arnelld Posted May 19, 2013 ID:681575 Share Posted May 19, 2013 I posted in PC help and they directed me here-I have a HP Elitebook8560p with Windows XP. I was trying to install a dell printer 3115cn through a router. I put the CD in that came with the printer and then I get a download error and it wouldn't install the printer. It says I can not copy delopd.ui.dll file. Not sure what is up, I have to Control Alt delete to get out of the copy files.Thanks two files are attached.DDS (Ver_2012-11-20.01) - NTFS_x86 Internet Explorer: 7.0.6000.17115 BrowserJavaVersion: 1.6.0_26Run by tarnell at 21:39:08 on 2013-05-18Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3054.1625 [GMT -6:00].AV: Symantec Endpoint Protection *Enabled/Updated* {FB06448E-52B8-493A-90F3-E43226D3305C}FW: Symantec Endpoint Protection *Enabled* .============== Running Processes ================.C:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\vcsFPService.exeC:\Program Files\Intel\WiFi\bin\S24EvMon.exeC:\Program Files\Cisco\Cisco AnyConnect VPN Client\vpnagent.exeC:\Program Files\IDT\WDM\STacSV.exeC:\Program Files\LSI SoftModem\agrsmsvc.exeC:\WINDOWS\system32\CCM\CcmExec.exeC:\Program Files\Cisco Systems\VPN Client\cvpnd.exeC:\Program Files\Intel\WiFi\bin\EvtEng.exeC:\Program Files\Sierra Wireless Inc\Gobi\QDLService\GobiQDLService.exeC:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exeC:\Program Files\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exeC:\WINDOWS\System32\wbem\unsecapp.exeC:\Program Files\Java\jre6\bin\jqs.exeC:\WINDOWS\system32\wbem\wmiprvse.exeC:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exeC:\WINDOWS\system32\Ati2evxx.exeC:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exeC:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXEc:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exeC:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPZipm12.exeC:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exeC:\Documents and Settings\All Users\Application Data\Rpcnet\Bin\rpcld.exeC:\WINDOWS\system32\rpcnet.exeC:\Program Files\Symantec AntiVirus\12.1.1101.401.105\Bin\ccSvcHst.exec:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exeC:\Program Files\TomTom HOME 2\TomTomHOMEService.exeC:\WINDOWS\system32\SearchIndexer.exeC:\WINDOWS\system32\wbem\wmiprvse.exeC:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exeC:\WINDOWS\system32\wbem\wmiprvse.exeC:\Program Files\Symantec AntiVirus\12.1.1101.401.105\Bin\Smc.exeC:\WINDOWS\system32\wbem\wmiprvse.exeC:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\CCM\SMSCliUI.exeC:\Program Files\Symantec AntiVirus\12.1.1101.401.105\Bin\ccSvcHst.exeC:\Program Files\Synaptics\SynTP\SynTPEnh.exeC:\WINDOWS\system32\AESTFltr.exeC:\Program Files\Hewlett-Packard\HP HotKey Support\QLBController.exeC:\Program Files\Citrix\ICA Client\concentr.exeC:\Program Files\Intel\WiFi\bin\ZCfgSvc.exeC:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exeC:\Program Files\Citrix\ICA Client\wfcrun32.exeC:\Program Files\Hp\HP Software Update\HPWuSchd2.exeC:\WINDOWS\system32\ctfmon.exeC:\Program Files\Linksys EasyLink Advisor\LinksysAgent.exeC:\Program Files\Messenger\msmsgs.exeC:\Program Files\TomTom HOME 2\TomTomHOMERunner.exeC:\Program Files\HP\HP Photosmart 7510 series\Bin\ScanToPCActivationApp.exeC:\Documents and Settings\tarnell\Local Settings\Application Data\Akamai\netsession_win.exeC:\Documents and Settings\All Users\Start Menu\Programs\Startup\InfoBox24.exeC:\Program Files\PrintKey2000\Printkey2000.exeC:\Documents and Settings\tarnell\Local Settings\Application Data\Akamai\netsession_win.exeC:\Program Files\Windows Desktop Search\WindowsSearch.exeC:\WINDOWS\System32\wbem\unsecapp.exeC:\Program Files\HP\HP Photosmart 7510 series\Bin\HPNetworkCommunicator.exeC:\Program Files\Hewlett-Packard\Shared\hpCaslNotification.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Google\Chrome\Application\chrome.exeC:\Program Files\Google\Chrome\Application\chrome.exeC:\WINDOWS\System32\msiexec.exeC:\WINDOWS\system32\msiexec.exeC:\WINDOWS\system32\MsiExec.exeC:\WINDOWS\system32\MsiExec.exeC:\WINDOWS\system32\MsiExec.exeC:\WINDOWS\system32\rundll32.exeC:\Program Files\Google\Chrome\Application\chrome.exeC:\Program Files\Google\Chrome\Application\chrome.exeC:\Program Files\Google\Chrome\Application\chrome.exeC:\Program Files\Google\Chrome\Application\chrome.exeC:\Program Files\Google\Chrome\Application\chrome.exeC:\WINDOWS\system32\wuauclt.exeC:\WINDOWS\system32\SearchProtocolHost.exeC:\WINDOWS\system32\SearchFilterHost.exeC:\WINDOWS\System32\svchost.exe -k netsvcsC:\WINDOWS\System32\svchost.exe -k NetworkServiceC:\WINDOWS\System32\svchost.exe -k LocalServiceC:\WINDOWS\System32\svchost.exe -k LocalServiceC:\WINDOWS\System32\svchost.exe -k imgsvc.============== Pseudo HJT Report ===============.uStart Page = hxxp://my.williams.comuWindow Title = Windows Internet Explorer provided by WilliamsuDefault_Page_URL = hxxp://my.williams.comuSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}mStart Page = hxxp://my.williams.commDefault_Page_URL = hxxp://my.williams.comuInternet Connection Wizard,ShellNext = iexploreuProxyOverride = <local>uSearchAssistant = hxxp://www.google.com/ieuSearchURL,(Default) = hxxp://www.google.com/search?q=%smWinlogon: SFCDisable = dword:4BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dllBHO: Symantec Intrusion Prevention: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - c:\program files\symantec antivirus\12.1.1101.401.105\bin\ips\IPSBHO.dllBHO: {A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} - <orphaned>BHO: Price Check by AOL: {D25B97E9-62B2-40CE-BECF-E43A7B879072} - c:\program files\price check by aol\aolpricecheck.dllBHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre6\bin\jp2ssv.dllBHO: JQSIEStartDetectorImpl Class: {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dllEB: {32683183-48a0-441b-a342-7c2a440a9478} - <orphaned>uRun: [updateMgr] "c:\program files\adobe\acrobat 7.0\reader\AdobeUpdateManager.exe" AcRdB7_0_8 -reboot 1uRun: [PPScheduler] c:\program files\scansoft\paperport\PPScheduler.exeuRun: [ctfmon.exe] c:\windows\system32\ctfmon.exeuRun: [EasyLinkAdvisor] "c:\program files\linksys easylink advisor\LinksysAgent.exe" /startupuRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /backgrounduRun: [TomTomHOME.exe] "c:\program files\tomtom home 2\TomTomHOMERunner.exe"uRun: [HP Photosmart 7510 series (NET)] "c:\program files\hp\hp photosmart 7510 series\bin\ScanToPCActivationApp.exe" -deviceID "CN1BP3526N05PX:NW" -scfn "HP Photosmart 7510 series (NET)" -AutoStart 1uRun: [Akamai NetSession Interface] "c:\documents and settings\tarnell\local settings\application data\akamai\netsession_win.exe"mRun: [synTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exemRun: [AESTFltr] c:\windows\system32\AESTFltr.exe /NoDlgmRun: [QLBController] c:\program files\hewlett-packard\hp hotkey support\QLBController.exe /startmRun: [sEP11] <no file>StartupFolder: c:\documents and settings\all users\start menu\programs\startup\InfoBox24.exeStartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\printk~1.lnk - c:\program files\printkey2000\Printkey2000.exeStartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\vpncli~1.lnk - c:\windows\installer\{b0bf7057-6869-4e4b-920c-ea2a58da07f0}\Icon3E5562ED7.icoStartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\window~1.lnk - c:\program files\windows desktop search\WindowsSearch.exeuPolicies-Explorer: NoDriveTypeAutoRun = dword:145uPolicies-Explorer: DisableWindowsUpdateAccess = 1uPolicies-Explorer: NoWindowsUpdate = dword:1uPolicies-Explorer: NoAutoUpdate = dword:1mPolicies-Explorer: disablewindowsupdateaccess = dword:1mPolicies-Explorer: nodrivetypeautorun = dword:255mPolicies-Explorer: nowindowsupdate = dword:1mPolicies-System: dontdisplaylastusername = dword:1mPolicies-System: LegalNoticeCaption = Warning:mPolicies-System: legalnoticetext = This system, including all related equipment, networks, and network devices (including Internet access), is provided for authorized users only.This system may be monitored for all lawful purposes, including to ensure authorized use, to facilitate protection against unauthorized access, for system maintenance, and to verify security procedures and operational security. There is no right of privacy in this system. All information, including personal information, placed on or sent to this system may be monitored. Information obtained through monitoring may be examined, recorded, copied and used for lawful purposes.Use of this system, authorized or unauthorized, constitutes consent to the monitoring of this system and to the lawful use of any information obtained through monitoring. Evidence of unauthorized use collected during monitoring may be used for administrative, criminal or adverse action, and use of this system constitutes consent to monitoring for these purposes.mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1mPolicies-Explorer: NoDriveTypeAutoRun = dword:145IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exeIE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exeDPF: Microsoft XML Parser for Java - file://c:\windows\java\classes\xmldso.cabDPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cabDPF: {55963676-2F5E-4BAF-AC28-CF26AA587566} - hxxps://sslvpn.williams.com/CACHE/stc/1/binaries/vpnweb.cabDPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1229958089812DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1245256796906DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cabDPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cabDPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cabDPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/swflash.cabDPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cabTCP: NameServer = 192.168.1.254TCP: Interfaces\{8065A06A-25D5-44AA-B595-AAE286197B5A} : DHCPNameServer = 192.168.1.254Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dllFilter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dllNotify: AtiExtEvent - Ati2evxx.dllNotify: NavLogon - <no file>Notify: SEP - c:\program files\symantec antivirus\12.1.1101.401.105\bin\WinLogoutNotifier.dllSSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dllSEH: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dllmASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\26.0.1410.64\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome.================= FIREFOX ===================.FF - ProfilePath - c:\documents and settings\tarnell\application data\mozilla\firefox\profiles\vf8f4zsa.default\FF - prefs.js: browser.search.defaulturl - hxxp://search.aol.com/search/search?query={searchTerms}&invocationType=tb50-ff-amonetizetest1-chromesbox-en-us&tb_uuid=20120914030319109&tb_oid=10-10-1010&tb_mrud=10-10-1010FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com/FF - prefs.js: keyword.URL - hxxp://slirsredirect.search.aol.com/redirector/sredir?sredir=843&invocationType=tb50-ff-amonetizetest1-ab-en-us&tb_uuid=20120914030319109&tb_oid=10-10-1010&tb_mrud=10-10-1010&query=FF - plugin: c:\program files\adobe\reader 11.0\reader\air\nppdf32.dllFF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dllFF - plugin: c:\program files\google\update\1.3.21.145\npGoogleUpdate3.dllFF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dllFF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dllFF - plugin: c:\program files\mozilla firefox\plugins\npdnu.dllFF - plugin: c:\program files\mozilla firefox\plugins\npdnupdater2.dllFF - plugin: c:\windows\system32\adobe\director\np32dsw_1200112.dllFF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_6_602_168.dllFF - ExtSQL: !HIDDEN! 2011-04-29 08:42; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension.---- FIREFOX POLICIES ----FF - user.js: network.protocol-handler.warn-external.dnupdate - falseFF - user.js: browser.sessionstore.resume_from_crash - falseFF - user.js: network.protocol-handler.warn-external.dnupdate - false);user_pref(extentions.y2layers.installId, 9506adf9-d925-443a-8967-cb39ed0e7f5fFF - user.js: extentions.y2layers.defaultEnableAppsList - ezLooker,pagerage,buzzdock,toprelatedtopics,twittube.FF - user.js: extensions.autoDisableScopes - 14.============= SERVICES / DRIVERS ===============.R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\sep\0c01044d\0191.105\x86\SymDS.sys [2012-4-19 340088]R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\sep\0c01044d\0191.105\x86\SymEFA.sys [2012-4-19 759416]R1 BHDrvx86;BHDrvx86;c:\documents and settings\all users\application data\symantec\symantec endpoint protection\12.1.1101.401.105\data\definitions\bashdefs\20130502.011\BHDrvx86.sys [2013-5-7 1000024]R1 ctxusbm;Citrix USB Monitor Driver;c:\windows\system32\drivers\ctxusbm.sys [2010-4-16 65584]R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\sep\0c01044d\0191.105\x86\Ironx86.sys [2012-4-19 137336]R2 GobiQDLService;Sierra Wireless QDL Service;c:\program files\sierra wireless inc\gobi\qdlservice\GobiQDLService.exe [2011-3-16 308592]R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files\hewlett-packard\shared\HPDrvMntSvc.exe [2011-3-28 94264]R2 hpHotkeyMonitor;hpHotkeyMonitor;c:\program files\hewlett-packard\hp hotkey support\hpHotkeyMonitor.exe [2011-5-13 317496]R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2013-5-18 418376]R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2013-5-18 701512]R2 MSSQL$OASYSHDB;SQL Server (OASYSHDB);c:\program files\microsoft sql server\mssql.1\mssql\binn\sqlservr.exe [2008-11-24 29263712]R2 rpcld;Remote Procedure Call (RPC) LD;c:\documents and settings\all users\application data\rpcnet\bin\rpcld.exe --> c:\documents and settings\all users\application data\rpcnet\bin\rpcld.exe [?]R2 SepMasterService;Symantec Endpoint Protection;c:\program files\symantec antivirus\12.1.1101.401.105\bin\ccSvcHst.exe [2012-4-19 137208]R2 TomTomHOMEService;TomTomHOMEService;c:\program files\tomtom home 2\TomTomHOMEService.exe [2011-4-22 92592]R2 vcsFPService;Validity VCS Fingerprint Service;c:\windows\system32\vcsFPService.exe [2011-3-24 2762032]R2 vpnagent;Cisco AnyConnect VPN Agent;c:\program files\cisco\cisco anyconnect vpn client\vpnagent.exe [2011-5-18 641464]R3 AESTAud;IDT AE Audio Service;c:\windows\system32\drivers\AESTAud.sys [2012-1-24 113664]R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdXP3.sys [2012-1-24 101392]R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2013-3-20 106656]R3 IDSxpx86;IDSxpx86;c:\documents and settings\all users\application data\symantec\symantec endpoint protection\12.1.1101.401.105\data\definitions\ipsdefs\20130517.012\IDSXpx86.sys [2013-5-18 373728]R3 IFXTPM;IFXTPM;c:\windows\system32\drivers\ifxtpm.sys [2012-1-24 44800]R3 johci;JMicron 1394 Filter Driver;c:\windows\system32\drivers\johci.sys [2012-1-24 23640]R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-5-18 22856]R3 MEI;Intel® Management Engine Interface;c:\windows\system32\drivers\HECI.sys [2012-1-24 41088]R3 NAVENG;NAVENG;c:\documents and settings\all users\application data\symantec\symantec endpoint protection\12.1.1101.401.105\data\definitions\virusdefs\20130518.003\NAVENG.SYS [2013-5-18 93296]R3 NAVEX15;NAVEX15;c:\documents and settings\all users\application data\symantec\symantec endpoint protection\12.1.1101.401.105\data\definitions\virusdefs\20130518.003\NAVEX15.SYS [2013-5-18 1603824]R3 NETwNx32;___ Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows XP 32 Bit;c:\windows\system32\drivers\NETwNx32.sys [2012-1-24 7473152]R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\drivers\nusb3hub.sys [2012-1-24 62336]R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\drivers\nusb3xhc.sys [2012-1-24 141440]R3 SPUVCbv;SPUVCb Driver Service;c:\windows\system32\drivers\SPUVCBv.sys [2012-1-24 2468728]R3 swg3kflt02;Sierra Wireless USB Composite Device Filter Driver 02;c:\windows\system32\drivers\swg3kflt02.sys [2011-2-3 27264]R3 swg3knet02;Sierra Wireless QMI USB-NDIS miniport for HP;c:\windows\system32\drivers\swg3knet02.sys [2011-2-3 280064]R3 swg3kser02;Sierra Wireless QMI USB Device for Legacy Serial Communication - HP;c:\windows\system32\drivers\swg3kser02.sys [2011-2-3 213504]R3 swibus02;Sierra Wireless Bus Enumerator 02;c:\windows\system32\drivers\swibus02.sys [2011-2-3 59904]R3 swibusflt02;Sierra Wireless Bus Enumerator Filter 02;c:\windows\system32\drivers\swibusflt02.sys [2011-2-3 59904]S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]S3 JMCR;JMCR;c:\windows\system32\drivers\jmcr.sys [2012-1-24 144984]S3 SyDvCtrl;SyDvCtrl;c:\program files\symantec antivirus\12.1.1101.401.105\bin\SyDvCtrl32.sys [2012-4-19 23984]S3 vsdatant;vsdatant;c:\windows\system32\vsdatant.sys [2007-11-14 394952]S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504].=============== Created Last 30 ================.2013-05-18 23:35:52 22856 ----a-w- c:\windows\system32\drivers\mbam.sys2013-05-18 23:35:52 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware2013-05-18 23:13:12 -------- d-----w- c:\program files\Dell Printers2013-05-18 23:11:55 753664 ----a-w- c:\program files\common files\installshield\professional\runtime\11\00\intel32\iKernel.dll2013-05-18 23:11:55 69714 ----a-w- c:\program files\common files\installshield\professional\runtime\11\00\intel32\ctor.dll2013-05-18 23:11:55 5632 ----a-w- c:\program files\common files\installshield\professional\runtime\11\00\intel32\DotNetInstaller.exe2013-05-18 23:11:55 274432 ----a-w- c:\program files\common files\installshield\professional\runtime\11\00\intel32\iscript.dll2013-05-18 23:11:55 184320 ----a-w- c:\program files\common files\installshield\professional\runtime\11\00\intel32\iuser.dll2013-05-18 23:11:54 331908 ----a-w- c:\program files\common files\installshield\professional\runtime\11\00\intel32\setup.dll2013-05-18 23:11:54 200836 ----a-w- c:\program files\common files\installshield\professional\runtime\11\00\intel32\iGdi.dll2013-05-15 12:25:32 -------- d-----w- c:\program files\williams2013-05-15 01:48:22 -------- d-----w- c:\program files\Dell Inc2013-05-14 03:41:45 25856 -c--a-w- c:\windows\system32\dllcache\usbprint.sys2013-05-14 03:41:45 25856 ----a-w- c:\windows\system32\drivers\usbprint.sys2013-05-14 03:24:00 -------- d-----w- c:\documents and settings\tarnell\local settings\application data\Akamai2013-05-14 03:21:01 757760 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\iKernel.dll2013-05-14 03:21:01 69715 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\ctor.dll2013-05-14 03:21:01 5632 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\DotNetInstaller.exe2013-05-14 03:21:01 274432 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\iscript.dll2013-05-14 03:21:01 204800 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\iuser.dll2013-05-14 03:20:58 331908 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\setup.dll2013-05-14 03:20:58 200836 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\iGdi.dll2013-05-06 15:37:52 -------- d-----w- c:\documents and settings\tarnell\application data\Intel2013-04-30 21:39:28 12928 -c----w- c:\windows\system32\dllcache\usb8023x.sys2013-04-30 21:39:28 12928 -c----w- c:\windows\system32\dllcache\usb8023.sys.==================== Find3M ====================.2013-05-19 02:12:31 17920 ----a-w- c:\windows\system32\rpcnetp.exe2013-05-19 02:12:27 57776 ----a-w- c:\windows\system32\rpcnet.dll2013-05-19 02:10:38 74752 ----a-w- c:\windows\system32\spoolss.dll2013-05-19 02:10:38 57856 ----a-w- c:\windows\system32\spoolsv.exe2013-04-16 13:31:40 17920 ----a-w- c:\windows\system32\rpcnetp.dll2013-03-20 19:44:44 71024 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl2013-03-20 19:44:44 691568 ----a-w- c:\windows\system32\FlashPlayerApp.exe2013-03-08 08:36:22 293376 ----a-w- c:\windows\system32\winsrv.dll2013-03-07 01:32:25 2149888 ----a-w- c:\windows\system32\ntoskrnl.exe2013-03-07 00:50:30 2028544 ----a-w- c:\windows\system32\ntkrnlpa.exe2013-02-27 07:56:51 2067456 ----a-w- c:\windows\system32\mstscax.dll.============= FINISH: 21:39:31.82 ===============attach.txt Link to post Share on other sites More sharing options...
Maurice Naggar Posted May 23, 2013 ID:682983 Share Posted May 23, 2013 Hello arnelld.A failing hardware install may well be due to factors other than malware. If that is so, (if no malware is found) I will suggest you seek help on the Dell support forum.Before we get started on "hunting" for malware, close all your browsers and apps, and Restart Windows fresh.You'd showed a number of open browser windows, plus several instances of MS installer.We want a clean fresh start.Step 11. Go >> Here << and download ERUNT (ERUNT (Emergency Recovery Utility NT) is a free program that allows you to keep a complete backup of your registry and restore it when needed.)2. Install ERUNT by following the prompts (use the default install settings but say no to the portion that asks you to add ERUNT to the start-up folder, if you like you can enable this option later)3. Start ERUNT (either by double clicking on the desktop icon or choosing to start the program at the end of the setup)4. Choose a location for the backup (the default location is C:\WINDOWS\ERDNT which is acceptable).5. Make sure that at least the first two check boxes are ticked 6. Press OK7. Press YES to create the folder.Step 2Set Windows to show all files and all folders. On your Desktop, double click My Computer, from the menu options, select tools, then Folder Options, and then select VIEW Tab and look at all of settings listed. "CHECK" (turn on) Display the contents of system folders. Under column, Hidden files and folders----choose ( *select* ) Show hidden files and folders. Next, un-check Hide extensions for known file types. Next un-check Hide protected operating system files. Step 3Download Random's System Information Tool (RSIT) by random/random from here and save it to your desktop.Double click on RSIT.exe to run RSIT.Click Continue at the disclaimer screen.Once it has finished, two logs will open. Please post the contents of both log.txt (<<will be maximized) and info.txt (<<will be minimized)Step 4Download Security Check by screen317 and save it to your Desktop: here Run Security Check Follow the onscreen instructions inside of the command window.A Notepad document should open automatically called checkup.txt; close Notepad. We will need this log, too, so remember where you've saved it!Step 5Close all open browsers at this point.Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our toolsFor directions on how, see How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware ProgramsDo NOT turn off the firewallStart Internet ExplorerUsing Internet Explorer browser only, go to BitDefender Quickscan website:http://quickscan.bitdefender.comand click "Start Scan".Observe your browser in case it shows a notice/message bar to allow download and installation of a tool.Allow the download and install of qsax.cab from BitDefender. Right-click the IE info bar and select Install to install the BitDefender quick scan module.If prompted, reply yes to allow it to run.Press the Allow button and follow prompts.Press the "Start Scan" once more.You'll see the EULA in a pop-up window. Click the I accept & then the OK buttonNote: The FAQ is here --> http://quickscan.bitdefender.com/faq/and that QuickScan has no removal capability.The site boasts a 60-second scan. Do have patience as it likely will take longer.It may seem to stall at moments, but have patience; it will move on.You'll see a progress bar at top right of window.Hopefully you will see a No infections found in the bar-winddow. Press the View Log button.The log report will show in your text editor. Save the log.Do a Select ALL, Copy. Then paste contents into your next reply.Step 6 Download & SAVE to your Desktop >> Tigzy's RogueKillerfrom here << or >> from here << Quit all programs that you may have started.Please disconnect any USB or external drives from the computer before you run this scan! For Vista or Windows 7, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.For Windows XP, double-click to start. Wait until Prescan has finished ... Click on Scan. Click on Report and copy/paste the content of the notepad into your next reply.Step 7RE-Enable your antivirus program.Copy & Paste contents of Log.txt & Info.txt & Checkup.txt & log from Bitdefender & RogueKiller log.Use separate replies as needed if logs do not fit into one reply box. Link to post Share on other sites More sharing options...
Maurice Naggar Posted May 23, 2013 ID:682984 Share Posted May 23, 2013 P.S. Please always Copy & paste all contents of logs directly into main-body of reply box.Do -not- attach logs.You may use 1 reply per each log report. Link to post Share on other sites More sharing options...
Maurice Naggar Posted June 13, 2013 ID:690631 Share Posted June 13, 2013 Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread. Thanks! Link to post Share on other sites More sharing options...
Recommended Posts