 |
Spyware Warrior
Help with Spyware, Hijacking & Other Internet Nuisances
|
| View previous topic :: View next topic |
| Author |
Message |
Bellz666
Junior Member
Joined: 07 Aug 2004
Last Visit: 22 May 2012
Posts: 40
Location: NY
|
 Posted: Fri Oct 28, 2011 3:24 am Post subject: Links populating on internet - HijackThis log |
 |
|
My wife uses this computer for her Online school work. Her teacher's discussions are populating with links that the teacher states do not exist in her posts.
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 7:19:40 AM, on 10/28/2011
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.19154)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\RtHDVCpl.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Common Files\aol\1192316997\ee\aolsoftware.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Dell Photo AIO Printer 962\dlbxmon.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
C:\Program Files\Intuit\QuickBooks 2011\QBW32.EXE
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\AOL 9.1\waol.exe
C:\Program Files\AOL 9.1\shellmon.exe
c:\program files\common files\installshield\updateservice\isuspm.exe
C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
C:\Windows\system32\DllHost.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://search.alot.com/web?q=&pr=auto&client_id=BE5B373001CB2E883CFFE10B&src_id=11582&camp_id=1341&tb_version=2.5.12000.509
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer provided by Dell
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: ALOT Toolbar Helper - {14CEEAFF-96DD-4101-AE37-D5ECDC23C3F6} - C:\Program Files\alot\bin\BHO\alotBHO.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\5.1.0.29\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\5.1.0.29\IPS\IPSBHO.DLL
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O2 - BHO: Holidays Toolbar Loader - {8008a5bc-8bdc-41b2-88c8-5e8e0a6d64ad} - C:\Program Files\Holidays Toolbar\holidaystb.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O3 - Toolbar: Holidays Toolbar - {3dd02f89-4590-4dd7-b14c-e2444f7d9915} - C:\Program Files\Holidays Toolbar\holidaystb.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\5.1.0.29\coIEPlg.dll
O3 - Toolbar: ALOT Toolbar - {5AA2BA46-9913-4dc7-9620-69AB0FA17AE7} - C:\Program Files\alot\bin\alot.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [ECenter] C:\Dell\E-Center\EULALauncher.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1192316997\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [DLBXCATS] rundll32 C:\Windows\system32\spool\DRIVERS\W32X86\3\DLBXtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [dlbxmon.exe] "C:\Program Files\Dell Photo AIO Printer 962\dlbxmon.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Intuit SyncManager] C:\Program Files\Common Files\Intuit\Sync\IntuitSyncManager.exe startup
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [AOL Fast Start] "C:\Program Files\AOL 9.1\AOL.EXE" -b
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\Windows\system32\Macromed\Flash\FlashUtil10d.exe
O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe
O4 - Global Startup: Intuit Data Protect.lnk = C:\Program Files\Common Files\Intuit\DataProtect\IntuitDataProtect.exe
O4 - Global Startup: McAfee Security Scan Plus.lnk = ?
O4 - Global Startup: QuickBooks Update Agent.lnk = C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
O4 - Global Startup: QuickBooks_Standard_21.lnk = C:\Program Files\Intuit\QuickBooks 2011\QBW32.EXE
O8 - Extra context menu item: &AOL Toolbar Search - c:\program files\aol\aol toolbar 5.0\resources\en-US\local\search.html
O8 - Extra context menu item: &Holidays Toolbar Search - C:\ProgramData\Holidays Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1006.cab
O16 - DPF: {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} (WMI Class) - http://support.dell.com/systemprofiler/SysProExe.CAB
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
O16 - DPF: {BEA7310D-06C4-4339-A784-DC3804819809} (Photo Upload Plugin Class) - http://www.cvsphoto.com/upload/activex/v3_0_0_7/PhotoCenter_ActiveX_Control.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: intu-help-qb4 - {ACE22922-D07C-4860-B51B-8CF472FEC2CB} - C:\Program Files\Intuit\QuickBooks 2011\HelpAsyncPluggableProtocol.dll
O18 - Protocol: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - mscoree.dll (file missing)
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Windows\system32\AERTSrv.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: dlbx_device - - C:\Windows\system32\dlbxcoms.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: FlipShare Service - Unknown owner - C:\Program Files\Flip Video\FlipShare\FlipShareService.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe
O23 - Service: Norton 360 (N360) - Symantec Corporation - C:\Program Files\Norton 360\Engine\5.1.0.29\ccSvcHst.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: QBCFMonitorService - Intuit - C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
O23 - Service: Intuit QuickBooks FCS (QBFCService) - Intuit Inc. - C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe
O23 - Service: QBIDPService (QBVSS) - Unknown owner - C:\Program Files\Common Files\Intuit\DataProtect\QBIDPService.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
--
End of file - 10990 bytes |
|
| Back to top |
|
 |
Cypher
Moderator
Joined: 05 Jul 2009
Last Visit: 17 May 2013
Posts: 4041
Location: Land Of The Leprechauns
|
| Posted: Fri Oct 28, 2011 8:12 am Post subject: |
|
|
Hi and welcome back to Spyware Warrior Forum.
My name is Cypher, and I will be helping you with your malware problems.
This may or may not, solve other issues you have with your machine.
If you no longer require help i would be grateful if you would let me know.
I note that you have abandoned the last few topics you have had here, i trust that won't happen this time.
Before we start please note the following important guidelines. - If you don't know or understand something, please don't hesitate to ask.
- Only post your problem at One help site. Applying fixes from multiple help sites can cause problems.
- Only reply to this thread do not start another, Please continue responding until I give you the "All Clean"
Absence of symptoms does not mean that everything is clear.
- Please DO NOT run any other tools or scans whilst I am helping you.
- Please DO NOT install any other software (or hardware) during the cleaning process.
- Print each set of instructions... if possible...your Internet connection will not be available during some fix processes.
- Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
- Note: No Reply Within 3 Days Will Result In Your Topic Being Closed!
Note: If you haven't done so already, please read this topic Things to know before you post where the conditions for receiving help here are explained.
| Quote: |
| Please be aware that removing Malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop. |
Because of this, I advise you to backup any personal files and folders before you start
Please post an Uninstall list.
- Open HijackThis.
- Click on the Open the Misc Tools section button.
- Look under System tools.
- Click on the Open Uninstall Manager... button.
- Click on the Save list... button.
- It will prompt you to save. Save this log in a convenient location. By default it's named uninstall_list.txt.
- Notepad will open. Please post this log in your next reply.
_________________
Admin/Teacher at Malware Removal University
Member of...
 |
|
| Back to top |
|
|
Bellz666
Junior Member
Joined: 07 Aug 2004
Last Visit: 22 May 2012
Posts: 40
Location: NY
|
| Posted: Fri Oct 28, 2011 7:03 pm Post subject: |
|
|
I do appreciate your help.
Update for Microsoft Office 2007 (KB2508958)
3ivx MPEG-4 5.0.3 (remove only)
Adobe AIR
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader X (10.1.1)
AIM 6
ALOT Toolbar
AOL Install
AOL Mail and AIM Gadget
AOL Toolbar 5.0
AOL Uninstaller (Choose which Products to Remove)
Banctec Service Agreement
Browser Address Error Redirector
Citrix Presentation Server Web Client for Win32
Conexant D850 PCI V.92 Modem
Coupon Printer for Windows
Coupon Printer for Windows
Dell DataSafe Online
Dell Photo AIO Printer 962
Dell Support Center
Dell System Customization Wizard
DellSupport
Digital Line Detect
EarthLink Setup Files
FlipShare
Games, Music, & Photos Launcher
Google Desktop
Google Toolbar for Internet Explorer
Google Toolbar for Internet Explorer
HiJackThis
Holidays Toolbar
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Intel(R) PRO Network Connections 12.1.11.0
Intel(R) PRO Network Connections 12.1.11.0
Internet Service Offers Launcher
Java(TM) 6 Update 26
Java(TM) SE Runtime Environment 6
McAfee Security Scan Plus
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2572067)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Client Profile
Microsoft Office 2007 Primary Interop Assemblies
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft VC9 runtime libraries
Microsoft Visual Studio 2005 Tools for Office Runtime
Microsoft Visual Studio 2005 Tools for Office Runtime
Microsoft Works
Modem Diagnostic Tool
Mozilla Firefox 6.0.1 (x86 en-US)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB941833)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
NetWaiting
Norton 360
NVIDIA Display Control Panel
NVIDIA Drivers
OGA Notifier 2.0.0048.0
PowerISO
Product Documentation Launcher
PVSonyDll
QuickBooks
QuickBooks Premier: Accountant Edition 2007
QuickBooks Premier: Accountant Edition 2011
QuickBooks Product Listing Service
Realtek High Definition Audio Driver
Roxio Creator Audio
Roxio Creator BDAV Plugin
Roxio Creator Copy
Roxio Creator Data
Roxio Creator DE
Roxio Creator Tools
Roxio Express Labeler
Roxio MyDVD DE
Roxio Update Manager
RTC Client API v1.2
ScrewDrivers Client v4
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2288931)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB2553074)
Security Update for 2007 Microsoft Office System (KB2553089)
Security Update for 2007 Microsoft Office System (KB2553090)
Security Update for 2007 Microsoft Office System (KB2584063)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft Office Access 2007 (KB979440)
Security Update for Microsoft Office Access 2007 (KB979440)
Security Update for Microsoft Office Excel 2007 (KB2553073)
Security Update for Microsoft Office Groove 2007 (KB2552997)
Security Update for Microsoft Office InfoPath 2007 (KB2510061)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB2535818)
Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623)
Security Update for Microsoft Office Publisher 2007 (KB2284697)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2344993)
Sonic Activation Module
Spelling Dictionaries Support For Adobe Reader 8
SupportSoft Assisted Service
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 System (KB2539530)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2583910)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update for Outlook 2007 Junk Email Filter (KB2596560)
User's Guides
Viewpoint Media Player
WinRAR archiver |
|
| Back to top |
|
|
Cypher
Moderator
Joined: 05 Jul 2009
Last Visit: 17 May 2013
Posts: 4041
Location: Land Of The Leprechauns
|
| Posted: Sat Oct 29, 2011 2:24 am Post subject: |
|
|
Hi,
| Quote: |
| I do appreciate your help. |
You're welcome.
Vista Advice:
- All applications I ask to be used will require to be run in Administrator mode. IE: Right click on and select Run as Administrator.
- Your Operating System in use comes with a inbuilt utility called User Access Control(UAC).
- When prompted by this with anything I ask you to do carry out please select the option Allow.
Uninstall programs
- Click on Start.
- All programs.
- Accessories.
- Run.
- In the open text box copy/paste appwiz.cpl Then click Ok.
- Uninstall the following if present.
| Quote: |
ALOT Toolbar
Browser Address Error Redirector
Coupon Printer for Windows
Holidays Toolbar
Java(TM) SE Runtime Environment 6
McAfee Security Scan Plus |
Next.
Please download Malwarebytes' Anti-Malware and save to your desktop.
- Right-click mbam-setup.exe And select " Run as administrator " then follow the prompts to install the program.
- At the end, be sure a checkmark is placed next to:
Update Malwarebytes' Anti-Malware
Launch Malwarebytes' Anti-Malware
- Then click Finish.
- If an update is found, it will download and install the latest version.
- Once the program has loaded, select Perform Quick Scan, then click Scan.
- When the scan is complete, click OK, then Show Results to view the results.
- Check all items except items in the C:\System Volume Information folder... and click Remove Selected.
Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately. Failure to reboot will prevent MBAM from removing all the malware.
- When completed, a log will open in Notepad. Please copy and paste the log back into your next reply
- The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt
Next.
Please download OTL by Old Timer and save it to your Desktop.
- Right click on OTL.exe And select Run as administrator to run it.
- Under Output, ensure that Minimal Output is selected.
- Under Extra Registry section, select Use SafeList.
- Click the Scan All Users checkbox.
- Click on Run Scan at the top left hand corner.
- When done, two Notepad files will open.
- OTL.txt <-- Will be opened
Extra.txt <-- Will be minimized
- Please post the contents of these 2 Notepad files in your next reply.
Logs/Information to Post in your Next Reply
- Malwarebytes log.
- OTL.txt and Extra.txt contents.
_________________
Admin/Teacher at Malware Removal University
Member of...
|
|
| Back to top |
|
|
Bellz666
Junior Member
Joined: 07 Aug 2004
Last Visit: 22 May 2012
Posts: 40
Location: NY
|
| Posted: Sat Oct 29, 2011 4:43 am Post subject: |
|
|
No problem, followed it step by strep and here is everything you asked for.
One thing I definitely noticed in the OTL log is something referencing "ply pickle" or something like it....I know this creates problems for her on Firefox which is a mandatory browser for her school work.
Thanks again for all of your help!
Rob
Malware Log:
Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org
Database version: 8040
Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.19154
10/29/2011 8:23:10 AM
mbam-log-2011-10-29 (08-23-10).txt
Scan type: Quick scan
Objects scanned: 170422
Time elapsed: 7 minute(s), 18 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
OTL.txt
OTL logfile created on: 10/29/2011 8:26:46 AM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Jenifer\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19154)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1021.45 Mb Total Physical Memory | 201.96 Mb Available Physical Memory | 19.77% Memory free
2.26 Gb Paging File | 0.89 Gb Available in Paging File | 39.49% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 222.78 Gb Total Space | 149.93 Gb Free Space | 67.30% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 6.12 Gb Free Space | 61.21% Space Free | Partition Type: NTFS
Drive F: | 7.65 Gb Total Space | 5.91 Gb Free Space | 77.29% Space Free | Partition Type: FAT32
Computer Name: JENIFER-PC | User Name: Jenifer | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\Jenifer\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Norton 360\Engine\5.1.0.29\ccsvchst.exe (Symantec Corporation)
PRC - C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe (Intuit Inc.)
PRC - C:\Program Files\Intuit\QuickBooks 2011\QBW32.EXE (Intuit Inc.)
PRC - C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe (Intuit)
PRC - C:\Program Files\Flip Video\FlipShare\FlipShareService.exe ()
PRC - C:\Program Files\Common Files\Intuit\DataProtect\QBIDPService.exe ()
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Common Files\aol\1192316997\ee\aolsoftware.exe (AOL LLC)
PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Windows\System32\AERTSrv.exe (Andrea Electronics Corporation)
PRC - C:\Program Files\AOL 9.1\waol.exe (AOL, LLC.)
PRC - C:\Program Files\AOL 9.1\shellmon.exe (AOL, LLC.)
PRC - C:\Windows\System32\dlbxcoms.exe ( )
PRC - C:\Program Files\Dell Photo AIO Printer 962\dlbxmon.exe (Lexmark International, Inc.)
PRC - C:\Program Files\Viewpoint\Common\ViewpointService.exe (Viewpoint Corporation)
PRC - C:\Program Files\Common Files\aol\acs\AOLacsd.exe (AOL LLC)
PRC - C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe (Macrovision Corporation)
========== Modules (No Company Name) ==========
MOD - C:\Program Files\Intuit\QuickBooks 2011\QBMAPILibrary.dll ()
MOD - C:\Program Files\Intuit\QuickBooks 2011\QBCompressor.DLL ()
MOD - C:\Program Files\Intuit\QuickBooks 2011\mbpopup.dll ()
MOD - C:\Program Files\Intuit\QuickBooks 2011\boost_serialization-vc90-mt-p-1_33.dll ()
MOD - C:\Program Files\Intuit\QuickBooks 2011\BackupLib.dll ()
MOD - C:\Program Files\Intuit\QuickBooks 2011\boost_regex-vc90-mt-p-1_33.dll ()
MOD - C:\Program Files\AOL 9.1\xmltok.dll ()
MOD - C:\Program Files\AOL 9.1\xmlparse.dll ()
MOD - C:\Program Files\AOL 9.1\zlib.dll ()
MOD - C:\Program Files\WinRAR\RarExt.dll ()
MOD - C:\Program Files\Dell Photo AIO Printer 962\dlbxcfg.dll ()
MOD - C:\Program Files\Dell Photo AIO Printer 962\dlbxdrec.dll ()
MOD - C:\Program Files\Intuit\QuickBooks 2011\zlib1.dll ()
========== Win32 Services (SafeList) ==========
SRV - (AdobeARMservice) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (N360) -- C:\Program Files\Norton 360\Engine\5.1.0.29\ccSvcHst.exe (Symantec Corporation)
SRV - (QBCFMonitorService) -- C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe (Intuit)
SRV - (FlipShare Service) -- C:\Program Files\Flip Video\FlipShare\FlipShareService.exe ()
SRV - (QBVSS) -- C:\Program Files\Common Files\Intuit\DataProtect\QBIDPService.exe ()
SRV - (QBFCService) -- C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe (Intuit Inc.)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (AERTFilters) -- C:\Windows\System32\AERTSrv.exe (Andrea Electronics Corporation)
SRV - (DSBrokerService) -- C:\Program Files\DellSupport\brkrsvc.exe ()
SRV - (dlbx_device) -- C:\Windows\System32\dlbxcoms.exe ( )
SRV - (Viewpoint Manager Service) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe (Viewpoint Corporation)
SRV - (AOL ACS) -- C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe (AOL LLC)
========== Driver Services (SafeList) ==========
DRV - (BHDrvx86) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\BASHDefs\20111014.001\BHDrvx86.sys (Symantec Corporation)
DRV - (NAVEX15) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20111028.034\NAVEX15.SYS (Symantec Corporation)
DRV - (eeCtrl) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys (Symantec Corporation)
DRV - (EraserUtilRebootDrv) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation)
DRV - (NAVENG) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20111028.034\NAVENG.SYS (Symantec Corporation)
DRV - (SymEvent) -- C:\Windows\System32\drivers\SYMEVENT.SYS (Symantec Corporation)
DRV - (IDSVix86) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\IPSDefs\20111028.030\IDSvix86.sys (Symantec Corporation)
DRV - (SRTSP) -- C:\Windows\System32\Drivers\N360\0501000.01D\SRTSP.SYS (Symantec Corporation)
DRV - (SRTSPX) Symantec Real Time Storage Protection (PEL) -- C:\Windows\system32\drivers\N360\0501000.01D\SRTSPX.SYS (Symantec Corporation)
DRV - (SYMTDIv) -- C:\Windows\system32\drivers\N360\0501000.01D\SYMTDIV.SYS (Symantec Corporation)
DRV - (SymEFA) -- C:\Windows\system32\drivers\N360\0501000.01D\SYMEFA.SYS (Symantec Corporation)
DRV - (SymDS) -- C:\Windows\system32\drivers\N360\0501000.01D\SYMDS.SYS (Symantec Corporation)
DRV - (SymIRON) -- C:\Windows\system32\drivers\N360\0501000.01D\Ironx86.SYS (Symantec Corporation)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (SCDEmu) -- C:\Windows\System32\drivers\scdemu.sys (PowerISO Computing, Inc.)
DRV - (e1express) Intel(R) -- C:\Windows\System32\drivers\e1e6032.sys (Intel Corporation)
DRV - (dsunidrv) -- C:\Windows\System32\drivers\dsunidrv.sys (Gteko Ltd.)
DRV - (wanatw) WAN Miniport (ATW) -- C:\Windows\System32\drivers\wanatw4.sys (America Online, Inc.)
DRV - (R300) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (HSXHWBS2) -- C:\Windows\System32\drivers\HSXHWBS2.sys (Conexant Systems, Inc.)
DRV - (DSproct) -- C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys (Gteko Ltd.)
DRV - (XAudio) -- C:\Windows\System32\drivers\XAudio.sys (Conexant Systems, Inc.)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 2
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..extensions.enabledItems: textlinks@plpickle.com:1.0.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.8.20100713041928
FF - prefs.js..extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:3.1
FF - prefs.js..extensions.enabledItems: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:2011.7.1.3
FF - prefs.js..network.proxy.type: 0
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\IPSFFPlgn\ [2011/10/16 12:42:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\coFFPlgn_2011_7_2_3 [2011/10/22 16:11:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/09/05 17:57:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/10/24 20:25:44 | 000,000,000 | ---D | M]
[2011/05/25 18:15:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jenifer\AppData\Roaming\Mozilla\Extensions
[2011/10/16 21:17:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jenifer\AppData\Roaming\Mozilla\Firefox\Profiles\qyzuvwei.default\extensions
[2011/06/26 17:30:08 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Jenifer\AppData\Roaming\Mozilla\Firefox\Profiles\qyzuvwei.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/10/16 21:17:34 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Jenifer\AppData\Roaming\Mozilla\Firefox\Profiles\qyzuvwei.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2011/08/21 20:15:43 | 000,002,469 | ---- | M] () -- C:\Users\Jenifer\AppData\Roaming\Mozilla\Firefox\Profiles\qyzuvwei.default\searchplugins\safesearch.xml
[2011/09/05 17:57:19 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/06/26 17:37:20 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2011/10/22 16:11:45 | 000,000,000 | ---D | M] (Norton Toolbar) -- C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\COFFPLGN_2011_7_2_3
[2011/10/16 12:42:17 | 000,000,000 | ---D | M] (Symantec IPS) -- C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\IPSFFPLGN
[2011/05/25 18:15:10 | 000,000,000 | ---D | M] (Play Pickle TextLinks) -- C:\USERS\JENIFER\APPDATA\ROAMING\MOZILLA\EXTENSIONS\{EC8030F7-C20A-464F-9B0E-13A3A9E97384}\TEXTLINKS@PLPICKLE.COM
[2011/08/30 18:59:04 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/06/26 17:35:39 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011/08/30 15:41:02 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
O1 HOSTS File: ([2006/09/18 17:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\5.1.0.29\coieplg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\5.1.0.29\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (AOL Toolbar Launcher) - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\5.1.0.29\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
O3 - HKCU\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [DLBXCATS] C:\Windows\System32\spool\DRIVERS\W32X86\3\DLBXtime.DLL ()
O4 - HKLM..\Run: [dlbxmon.exe] C:\Program Files\Dell Photo AIO Printer 962\dlbxmon.exe (Lexmark International, Inc.)
O4 - HKLM..\Run: [dscactivate] C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe ( )
O4 - HKLM..\Run: [ECenter] C:\DELL\E-Center\EULALauncher.exe ( )
O4 - HKLM..\Run: [HostManager] C:\Program Files\Common Files\aol\1192316997\ee\aolsoftware.exe (AOL LLC)
O4 - HKLM..\Run: [Intuit SyncManager] C:\Program Files\Common Files\Intuit\Sync\IntuitSyncManager.exe (Intuit Inc. All rights reserved.)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" File not found
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [AOL Fast Start] C:\Program Files\AOL 9.1\AOL.EXE (AOL, LLC.)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKCU..\RunOnce: [FlashPlayerUpdate] C:\Windows\System32\Macromed\Flash\FlashUtil10d.exe (Adobe Systems, Inc.)
O8 - Extra context menu item: &AOL Toolbar Search - c:\Program Files\AOL\AOL Toolbar 5.0\resources\en-us\local\search.html ()
O9 - Extra Button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} http://lads.myspace.com/upload/MySpaceUploader1006.cab (MySpace Uploader Control)
O16 - DPF: {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} http://support.dell.com/systemprofiler/SysProExe.CAB (WMI Class)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {BEA7310D-06C4-4339-A784-DC3804819809} http://www.cvsphoto.com/upload/activex/v3_0_0_7/PhotoCenter_ActiveX_Control.cab (Photo Upload Plugin Class)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{74CA0F74-C0DF-43E1-BF1C-7FB9EF7453F0}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\intu-help-qb4 {ACE22922-D07C-4860-B51B-8CF472FEC2CB} - C:\Program Files\Intuit\QuickBooks 2011\HelpAsyncPluggableProtocol.dll (Intuit, Inc.)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL) -C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Jenifer\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Jenifer\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 17:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2011/06/16 06:39:08 | 000,000,151 | ---- | M] () - F:\autorun.inf -- [ FAT32 ]
O33 - MountPoints2\{3cf1b45a-6dea-11df-bcb2-00038a000015}\Shell\AutoRun\command - "" = F:\Setup_FlipShare.exe -- [2011/06/16 06:39:58 | 001,852,784 | ---- | M] ()
O33 - MountPoints2\{3cf1b45a-6dea-11df-bcb2-00038a000015}\Shell\Setup FlipShare\command - "" = F:\Setup_FlipShare.exe -- [2011/06/16 06:39:58 | 001,852,784 | ---- | M] ()
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\SETUP.EXE
O33 - MountPoints2\F\Shell\configure\command - "" = F:\SETUP.EXE
O33 - MountPoints2\F\Shell\install\command - "" = F:\SETUP.EXE
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011/10/29 08:25:25 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Jenifer\Desktop\OTL.exe
[2011/10/29 08:15:21 | 000,000,000 | ---D | C] -- C:\Users\Jenifer\AppData\Roaming\Malwarebytes
[2011/10/29 08:15:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/10/29 08:15:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/10/29 08:15:03 | 000,022,216 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011/10/29 08:15:03 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/10/29 08:12:59 | 009,852,544 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Jenifer\Desktop\mbam-setup-1.51.2.1300.exe
[2011/10/28 07:15:43 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2011/10/28 07:15:43 | 000,000,000 | ---D | C] -- C:\Users\Jenifer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
[2011/10/24 20:23:39 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2011/10/24 20:16:08 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR
[2011/10/24 20:14:43 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2011/10/13 11:48:27 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll
[2011/10/13 11:48:27 | 000,217,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisrndr.ax
[2011/10/13 11:48:27 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Mpeg2Data.ax
[2011/10/13 11:48:26 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSDvbNP.ax
[2011/10/13 11:48:25 | 002,043,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2011/10/13 11:48:21 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2011/10/13 11:48:21 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2011/10/13 11:48:17 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2011/10/13 11:48:17 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2011/10/13 11:48:17 | 000,602,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2011/10/13 11:48:16 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2011/10/13 11:48:16 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2011/10/13 11:48:15 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2011/10/13 11:48:15 | 000,174,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2011/10/13 11:48:15 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2011/10/13 11:48:15 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2011/10/13 11:48:15 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2011/10/13 11:48:15 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2011/10/13 11:48:15 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2011/10/13 11:48:15 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2011/10/13 11:48:15 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2011/10/13 11:48:14 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2011/10/13 11:48:14 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2011/10/13 11:47:53 | 000,555,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIAutomationCore.dll
[2011/10/13 11:47:52 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oleaccrc.dll
[2008/03/17 13:30:48 | 000,995,328 | ---- | C] ( ) -- C:\Windows\System32\dlbxusb1.dll
[2008/03/17 13:30:48 | 000,413,696 | ---- | C] ( ) -- C:\Windows\System32\dlbxinpa.dll
[2008/03/17 13:30:48 | 000,397,312 | ---- | C] ( ) -- C:\Windows\System32\dlbxiesc.dll
[2008/03/17 13:30:48 | 000,323,584 | ---- | C] ( ) -- C:\Windows\System32\DLBXhcp.dll
[2008/03/17 13:30:47 | 001,224,704 | ---- | C] ( ) -- C:\Windows\System32\dlbxserv.dll
[2008/03/17 13:30:47 | 000,643,072 | ---- | C] ( ) -- C:\Windows\System32\dlbxpmui.dll
[2008/03/17 13:30:47 | 000,585,728 | ---- | C] ( ) -- C:\Windows\System32\dlbxlmpm.dll
[2008/03/17 13:30:47 | 000,163,840 | ---- | C] ( ) -- C:\Windows\System32\dlbxprox.dll
[2008/03/17 13:30:47 | 000,094,208 | ---- | C] ( ) -- C:\Windows\System32\dlbxpplc.dll
[2008/03/17 13:30:46 | 000,696,320 | ---- | C] ( ) -- C:\Windows\System32\dlbxhbn3.dll
[2008/03/17 13:30:46 | 000,386,544 | ---- | C] ( ) -- C:\Windows\System32\dlbxih.exe
[2008/03/17 13:30:45 | 000,684,032 | ---- | C] ( ) -- C:\Windows\System32\dlbxcomc.dll
[2008/03/17 13:30:45 | 000,538,096 | ---- | C] ( ) -- C:\Windows\System32\dlbxcoms.exe
[2008/03/17 13:30:45 | 000,421,888 | ---- | C] ( ) -- C:\Windows\System32\dlbxcomm.dll
[2008/03/17 13:30:45 | 000,382,448 | ---- | C] ( ) -- C:\Windows\System32\dlbxcfg.exe
========== Files - Modified Within 30 Days ==========
[2011/10/29 08:25:26 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Jenifer\Desktop\OTL.exe
[2011/10/29 08:15:10 | 000,000,868 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/10/29 08:13:04 | 009,852,544 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Jenifer\Desktop\mbam-setup-1.51.2.1300.exe
[2011/10/29 08:11:59 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/10/29 08:11:59 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/10/29 02:31:23 | 000,000,422 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{975D7660-6180-49FC-8C95-866AC307F44C}.job
[2011/10/28 23:02:01 | 000,002,527 | ---- | M] () -- C:\Users\Jenifer\Desktop\HiJackThis.lnk
[2011/10/28 07:14:15 | 001,402,880 | ---- | M] () -- C:\Users\Jenifer\Desktop\HiJackThis.msi
[2011/10/25 21:08:58 | 000,093,696 | ---- | M] () -- C:\Users\Jenifer\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/10/25 21:01:50 | 000,612,592 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/10/25 21:01:50 | 000,107,654 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/10/24 20:25:47 | 000,001,894 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2011/10/24 20:15:00 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2011/10/22 16:11:09 | 000,035,853 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2011/10/22 16:11:09 | 000,035,853 | ---- | M] () -- C:\ProgramData\nvModes.001
[2011/10/22 16:10:44 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/10/22 16:10:19 | 1071,828,992 | -HS- | M] () -- C:\hiberfil.sys
[2011/10/18 20:22:59 | 000,002,609 | ---- | M] () -- C:\Users\Jenifer\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Excel 2007.lnk
[2011/10/16 14:39:27 | 000,434,040 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011/09/30 19:06:08 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2011/09/30 19:03:05 | 000,611,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2011/09/30 19:02:36 | 000,602,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2011/09/30 19:02:36 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2011/09/30 19:02:06 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2011/09/30 19:01:57 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2011/09/30 19:01:51 | 001,469,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2011/09/30 19:01:34 | 000,164,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2011/09/30 19:01:34 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2011/09/30 19:01:34 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2011/09/30 19:01:33 | 000,184,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2011/09/30 19:01:33 | 000,055,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2011/09/30 19:01:29 | 000,387,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2011/09/30 18:07:25 | 000,385,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2011/09/30 17:29:54 | 000,133,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2011/09/30 17:29:44 | 000,174,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2011/09/30 17:29:05 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2011/09/30 17:28:36 | 001,638,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2011/09/30 00:01:09 | 000,003,600 | ---- | M] () -- C:\{8C3F55B5-EB1E-4553-BE55-2D8B09D6FEF2}
========== Files Created - No Company Name ==========
[2011/10/29 08:15:09 | 000,000,868 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/10/28 07:15:43 | 000,002,527 | ---- | C] () -- C:\Users\Jenifer\Desktop\HiJackThis.lnk
[2011/10/28 07:14:15 | 001,402,880 | ---- | C] () -- C:\Users\Jenifer\Desktop\HiJackThis.msi
[2011/10/24 20:25:45 | 000,001,894 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2011/10/24 20:25:44 | 000,001,804 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2011/09/30 00:01:06 | 000,003,600 | ---- | C] () -- C:\{8C3F55B5-EB1E-4553-BE55-2D8B09D6FEF2}
[2011/07/09 07:51:43 | 000,000,095 | ---- | C] () -- C:\Windows\QBChanUtil_Trigger.ini
[2011/05/12 14:32:43 | 000,001,940 | ---- | C] () -- C:\Users\Jenifer\AppData\Local\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
[2010/07/16 18:57:17 | 000,035,853 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2010/07/16 18:57:17 | 000,035,853 | ---- | C] () -- C:\ProgramData\nvModes.001
[2009/09/23 18:58:13 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/09/23 18:58:13 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/08/03 15:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\System32\OGAEXEC.exe
[2008/09/24 07:34:20 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2008/03/17 13:30:49 | 000,274,432 | ---- | C] () -- C:\Windows\System32\DLBXinst.dll
[2008/03/17 13:30:48 | 000,434,176 | ---- | C] () -- C:\Windows\System32\dlbxutil.dll
[2008/03/17 13:30:47 | 000,135,168 | ---- | C] () -- C:\Windows\System32\dlbxjswr.dll
[2008/03/17 13:30:46 | 000,176,128 | ---- | C] () -- C:\Windows\System32\dlbxinsb.dll
[2008/03/17 13:30:46 | 000,159,744 | ---- | C] () -- C:\Windows\System32\dlbxins.dll
[2008/03/17 13:30:46 | 000,106,496 | ---- | C] () -- C:\Windows\System32\dlbxinsr.dll
[2008/03/17 13:30:46 | 000,086,016 | ---- | C] () -- C:\Windows\System32\dlbxcub.dll
[2008/03/17 13:30:45 | 000,073,728 | ---- | C] () -- C:\Windows\System32\dlbxcu.dll
[2008/03/17 13:30:45 | 000,036,864 | ---- | C] () -- C:\Windows\System32\dlbxcur.dll
[2008/03/17 12:46:14 | 000,040,960 | ---- | C] () -- C:\Windows\System32\dlbxvs.dll
[2008/03/17 12:46:13 | 000,344,064 | ---- | C] () -- C:\Windows\System32\dlbxcoin.dll
[2008/03/17 12:20:22 | 000,000,051 | ---- | C] () -- C:\Windows\dbghist.ini
[2008/02/19 02:33:34 | 000,446,352 | ---- | C] () -- C:\Windows\System32\OpenQuicktimeLib.dll
[2008/01/14 08:41:25 | 000,008,268 | ---- | C] () -- C:\Users\Jenifer\AppData\Local\d3d9caps.dat
[2007/10/30 17:28:40 | 000,000,095 | ---- | C] () -- C:\Users\Jenifer\AppData\Local\fusioncache.dat
[2007/10/19 20:00:32 | 000,000,104 | ---- | C] () -- C:\Users\Jenifer\AppData\Roaming\wklnhst.dat
[2007/10/13 19:09:21 | 000,000,335 | ---- | C] () -- C:\Windows\nsreg.dat
[2007/10/13 15:41:25 | 000,093,696 | ---- | C] () -- C:\Users\Jenifer\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/01/22 02:18:02 | 000,069,632 | ---- | C] () -- C:\Windows\System32\dlbxcfg.dll
[2006/11/10 09:26:12 | 000,000,000 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2006/11/07 15:25:58 | 000,000,000 | ---- | C] () -- C:\Windows\System32\px.ini
[2006/11/02 08:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 08:47:37 | 000,434,040 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 08:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 06:33:01 | 000,612,592 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 06:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 06:33:01 | 000,107,654 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 06:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 06:25:44 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2006/11/02 06:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 04:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 04:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 03:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 03:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006/09/17 00:36:50 | 000,520,192 | ---- | C] () -- C:\Windows\System32\CddbPlaylist2Roxio.dll
[2006/09/17 00:36:50 | 000,204,800 | ---- | C] () -- C:\Windows\System32\CddbFileTaggerRoxio.dll
[2006/07/17 12:11:36 | 000,667,280 | ---- | C] () -- C:\Windows\System32\tx12.dll
[2006/02/09 03:20:00 | 000,000,530 | ---- | C] () -- C:\Windows\System32\tx12_ic.ini
[2005/02/24 16:23:46 | 000,061,440 | ---- | C] () -- C:\Windows\System32\dlbxcnv4.dll
< End of report >
Extras.txt
OTL Extras logfile created on: 10/29/2011 8:26:46 AM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Jenifer\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19154)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1021.45 Mb Total Physical Memory | 201.96 Mb Available Physical Memory | 19.77% Memory free
2.26 Gb Paging File | 0.89 Gb Available in Paging File | 39.49% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 222.78 Gb Total Space | 149.93 Gb Free Space | 67.30% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 6.12 Gb Free Space | 61.21% Space Free | Partition Type: NTFS
Drive F: | 7.65 Gb Total Space | 5.91 Gb Free Space | 77.29% Space Free | Partition Type: FAT32
Computer Name: JENIFER-PC | User Name: Jenifer | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 1
"InternetSettingsDisableNotify" = 1
"AutoUpdateDisableNotify" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{B4140E17-3416-4490-B795-5B1160897976}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00E7E0F7-7B86-40C8-99CC-7F1E18EAD287}" = protocol=6 | dir=in | app=c:\program files\aol 9.1\waol.exe |
"{0A06219B-F9FD-40C7-BE5E-C8D10B161DED}" = protocol=6 | dir=in | app=c:\program files\dell photo aio printer 962\dlbxmon.exe |
"{13564929-4EAE-49EB-B2C0-B72513F77492}" = protocol=17 | dir=in | app=c:\program files\common files\aol\acs\aolacsd.exe |
"{1BC77ED0-3053-4E15-8428-F2F6B00D1F81}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{2DC3CCD7-B1C3-45B9-81C0-75D29A177B3D}" = protocol=17 | dir=in | app=c:\program files\aol 9.1\waol.exe |
"{2E8766DF-0C91-44F6-918E-E22001E53DB5}" = protocol=17 | dir=in | app=c:\program files\common files\aol\acs\aoldial.exe |
"{353C8B9B-30A1-4ACF-9092-CE6C7FCC05BD}" = protocol=17 | dir=in | app=c:\program files\common files\aol\system information\sinf.exe |
"{3FD7EAD9-0B6D-4AEC-A646-D8CF673A1ECF}" = protocol=17 | dir=in | app=c:\program files\common files\aol\1192316997\ee\aolsoftware.exe |
"{4C66E404-19CA-4AC1-B3F0-DD69E3D99D9B}" = protocol=17 | dir=in | app=c:\program files\dell photo aio printer 962\dlbxaiox.exe |
"{4E645A47-4022-4DD2-AA52-B3479B1F15DB}" = protocol=17 | dir=in | app=c:\program files\dell photo aio printer 962\dlbxmon.exe |
"{59863D62-0CA2-49D4-8C6B-124B9E37EFA3}" = protocol=17 | dir=in | app=c:\windows\system32\dlbxcoms.exe |
"{5B0C09F7-0CFE-4D45-8041-EFCA1A1CB41C}" = protocol=6 | dir=in | app=c:\windows\system32\dlbxcoms.exe |
"{6DE29077-3DC2-46A9-8A7F-A3F8A7ADB275}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{8491DC07-F4CD-423D-BFCF-E88D9E24B2CA}" = protocol=6 | dir=in | app=c:\program files\dell photo aio printer 962\dlbxaiox.exe |
"{85A1EB4B-F987-4FDA-8D4A-A4BB5FF082E4}" = protocol=17 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{934AA2C2-E1C9-4737-8F3A-4A30D58EBA76}" = protocol=17 | dir=in | app=c:\program files\aol 9.0\waol.exe |
"{A73E1B23-A821-47E8-93F6-8A678447BA57}" = protocol=6 | dir=in | app=c:\program files\common files\aol\acs\aoldial.exe |
"{AE51DF4C-03C7-4078-877C-196147890F6F}" = protocol=6 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{B45F7AD2-05A4-44A7-94CA-BEE27F48066E}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\dlbxpswx.exe |
"{B5F339CA-36EF-478A-9A2A-93F2A7C6D4FD}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{BC129D41-3BCB-443B-B6A0-96E7CC942FC0}" = protocol=17 | dir=in | app=c:\program files\common files\aol\topspeed\3.0\aoltpsd3.exe |
"{C8C5A519-6D6A-42D5-91B2-D12FF1BCD36E}" = protocol=6 | dir=in | app=c:\program files\common files\aol\acs\aolacsd.exe |
"{D07C0EDC-A7A9-4C18-815B-2A1192F17B4C}" = protocol=6 | dir=in | app=c:\program files\common files\aol\1192316997\ee\aolsoftware.exe |
"{D7665B77-AC5E-4DE0-9C5A-F78238EAF62D}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{DD862167-BF6B-4161-98A1-56A269EE75C1}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\dlbxpswx.exe |
"{E4B4D955-8CB4-49A6-B6DD-0FAD02E0D1C9}" = protocol=6 | dir=in | app=c:\program files\aol 9.0\waol.exe |
"{F0EDD2F1-34D6-4A1F-BA73-C273BA116027}" = protocol=6 | dir=in | app=c:\program files\common files\aol\system information\sinf.exe |
"{F1A7987E-6E8B-4B46-BE41-27D8B3B101E6}" = protocol=6 | dir=in | app=c:\program files\common files\aol\topspeed\3.0\aoltpsd3.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0394CDC8-FABD-4ed8-B104-03393876DFDF}" = Roxio Creator Tools
"{0D397393-9B50-4c52-84D5-77E344289F87}" = Roxio Creator Data
"{11E0AC7D-6823-4F67-865F-EE1C13D28C38}" = QuickBooks Premier: Accountant Edition 2011
"{13BA7B44-B712-4DEE-A7B8-1DD564F37AE5}" = Dell System Customization Wizard
"{1D70AABC-CB59-4700-A708-EA56D1CA07B0}" = QuickBooks
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2357B8BC-88C9-4A72-818C-050CC4EB0778}" = AOL Install
"{26A24AE4-039D-4CA4-87B4-2F83216026FF}" = Java(TM) 6 Update 26
"{2C6C74C2-042F-4D36-B7B0-0C538FCF01AB}" = Dell DataSafe Online
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}" = Sonic Activation Module
"{388E4B09-3E71-4649-8921-F44A3A2954A7}" = Microsoft Visual Studio 2005 Tools for Office Runtime
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{3E25E350-949F-4DB7-8288-2A60E018B4C1}" = Games, Music, & Photos Launcher
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
"{44CDBD1B-89FB-4E02-8319-2A4C550F664A}" = RTC Client API v1.2
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B9F45E8-E3CE-40B4-9463-80A9B3481DEF}" = Banctec Service Agreement
"{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies
"{55584E16-4D70-44EE-93DD-F144E8B7D4B7}" = QuickBooks Product Listing Service
"{5A3F6A80-7913-475E-8B96-477A952CFA43}" = SupportSoft Assisted Service
"{5CD29180-A95E-11D3-A4EB-00C04F7BDB2C}" = User's Guides
"{5E68BB65-4059-4FE5-AAC4-0CD1D79BBDE2}" = EarthLink Setup Files
"{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}" = Roxio Creator Copy
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler
"{67D15B01-9A6B-0397-002A-D2A015212748}" = FlipShare
"{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{777CA40C-0206-4EF6-A0FC-618BF06BF8D0}" = Intel(R) PRO Network Connections 12.1.11.0
"{797EE0CA-8165-405C-B5CE-F11EC20F1BB0}" = Microsoft VC9 runtime libraries
"{7E545666-F423-45FD-B3DF-C0B99A1A579F}" = QuickBooks Premier: Accountant Edition 2007
"{7EFA5E6F-74F7-4AFB-8AEA-AA790BD3A76D}" = DellSupport
"{83FFCFC7-88C6-41c6-8752-958A45325C82}" = Roxio Creator Audio
"{880AF49C-34F7-4285-A8AD-8F7A3D1C33DC}" = Roxio Creator BDAV Plugin
"{89CEAE14-DD0F-448E-9554-15781EC9DB24}" = Product Documentation Launcher
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.1)
"{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8
"{ACEB2BAF-96DF-48FD-ADD5-43842D4C443D}" = Adobe AIR
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}" = Roxio Creator DE
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CCFF1E13-77A2-4032-8B12-7566982A27DF}" = Internet Service Offers Launcher
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D639085F-4B6E-4105-9F37-A0DBB023E2FB}" = Roxio MyDVD DE
"{DBEA1034-5882-4A88-8033-81C4EF0CFA29}" = Google Toolbar for Internet Explorer
"{E3BFEE55-39E2-4BE0-B966-89FE583822C1}" = Dell Support Center
"{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F226C1DA-66D7-4ABC-86B5-3F978A660EBF}" = AOL Mail and AIM Gadget
"{F63A3748-B93D-4360-9AD4-B064481A5C7B}" = Modem Diagnostic Tool
"3ivx MPEG-4 5.0.3" = 3ivx MPEG-4 5.0.3 (remove only)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"AIM_6" = AIM 6
"AOL Toolbar" = AOL Toolbar 5.0
"AOL Toolbar 5.0" =
"AOL Uninstaller" = AOL Uninstaller (Choose which Products to Remove)
"Citrix ICA Web Client" = Citrix Presentation Server Web Client for Win32
"CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200F14F1" = Conexant D850 PCI V.92 Modem
"Coupon Printer for Windows4.0" = Coupon Printer for Windows
"Dell Photo AIO Printer 962" = Dell Photo AIO Printer 962
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Google Desktop" = Google Desktop
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.2.1300
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft Visual Studio 2005 Tools for Office Runtime" = Microsoft Visual Studio 2005 Tools for Office Runtime
"Mozilla Firefox 6.0.1 (x86 en-US)" = Mozilla Firefox 6.0.1 (x86 en-US)
"N360" = Norton 360
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"PowerISO" = PowerISO
"PROSetDX" = Intel(R) PRO Network Connections 12.1.11.0
"ScrewDrivers Client v4" = ScrewDrivers Client v4
"ViewpointMediaPlayer" = Viewpoint Media Player
"WinRAR archiver" = WinRAR archiver
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 12/3/2008 8:27:23 AM | Computer Name = Jenifer-PC | Source = Application Error | ID = 1000
Description = Faulting application aolphx.exe, version 10.0.0.1, time stamp 0x47237491,
faulting module kernel32.dll, version 6.0.6001.18000, time stamp 0x4791a76d, exception
code 0xc0000005, fault offset 0x000bf285, process id 0x1450, application start time
0x01c955427da11140.
Error - 12/5/2008 1:20:16 PM | Computer Name = Jenifer-PC | Source = Application Hang | ID = 1002
Description = The program AcroRd32.exe version 8.1.0.137 stopped interacting with
Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: 1670 Start Time: 01c956fdafb92980 Termination Time: 50
Error - 12/14/2008 4:37:32 PM | Computer Name = Jenifer-PC | Source = Application Hang | ID = 1002
Description = The program iexplore.exe version 7.0.6001.18000 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: 1750 Start Time: 01c95e280bd5c332 Termination Time: 57
Error - 12/15/2008 8:37:08 AM | Computer Name = Jenifer-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 12/17/2008 8:36:19 PM | Computer Name = Jenifer-PC | Source = Application Hang | ID = 1002
Description = The program iexplore.exe version 7.0.6001.18000 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: 15d4 Start Time: 01c960a85cbab550 Termination Time: 0
Error - 12/26/2008 8:49:45 AM | Computer Name = Jenifer-PC | Source = Application Hang | ID = 1002
Description = The program waol.exe version 9.5.0.1 stopped interacting with Windows
and was closed. To see if more information about the problem is available, check
the problem history in the Problem Reports and Solutions control panel. Process
ID: 38cc Start Time: 01c966984a2b1f60 Termination Time: 78
Error - 12/26/2008 8:57:39 AM | Computer Name = Jenifer-PC | Source = Application Error | ID = 1000
Description = Faulting application aolphx.exe, version 10.0.0.1, time stamp 0x47237491,
faulting module kernel32.dll, version 6.0.6001.18000, time stamp 0x4791a76d, exception
code 0xc0000005, fault offset 0x000bf285, process id 0x1a9c, application start time
0x01c967598814d250.
Error - 12/26/2008 1:22:09 PM | Computer Name = Jenifer-PC | Source = Application Error | ID = 1000
Description = Faulting application aolphx.exe, version 10.0.0.1, time stamp 0x47237491,
faulting module kernel32.dll, version 6.0.6001.18000, time stamp 0x4791a76d, exception
code 0xc0000005, fault offset 0x000bf285, process id 0x1418, application start time
0x01c9677e7b78cb80.
Error - 1/29/2009 11:44:23 AM | Computer Name = Jenifer-PC | Source = Application Hang | ID = 1002
Description = The program Explorer.EXE version 6.0.6001.18164 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: 738 Start Time: 01c982272f58f281 Termination Time: 156
Error - 3/17/2009 7:10:17 PM | Computer Name = Jenifer-PC | Source = Application Hang | ID = 1002
Description = The program waol.exe version 9.5.0.1 stopped interacting with Windows
and was closed. To see if more information about the problem is available, check
the problem history in the Problem Reports and Solutions control panel. Process
ID: 10f4 Start Time: 01c9a70b8f5ea080 Termination Time: 76
[ ODiag Events ]
Error - 1/20/2008 10:21:43 PM | Computer Name = Jenifer-PC | Source = Microsoft Office 12 Diagnostics | ID = 320
Description = An unexpected error occurred. Tag: 2kcz. Error code: N/A
[ OSession Events ]
Error - 1/20/2008 10:21:42 PM | Computer Name = Jenifer-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 25
seconds with 0 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 10/16/2011 12:56:35 PM | Computer Name = Jenifer-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 12:52:43 PM on 10/16/2011 was unexpected.
Error - 10/16/2011 12:57:52 PM | Computer Name = Jenifer-PC | Source = Service Control Manager | ID = 7009
Description =
Error - 10/16/2011 1:03:49 PM | Computer Name = Jenifer-PC | Source = Service Control Manager | ID = 7022
Description =
Error - 10/16/2011 2:07:59 PM | Computer Name = Jenifer-PC | Source = DCOM | ID = 10005
Description =
Error - 10/16/2011 2:07:59 PM | Computer Name = Jenifer-PC | Source = Service Control Manager | ID = 7009
Description =
Error - 10/16/2011 2:07:59 PM | Computer Name = Jenifer-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 10/22/2011 4:10:45 PM | Computer Name = Jenifer-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 10:55:05 AM on 10/22/2011 was unexpected.
Error - 10/24/2011 8:23:01 PM | Computer Name = Jenifer-PC | Source = Service Control Manager | ID = 7009
Description =
Error - 10/24/2011 8:23:01 PM | Computer Name = Jenifer-PC | Source = DCOM | ID = 10005
Description =
Error - 10/24/2011 8:23:01 PM | Computer Name = Jenifer-PC | Source = Service Control Manager | ID = 7000
Description =
< End of report > |
|
| Back to top |
|
|
Bellz666
Junior Member
Joined: 07 Aug 2004
Last Visit: 22 May 2012
Posts: 40
Location: NY
|
| Posted: Sat Oct 29, 2011 4:44 am Post subject: |
|
|
No problem, followed it step by step and here is everything you asked for.
One thing I definitely noticed in the OTL log is something referencing "ply pickle" or something like it....I know this creates problems for her on Firefox which is a mandatory browser for her school work.
Thanks again for all of your help!
Rob
Malware Log:
Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org
Database version: 8040
Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.19154
10/29/2011 8:23:10 AM
mbam-log-2011-10-29 (08-23-10).txt
Scan type: Quick scan
Objects scanned: 170422
Time elapsed: 7 minute(s), 18 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
OTL.txt
OTL logfile created on: 10/29/2011 8:26:46 AM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Jenifer\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19154)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1021.45 Mb Total Physical Memory | 201.96 Mb Available Physical Memory | 19.77% Memory free
2.26 Gb Paging File | 0.89 Gb Available in Paging File | 39.49% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 222.78 Gb Total Space | 149.93 Gb Free Space | 67.30% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 6.12 Gb Free Space | 61.21% Space Free | Partition Type: NTFS
Drive F: | 7.65 Gb Total Space | 5.91 Gb Free Space | 77.29% Space Free | Partition Type: FAT32
Computer Name: JENIFER-PC | User Name: Jenifer | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\Jenifer\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Norton 360\Engine\5.1.0.29\ccsvchst.exe (Symantec Corporation)
PRC - C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe (Intuit Inc.)
PRC - C:\Program Files\Intuit\QuickBooks 2011\QBW32.EXE (Intuit Inc.)
PRC - C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe (Intuit)
PRC - C:\Program Files\Flip Video\FlipShare\FlipShareService.exe ()
PRC - C:\Program Files\Common Files\Intuit\DataProtect\QBIDPService.exe ()
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Common Files\aol\1192316997\ee\aolsoftware.exe (AOL LLC)
PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Windows\System32\AERTSrv.exe (Andrea Electronics Corporation)
PRC - C:\Program Files\AOL 9.1\waol.exe (AOL, LLC.)
PRC - C:\Program Files\AOL 9.1\shellmon.exe (AOL, LLC.)
PRC - C:\Windows\System32\dlbxcoms.exe ( )
PRC - C:\Program Files\Dell Photo AIO Printer 962\dlbxmon.exe (Lexmark International, Inc.)
PRC - C:\Program Files\Viewpoint\Common\ViewpointService.exe (Viewpoint Corporation)
PRC - C:\Program Files\Common Files\aol\acs\AOLacsd.exe (AOL LLC)
PRC - C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe (Macrovision Corporation)
========== Modules (No Company Name) ==========
MOD - C:\Program Files\Intuit\QuickBooks 2011\QBMAPILibrary.dll ()
MOD - C:\Program Files\Intuit\QuickBooks 2011\QBCompressor.DLL ()
MOD - C:\Program Files\Intuit\QuickBooks 2011\mbpopup.dll ()
MOD - C:\Program Files\Intuit\QuickBooks 2011\boost_serialization-vc90-mt-p-1_33.dll ()
MOD - C:\Program Files\Intuit\QuickBooks 2011\BackupLib.dll ()
MOD - C:\Program Files\Intuit\QuickBooks 2011\boost_regex-vc90-mt-p-1_33.dll ()
MOD - C:\Program Files\AOL 9.1\xmltok.dll ()
MOD - C:\Program Files\AOL 9.1\xmlparse.dll ()
MOD - C:\Program Files\AOL 9.1\zlib.dll ()
MOD - C:\Program Files\WinRAR\RarExt.dll ()
MOD - C:\Program Files\Dell Photo AIO Printer 962\dlbxcfg.dll ()
MOD - C:\Program Files\Dell Photo AIO Printer 962\dlbxdrec.dll ()
MOD - C:\Program Files\Intuit\QuickBooks 2011\zlib1.dll ()
========== Win32 Services (SafeList) ==========
SRV - (AdobeARMservice) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (N360) -- C:\Program Files\Norton 360\Engine\5.1.0.29\ccSvcHst.exe (Symantec Corporation)
SRV - (QBCFMonitorService) -- C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe (Intuit)
SRV - (FlipShare Service) -- C:\Program Files\Flip Video\FlipShare\FlipShareService.exe ()
SRV - (QBVSS) -- C:\Program Files\Common Files\Intuit\DataProtect\QBIDPService.exe ()
SRV - (QBFCService) -- C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe (Intuit Inc.)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (AERTFilters) -- C:\Windows\System32\AERTSrv.exe (Andrea Electronics Corporation)
SRV - (DSBrokerService) -- C:\Program Files\DellSupport\brkrsvc.exe ()
SRV - (dlbx_device) -- C:\Windows\System32\dlbxcoms.exe ( )
SRV - (Viewpoint Manager Service) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe (Viewpoint Corporation)
SRV - (AOL ACS) -- C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe (AOL LLC)
========== Driver Services (SafeList) ==========
DRV - (BHDrvx86) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\BASHDefs\20111014.001\BHDrvx86.sys (Symantec Corporation)
DRV - (NAVEX15) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20111028.034\NAVEX15.SYS (Symantec Corporation)
DRV - (eeCtrl) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys (Symantec Corporation)
DRV - (EraserUtilRebootDrv) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation)
DRV - (NAVENG) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20111028.034\NAVENG.SYS (Symantec Corporation)
DRV - (SymEvent) -- C:\Windows\System32\drivers\SYMEVENT.SYS (Symantec Corporation)
DRV - (IDSVix86) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\IPSDefs\20111028.030\IDSvix86.sys (Symantec Corporation)
DRV - (SRTSP) -- C:\Windows\System32\Drivers\N360\0501000.01D\SRTSP.SYS (Symantec Corporation)
DRV - (SRTSPX) Symantec Real Time Storage Protection (PEL) -- C:\Windows\system32\drivers\N360\0501000.01D\SRTSPX.SYS (Symantec Corporation)
DRV - (SYMTDIv) -- C:\Windows\system32\drivers\N360\0501000.01D\SYMTDIV.SYS (Symantec Corporation)
DRV - (SymEFA) -- C:\Windows\system32\drivers\N360\0501000.01D\SYMEFA.SYS (Symantec Corporation)
DRV - (SymDS) -- C:\Windows\system32\drivers\N360\0501000.01D\SYMDS.SYS (Symantec Corporation)
DRV - (SymIRON) -- C:\Windows\system32\drivers\N360\0501000.01D\Ironx86.SYS (Symantec Corporation)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (SCDEmu) -- C:\Windows\System32\drivers\scdemu.sys (PowerISO Computing, Inc.)
DRV - (e1express) Intel(R) -- C:\Windows\System32\drivers\e1e6032.sys (Intel Corporation)
DRV - (dsunidrv) -- C:\Windows\System32\drivers\dsunidrv.sys (Gteko Ltd.)
DRV - (wanatw) WAN Miniport (ATW) -- C:\Windows\System32\drivers\wanatw4.sys (America Online, Inc.)
DRV - (R300) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (HSXHWBS2) -- C:\Windows\System32\drivers\HSXHWBS2.sys (Conexant Systems, Inc.)
DRV - (DSproct) -- C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys (Gteko Ltd.)
DRV - (XAudio) -- C:\Windows\System32\drivers\XAudio.sys (Conexant Systems, Inc.)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 2
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..extensions.enabledItems: textlinks@plpickle.com:1.0.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.8.20100713041928
FF - prefs.js..extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:3.1
FF - prefs.js..extensions.enabledItems: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:2011.7.1.3
FF - prefs.js..network.proxy.type: 0
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\IPSFFPlgn\ [2011/10/16 12:42:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\coFFPlgn_2011_7_2_3 [2011/10/22 16:11:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/09/05 17:57:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/10/24 20:25:44 | 000,000,000 | ---D | M]
[2011/05/25 18:15:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jenifer\AppData\Roaming\Mozilla\Extensions
[2011/10/16 21:17:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jenifer\AppData\Roaming\Mozilla\Firefox\Profiles\qyzuvwei.default\extensions
[2011/06/26 17:30:08 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Jenifer\AppData\Roaming\Mozilla\Firefox\Profiles\qyzuvwei.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/10/16 21:17:34 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Jenifer\AppData\Roaming\Mozilla\Firefox\Profiles\qyzuvwei.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2011/08/21 20:15:43 | 000,002,469 | ---- | M] () -- C:\Users\Jenifer\AppData\Roaming\Mozilla\Firefox\Profiles\qyzuvwei.default\searchplugins\safesearch.xml
[2011/09/05 17:57:19 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/06/26 17:37:20 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2011/10/22 16:11:45 | 000,000,000 | ---D | M] (Norton Toolbar) -- C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\COFFPLGN_2011_7_2_3
[2011/10/16 12:42:17 | 000,000,000 | ---D | M] (Symantec IPS) -- C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\IPSFFPLGN
[2011/05/25 18:15:10 | 000,000,000 | ---D | M] (Play Pickle TextLinks) -- C:\USERS\JENIFER\APPDATA\ROAMING\MOZILLA\EXTENSIONS\{EC8030F7-C20A-464F-9B0E-13A3A9E97384}\TEXTLINKS@PLPICKLE.COM
[2011/08/30 18:59:04 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/06/26 17:35:39 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011/08/30 15:41:02 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
O1 HOSTS File: ([2006/09/18 17:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\5.1.0.29\coieplg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\5.1.0.29\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (AOL Toolbar Launcher) - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\5.1.0.29\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
O3 - HKCU\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [DLBXCATS] C:\Windows\System32\spool\DRIVERS\W32X86\3\DLBXtime.DLL ()
O4 - HKLM..\Run: [dlbxmon.exe] C:\Program Files\Dell Photo AIO Printer 962\dlbxmon.exe (Lexmark International, Inc.)
O4 - HKLM..\Run: [dscactivate] C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe ( )
O4 - HKLM..\Run: [ECenter] C:\DELL\E-Center\EULALauncher.exe ( )
O4 - HKLM..\Run: [HostManager] C:\Program Files\Common Files\aol\1192316997\ee\aolsoftware.exe (AOL LLC)
O4 - HKLM..\Run: [Intuit SyncManager] C:\Program Files\Common Files\Intuit\Sync\IntuitSyncManager.exe (Intuit Inc. All rights reserved.)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" File not found
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [AOL Fast Start] C:\Program Files\AOL 9.1\AOL.EXE (AOL, LLC.)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKCU..\RunOnce: [FlashPlayerUpdate] C:\Windows\System32\Macromed\Flash\FlashUtil10d.exe (Adobe Systems, Inc.)
O8 - Extra context menu item: &AOL Toolbar Search - c:\Program Files\AOL\AOL Toolbar 5.0\resources\en-us\local\search.html ()
O9 - Extra Button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} http://lads.myspace.com/upload/MySpaceUploader1006.cab (MySpace Uploader Control)
O16 - DPF: {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} http://support.dell.com/systemprofiler/SysProExe.CAB (WMI Class)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {BEA7310D-06C4-4339-A784-DC3804819809} http://www.cvsphoto.com/upload/activex/v3_0_0_7/PhotoCenter_ActiveX_Control.cab (Photo Upload Plugin Class)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{74CA0F74-C0DF-43E1-BF1C-7FB9EF7453F0}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\intu-help-qb4 {ACE22922-D07C-4860-B51B-8CF472FEC2CB} - C:\Program Files\Intuit\QuickBooks 2011\HelpAsyncPluggableProtocol.dll (Intuit, Inc.)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL) -C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Jenifer\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Jenifer\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 17:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2011/06/16 06:39:08 | 000,000,151 | ---- | M] () - F:\autorun.inf -- [ FAT32 ]
O33 - MountPoints2\{3cf1b45a-6dea-11df-bcb2-00038a000015}\Shell\AutoRun\command - "" = F:\Setup_FlipShare.exe -- [2011/06/16 06:39:58 | 001,852,784 | ---- | M] ()
O33 - MountPoints2\{3cf1b45a-6dea-11df-bcb2-00038a000015}\Shell\Setup FlipShare\command - "" = F:\Setup_FlipShare.exe -- [2011/06/16 06:39:58 | 001,852,784 | ---- | M] ()
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\SETUP.EXE
O33 - MountPoints2\F\Shell\configure\command - "" = F:\SETUP.EXE
O33 - MountPoints2\F\Shell\install\command - "" = F:\SETUP.EXE
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011/10/29 08:25:25 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Jenifer\Desktop\OTL.exe
[2011/10/29 08:15:21 | 000,000,000 | ---D | C] -- C:\Users\Jenifer\AppData\Roaming\Malwarebytes
[2011/10/29 08:15:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/10/29 08:15:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/10/29 08:15:03 | 000,022,216 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011/10/29 08:15:03 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/10/29 08:12:59 | 009,852,544 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Jenifer\Desktop\mbam-setup-1.51.2.1300.exe
[2011/10/28 07:15:43 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2011/10/28 07:15:43 | 000,000,000 | ---D | C] -- C:\Users\Jenifer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
[2011/10/24 20:23:39 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2011/10/24 20:16:08 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR
[2011/10/24 20:14:43 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2011/10/13 11:48:27 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll
[2011/10/13 11:48:27 | 000,217,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisrndr.ax
[2011/10/13 11:48:27 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Mpeg2Data.ax
[2011/10/13 11:48:26 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSDvbNP.ax
[2011/10/13 11:48:25 | 002,043,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2011/10/13 11:48:21 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2011/10/13 11:48:21 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2011/10/13 11:48:17 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2011/10/13 11:48:17 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2011/10/13 11:48:17 | 000,602,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2011/10/13 11:48:16 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2011/10/13 11:48:16 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2011/10/13 11:48:15 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2011/10/13 11:48:15 | 000,174,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2011/10/13 11:48:15 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2011/10/13 11:48:15 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2011/10/13 11:48:15 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2011/10/13 11:48:15 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2011/10/13 11:48:15 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2011/10/13 11:48:15 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2011/10/13 11:48:15 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2011/10/13 11:48:14 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2011/10/13 11:48:14 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2011/10/13 11:47:53 | 000,555,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIAutomationCore.dll
[2011/10/13 11:47:52 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oleaccrc.dll
[2008/03/17 13:30:48 | 000,995,328 | ---- | C] ( ) -- C:\Windows\System32\dlbxusb1.dll
[2008/03/17 13:30:48 | 000,413,696 | ---- | C] ( ) -- C:\Windows\System32\dlbxinpa.dll
[2008/03/17 13:30:48 | 000,397,312 | ---- | C] ( ) -- C:\Windows\System32\dlbxiesc.dll
[2008/03/17 13:30:48 | 000,323,584 | ---- | C] ( ) -- C:\Windows\System32\DLBXhcp.dll
[2008/03/17 13:30:47 | 001,224,704 | ---- | C] ( ) -- C:\Windows\System32\dlbxserv.dll
[2008/03/17 13:30:47 | 000,643,072 | ---- | C] ( ) -- C:\Windows\System32\dlbxpmui.dll
[2008/03/17 13:30:47 | 000,585,728 | ---- | C] ( ) -- C:\Windows\System32\dlbxlmpm.dll
[2008/03/17 13:30:47 | 000,163,840 | ---- | C] ( ) -- C:\Windows\System32\dlbxprox.dll
[2008/03/17 13:30:47 | 000,094,208 | ---- | C] ( ) -- C:\Windows\System32\dlbxpplc.dll
[2008/03/17 13:30:46 | 000,696,320 | ---- | C] ( ) -- C:\Windows\System32\dlbxhbn3.dll
[2008/03/17 13:30:46 | 000,386,544 | ---- | C] ( ) -- C:\Windows\System32\dlbxih.exe
[2008/03/17 13:30:45 | 000,684,032 | ---- | C] ( ) -- C:\Windows\System32\dlbxcomc.dll
[2008/03/17 13:30:45 | 000,538,096 | ---- | C] ( ) -- C:\Windows\System32\dlbxcoms.exe
[2008/03/17 13:30:45 | 000,421,888 | ---- | C] ( ) -- C:\Windows\System32\dlbxcomm.dll
[2008/03/17 13:30:45 | 000,382,448 | ---- | C] ( ) -- C:\Windows\System32\dlbxcfg.exe
========== Files - Modified Within 30 Days ==========
[2011/10/29 08:25:26 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Jenifer\Desktop\OTL.exe
[2011/10/29 08:15:10 | 000,000,868 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/10/29 08:13:04 | 009,852,544 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Jenifer\Desktop\mbam-setup-1.51.2.1300.exe
[2011/10/29 08:11:59 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/10/29 08:11:59 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/10/29 02:31:23 | 000,000,422 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{975D7660-6180-49FC-8C95-866AC307F44C}.job
[2011/10/28 23:02:01 | 000,002,527 | ---- | M] () -- C:\Users\Jenifer\Desktop\HiJackThis.lnk
[2011/10/28 07:14:15 | 001,402,880 | ---- | M] () -- C:\Users\Jenifer\Desktop\HiJackThis.msi
[2011/10/25 21:08:58 | 000,093,696 | ---- | M] () -- C:\Users\Jenifer\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/10/25 21:01:50 | 000,612,592 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/10/25 21:01:50 | 000,107,654 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/10/24 20:25:47 | 000,001,894 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2011/10/24 20:15:00 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2011/10/22 16:11:09 | 000,035,853 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2011/10/22 16:11:09 | 000,035,853 | ---- | M] () -- C:\ProgramData\nvModes.001
[2011/10/22 16:10:44 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/10/22 16:10:19 | 1071,828,992 | -HS- | M] () -- C:\hiberfil.sys
[2011/10/18 20:22:59 | 000,002,609 | ---- | M] () -- C:\Users\Jenifer\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Excel 2007.lnk
[2011/10/16 14:39:27 | 000,434,040 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011/09/30 19:06:08 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2011/09/30 19:03:05 | 000,611,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2011/09/30 19:02:36 | 000,602,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2011/09/30 19:02:36 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2011/09/30 19:02:06 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2011/09/30 19:01:57 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2011/09/30 19:01:51 | 001,469,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2011/09/30 19:01:34 | 000,164,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2011/09/30 19:01:34 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2011/09/30 19:01:34 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2011/09/30 19:01:33 | 000,184,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2011/09/30 19:01:33 | 000,055,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2011/09/30 19:01:29 | 000,387,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2011/09/30 18:07:25 | 000,385,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2011/09/30 17:29:54 | 000,133,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2011/09/30 17:29:44 | 000,174,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2011/09/30 17:29:05 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2011/09/30 17:28:36 | 001,638,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2011/09/30 00:01:09 | 000,003,600 | ---- | M] () -- C:\{8C3F55B5-EB1E-4553-BE55-2D8B09D6FEF2}
========== Files Created - No Company Name ==========
[2011/10/29 08:15:09 | 000,000,868 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/10/28 07:15:43 | 000,002,527 | ---- | C] () -- C:\Users\Jenifer\Desktop\HiJackThis.lnk
[2011/10/28 07:14:15 | 001,402,880 | ---- | C] () -- C:\Users\Jenifer\Desktop\HiJackThis.msi
[2011/10/24 20:25:45 | 000,001,894 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2011/10/24 20:25:44 | 000,001,804 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2011/09/30 00:01:06 | 000,003,600 | ---- | C] () -- C:\{8C3F55B5-EB1E-4553-BE55-2D8B09D6FEF2}
[2011/07/09 07:51:43 | 000,000,095 | ---- | C] () -- C:\Windows\QBChanUtil_Trigger.ini
[2011/05/12 14:32:43 | 000,001,940 | ---- | C] () -- C:\Users\Jenifer\AppData\Local\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
[2010/07/16 18:57:17 | 000,035,853 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2010/07/16 18:57:17 | 000,035,853 | ---- | C] () -- C:\ProgramData\nvModes.001
[2009/09/23 18:58:13 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/09/23 18:58:13 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/08/03 15:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\System32\OGAEXEC.exe
[2008/09/24 07:34:20 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2008/03/17 13:30:49 | 000,274,432 | ---- | C] () -- C:\Windows\System32\DLBXinst.dll
[2008/03/17 13:30:48 | 000,434,176 | ---- | C] () -- C:\Windows\System32\dlbxutil.dll
[2008/03/17 13:30:47 | 000,135,168 | ---- | C] () -- C:\Windows\System32\dlbxjswr.dll
[2008/03/17 13:30:46 | 000,176,128 | ---- | C] () -- C:\Windows\System32\dlbxinsb.dll
[2008/03/17 13:30:46 | 000,159,744 | ---- | C] () -- C:\Windows\System32\dlbxins.dll
[2008/03/17 13:30:46 | 000,106,496 | ---- | C] () -- C:\Windows\System32\dlbxinsr.dll
[2008/03/17 13:30:46 | 000,086,016 | ---- | C] () -- C:\Windows\System32\dlbxcub.dll
[2008/03/17 13:30:45 | 000,073,728 | ---- | C] () -- C:\Windows\System32\dlbxcu.dll
[2008/03/17 13:30:45 | 000,036,864 | ---- | C] () -- C:\Windows\System32\dlbxcur.dll
[2008/03/17 12:46:14 | 000,040,960 | ---- | C] () -- C:\Windows\System32\dlbxvs.dll
[2008/03/17 12:46:13 | 000,344,064 | ---- | C] () -- C:\Windows\System32\dlbxcoin.dll
[2008/03/17 12:20:22 | 000,000,051 | ---- | C] () -- C:\Windows\dbghist.ini
[2008/02/19 02:33:34 | 000,446,352 | ---- | C] () -- C:\Windows\System32\OpenQuicktimeLib.dll
[2008/01/14 08:41:25 | 000,008,268 | ---- | C] () -- C:\Users\Jenifer\AppData\Local\d3d9caps.dat
[2007/10/30 17:28:40 | 000,000,095 | ---- | C] () -- C:\Users\Jenifer\AppData\Local\fusioncache.dat
[2007/10/19 20:00:32 | 000,000,104 | ---- | C] () -- C:\Users\Jenifer\AppData\Roaming\wklnhst.dat
[2007/10/13 19:09:21 | 000,000,335 | ---- | C] () -- C:\Windows\nsreg.dat
[2007/10/13 15:41:25 | 000,093,696 | ---- | C] () -- C:\Users\Jenifer\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/01/22 02:18:02 | 000,069,632 | ---- | C] () -- C:\Windows\System32\dlbxcfg.dll
[2006/11/10 09:26:12 | 000,000,000 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2006/11/07 15:25:58 | 000,000,000 | ---- | C] () -- C:\Windows\System32\px.ini
[2006/11/02 08:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 08:47:37 | 000,434,040 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 08:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 06:33:01 | 000,612,592 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 06:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 06:33:01 | 000,107,654 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 06:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 06:25:44 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2006/11/02 06:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 04:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 04:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 03:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 03:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006/09/17 00:36:50 | 000,520,192 | ---- | C] () -- C:\Windows\System32\CddbPlaylist2Roxio.dll
[2006/09/17 00:36:50 | 000,204,800 | ---- | C] () -- C:\Windows\System32\CddbFileTaggerRoxio.dll
[2006/07/17 12:11:36 | 000,667,280 | ---- | C] () -- C:\Windows\System32\tx12.dll
[2006/02/09 03:20:00 | 000,000,530 | ---- | C] () -- C:\Windows\System32\tx12_ic.ini
[2005/02/24 16:23:46 | 000,061,440 | ---- | C] () -- C:\Windows\System32\dlbxcnv4.dll
< End of report >
Extras.txt
OTL Extras logfile created on: 10/29/2011 8:26:46 AM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Jenifer\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19154)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1021.45 Mb Total Physical Memory | 201.96 Mb Available Physical Memory | 19.77% Memory free
2.26 Gb Paging File | 0.89 Gb Available in Paging File | 39.49% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 222.78 Gb Total Space | 149.93 Gb Free Space | 67.30% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 6.12 Gb Free Space | 61.21% Space Free | Partition Type: NTFS
Drive F: | 7.65 Gb Total Space | 5.91 Gb Free Space | 77.29% Space Free | Partition Type: FAT32
Computer Name: JENIFER-PC | User Name: Jenifer | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 1
"InternetSettingsDisableNotify" = 1
"AutoUpdateDisableNotify" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{B4140E17-3416-4490-B795-5B1160897976}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00E7E0F7-7B86-40C8-99CC-7F1E18EAD287}" = protocol=6 | dir=in | app=c:\program files\aol 9.1\waol.exe |
"{0A06219B-F9FD-40C7-BE5E-C8D10B161DED}" = protocol=6 | dir=in | app=c:\program files\dell photo aio printer 962\dlbxmon.exe |
"{13564929-4EAE-49EB-B2C0-B72513F77492}" = protocol=17 | dir=in | app=c:\program files\common files\aol\acs\aolacsd.exe |
"{1BC77ED0-3053-4E15-8428-F2F6B00D1F81}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{2DC3CCD7-B1C3-45B9-81C0-75D29A177B3D}" = protocol=17 | dir=in | app=c:\program files\aol 9.1\waol.exe |
"{2E8766DF-0C91-44F6-918E-E22001E53DB5}" = protocol=17 | dir=in | app=c:\program files\common files\aol\acs\aoldial.exe |
"{353C8B9B-30A1-4ACF-9092-CE6C7FCC05BD}" = protocol=17 | dir=in | app=c:\program files\common files\aol\system information\sinf.exe |
"{3FD7EAD9-0B6D-4AEC-A646-D8CF673A1ECF}" = protocol=17 | dir=in | app=c:\program files\common files\aol\1192316997\ee\aolsoftware.exe |
"{4C66E404-19CA-4AC1-B3F0-DD69E3D99D9B}" = protocol=17 | dir=in | app=c:\program files\dell photo aio printer 962\dlbxaiox.exe |
"{4E645A47-4022-4DD2-AA52-B3479B1F15DB}" = protocol=17 | dir=in | app=c:\program files\dell photo aio printer 962\dlbxmon.exe |
"{59863D62-0CA2-49D4-8C6B-124B9E37EFA3}" = protocol=17 | dir=in | app=c:\windows\system32\dlbxcoms.exe |
"{5B0C09F7-0CFE-4D45-8041-EFCA1A1CB41C}" = protocol=6 | dir=in | app=c:\windows\system32\dlbxcoms.exe |
"{6DE29077-3DC2-46A9-8A7F-A3F8A7ADB275}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{8491DC07-F4CD-423D-BFCF-E88D9E24B2CA}" = protocol=6 | dir=in | app=c:\program files\dell photo aio printer 962\dlbxaiox.exe |
"{85A1EB4B-F987-4FDA-8D4A-A4BB5FF082E4}" = protocol=17 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{934AA2C2-E1C9-4737-8F3A-4A30D58EBA76}" = protocol=17 | dir=in | app=c:\program files\aol 9.0\waol.exe |
"{A73E1B23-A821-47E8-93F6-8A678447BA57}" = protocol=6 | dir=in | app=c:\program files\common files\aol\acs\aoldial.exe |
"{AE51DF4C-03C7-4078-877C-196147890F6F}" = protocol=6 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{B45F7AD2-05A4-44A7-94CA-BEE27F48066E}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\dlbxpswx.exe |
"{B5F339CA-36EF-478A-9A2A-93F2A7C6D4FD}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{BC129D41-3BCB-443B-B6A0-96E7CC942FC0}" = protocol=17 | dir=in | app=c:\program files\common files\aol\topspeed\3.0\aoltpsd3.exe |
"{C8C5A519-6D6A-42D5-91B2-D12FF1BCD36E}" = protocol=6 | dir=in | app=c:\program files\common files\aol\acs\aolacsd.exe |
"{D07C0EDC-A7A9-4C18-815B-2A1192F17B4C}" = protocol=6 | dir=in | app=c:\program files\common files\aol\1192316997\ee\aolsoftware.exe |
"{D7665B77-AC5E-4DE0-9C5A-F78238EAF62D}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{DD862167-BF6B-4161-98A1-56A269EE75C1}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\dlbxpswx.exe |
"{E4B4D955-8CB4-49A6-B6DD-0FAD02E0D1C9}" = protocol=6 | dir=in | app=c:\program files\aol 9.0\waol.exe |
"{F0EDD2F1-34D6-4A1F-BA73-C273BA116027}" = protocol=6 | dir=in | app=c:\program files\common files\aol\system information\sinf.exe |
"{F1A7987E-6E8B-4B46-BE41-27D8B3B101E6}" = protocol=6 | dir=in | app=c:\program files\common files\aol\topspeed\3.0\aoltpsd3.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0394CDC8-FABD-4ed8-B104-03393876DFDF}" = Roxio Creator Tools
"{0D397393-9B50-4c52-84D5-77E344289F87}" = Roxio Creator Data
"{11E0AC7D-6823-4F67-865F-EE1C13D28C38}" = QuickBooks Premier: Accountant Edition 2011
"{13BA7B44-B712-4DEE-A7B8-1DD564F37AE5}" = Dell System Customization Wizard
"{1D70AABC-CB59-4700-A708-EA56D1CA07B0}" = QuickBooks
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2357B8BC-88C9-4A72-818C-050CC4EB0778}" = AOL Install
"{26A24AE4-039D-4CA4-87B4-2F83216026FF}" = Java(TM) 6 Update 26
"{2C6C74C2-042F-4D36-B7B0-0C538FCF01AB}" = Dell DataSafe Online
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}" = Sonic Activation Module
"{388E4B09-3E71-4649-8921-F44A3A2954A7}" = Microsoft Visual Studio 2005 Tools for Office Runtime
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{3E25E350-949F-4DB7-8288-2A60E018B4C1}" = Games, Music, & Photos Launcher
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
"{44CDBD1B-89FB-4E02-8319-2A4C550F664A}" = RTC Client API v1.2
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B9F45E8-E3CE-40B4-9463-80A9B3481DEF}" = Banctec Service Agreement
"{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies
"{55584E16-4D70-44EE-93DD-F144E8B7D4B7}" = QuickBooks Product Listing Service
"{5A3F6A80-7913-475E-8B96-477A952CFA43}" = SupportSoft Assisted Service
"{5CD29180-A95E-11D3-A4EB-00C04F7BDB2C}" = User's Guides
"{5E68BB65-4059-4FE5-AAC4-0CD1D79BBDE2}" = EarthLink Setup Files
"{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}" = Roxio Creator Copy
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler
"{67D15B01-9A6B-0397-002A-D2A015212748}" = FlipShare
"{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{777CA40C-0206-4EF6-A0FC-618BF06BF8D0}" = Intel(R) PRO Network Connections 12.1.11.0
"{797EE0CA-8165-405C-B5CE-F11EC20F1BB0}" = Microsoft VC9 runtime libraries
"{7E545666-F423-45FD-B3DF-C0B99A1A579F}" = QuickBooks Premier: Accountant Edition 2007
"{7EFA5E6F-74F7-4AFB-8AEA-AA790BD3A76D}" = DellSupport
"{83FFCFC7-88C6-41c6-8752-958A45325C82}" = Roxio Creator Audio
"{880AF49C-34F7-4285-A8AD-8F7A3D1C33DC}" = Roxio Creator BDAV Plugin
"{89CEAE14-DD0F-448E-9554-15781EC9DB24}" = Product Documentation Launcher
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.1)
"{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8
"{ACEB2BAF-96DF-48FD-ADD5-43842D4C443D}" = Adobe AIR
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}" = Roxio Creator DE
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CCFF1E13-77A2-4032-8B12-7566982A27DF}" = Internet Service Offers Launcher
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D639085F-4B6E-4105-9F37-A0DBB023E2FB}" = Roxio MyDVD DE
"{DBEA1034-5882-4A88-8033-81C4EF0CFA29}" = Google Toolbar for Internet Explorer
"{E3BFEE55-39E2-4BE0-B966-89FE583822C1}" = Dell Support Center
"{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F226C1DA-66D7-4ABC-86B5-3F978A660EBF}" = AOL Mail and AIM Gadget
"{F63A3748-B93D-4360-9AD4-B064481A5C7B}" = Modem Diagnostic Tool
"3ivx MPEG-4 5.0.3" = 3ivx MPEG-4 5.0.3 (remove only)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"AIM_6" = AIM 6
"AOL Toolbar" = AOL Toolbar 5.0
"AOL Toolbar 5.0" =
"AOL Uninstaller" = AOL Uninstaller (Choose which Products to Remove)
"Citrix ICA Web Client" = Citrix Presentation Server Web Client for Win32
"CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200F14F1" = Conexant D850 PCI V.92 Modem
"Coupon Printer for Windows4.0" = Coupon Printer for Windows
"Dell Photo AIO Printer 962" = Dell Photo AIO Printer 962
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Google Desktop" = Google Desktop
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.2.1300
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft Visual Studio 2005 Tools for Office Runtime" = Microsoft Visual Studio 2005 Tools for Office Runtime
"Mozilla Firefox 6.0.1 (x86 en-US)" = Mozilla Firefox 6.0.1 (x86 en-US)
"N360" = Norton 360
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"PowerISO" = PowerISO
"PROSetDX" = Intel(R) PRO Network Connections 12.1.11.0
"ScrewDrivers Client v4" = ScrewDrivers Client v4
"ViewpointMediaPlayer" = Viewpoint Media Player
"WinRAR archiver" = WinRAR archiver
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 12/3/2008 8:27:23 AM | Computer Name = Jenifer-PC | Source = Application Error | ID = 1000
Description = Faulting application aolphx.exe, version 10.0.0.1, time stamp 0x47237491,
faulting module kernel32.dll, version 6.0.6001.18000, time stamp 0x4791a76d, exception
code 0xc0000005, fault offset 0x000bf285, process id 0x1450, application start time
0x01c955427da11140.
Error - 12/5/2008 1:20:16 PM | Computer Name = Jenifer-PC | Source = Application Hang | ID = 1002
Description = The program AcroRd32.exe version 8.1.0.137 stopped interacting with
Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: 1670 Start Time: 01c956fdafb92980 Termination Time: 50
Error - 12/14/2008 4:37:32 PM | Computer Name = Jenifer-PC | Source = Application Hang | ID = 1002
Description = The program iexplore.exe version 7.0.6001.18000 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: 1750 Start Time: 01c95e280bd5c332 Termination Time: 57
Error - 12/15/2008 8:37:08 AM | Computer Name = Jenifer-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 12/17/2008 8:36:19 PM | Computer Name = Jenifer-PC | Source = Application Hang | ID = 1002
Description = The program iexplore.exe version 7.0.6001.18000 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: 15d4 Start Time: 01c960a85cbab550 Termination Time: 0
Error - 12/26/2008 8:49:45 AM | Computer Name = Jenifer-PC | Source = Application Hang | ID = 1002
Description = The program waol.exe version 9.5.0.1 stopped interacting with Windows
and was closed. To see if more information about the problem is available, check
the problem history in the Problem Reports and Solutions control panel. Process
ID: 38cc Start Time: 01c966984a2b1f60 Termination Time: 78
Error - 12/26/2008 8:57:39 AM | Computer Name = Jenifer-PC | Source = Application Error | ID = 1000
Description = Faulting application aolphx.exe, version 10.0.0.1, time stamp 0x47237491,
faulting module kernel32.dll, version 6.0.6001.18000, time stamp 0x4791a76d, exception
code 0xc0000005, fault offset 0x000bf285, process id 0x1a9c, application start time
0x01c967598814d250.
Error - 12/26/2008 1:22:09 PM | Computer Name = Jenifer-PC | Source = Application Error | ID = 1000
Description = Faulting application aolphx.exe, version 10.0.0.1, time stamp 0x47237491,
faulting module kernel32.dll, version 6.0.6001.18000, time stamp 0x4791a76d, exception
code 0xc0000005, fault offset 0x000bf285, process id 0x1418, application start time
0x01c9677e7b78cb80.
Error - 1/29/2009 11:44:23 AM | Computer Name = Jenifer-PC | Source = Application Hang | ID = 1002
Description = The program Explorer.EXE version 6.0.6001.18164 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: 738 Start Time: 01c982272f58f281 Termination Time: 156
Error - 3/17/2009 7:10:17 PM | Computer Name = Jenifer-PC | Source = Application Hang | ID = 1002
Description = The program waol.exe version 9.5.0.1 stopped interacting with Windows
and was closed. To see if more information about the problem is available, check
the problem history in the Problem Reports and Solutions control panel. Process
ID: 10f4 Start Time: 01c9a70b8f5ea080 Termination Time: 76
[ ODiag Events ]
Error - 1/20/2008 10:21:43 PM | Computer Name = Jenifer-PC | Source = Microsoft Office 12 Diagnostics | ID = 320
Description = An unexpected error occurred. Tag: 2kcz. Error code: N/A
[ OSession Events ]
Error - 1/20/2008 10:21:42 PM | Computer Name = Jenifer-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 25
seconds with 0 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 10/16/2011 12:56:35 PM | Computer Name = Jenifer-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 12:52:43 PM on 10/16/2011 was unexpected.
Error - 10/16/2011 12:57:52 PM | Computer Name = Jenifer-PC | Source = Service Control Manager | ID = 7009
Description =
Error - 10/16/2011 1:03:49 PM | Computer Name = Jenifer-PC | Source = Service Control Manager | ID = 7022
Description =
Error - 10/16/2011 2:07:59 PM | Computer Name = Jenifer-PC | Source = DCOM | ID = 10005
Description =
Error - 10/16/2011 2:07:59 PM | Computer Name = Jenifer-PC | Source = Service Control Manager | ID = 7009
Description =
Error - 10/16/2011 2:07:59 PM | Computer Name = Jenifer-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 10/22/2011 4:10:45 PM | Computer Name = Jenifer-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 10:55:05 AM on 10/22/2011 was unexpected.
Error - 10/24/2011 8:23:01 PM | Computer Name = Jenifer-PC | Source = Service Control Manager | ID = 7009
Description =
Error - 10/24/2011 8:23:01 PM | Computer Name = Jenifer-PC | Source = DCOM | ID = 10005
Description =
Error - 10/24/2011 8:23:01 PM | Computer Name = Jenifer-PC | Source = Service Control Manager | ID = 7000
Description =
< End of report > |
|
| Back to top |
|
|
Bellz666
Junior Member
Joined: 07 Aug 2004
Last Visit: 22 May 2012
Posts: 40
Location: NY
|
| Posted: Sat Oct 29, 2011 4:45 am Post subject: |
|
|
| Sorry, the browser froze and it posted twice. |
|
| Back to top |
|
|
Cypher
Moderator
Joined: 05 Jul 2009
Last Visit: 17 May 2013
Posts: 4041
Location: Land Of The Leprechauns
|
| Posted: Sat Oct 29, 2011 7:38 am Post subject: |
|
|
Hi,
| Quote: |
| Sorry, the browser froze and it posted twice. |
No problem 
Uninstall programs
- Click on Start.
- All programs.
- Accessories.
- Run.
- In the open text box copy/paste appwiz.cpl Then click Ok.
- Uninstall the following if present.
| Quote: |
| Java(TM) 6 Update 26 |
Next.
Java SE Runtime Environment (JRE).
Please download from HERE
- Find Java SE 7u1.
- Click the Download JRE button to the right.
- Choose the correct Platform and Multi-language. Next, check the box that says I agree to the Java SE Runtime Environment 6 License Agreement.
- Click the Continue button.
- Click on the filename under Windows Offline Installation and save it to your desktop.
- Close all active windows.
- Install the program.
Next.
We need to run an OTL Fix
- Right-click OTL.exe and select " Run as administrator " to run it.
- Copy and Paste the following code into the
 textbox. Do not include the word Code
| Code: |
:otl
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
[2011/06/26 17:37:20 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
O4 - HKLM..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" File not found
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O33 - MountPoints2\{3cf1b45a-6dea-11df-bcb2-00038a000015}\Shell\AutoRun\command - "" = F:\Setup_FlipShare.exe -- [2011/06/16 06:39:58 | 001,852,784 | ---- | M] ()
O33 - MountPoints2\{3cf1b45a-6dea-11df-bcb2-00038a000015}\Shell\Setup FlipShare\command - "" = F:\Setup_FlipShare.exe -- [2011/06/16 06:39:58 | 001,852,784 | ---- | M] ()
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\SETUP.EXE
O33 - MountPoints2\F\Shell\configure\command - "" = F:\SETUP.EXE
O33 - MountPoints2\F\Shell\install\command - "" = F:\SETUP.EXE
[2011/10/29 08:11:59 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/10/29 08:11:59 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/09/30 00:01:09 | 000,003,600 | ---- | M] () -- C:\{8C3F55B5-EB1E-4553-BE55-2D8B09D6FEF2}
:files
ipconfig /flushdns /c
:commands
[emptyflash]
[emptytemp]
[emptyjava]
[clearallrestorepoints]
[REBOOT]
|
Then click the Run Fix button at the top.
Click  .
OTL may ask to reboot the machine. Please do so if asked.
The report should appear in Notepad after the reboot.Copy and Paste that report in your next reply.
Next.
ESET online scannner
Note: You can use either Internet Explorer or Mozilla FireFox for this scan.
Note: If you are using Windows Vista or Windows 7, open your browser by right-clicking on its icon and select 'Run as administrator' to perform this scan.
- First please Disable any Antivirus you have active, as shown in This topic.
- Note: Don't forget to re-enable it after the scan.
- Next hold down Control then click on the following link to open a new window to ESET online scannner
- Select the option YES, I accept the Terms of Use then click on Start.
| Quote: |
Note: If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.
All of the below instructions are compatible with either Internet Explorer or Mozilla FireFox. |
When prompted allow the Add-On/Active X to install.
Make sure that the option Remove found threats is NOT checked, and the option Scan archives is checked.
Now click on Advanced Settings and select the following:- Scan for potentially unwanted applications
- Scan for potentially unsafe applications
- Enable Anti-Stealth Technology
- Now click on Start.
- The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
- When completed the Online Scan will begin automatically.
- Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
- When completed select Uninstall application on close if you so wish, make sure you copy the logfile first!
- Now click on Finish.
- Use notepad to open the logfile located at C:\Program Files\ESET\EsetOnlineScanner\log.txt.
- Copy and paste that log as a reply to this topic.
Logs/Information to Post in your Next Reply
- OTL log.
- ESET log.
- Please give me an update on your computers performance.
_________________
Admin/Teacher at Malware Removal University
Member of...
|
|
| Back to top |
|
|
Bellz666
Junior Member
Joined: 07 Aug 2004
Last Visit: 22 May 2012
Posts: 40
Location: NY
|
| Posted: Sat Oct 29, 2011 11:45 am Post subject: |
|
|
All processes killed
========== OTL ==========
Prefs.js: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26 removed from extensions.enabledItems
Folder C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.
Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
C:\Windows\Downloaded Program Files\gp.inf not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3cf1b45a-6dea-11df-bcb2-00038a000015}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3cf1b45a-6dea-11df-bcb2-00038a000015}\ not found.
File F:\Setup_FlipShare.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3cf1b45a-6dea-11df-bcb2-00038a000015}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3cf1b45a-6dea-11df-bcb2-00038a000015}\ not found.
File F:\Setup_FlipShare.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\F\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\F\ not found.
File F:\SETUP.EXE not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\F\ not found.
File F:\SETUP.EXE not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\F\ not found.
File F:\SETUP.EXE not found.
File move failed. C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 scheduled to be moved on reboot.
File move failed. C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 scheduled to be moved on reboot.
C:\{8C3F55B5-EB1E-4553-BE55-2D8B09D6FEF2} moved successfully.
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Users\Jenifer\Desktop\cmd.bat deleted successfully.
C:\Users\Jenifer\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
[EMPTYFLASH]
User: All Users
User: Default
->Flash cache emptied: 56475 bytes
User: Default User
->Flash cache emptied: 0 bytes
User: Jenifer
->Flash cache emptied: 1973069 bytes
User: Public
Total Flash Files Cleaned = 2.00 mb
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Jenifer
->Temp folder emptied: 21339700 bytes
->Temporary Internet Files folder emptied: 19335222 bytes
->Java cache emptied: 43259204 bytes
->FireFox cache emptied: 41156854 bytes
->Flash cache emptied: 0 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1147269 bytes
RecycleBin emptied: 425485616 bytes
Total Files Cleaned = 526.00 mb
[EMPTYJAVA]
User: All Users
User: Default
User: Default User
User: Jenifer
->Java cache emptied: 0 bytes
User: Public
Total Java Files Cleaned = 0.00 mb
OTL by OldTimer - Version 3.2.31.0 log created on 10292011_122933
Files\Folders moved on Reboot...
File move failed. C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 scheduled to be moved on reboot.
File move failed. C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 scheduled to be moved on reboot.
File\Folder C:\Users\Jenifer\AppData\Local\Temp\~DFA06E.tmp not found!
File\Folder C:\Users\Jenifer\AppData\Local\Temp\~DFA0D5.tmp not found!
File\Folder C:\Users\Jenifer\AppData\Local\Temp\~DFA1E1.tmp not found!
File\Folder C:\Users\Jenifer\AppData\Local\Temp\~DFA1F8.tmp not found!
File\Folder C:\Users\Jenifer\AppData\Local\Temp\~DFA777.tmp not found!
File\Folder C:\Users\Jenifer\AppData\Local\Temp\~DFA78C.tmp not found!
C:\Users\Jenifer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\63H07PYV\viewtopic[1].htm moved successfully.
Registry entries deleted on Reboot...
I could not figure out how to save the ESET log....it removed one item, the PLPIKLE txtlink.
The machine is acting much better. |
|
| Back to top |
|
|
Cypher
Moderator
Joined: 05 Jul 2009
Last Visit: 17 May 2013
Posts: 4041
Location: Land Of The Leprechauns
|
| Posted: Sun Oct 30, 2011 2:56 am Post subject: |
|
|
Hi,
| Quote: |
| The machine is acting much better. |
If you are having no further problems you should be good to go.
This is my general post for when your logs show no more signs of malware.
Now that you are clean, please follow these simple steps in order to keep your computer clean and secure:
Clean up with OTL
- Right-click OTL.exe and select " Run as administrator " to run it.
- This will remove all the tools we used to clean your pc.
- Close all other programs apart from OTL as this step will require a reboot
- On the OTL main screen, press the CleanUp! button
- Say Yes to the prompt and then allow the program to reboot your computer.
You can now delete any tools we used if they remain on your Desktop.
Protection Programs
Don't forget to re-enable any protection programs we disabled during your fix.
Here are some free programs I recommend that could help you improve your computer's security.
I recommend you keep Malwarebytes' Anti-Malware, keep it updated and run it once a week.
Install SpywareBlaster
Download and install Javacools SpywareBlaster from Here
SpywareBlaster adds a list of ActiveX controls, tracking cookies and sites which will be blocked in either Internet Explorer or Firefox browsers. You need to manually check for updates regularly.
Install SiteAdvisor
SiteAdvisor is a toolbar for Microsoft Internet Explorer and Mozilla Firefox which alerts you if you're about to enter a potentially dangerous website.
You can find more information and download it from Here
Install WinPatrol
As a robust security monitor, WinPatrol will alert you to hijackings, malware attacks and critical changes made to your computer without your permission. WinPatrol takes snapshot of your critical system resources and alerts you to any changes that may occur without your knowledge.
For more information, please visit HERE
MVPS Hosts
Install MVPS Hosts File From Here
The MVPS Hosts file replaces your current HOSTS file with one containing well know ad sites etc. Basically, this prevents your computer from connecting to those sites by redirecting them to 127.0.0.1 which is your local computer.
You can Find the Tutorial HERE
Update your Antivirus programs and other security products regularly to avoid new threats that could infect your system.
You can use one of these sites to check if any updates are needed for your pc.
Secunia Software Inspector
F-secure Health Check
Microsoft Windows Update
Microsoft releases patches for Windows and Office products regularly to patch up Windows and Office products loopholes and fix any bugs found. Install the updates immediately if they are found.
To update Windows
Go to Start > All Programs > Windows Update > Check for updates.
To update Office
Open up any Office program.
Go to Help > Check for Updates
I would be grateful if you could reply to this post so that I know you have read it and, if you've no other questions, the thread can be closed.
Safe surfing!
_________________
Admin/Teacher at Malware Removal University
Member of...
|
|
| Back to top |
|
|
Bellz666
Junior Member
Joined: 07 Aug 2004
Last Visit: 22 May 2012
Posts: 40
Location: NY
|
| Posted: Sun Oct 30, 2011 8:20 am Post subject: |
|
|
| Thanks for your time, things are looking good. The only issue now...on the bottom right corner, there is a note that my windows copy is not genuiine. Never saw that before....did we remove something like a product key? |
|
| Back to top |
|
|
Cypher
Moderator
Joined: 05 Jul 2009
Last Visit: 17 May 2013
Posts: 4041
Location: Land Of The Leprechauns
|
| Posted: Sun Oct 30, 2011 8:43 am Post subject: |
|
|
Hi,
| Quote: |
| Thanks for your time |
You're welcome.
| Quote: |
| on the bottom right corner, there is a note that my windows copy is not genuiine. Never saw that before....did we remove something like a product key? |
That's odd nothing we removed would of caused that.
When you click on the icon does it give you the option to validate windows?
_________________
Admin/Teacher at Malware Removal University
Member of...
|
|
| Back to top |
|
|
Bellz666
Junior Member
Joined: 07 Aug 2004
Last Visit: 22 May 2012
Posts: 40
Location: NY
|
| Posted: Mon Oct 31, 2011 3:20 am Post subject: |
|
|
Hello. It did give me the option to validate with the product key, which I did successfully.
Thank you for your help, everything seems fine. |
|
| Back to top |
|
|
Cypher
Moderator
Joined: 05 Jul 2009
Last Visit: 17 May 2013
Posts: 4041
Location: Land Of The Leprechauns
|
| Posted: Mon Oct 31, 2011 3:28 am Post subject: |
|
|
Hi Bellz666,
| Quote: |
| It did give me the option to validate with the product key, which I did successfully. |
Excellent 
| Quote: |
| Thank you for your help, everything seems fine. |
You're most welcome glad we could help, good luck and stay safe.
| Quote: |
As your issues appear to be resolved, this topic is now closed.
If you have been helped and wish to donate to help with the costs of this volunteer site, please read Spyware Warrior Donations |
_________________
Admin/Teacher at Malware Removal University
Member of...
|
|
| Back to top |
|
|
|
|
You can post new topics in this forum
You can reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
smartBlue Style © 2002 Smartor
Powered by phpBB © 2001, 2002 phpBB Group
|
