Business Contact Manager" = Business Contact Manager for Outlook 2007 SP2
"Cisco Connect" = Cisco Connect
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2C06&SUBSYS_14F1000F" = Conexant HDA D330 MDC V.92 Modem
"Dell 968 AIO Printer" = Dell 968 AIO Printer
"ESET Online Scanner" = ESET Online Scanner v3
"FileZilla Client" = FileZilla Client 3.3.5.1
"Google Desktop" = Google Desktop
"GoToAssist" = GoToAssist 8.0.0.514
"InstallShield_{07D618CD-B016-438A-ADC9-A75BD23F85CE}" = Wave Support Software
"InstallShield_{0B0A2153-58A6-4244-B458-25EDF5FCD809}" = Private Information Manager
"InstallShield_{51AE9E42-640D-4C14-A9B6-43F64AA4E3E2}" = Document Manager Lite
"InstallShield_{53333479-6A52-4816-8497-5C52B67ED339}" = EMBASSY Security Setup
"InstallShield_{D1E829E9-88B8-47C6-A75E-0D40E2C09D50}" = Secure Update
"InstallShield_{E738A392-F690-4A9D-808E-7BAF80E0B398}" = ESC Home Page Plugin
"InstallShield_{EC84E3E6-C2D6-4DFB-81E0-448324C8FDF4}" = Security Wizards
"InstallShield_{EEAFE1E5-076B-430A-96D9-B567792AFA88}" = EMBASSY Security Center
"InstantArticleWizard" = InstantArticleWizard
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Mihov Image Resizer" = Mihov Image Resizer 1.1 (remove only)
"Mozilla Firefox (3.6.15)" = Mozilla Firefox (3.6.15)
"N360" = Norton 360
"PROHYBRIDR" = 2007 Microsoft Office system
"Revo Uninstaller" = Revo Uninstaller 1.83
"SoftwareUpdUtility" = Download Updater (AOL LLC)
"WinGimp-2.0_is1" = GIMP 2.6.11
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"309a46b1dc89b774" = Dell Driver Download Manager
"f031ef6ac137efc5" = Dell Driver Download Manager - 1
"GoToMeeting" = GoToMeeting 4.5.0.457
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 1/17/2010 8:18:40 PM | Computer Name = Glory-laptop | Source = Microsoft-Windows-CAPI2 | ID = 131585
Description =
 
Error - 1/17/2010 8:18:40 PM | Computer Name = Glory-laptop | Source = Microsoft-Windows-CAPI2 | ID = 131585
Description =
 
Error - 1/17/2010 8:18:40 PM | Computer Name = Glory-laptop | Source = Broadcom ASF IP and SMBIOS Mailbox Monitor | ID = 0
Description =
 
Error - 1/17/2010 8:27:31 PM | Computer Name = Glory-laptop | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18865, time stamp
 0x4b077416, faulting module jscript.dll, version 5.8.6001.18795, time stamp 0x4a29f842,
 exception code 0xc0000005, fault offset 0x00014f84,  process id 0x1370, application
 start time 0x01ca97d44757112a.
 
Error - 1/17/2010 8:34:52 PM | Computer Name = Glory-laptop | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18865, time stamp
 0x4b077416, faulting module ntdll.dll, version 6.0.6002.18005, time stamp 0x49e03821,
 exception code 0xc0000005, fault offset 0x00042775,  process id 0x1590, application
 start time 0x01ca97d5097fb7ca.
 
Error - 1/18/2010 12:40:01 AM | Computer Name = Glory-laptop | Source = Broadcom ASF IP and SMBIOS Mailbox Monitor | ID = 0
Description =
 
Error - 1/18/2010 12:45:02 AM | Computer Name = Glory-laptop | Source = Broadcom ASF IP and SMBIOS Mailbox Monitor | ID = 0
Description =
 
Error - 1/18/2010 12:50:01 AM | Computer Name = Glory-laptop | Source = Broadcom ASF IP and SMBIOS Mailbox Monitor | ID = 0
Description =
 
Error - 1/18/2010 12:55:01 AM | Computer Name = Glory-laptop | Source = Broadcom ASF IP and SMBIOS Mailbox Monitor | ID = 0
Description =
 
Error - 1/18/2010 1:00:02 AM | Computer Name = Glory-laptop | Source = Broadcom ASF IP and SMBIOS Mailbox Monitor | ID = 0
Description =
 
[ OSession Events ]
Error - 5/8/2010 2:43:17 PM | Computer Name = Glory-laptop | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
 12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 761
 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error - 5/9/2010 1:08:26 PM | Computer Name = Glory-laptop | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
 12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 18
 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error - 5/11/2010 6:30:52 PM | Computer Name = Glory-laptop | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
 12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 14
 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error - 5/17/2010 10:16:39 PM | Computer Name = Glory-laptop | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
 12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 43
 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error - 5/25/2010 6:12:18 PM | Computer Name = Glory-laptop | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
 12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 510370
 seconds with 720 seconds of active time.  This session ended with a crash.
 
Error - 5/25/2010 9:07:52 PM | Computer Name = Glory-laptop | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
 12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 29
 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error - 5/26/2010 7:04:43 PM | Computer Name = Glory-laptop | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
 12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 91
 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error - 5/27/2010 9:34:04 PM | Computer Name = Glory-laptop | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
 12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 227
 seconds with 120 seconds of active time.  This session ended with a crash.
 
Error - 8/30/2010 10:30:21 PM | Computer Name = Glory-laptop | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
 12.0.6535.5005, Microsoft Office Version: 12.0.6425.1000. This session lasted 16775
 seconds with 180 seconds of active time.  This session ended with a crash.
 
Error - 10/27/2010 8:09:11 AM | Computer Name = Glory-laptop | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.6500.5000, Microsoft Office Version: 12.0.6425.1000. This session
lasted 35 seconds with 0 seconds of active time.  This session ended with a crash.
 
[ System Events ]
Error - 3/11/2011 11:57:55 AM | Computer Name = Glory-laptop | Source = Service Control Manager | ID = 7000
Description =
 
Error - 3/11/2011 11:57:55 AM | Computer Name = Glory-laptop | Source = Service Control Manager | ID = 7000
Description =
 
Error - 3/11/2011 11:57:56 AM | Computer Name = Glory-laptop | Source = Service Control Manager | ID = 7000
Description =
 
Error - 3/11/2011 11:57:57 AM | Computer Name = Glory-laptop | Source = Service Control Manager | ID = 7000
Description =
 
Error - 3/11/2011 11:58:18 AM | Computer Name = Glory-laptop | Source = Service Control Manager | ID = 7000
Description =
 
Error - 3/11/2011 11:58:45 AM | Computer Name = Glory-laptop | Source = Service Control Manager | ID = 7000
Description =
 
Error - 3/11/2011 11:58:46 AM | Computer Name = Glory-laptop | Source = Service Control Manager | ID = 7000
Description =
 
Error - 3/11/2011 11:58:47 AM | Computer Name = Glory-laptop | Source = Service Control Manager | ID = 7000
Description =
 
Error - 3/11/2011 11:58:48 AM | Computer Name = Glory-laptop | Source = Service Control Manager | ID = 7000
Description =
 
Error - 3/11/2011 11:58:49 AM | Computer Name = Glory-laptop | Source = Service Control Manager | ID = 7000
Description =
 
 
< End of report >

JJ8765

41 Posts

March 12th, 2011 11:00

Faith,

Two questions -

First, I'm suddenly (since yesterday, I believe) not able to open PDF files. Did one of the programs do that? How do I "undo" that so that I can open these files?

Second, can I uninstall the programs you've asked me to download?

Thank you.

JJ8765

faith_michele

32 Posts

March 12th, 2011 18:00

Hi JJ8765,

Your logs are clean. I do not see anything that was removed with ComboFix that would have caused a problem with Adobe Acrobat. Try to uninstall and reinstall Adobe Acrobat. Let's hold off on the clean up until after I look at your Event Viewer logs.

First

Please answer these questions with your response.

1. Did you install any Windows Updates?

2. Did you clear the Print Spooler? Are you able to print?

Second

I need you to go to the administrative tools.

Click Start>Type Event Viewer in the search box>double-click Event Viewer found in the the results.

Over on the left hand side expand the window category and then click on System. Then up at the top click on Action and then click on Save Events As, type in system as the file name, make sure file type EVTX is selected, and then navigate so it will save the file to your desktop, then click save. Over on the left hand side, click on Application. Then up at the top click on Action and then click on Save Events As, type in application as the file name, make sure file type EVTX is selected, and then navigate so it will save the file to your desktop, then click save. Zip them both up into a single zip file, post them back here in your next reply as attachments.

Third

Run DDS again and post the DDS.txt & Attach.txt logs.

Review What to include in your response.

1. Let me know if you experienced any errors with the instructions and tell me exactly what problems you are still experiencing.
2. The answers to the questions in the First Step.
3. The system.evtx & application.evtx (zip file) attached .
4. The DDS.txt & Attach.txt logs (may take several posts).

Thank you,

Faith

JJ8765

41 Posts

March 13th, 2011 14:00

Faith,

Thank you for the update. I uninstalled and reinstalled Adobe Acrobat and now I can open pdf files. 

1)

I have not installed Windows updates myself since weeks before I first reported the printer issue. I believe the PC did a Windows update overnight in early February (around Feb 10th) & that kept me from opening QuickBooks, so I researched it and uninstalled the update that occurred on 2/9/11. Most nights I power the PC down. Even on the nights since when I haven't powered down, I can tell that the machine didn't do an automatic update because, when it does, it reboots, and it hasn't done that on its own since 2/9.

I have cleared the print spooler myself many times since this printer issue started, including  most times before the uninstall/reinstall of the printer driver. The spooler is currently empty. (I ran it through the stop/start process anyway.)  Even though the printer is listed as a valid printer, when I tried to print, I still get the message stating the PC and printer communication isn't there.

 

2) The Zip of the EVTX files is attached

http://en.community.dell.com/cfs-file.ashx/__key/CommunityServer.Discussions.Components.Files/3521/7230.system_2D00_application.zip

 

3)

DDS.txt:

.

DDS (Ver_11-03-05.01) - NTFSx86  

Run by Glory at 14:57:04.60 on Sun 03/13/2011

Internet Explorer: 8.0.6001.19019 BrowserJavaVersion: 1.6.0_24

Microsoft® Windows Vista™ Business   6.0.6002.2.1252.1.1033.18.2037.594 [GMT -5:00]

.

AV: Norton 360 *Disabled/Updated* {88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855}

SP: Norton 360 *Enabled/Updated* {33A8BBD2-AA01-20A2-213B-0B8EB45B02E8}

FW: Norton 360 *Disabled* {B0F2DB13-C654-2E74-30D4-99C9310F0F2E}

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k rpcss

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup

C:\Windows\system32\SLsvc.exe

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\System32\WLTRYSVC.EXE

C:\Windows\system32\WLANExt.exe

C:\Windows\System32\bcmwltry.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\taskeng.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\taskeng.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe

C:\Windows\system32\atashost.exe

C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Windows\system32\dldocoms.exe

C:\Program Files\Flip Video\FlipShare\FlipShareService.exe

C:\Windows\System32\igfxpers.exe

C:\Windows\System32\WLTRAY.EXE

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Google\Google Talk\googletalk.exe

C:\Program Files\Apoint\Apoint.exe

C:\Program Files\Wave Systems Corp\SecureUpgrade.exe

C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe

C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe

C:\Program Files\Microsoft IntelliPoint\ipoint.exe

C:\Program Files\Flip Video\FlipShareServer\FlipShareServer.exe

C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe

C:\Program Files\Dell 968 AIO Printer\dldomon.exe

C:\Program Files\Dell 968 AIO Printer\memcard.exe

C:\Program Files\AIM\aim.exe

C:\Program Files\Digital Line Detect\DLG.exe

C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe

C:\Program Files\Dell\QuickSet\quickset.exe

C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe

C:\Program Files\Norton 360\Engine\4.3.0.5\ccSvcHst.exe

C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\PSIService.exe

C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe

C:\Windows\system32\locator.exe

c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe

c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

C:\Windows\system32\STacSV.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\system32\dllhost.exe

C:\Windows\System32\svchost.exe -k WerSvcGroup

C:\Windows\system32\WUDFHost.exe

C:\Windows\system32\DRIVERS\xaudio.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Windows\system32\igfxsrvc.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Windows\system32\DllHost.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Program Files\Norton 360\Engine\4.3.0.5\ccSvcHst.exe

C:\Windows\System32\msdtc.exe

C:\Program Files\Windows Media Player\wmplayer.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Users\Glory\AppData\Local\Google\Update\1.2.183.39\GoogleCrashHandler.exe

C:\Program Files\Apoint\ApMsgFwd.exe

C:\Program Files\Apoint\HidFind.exe

C:\Program Files\Apoint\Apntex.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\system32\wbem\unsecapp.exe

C:\Windows\system32\wuauclt.exe

C:\Program Files\Adobe\Reader 10.0\Reader\AcroRd32.exe

C:\Program Files\Adobe\Reader 10.0\Reader\AcroRd32.exe

C:\Users\Glory\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Glory\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Windows\System32\spoolsv.exe

C:\Program Files\TechSmith\SnagIt 8\SnagIt32.exe

C:\Program Files\TechSmith\SnagIt 8\TSCHelp.exe

C:\Program Files\TechSmith\SnagIt 8\SnagPriv.exe

C:\Windows\system32\SearchIndexer.exe

C:\Users\Glory\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Glory\Downloads\dds.scr

C:\Windows\system32\DllHost.exe

C:\Windows\system32\DllHost.exe

C:\Users\Glory\Downloads\dds.scr

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.google.com/

BHO: SnagIt Toolbar Loader: {00c6482d-c502-44c8-8409-fce54ad9c208} - c:\program files\techsmith\snagit 8\SnagItBHO.dll

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - c:\program files\norton 360\engine\4.3.0.5\coIEPlg.dll

BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - c:\program files\norton 360\engine\4.3.0.5\IPSBHO.DLL

BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll

BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

BHO: Skype Plug-In: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll

BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.6.6209.1142\swg.dll

BHO: CBrowserHelperObject Object: {ca6319c0-31b7-401e-a518-a07c3db8f777} - c:\program files\dell\bae\BAE.dll

BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - c:\program files\norton 360\engine\4.3.0.5\coIEPlg.dll

TB: SnagIt: {8ff5e183-abde-46eb-b09e-d2aab95cabe3} - c:\program files\techsmith\snagit 8\SnagItIEAddin.dll

TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

TB: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File

uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"

uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe

uRun: [Aim] "c:\program files\aim\aim.exe" /d locale=en-US

uRun: [Google Update] "c:\users\glory\appdata\local\google\update\GoogleUpdate.exe" /c

mRun: [IgfxTray] c:\windows\system32\igfxtray.exe

mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe

mRun: [Persistence] c:\windows\system32\igfxpers.exe

mRun: [Broadcom Wireless Manager UI] c:\windows\system32\WLTRAY.exe

mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime

mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"

mRun: [googletalk] c:\program files\google\google talk\googletalk.exe /autostart

mRun: [Apoint] c:\program files\apoint\Apoint.exe

mRun: [SecureUpgrade] c:\program files\wave systems corp\SecureUpgrade.exe

mRun: [IAAnotif] "c:\program files\intel\intel matrix storage manager\Iaanotif.exe"

mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup

mRun: [ECenter] c:\dell\e-center\EULALauncher.exe

mRun: [WavXMgr] c:\program files\wave systems corp\services manager\docmgr\bin\WavXDocMgr.exe

mRun: [PDVDDXSrv] "c:\program files\cyberlink\powerdvd dx\PDVDDXSrv.exe"

mRun: [IntelliPoint] "c:\program files\microsoft intellipoint\ipoint.exe"

mRun: [PMBVolumeWatcher] c:\program files\sony\pmb\PMBVolumeWatcher.exe

mRun: [dldomon.exe] "c:\program files\dell 968 aio printer\dldomon.exe"

mRun: [MemoryCardManager] "c:\program files\dell 968 aio printer\memcard.exe"

mRun: [Dell 968 AIO Printer Fax Server] "c:\program files\dell 968 aio printer\fm3032.exe" /s

mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 10.0\reader\Reader_sl.exe"

mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\digita~1.lnk - c:\program files\digital line detect\DLG.exe

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office10\OSA.EXE

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\quickb~1.lnk - c:\program files\common files\intuit\quickbooks\qbupdate\qbupdate.exe

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\quickset.lnk - c:\program files\dell\quickset\quickset.exe

mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: E&xport to Microsoft Excel - c:\progra~1\micros~1\office12\EXCEL.EXE/3000

IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html

IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~1\office12\REFIEBAR.DLL

DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - hxxp://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab

DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab

DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab

DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

DPF: {FF1CD9A3-00CD-45C1-8182-4EEC229A182D} - hxxps://www.plaxo.com/activex/plx_upldr-2k-xp.cab

Handler: intu-help-qb1 - {9B0F96C7-2E4B-433e-ABF3-043BA1B54AE3} - c:\program files\intuit\quickbooks 2008\HelpAsyncPluggableProtocol.dll

Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - c:\windows\system32\mscoree.dll

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL

Notify: gemsafe - c:\program files\gemplus\gemsafe libraries\bin\WLEventNotify.dll

Notify: igfxcui - igfxdev.dll

AppInit_DLLs: c:\progra~1\google\google~2\GoogleDesktopNetwork3.dll

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\users\glory\appdata\roaming\mozilla\firefox\profiles\c5yutw2i.default\

FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/

FF - plugin: c:\program files\google\update\1.2.183.39\npGoogleOneClick8.dll

FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npdnu.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npdnupdater2.dll

FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

.

---- FIREFOX POLICIES ----

FF - user.js: network.protocol-handler.warn-external.dnupdate - false

.

============= SERVICES / DRIVERS ===============

.

R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\n360\0403000.005\symds.sys [2010-9-23 328752]

R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\n360\0403000.005\symefa.sys [2010-9-23 173104]

R1 BHDrvx86;BHDrvx86;c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_4.1.0.32\definitions\bashdefs\20110309.001\BHDrvx86.sys [2011-3-10 800376]

R1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\n360\0403000.005\cchpx86.sys [2010-9-23 501888]

R1 IDSVix86;IDSVix86;c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_4.1.0.32\definitions\ipsdefs\20110311.001\IDSvix86.sys [2011-3-12 353912]

R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\n360\0403000.005\ironx86.sys [2010-9-23 116784]

R1 SYMTDIv;Symantec Vista Network Dispatch Driver;c:\windows\system32\drivers\n360\0403000.005\symtdiv.sys [2010-9-23 339504]

R2 ASFIPmon;Broadcom ASF IP and SMBIOS Mailbox Monitor;c:\program files\broadcom\asfipmon\AsfIpMon.exe [2006-12-19 79432]

R2 atashost;WebEx Service Host for Support Center;c:\windows\system32\atashost.exe [2010-11-10 43912]

R2 dldo_device;dldo_device;c:\windows\system32\dldocoms.exe -service --> c:\windows\system32\dldocoms.exe -service [?]

R2 FlipShareServer;FlipShare Server;c:\program files\flip video\flipshareserver\FlipShareServer.exe [2010-12-15 1085440]

R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-6-19 21504]

R2 N360;Norton 360;c:\program files\norton 360\engine\4.3.0.5\ccsvchst.exe [2010-9-23 126392]

R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files\sony\pmb\PMBDeviceInfoProvider.exe [2009-10-24 360224]

R2 Wave UCSPlus;Wave UCSPlus;c:\windows\system32\dllhost.exe [2006-11-2 7168]

R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2008-5-17 179712]

R3 dc3d;MS Hardware Device Detection Driver;c:\windows\system32\drivers\dc3d.sys [2010-7-21 44432]

R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2011-1-1 102448]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-2-4 135664]

S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\magix\common\database\bin\fbserver.exe [2008-6-26 1527900]

S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\google\google desktop search\GoogleDesktop.exe [2008-5-17 30192]

S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]

.

=============== Created Last 30 ================

.

2011-03-11 16:50:03 -------- d-----w- c:\program files\ESET

2011-03-09 15:06:48 677888 ----a-w- c:\windows\system32\mstsc.exe

2011-03-09 15:06:48 2067968 ----a-w- c:\windows\system32\mstscax.dll

2011-03-09 15:06:45 429056 ----a-w- c:\windows\system32\EncDec.dll

2011-03-09 15:06:45 322560 ----a-w- c:\windows\system32\sbe.dll

2011-03-09 15:06:44 177664 ----a-w- c:\windows\system32\mpg2splt.ax

2011-03-09 15:06:44 153088 ----a-w- c:\windows\system32\sbeio.dll

2011-03-07 18:28:23 -------- d-----w- C:\$RECYCLE.BIN

2011-03-07 18:07:51 98816 ----a-w- c:\windows\sed.exe

2011-03-07 18:07:51 89088 ----a-w- c:\windows\MBR.exe

2011-03-07 18:07:51 256512 ----a-w- c:\windows\PEV.exe

2011-03-07 18:07:51 161792 ----a-w- c:\windows\SWREG.exe

2011-03-06 14:46:30 45056 ----a-w- c:\windows\system32\DLDOPMON.DLL

2011-03-06 14:46:30 32768 ----a-w- c:\windows\system32\DLDOFXPU.DLL

2011-03-06 14:46:09 49152 ----a-w- c:\windows\system32\dldooem.dll

2011-03-06 14:46:09 12288 ----a-w- c:\windows\system32\DLDOPMRC.DLL

2011-03-06 05:01:43 562871 ----a-w- c:\progra~2\SPL646A.tmp

2011-03-06 04:31:44 2602137 ----a-w- c:\progra~2\SPLEE50.tmp

2011-03-06 03:54:52 5816236 ----a-w- c:\progra~2\SPL2FE6.tmp

2011-03-05 18:44:14 388096 ----a-r- c:\users\glory\appdata\roaming\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe

2011-03-05 18:44:12 -------- d-----w- c:\program files\Trend Micro

2011-03-04 22:11:56 -------- d-----w- c:\users\glory\appdata\roaming\Malwarebytes

2011-03-04 22:11:38 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2011-03-04 22:11:37 -------- d-----w- c:\progra~2\Malwarebytes

2011-03-04 22:11:34 20952 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-03-04 22:11:33 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2011-03-04 15:19:58 472808 ----a-w- c:\windows\system32\deployJava1.dll

2011-03-04 15:19:58 472808 ----a-w- c:\program files\mozilla firefox\plugins\npdeployJava1.dll

2011-02-19 00:29:43 -------- d-----w- c:\users\glory\appdata\local\AOL

2011-02-19 00:29:43 -------- d-----w- c:\users\glory\appdata\local\AIM

2011-02-19 00:28:54 -------- d-----w- c:\progra~2\AIM

2011-02-19 00:28:46 -------- d-----w- c:\program files\AIM

2011-02-19 00:28:44 -------- d-----w- c:\program files\common files\Software Update Utility

2011-02-19 00:28:43 -------- d-----w- c:\program files\common files\AOL

2011-02-18 23:41:10 -------- d-----w- c:\program files\GIMP-2.0

.

==================== Find3M  ====================

.

2011-01-20 16:08:16 478720 ----a-w- c:\windows\system32\dxgi.dll

2011-01-20 16:08:06 219648 ----a-w- c:\windows\system32\d3d10_1core.dll

2011-01-20 16:08:06 189952 ----a-w- c:\windows\system32\d3d10core.dll

2011-01-20 16:08:06 160768 ----a-w- c:\windows\system32\d3d10_1.dll

2011-01-20 16:08:06 1029120 ----a-w- c:\windows\system32\d3d10.dll

2011-01-20 16:07:58 37376 ----a-w- c:\windows\system32\cdd.dll

2011-01-20 16:07:42 258048 ----a-w- c:\windows\system32\winspool.drv

2011-01-20 16:07:16 586240 ----a-w- c:\windows\system32\stobject.dll

2011-01-20 16:06:38 2873344 ----a-w- c:\windows\system32\mf.dll

2011-01-20 16:06:35 26112 ----a-w- c:\windows\system32\printfilterpipelineprxy.dll

2011-01-20 16:04:54 98816 ----a-w- c:\windows\system32\mfps.dll

2011-01-20 16:04:54 209920 ----a-w- c:\windows\system32\mfplat.dll

2011-01-20 14:28:38 1554432 ----a-w- c:\windows\system32\xpsservices.dll

2011-01-20 14:27:50 876032 ----a-w- c:\windows\system32\XpsPrint.dll

2011-01-20 14:26:30 667648 ----a-w- c:\windows\system32\printfilterpipelinesvc.exe

2011-01-20 14:25:25 847360 ----a-w- c:\windows\system32\OpcServices.dll

2011-01-20 14:24:32 288768 ----a-w- c:\windows\system32\XpsGdiConverter.dll

2011-01-20 14:24:26 135680 ----a-w- c:\windows\system32\XpsRasterService.dll

2011-01-20 14:15:10 979456 ----a-w- c:\windows\system32\MFH264Dec.dll

2011-01-20 14:14:39 357376 ----a-w- c:\windows\system32\MFHEAACdec.dll

2011-01-20 14:14:03 302592 ----a-w- c:\windows\system32\mfmp4src.dll

2011-01-20 14:14:03 261632 ----a-w- c:\windows\system32\mfreadwrite.dll

2011-01-20 14:12:46 1172480 ----a-w- c:\windows\system32\d3d10warp.dll

2011-01-20 14:11:34 486400 ----a-w- c:\windows\system32\d3d10level9.dll

2011-01-20 13:47:51 683008 ----a-w- c:\windows\system32\d2d1.dll

2011-01-20 13:44:05 1068544 ----a-w- c:\windows\system32\DWrite.dll

2011-01-20 13:44:03 797184 ----a-w- c:\windows\system32\FntCache.dll

2011-01-08 08:47:50 34304 ----a-w- c:\windows\system32\atmlib.dll

2011-01-08 06:28:49 292352 ----a-w- c:\windows\system32\atmfd.dll

2010-12-31 13:57:01 2039808 ----a-w- c:\windows\system32\win32k.sys

2010-12-28 15:55:03 413696 ----a-w- c:\windows\system32\odbc32.dll

2010-12-26 00:11:06 521220 ----a-w- c:\progra~2\SPL8AF0.tmp

2010-12-25 16:57:17 467502 ----a-w- c:\progra~2\SPL58B1.tmp

2010-12-25 16:31:38 467502 ----a-w- c:\progra~2\SPLDFCA.tmp

2010-12-25 16:28:13 467502 ----a-w- c:\progra~2\SPLBEF7.tmp

2010-12-21 01:02:30 2336550 ----a-w- c:\progra~2\SPLFBAD.tmp

2010-12-20 22:58:06 862892 ----a-w- c:\progra~2\SPL1447.tmp

2010-12-20 22:53:44 862892 ----a-w- c:\progra~2\SPL169C.tmp

2010-12-18 06:27:04 916480 ----a-w- c:\windows\system32\wininet.dll

2010-12-18 06:22:41 43520 ----a-w- c:\windows\system32\licmgr10.dll

2010-12-18 06:22:27 1469440 ----a-w- c:\windows\system32\inetcpl.cpl

2010-12-18 06:22:11 71680 ----a-w- c:\windows\system32\iesetup.dll

2010-12-18 06:22:11 109056 ----a-w- c:\windows\system32\iesysprep.dll

2010-12-18 05:25:26 385024 ----a-w- c:\windows\system32\html.iec

2010-12-18 04:48:39 133632 ----a-w- c:\windows\system32\ieUnatt.exe

2010-12-18 04:47:11 1638912 ----a-w- c:\windows\system32\mshtml.tlb

2010-12-14 14:49:23 1169408 ----a-w- c:\windows\system32\sdclt.exe

.

============= FINISH: 14:57:37.00 ===============

Attach.txt:

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_11-03-05.01)

.

Microsoft® Windows Vista™ Business 

Boot Device: \Device\HarddiskVolume3

Install Date: 5/17/2008 3:32:50 AM

System Uptime: 3/13/2011 2:19:30 PM (0 hours ago)

.

Motherboard: Dell Inc. |  | 0KU184

Processor: Intel(R) Core(TM)2 Duo CPU     T7250  @ 2.00GHz | Microprocessor | 1600/200mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 110 GiB total, 13.013 GiB free.

D: is FIXED (NTFS) - 2 GiB total, 1.399 GiB free.

E: is CDROM ()

H: is Removable

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP1274: 3/13/2011 2:28:44 PM - Installed Adobe Reader X.

.

==== Installed Programs ======================

.

2007 Microsoft Office system

ABBYY FineReader 6.0 Sprint

Adobe AIR

Adobe Flash Player 10 ActiveX

Adobe Flash Player 10 Plugin

Adobe Reader X (10.0.1)

AIM 7

Any Video Converter 3.0.1

Apple Application Support

Apple Mobile Device Support

Apple Software Update

AuthenTec Fingerprint Sensor Minimum Install

biolsp patch

Bonjour

Broadcom ASF Management Applications

Broadcom Management Programs

Browser Address Error Redirector

Business Contact Manager for Outlook 2007 SP2

Camtasia Studio 7

Cisco Connect

Cisco EAP-FAST Module

Cisco LEAP Module

Cisco PEAP Module

Conexant HDA D330 MDC V.92 Modem

Dell 968 AIO Printer

Dell Driver Download Manager

Dell Driver Download Manager - 1 

Dell Drivers MSI

Dell Embassy Trust Suite by Wave Systems

Dell Getting Started Guide

Dell Touchpad

Dell Wireless WLAN Card

Digital Line Detect

DLCO_AIOC

DLCO_Fax4

DLCO_MCM

DLCO_Pubs

DLCO_Wireless

Document Manager Lite

Download Updater (AOL LLC)

DVD Architect Studio 5.0

EDocs

EMBASSY Security Center

EMBASSY Security Setup

EMBASSY Trust Suite by Wave Systems

ESC Home Page Plugin

ESET Online Scanner v3

FileZilla Client 3.3.5.1

FlipShare

GearDrvs

Gemalto

GemSafe Standard Edition 5.1

GIMP 2.6.11

Google Chrome

Google Desktop

Google Talk (remove only)

Google Toolbar for Internet Explorer

Google Update Helper

GoToAssist 8.0.0.514

GoToMeeting 4.5.0.457

HiJackThis

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

InstantArticleWizard

Intel(R) Matrix Storage Manager

iTunes

Java Auto Updater

Java(TM) 6 Update 24

Malwarebytes' Anti-Malware

MFCLOC

Microsoft .NET Framework 3.5 SP1

Microsoft .NET Framework 4 Client Profile

Microsoft Application Error Reporting

Microsoft FrontPage 2002

Microsoft IntelliPoint 8.0

Microsoft Office 2003 Web Components

Microsoft Office 2007 Primary Interop Assemblies

Microsoft Office 2007 Service Pack 2 (SP2)

Microsoft Office Access MUI (English) 2007

Microsoft Office Access Setup Metadata MUI (English) 2007

Microsoft Office Excel MUI (English) 2007

Microsoft Office Outlook MUI (English) 2007

Microsoft Office PowerPoint MUI (English) 2007

Microsoft Office Professional Hybrid 2007

Microsoft Office Proof (English) 2007

Microsoft Office Proof (French) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proofing (English) 2007

Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

Microsoft Office Publisher MUI (English) 2007

Microsoft Office Shared MUI (English) 2007

Microsoft Office Shared Setup Metadata MUI (English) 2007

Microsoft Office Small Business Connectivity Components

Microsoft Office Word MUI (English) 2007

Microsoft Silverlight

Microsoft SQL Server 2005

Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)

Microsoft SQL Server Native Client

Microsoft SQL Server Setup Support Files (English)

Microsoft SQL Server VSS Writer

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft XML Parser

Mihov Image Resizer 1.1 (remove only)

Mobipocket Reader 6.2

Modem Diagnostic Tool

Moyea Video Converter version 2.5.1.1757

Mozilla Firefox (3.6.15)

MSXML 4.0 SP2 (KB936181)

MSXML 4.0 SP2 (KB941833)

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

MSXML 4.0 SP2 Parser and SDK

NetWaiting

Norton 360

NTRU TCG Software Stack

OGA Notifier 2.0.0048.0

PMB

PowerDVD

Preboot Manager

Private Information Manager

QuickBooks Pro 2008

QuickSet

QuickTime

Revo Uninstaller 1.83

Roxio Activation Module

Roxio Creator Audio

Roxio Creator BDAV Plugin

Roxio Creator Copy

Roxio Creator Data

Roxio Creator DE

Roxio Creator Tools

Roxio Express Labeler 3

Roxio Update Manager

Safari

Secure Update

Security Update for 2007 Microsoft Office System (KB2288621)

Security Update for 2007 Microsoft Office System (KB2288931)

Security Update for 2007 Microsoft Office System (KB2289158)

Security Update for 2007 Microsoft Office System (KB2344875)

Security Update for 2007 Microsoft Office System (KB2345043)

Security Update for 2007 Microsoft Office System (KB969559)

Security Update for 2007 Microsoft Office System (KB976321)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)

Security Update for Microsoft Office Access 2007 (KB979440)

Security Update for Microsoft Office Excel 2007 (KB2345035)

Security Update for Microsoft Office InfoPath 2007 (KB979441)

Security Update for Microsoft Office PowerPoint 2007 (KB982158)

Security Update for Microsoft Office PowerPoint Viewer (KB2413381)

Security Update for Microsoft Office Publisher 2007 (KB2284697)

Security Update for Microsoft Office system 2007 (972581)

Security Update for Microsoft Office system 2007 (KB974234)

Security Update for Microsoft Office Visio Viewer 2007 (KB973709)

Security Update for Microsoft Office Word 2007 (KB2344993)

Security Wizards

Skype Toolbars

Skype™ 5.0

SmarterMail Sync for Outlook 2003 and above

SnagIt 8

Sonic CinePlayer Decoder Pack

SupportSoft Assisted Service

TweetDeck

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

Update for Microsoft Office 2007 Help for Common Features (KB963673)

Update for Microsoft Office Access 2007 Help (KB963663)

Update for Microsoft Office Excel 2007 Help (KB963678)

Update for Microsoft Office Outlook 2007 (KB2412171)

Update for Microsoft Office Outlook 2007 Help (KB963677)

Update for Microsoft Office Powerpoint 2007 Help (KB963669)

Update for Microsoft Office Publisher 2007 Help (KB963667)

Update for Microsoft Office Script Editor Help (KB963671)

Update for Microsoft Office Word 2007 Help (KB963665)

Update for Outlook 2007 Junk Email Filter (KB2508979)

upekmsi

Wave Infrastructure Installer

Wave Support Software

WebEx

.

==== Event Viewer Messages From Past Week ========

.

3/9/2011 5:46:58 PM, Error: Service Control Manager [7031]  - The Windows Search service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.

3/8/2011 9:38:40 AM, Error: Service Control Manager [7030]  - The dldo_device service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.

3/8/2011 11:07:42 AM, Error: Microsoft-Windows-PrintSpooler [6161]  - The document Microsoft Word - How to Use a CSV File for Kunaki Uploads.docx, owned by Glory, failed to print on printer Dell 968 AIO Printer XPS. Try to print the document again, or restart the print spooler.  Data type: RAW. Size of the spool file in bytes: 302354. Number of bytes printed: 302354. Total number of pages in the document: 1. Number of pages printed: 1. Client computer: \\GLORY-LAPTOP. Win32 error code returned by the print processor: 1726. The remote procedure call failed.

3/7/2011 4:21:31 AM, Error: i8042prt [40]  - An error occurred while trying to acquire the device ID of the mouse

3/7/2011 4:21:31 AM, Error: i8042prt [22]  - Could not set the mouse sample rate.

3/7/2011 12:27:52 PM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the TrkWks service.

3/7/2011 12:27:22 PM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SysMain service.

3/7/2011 12:19:52 PM, Error: Service Control Manager [7030]  - The PEVSystemStart service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.

3/7/2011 12:14:21 PM, Error: Ntfs [55]  - The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume OS.

3/7/2011 12:09:44 PM, Error: Service Control Manager [7034]  - The Dell Wireless WLAN Tray Service service terminated unexpectedly.  It has done this 1 time(s).

3/7/2011 12:09:13 PM, Error: Service Control Manager [7034]  - The XAudioService service terminated unexpectedly.  It has done this 1 time(s).

3/6/2011 2:11:57 PM, Error: Service Control Manager [7034]  - The Diagnostic System Host service terminated unexpectedly.  It has done this 1 time(s).

3/6/2011 2:11:57 PM, Error: Service Control Manager [7031]  - The WLAN AutoConfig service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.

3/6/2011 2:11:57 PM, Error: Service Control Manager [7031]  - The Windows Driver Foundation - User-mode Driver Framework service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.

3/6/2011 2:11:57 PM, Error: Service Control Manager [7031]  - The Windows Audio Endpoint Builder service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.

3/6/2011 2:11:57 PM, Error: Service Control Manager [7031]  - The Tablet PC Input Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.

3/6/2011 2:11:57 PM, Error: Service Control Manager [7031]  - The Superfetch service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.

3/6/2011 2:11:57 PM, Error: Service Control Manager [7031]  - The ReadyBoost service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.

3/6/2011 2:11:57 PM, Error: Service Control Manager [7031]  - The Program Compatibility Assistant Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.

3/6/2011 2:11:57 PM, Error: Service Control Manager [7031]  - The Portable Device Enumerator Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.

3/6/2011 2:11:57 PM, Error: Service Control Manager [7031]  - The PnP-X IP Bus Enumerator service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.

3/6/2011 2:11:57 PM, Error: Service Control Manager [7031]  - The Offline Files service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.

3/6/2011 2:11:57 PM, Error: Service Control Manager [7031]  - The Network Connections service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 100 milliseconds: Restart the service.

3/6/2011 2:11:57 PM, Error: Service Control Manager [7031]  - The Human Interface Device Access service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.

3/6/2011 2:11:57 PM, Error: Service Control Manager [7031]  - The Distributed Link Tracking Client service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.

3/6/2011 2:11:57 PM, Error: Service Control Manager [7031]  - The Desktop Window Manager Session Manager service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.

3/6/2011 12:09:07 AM, Error: Microsoft-Windows-PrintSpooler [6161]  - The document Microsoft Word - Dell Printer Problem Offline - 2011-03-05.docx, owned by Glory, failed to print on printer Dell 968 AIO Printer (Copy 1). Try to print the document again, or restart the print spooler.  Data type: LEMF. Size of the spool file in bytes: 517971. Number of bytes printed: 517971. Total number of pages in the document: 1. Number of pages printed: 0. Client computer: \\GLORY-LAPTOP. Win32 error code returned by the print processor: 0. The operation completed successfully.

3/6/2011 10:40:20 PM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.

3/6/2011 1:57:33 PM, Error: EventLog [6008]  - The previous system shutdown at 1:56:18 PM on 3/6/2011 was unexpected.

3/6/2011 1:57:14 PM, Error: volmgr [49]  - Configuring the Page file for crash dump failed. Make sure there is a page file on the boot partition and that is large enough to contain all physical memory.

3/13/2011 2:38:01 PM, Error: Application Popup [1801]  - The hardware has reported an uncorrectable memory error.

3/13/2011 2:31:41 PM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.

3/13/2011 2:31:41 PM, Error: Service Control Manager [7000]  - The Windows Search service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.

3/13/2011 2:31:41 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1053" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

3/13/2011 2:23:13 PM, Error: Service Control Manager [7000]  - The BCM42RLY service failed to start due to the following error:  The system cannot find the file specified.

3/13/2011 2:22:15 PM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Dell Internal Network Card Power Management service to connect.

3/13/2011 2:22:15 PM, Error: Service Control Manager [7001]  - The NTRU TSS v1.2.1.25 TCS service depends on the TPM Base Services service which failed to start because of the following error:  The operation completed successfully.

3/13/2011 2:20:04 PM, Error: volsnap [25]  - The shadow copies of volume C: were deleted because the shadow copy storage could not grow in time.  Consider reducing the IO load on the system or choose a shadow copy storage volume that is not being shadow copied.

3/13/2011 2:17:40 PM, Error: Service Control Manager [7034]  - The Dell Internal Network Card Power Management service terminated unexpectedly.  It has done this 1 time(s).

3/13/2011 2:16:31 PM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service.

3/12/2011 6:11:59 PM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the FlipShare Service service.

3/10/2011 3:14:23 AM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the STacSV service.

3/10/2011 12:04:03 AM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Volume Shadow Copy service to connect.

3/10/2011 12:04:03 AM, Error: Service Control Manager [7000]  - The Volume Shadow Copy service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.

3/10/2011 12:04:03 AM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1053" attempting to start the service VSS with arguments "" in order to run the server: {E579AB5F-1CC4-44B4-BED9-DE0991FF0623}

.

==== End Of File ===========================

 

faith_michele

32 Posts

March 14th, 2011 04:00

Hi JJ8765,

I only recieved one Application & one System event. Please follow the instructions again and save all of your Application & System events for me to review.

Click Start>Type Event Viewer in the search box>double-click Event Viewer found in the results.

Over on the left hand side expand the window category and then click on System. Then up at the top click on Action and then click on Save Events As, type in system as the file name, make sure file type EVTX is selected, and then navigate so it will save the file to your desktop, then click save. Over on the left hand side, click on Application. Then up at the top click on Action and then click on Save Events As, type in application as the file name, make sure file type EVTX is selected, and then navigate so it will save the file to your desktop, then click save. Zip them both up into a single zip file, post them back here in your next reply as attachments.

Thank you,

Faith

JJ8765

41 Posts

March 14th, 2011 10:00

Faith,

I don't understand.

Everything you wrote, I did, step by step.

All that resulted, I sent to you: Your steps gave me one file named "system.evtx" and one file named "application.evtx". That is what I got. That is what is in the Zip folder.

 

I don't understand how you expected the steps to give me more than one "system.evtx" file and more than one "application.evtx" file:

"Over on the left hand side expand the window category and then click on System. Then up at the top click on Action and then click on Save Events As, type in system as the file name, make sure file type EVTX is selected, and then navigate so it will save the file to your desktop, then click save(NOTE: That is one file)

Over on the left hand side,click on Application. Then up at the top click on Action and then click on Save Events As, type in application as the file name, make sure file type EVTX is selected, and then navigate so it will save the file to your desktop, then click save. (NOTE: That is also one file, not multiple files.) Zip them both (NOTE: "both" refers to two files) up into a single zip file, post them back here in your next reply as attachments."

I zipped both files into the zip folder. I opened the zip folder in the screen shot above to show its contents.

Can you be clearer about what you mean?

Thank you.

JJ8765

 

faith_michele

32 Posts

March 14th, 2011 20:00

Hi JJ8765,

You are absolutely correct about the .evtx files being one file each. What I was trying to explain to you was that there is normally more than one event in each of these files. When you expand the Application & System category in the Event Viewer, tell me how many events are present for each category of Windows Logs (Application & System).

Also, when you tried these steps for you printer - does it prompt you to choose between the AIO and XPS (when you load the All-In-One Center and choose not to remove the XPS driver, you will be asked which printer to use, as you will now have two printers (drivers) installed on that port)?

Having a problem with that pesky Print Pipeline Filter Error with the AIO 968 running Vista 32-bit

Did you previously have a Lexmark Printer installed?

Thank You,

Faith

PudgyOne

9 Legend

 • 

30.3K Posts

March 15th, 2011 02:00

Faith,

 

Most Dell Inkjet Printers are made for Dell by Lexmark. Sometimes there are some Lexmark files.

 

 

Rick

faith_michele

32 Posts

March 15th, 2011 17:00

Hi JJ8765,

A big thanks goes to Rick for keeping me straight and explaining about the Lexmark files for a Dell Printer. The reason I am asking to look at the event viewer logs is to see what specific errors are related to the printer communication problem. Sometimes event logs that are logged right before of after the problem gives away specific clues that can be further researched.

If it is not possible to do this, then please proceed as follows:

To try and fix these event errors that show in your DDS log-

Quote:

3/7/2011 12:14:21 PM, Error: Ntfs [55] - The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume OS.

Quote:

3/8/2011 9:38:40 AM, Error: Service Control Manager [7030] - The dldo_device service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.

Please try these steps-

---Run sfc /scannow from the elevated Command Prompt

1. To open an elevated Command Prompt - Open the Start Menu.
2. Click on All Programs and Accessories.
3. Right click on Command Prompt and click Run as administrator.
4. Click on Continue in the UAC prompt.
5. In the command prompt, type in sfc /scannow >Enter>allow it to run.

Related screenshots - Verify the Integrity of Windows Vista System Files

---Then run chkdsk /f-

1. Open an elevated Command Prompt (Steps 1-4 above).
2. In the command prompt, type in chkdsk /f >Enter>If prompted to run it on restart, Type in Y for yes>Reboot and allow it to run.

Please let me know how this works for you.

Thank You,

Faith

JJ8765

41 Posts

March 15th, 2011 19:00

Faith,

I tried the evtx files again. I may have done them correctly this time. 

http://en.community.dell.com/cfs-file.ashx/__key/CommunityServer.Discussions.Components.Files/3521/4111.system_2D00_application-2011_2D00_03_2D00_15.zip

 

When I uninstall and reinstall the printer driver, Dell doesn't give me a choice between "Dell 968w AIO Printer" or "Dell 968 AIO Printer XPS". It only started giving me the XPS in the last few months. The driver that is available on the support.Dell.com site is R241344, which is the driver that has been available for months:

This printer driver was released on October 4, 2009. I've "re-downloaded" twice, but it's the same printer driver.

In the time I've had this printer and have had to reinstall the printer driver (probably 25 times in -- it will be 3 years in May 2011), I've only recently seen the Lexmark name on a screen or two during the install process and, as mentioned above, I have only in the past couple months seen the "XPS" install itself, but it doesn't give me a choice.

This is the window I get after the R241344 icon runs through its unzip. A window or two after this shows the Lexmark name somewhere, but it happens so fast that I don't recall exactly which window displays it. At no time do I get a choice for "XPS" or not.

Thank you.

JJ8765

faith_michele

32 Posts

March 16th, 2011 17:00

Hi JJ8765,

I am still reviewing your Event Viewer logs.  They were correct this time.  Good Job!

Please run the chkdsk & sfc /scannow according to the previous instructions.

You might need to run the chkdsk first.  That is okay.

Try to Repair your QuickBooks installation if this option is available.

Thanks,

Faith

JJ8765

41 Posts

March 16th, 2011 19:00

Faith,

I ran the chkdsk/f and sfc /scannow.

Was there supposed to be some output from either of those processes?

The chkdsk didn't have a message when it completed. The sfc /scannow message at the end was:

Windows Resource Protection found corrupt files but was unable to fix some of them. Details are included in the CBS.Log windir\Logs\CBS\CBS.log

I don't know what that means. I did a search for windir\Logs\CBS\CBS.log on the C drive that resulted in nothing. Then I searched on CBS.log -- there was one file. When I tried to click on it, it gave me the message, "Access denied."

I don't know anything about repairing the QuickBooks installation. How is that done?

Thank you.

JJ8765

faith_michele

32 Posts

March 17th, 2011 15:00

Hi JJ8765,

Here is a link on the QuickBooks Repair.

For the SFC log:

Start - type in Search box -> CMD find at top - Right Click on - RUN AS ADMIN

Put the command from below (copy and paste it) into that box and then hit enter.

findstr /c:"[SR]" %windir%\logs\cbs\cbs.log >sfcdetails.txt

That creates the sfcdetails.txt file in the folder you are in when you run it.

So if you are in C:\Windows\System32> then you will need to look in that folder for the file.

You might need to un-hide files & folders. How to see hidden files in Windows Vista (scroll down)

Copy & Paste the errors into a reply to this post.

NOTE : there probably are duplicates so please only post each section of errors once. We do not need all the good entries, only the error entries.

More information if needed. How to analyze the log file entries that the Microsoft Windows Resource Checker (SFC.exe) program generates in Windows Vista

The dskchk will show up in your Event Viewer. Please attach new Event Viewer files (zipped Application & System).

Are you using a KVM switch?

Thank You,

Faith

JJ8765

41 Posts

March 18th, 2011 13:00

Faith,

I couldn't get very far this time.

Regarding these instructions:

For the SFC log:

Start - type in Search box -> CMD find at top - Right Click on - RUN AS ADMIN

Put the command from below (copy and paste it) into that box and then hit enter.

findstr /c:"[SR]" %windir%\logs\cbs\cbs.log >sfcdetails.txt

When I copied the string you typed above, I used Ctrl+C.  Then I went to the CMD box. At the place where the cursor was blinking, I typed Ctrl+V to paste. However, the CMD box took that literally, and what was there?  ^V  

Is there a special way to paste copied text into the CMD box? If so, please advise.

Regarding this instruction:

That creates the sfcdetails.txt file in the folder you are in when you run it.

How am I "in a folder" at that point? What does that mean? I've not heard of it referred to in that way before. (If I'm in a Word document that's been saved, yes, then I know what folder I'm in. But if I run a process, how am I already in a folder?)

Regarding the QuickBooks repair, in the middle of it, I got the following:

 Maybe it shouldn't surprise me, since Quickbooks updates itself on my PC regularly. It seems to be saying that the patch this process was trying to apply is already applied. Does that sound right?

Thank you.

JJ8765

 

View More

View All

No Events found!

Top