-
Linabbs's blog- ZA采用升級安裝或者導入舊版ZA的配置文件到新版導致程序列表假死的Bug。
- 裝了ZA,如何使你的開機速度快點
- 如何設置查看局域網內被設入internet區機器的共享資源
- ZA也可以做到低資源占用!
- 關于za for vista(在VISTA下用ZA的人過來看看)
- CheckPoint Integrity Desktop v6.5.063.207 KeyGen
- 戰術攻防之近距離搏擊篇(ARP)攻擊
- 還在使用老版ZA的朋友們注意:ZoneAlarm防火墻產品有多個本地權限提升存在漏洞
- Knowledge Base / KB Extended (KE) 內容列表及說明
- 關于《利用ZA專家規則,允許/禁止端口》的一點補充和說明
Feb
14
Windows Installer problem
Filed Under Virus |
I, too, keep getting the error Windows installer 1.2. I have to hit cancel to get past it. I ran the scan and saved as you suggested but how do I now upload it to this thread?
Welcome to linabbs 1andtwins 
Just highlight and copy the contents of the reports then open a reply window to this topic and paste it in.
Please provide a bit more detail about the problem you’re having too. Thanks!
Any time I open internet explorer I get a message that states I need to install "search stteings 1.2", when I click o.k. internet explorer shuts down. I have to click cancel each time for the message to go away. It pops up EVERY time I try to open internet explorer. After reading your sight, it says to run a "test" (which I did). I will know post what it said:
DDS (Ver_09-01-18.01)
Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume2
Install Date: 5/3/2007 9:23:13 AM
System Uptime: 1/18/2009 2:11:38 PM (0 hours ago)
Motherboard: Dell Inc. | | 0WG864
Processor: Intel(R) Core(TM)2 CPU 6300 @ 1.86GHz | Microprocessor | 1862/1066mhz
==== Disk Partitions =========================
C: is FIXED (NTFS) - 230 GiB total, 196.227 GiB free.
D: is CDROM ()
E: is Removable
==== Disabled Device Manager Items =============
==== System Restore Points ===================
RP583: 10/20/2008 5:43:02 PM - System Checkpoint
RP584: 10/21/2008 5:53:29 PM - System Checkpoint
RP585: 10/22/2008 9:52:09 PM - System Checkpoint
RP586: 10/23/2008 11:00:43 PM - System Checkpoint
RP587: 10/24/2008 3:00:13 AM - Software Distribution Service 3.0
RP588: 10/25/2008 3:10:32 AM - System Checkpoint
RP589: 10/26/2008 4:22:32 AM - System Checkpoint
RP590: 10/27/2008 5:22:32 AM - System Checkpoint
RP591: 10/28/2008 6:10:34 AM - System Checkpoint
RP592: 10/29/2008 6:22:32 AM - System Checkpoint
RP593: 10/30/2008 7:27:39 AM - System Checkpoint
RP594: 10/31/2008 8:30:41 AM - System Checkpoint
RP595: 11/1/2008 10:43:48 AM - System Checkpoint
RP596: 11/2/2008 10:20:52 AM - System Checkpoint
RP597: 11/3/2008 10:35:46 AM - System Checkpoint
RP598: 11/4/2008 11:10:34 AM - System Checkpoint
RP599: 11/5/2008 11:13:09 AM - System Checkpoint
RP600: 11/6/2008 12:10:34 PM - System Checkpoint
RP601: 11/7/2008 1:11:37 PM - System Checkpoint
RP602: 11/8/2008 1:37:00 PM - System Checkpoint
RP603: 11/9/2008 2:40:08 PM - System Checkpoint
RP604: 11/10/2008 3:01:52 PM - System Checkpoint
RP605: 11/11/2008 3:02:57 PM - System Checkpoint
RP606: 11/12/2008 3:00:17 AM - Software Distribution Service 3.0
RP607: 11/13/2008 3:12:31 AM - System Checkpoint
RP608: 11/14/2008 5:12:34 AM - System Checkpoint
RP609: 11/15/2008 5:24:31 AM - System Checkpoint
RP610: 11/16/2008 6:12:31 AM - System Checkpoint
RP611: 11/17/2008 6:24:32 AM - System Checkpoint
RP612: 11/18/2008 8:22:30 AM - System Checkpoint
RP613: 11/19/2008 9:12:32 AM - System Checkpoint
RP614: 11/20/2008 9:20:05 AM - System Checkpoint
RP615: 11/21/2008 9:39:10 AM - System Checkpoint
RP616: 11/22/2008 11:01:09 AM - System Checkpoint
RP617: 11/23/2008 11:24:31 AM - System Checkpoint
RP618: 11/24/2008 12:12:31 PM - System Checkpoint
RP619: 11/25/2008 1:12:31 PM - System Checkpoint
RP620: 11/26/2008 1:24:31 PM - System Checkpoint
RP621: 11/27/2008 2:12:31 PM - System Checkpoint
RP622: 11/28/2008 2:24:31 PM - System Checkpoint
RP623: 11/29/2008 3:24:31 PM - System Checkpoint
RP624: 11/30/2008 4:24:31 PM - System Checkpoint
RP625: 12/1/2008 5:24:32 PM - System Checkpoint
RP626: 12/2/2008 5:54:48 PM - System Checkpoint
RP627: 12/3/2008 6:13:37 PM - System Checkpoint
RP628: 12/4/2008 6:30:36 PM - System Checkpoint
RP629: 12/5/2008 7:56:24 PM - System Checkpoint
RP630: 12/6/2008 8:28:20 PM - System Checkpoint
RP631: 12/7/2008 8:11:16 PM - Restore Operation
RP632: 12/8/2008 9:42:38 PM - System Checkpoint
RP633: 12/9/2008 10:19:46 PM - System Checkpoint
RP634: 12/10/2008 10:26:01 PM - System Checkpoint
RP635: 12/11/2008 11:07:45 PM - System Checkpoint
RP636: 12/12/2008 3:00:26 AM - Software Distribution Service 3.0
RP637: 12/12/2008 7:00:49 AM - Shockwave Player
RP638: 12/13/2008 7:26:08 AM - System Checkpoint
RP639: 12/14/2008 9:18:14 AM - System Checkpoint
RP640: 12/15/2008 10:42:03 AM - System Checkpoint
RP641: 12/16/2008 11:26:47 AM - System Checkpoint
RP642: 12/17/2008 12:09:17 PM - System Checkpoint
RP643: 12/18/2008 3:00:14 AM - Software Distribution Service 3.0
RP644: 12/19/2008 3:22:45 AM - System Checkpoint
RP645: 12/20/2008 4:10:42 AM - System Checkpoint
RP646: 12/20/2008 11:16:14 PM - Removed Qualxserve Service Agreement
RP647: 12/21/2008 11:33:35 PM - System Checkpoint
RP648: 12/22/2008 11:44:28 PM - System Checkpoint
RP649: 12/23/2008 11:47:28 PM - System Checkpoint
RP650: 12/25/2008 12:33:33 AM - System Checkpoint
RP651: 12/26/2008 1:33:35 AM - System Checkpoint
RP652: 12/27/2008 2:21:33 AM - System Checkpoint
RP653: 12/28/2008 3:33:35 AM - System Checkpoint
RP654: 12/29/2008 4:21:33 AM - System Checkpoint
RP655: 12/30/2008 4:33:33 AM - System Checkpoint
RP656: 12/31/2008 5:33:33 AM - System Checkpoint
RP657: 1/1/2009 6:21:33 AM - System Checkpoint
RP658: 1/2/2009 7:33:33 AM - System Checkpoint
RP659: 1/3/2009 8:21:33 AM - System Checkpoint
RP660: 1/4/2009 9:33:33 AM - System Checkpoint
RP661: 1/5/2009 10:33:33 AM - System Checkpoint
RP662: 1/6/2009 11:22:38 AM - System Checkpoint
RP663: 1/7/2009 12:33:33 PM - System Checkpoint
RP664: 1/8/2009 1:33:34 PM - System Checkpoint
RP665: 1/9/2009 2:33:33 PM - System Checkpoint
RP666: 1/10/2009 3:32:03 PM - System Checkpoint
RP667: 1/11/2009 4:21:33 PM - System Checkpoint
RP668: 1/12/2009 5:26:06 PM - System Checkpoint
RP669: 1/13/2009 6:29:22 PM - System Checkpoint
RP670: 1/14/2009 3:00:14 AM - Software Distribution Service 3.0
RP671: 1/15/2009 3:12:17 AM - System Checkpoint
RP672: 1/16/2009 3:25:49 AM - System Checkpoint
RP673: 1/17/2009 4:24:19 AM - System Checkpoint
RP674: 1/18/2009 5:24:17 AM - System Checkpoint
==== Installed Programs ======================
926plc32
ABBYY FineReader 6.0 Sprint
Adobe Flash Player 10 ActiveX
Adobe Reader 7.1.0
Adobe Shockwave Player 11
AIM 6
AIM Toolbar 5.0
America Online (Choose which version to remove)
AOL Coach Version 1.0(Build:20040229.1 en)
AOL Connectivity Services
AOLIcon
Apple Mobile Device Support
Apple Software Update
Atari Anniversary Edition
Backyard Skateboarding
Bonjour
Compatibility Pack for the 2007 Office system
Conexant D850 56K V.9x DFVc Modem
Consumer Complete Care Services Agreement
Corel Paint Shop Pro X
Corel Photo Album 6
Coupon Printer for Windows
Custom Info
Dealio Toolbar 3.4
Dell CinePlayer
Dell Driver Reset Tool
Dell PC Fax
Dell Photo AIO Printer 926
Dell Support 3.2.1
Dell System Restore
Digital Line Detect
Documentation & Support Launcher
EarthLink Common
EarthLink FastLane
EarthLink IM
EarthLink MailBox
EarthLink MDAC
EarthLink Popup Blocker
EarthLink Redistributed
EarthLink Setup
EarthLink TAR
EarthLink TotalAccess 2003
EarthLink Update Manager
EarthLink Webspace
eFax Messenger 4.3
ELNBonus
Fish Tycoon Free Trial
FUJIFILM USB Driver
Games, Music, & Photos Launcher
getPlus(R) for Adobe
Google Desktop
Google Toolbar for Internet Explorer
GoToAssist 8.0.0.480
High Definition Audio Driver Package - KB835221
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB952287)
Intel(R) Matrix Storage Manager
Intel(R) PRO Network Connections
Internet Service Offers Launcher
iPod for Windows 2005-09-23
iTunes
J2SE Runtime Environment 5.0 Update 6
Learn2 Player (Uninstall Only)
McAfee SecurityCenter
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB928366)
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office 2000 SR-1 Disc 2
Microsoft Office XP Professional
Microsoft Plus! Digital Media Edition Installer
Microsoft Plus! Photo Story 2 LE
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Works
Microsoft XML Parser
MobileMe Control Panel
Modem Helper
MSN
MSN Toolbar
MSSoap
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
My Web Search (My Fun Cards)
NetWaiting
NetZeroInstallers
NickToons Winners Cup Racing
Norton PC Checkup
NVIDIA Drivers
Photo Viewer
Picasa 3
QuickTime
RealPlayer Basic
Roxio DLA
Roxio MyDVD LE
Roxio RecordNow Audio
Roxio RecordNow Copy
Roxio RecordNow Data
Safari
Search Settings 1.2
SearchAssist
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 10 (KB936782)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Sonic Activation Module
Sonic Update Manager
Study Helpers Math Booster
Study Helpers Spelling Bee
The Weather Channel Desktop 6
The Weather Channel Toolbar
Typing Instructor Deluxe
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955839)
URL Assistant
Viewpoint Media Player
Vstascan
Wal-Mart Digital Photo Manager
Weather Services
WebFldrs XP
Webshots Desktop
Webshots Toolbar
Windows Driver Package - (mr7910) Image (08/08/2006 1.4.0.0)
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 7
Windows Media Format 11 runtime
Windows Media Player 10
Windows Media Player 11
Windows XP Service Pack 3
Yahoo! Toolbar
Yahoo! Toolbar for Internet Explorer
Zoo Tycoon 2
==== Event Viewer Messages From Past Week ========
1/12/2009 7:20:53 AM, error: W32Time [17] - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer ‘time-a.timefreq.bldrdoc.gov,0×1′. NtpClient will try the DNS lookup again in 15 minutes. The error was: A socket operation was attempted to an unreachable host. (0×80072751)
1/14/2009 3:09:03 AM, error: Service Control Manager [7034] - The NVIDIA Display Driver Service service terminated unexpectedly. It has done this 1 time(s).
1/18/2009 10:10:56 AM, error: Print [6161] - The document http://www.cars.com/go/googlemaps/ma…6128366&seller owned by Robin McCullough failed to print on printer Dell Photo AIO Printer 926. Data type: LEMF. Size of the spool file in bytes: 689834. Number of bytes printed: 689834. Total number of pages in the document: 2. Number of pages printed: 0. Client machine: \\D7J5SVC1. Win32 error code returned by the print processor: 0 (0×0).
1/18/2009 12:42:56 PM, error: Print [6161] - The document Fixed Price Winners.xls owned by Robin McCullough failed to print on printer Dell Photo AIO Printer 926. Data type: LEMF. Size of the spool file in bytes: 762756. Number of bytes printed: 762756. Total number of pages in the document: 1. Number of pages printed: 0. Client machine: \\D7J5SVC1. Win32 error code returned by the print processor: 0 (0×0).
1/18/2009 12:54:38 PM, error: Print [22] - Failed to ugrade printer settings for printer Dell Photo AIO Printer 926 driver Dell Photo AIO Printer 926 error 1814.
1/18/2009 1:03:21 PM, error: Print [6161] - The document Microsoft Word - Document1 owned by Robin McCullough failed to print on printer Dell Photo AIO Printer 926. Data type: LEMF. Size of the spool file in bytes: 9488. Number of bytes printed: 9488. Total number of pages in the document: 1. Number of pages printed: 0. Client machine: \\D7J5SVC1. Win32 error code returned by the print processor: 0 (0×0).
1/18/2009 1:08:00 PM, error: iaStor [9] - The device, \Device\Ide\iaStor0, did not respond within the timeout period.
==== End Of File ===========================
DDS (Ver_09-01-18.01) - NTFSx86
Run by Robin McCullough at 14:29:29.04 on Sun 01/18/2009
Internet Explorer: 7.0.5730.13
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.2046.1502 [GMT -6:00]
AV: McAfee VirusScan *On-access scanning enabled* (Updated)
FW: McAfee Personal Firewall *enabled*
============== Running Processes ===============
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe
C:\Program Files\Infogrames\Atari Anniversary Edition\Volume 2\Atari icon.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Dell Photo AIO Printer 926\dlcxmon.exe
C:\Program Files\Dell Photo AIO Printer 926\memcard.exe
C:\Program Files\Corel\Corel Photo Album 6\MediaDetect.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\AIM6\aim6.exe
C:\Program Files\The Weather Channel FW\Desktop\DesktopWeather.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Webshots\webshots.scr
C:\Program Files\AIM6\aolsoftware.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\dlcxcoms.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\program files\common files\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Program Files\McAfee\MSK\MskSrver.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\PROGRA~1\McAfee.com\Agent\mcagent.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\WINDOWS\system32\msiexec.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Robin McCullough\My Documents\dds.scr
============== Pseudo HJT Report ===============
uStart Page = hxxp://www.google.com/
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uDefault_Search_URL = hxxp://www.google.com/ie
uInternet Settings,ProxyOverride = <local>;*.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mSearchAssistant = hxxp://www.google.com/ie
uURLSearchHooks: AOLTBSearch Class: {ea756889-2338-43db-8f07-d1ca6fb9c90d} - c:\program files\aol\aim toolbar 5.0\aoltb.dll
uURLSearchHooks: N/A: {00a6faf6-072e-44cf-8957-5838f569a31d} - c:\program files\mywebsearch\srchastt\1.bin\MWSSRCAS.DLL
uURLSearchHooks: SearchSettings Class: {e312764e-7706-43f1-8dab-fcdd2b1e416d} - c:\program files\search settings\kb127\SearchSettings.dll
mURLSearchHooks: AOLTBSearch Class: {ea756889-2338-43db-8f07-d1ca6fb9c90d} - c:\program files\aol\aim toolbar 5.0\aoltb.dll
BHO: MyWebSearch Search Assistant BHO: {00a6faf1-072e-44cf-8957-5838f569a31d} - c:\program files\mywebsearch\srchastt\1.bin\MWSSRCAS.DLL
BHO: Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
BHO: mwsBar BHO: {07b18ea1-a523-4961-b6bb-170de4475cca} - c:\program files\mywebsearch\bar\1.bin\MWSBAR.DLL
BHO: McAfee Phishing Filter: {377c180e-6f0e-4d4c-980f-f45bd3d40cf4} - c:\progra~1\mcafee\msk\mcapbho.dll
BHO: PnIEBrowserHelperObj Class: {4b5f2e08-6f39-479a-b547-b2026e4c7edf} - c:\program files\earthlink totalaccess\PnEL.dll
BHO: DriveLetterAccess: {5ca3d70e-1895-11cf-8e15-001234567890} - c:\windows\system32\dla\DLASHX_W.DLL
BHO: DealioBHO Class: {6a87b991-a31f-4130-ae72-6d0c294bf082} - c:\program files\dealio\kb127\Dealio.dll
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.5.0_06\bin\ssv.dll
BHO: AOL Toolbar Launcher: {7c554162-8cb7-45a4-b8f4-8ea1c75885f9} - c:\program files\aol\aim toolbar 5.0\aoltb.dll
BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\program files\mcafee\virusscan\scriptsn.dll
BHO: TwcToolbarBhoApp Class: {aa1f9ddb-e605-4ba6-81d4-e427dee012ad} - c:\windows\system32\TwcToolbarBho.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\googletoolbar2.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\3.0.1225.9868\swg.dll
BHO: CBrowserHelperObject Object: {ca6319c0-31b7-401e-a518-a07c3db8f777} - c:\program files\bae\BAE.dll
BHO: MSN Toolbar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\program files\msn\toolbar\3.0.0311.0\msneshellx.dll
BHO: SearchSettings Class: {e312764e-7706-43f1-8dab-fcdd2b1e416d} - c:\program files\search settings\kb127\SearchSettings.dll
TB: The Weather Channel Toolbar: {2e5e800e-6ac0-411e-940a-369530a35e43} - c:\windows\system32\TwcToolbarIe7.dll
TB: &Google: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\googletoolbar2.dll
TB: Pop-Up Blocker: {d7f30b62-8269-41af-9539-b2697fa7d77e} - c:\program files\earthlink totalaccess\PnEL.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
TB: My Web Search: {07b18ea9-a523-4961-b6bb-170de4475cca} - c:\program files\mywebsearch\bar\1.bin\MWSBAR.DLL
TB: AIM Toolbar: {de9c389f-3316-41a7-809b-aa305ed9d922} - c:\program files\aol\aim toolbar 5.0\aoltb.dll
TB: Webshots Toolbar: {c17590d2-ecb4-4b15-8820-f58798dcc118} - c:\program files\webshots\WSToolbar4IE.dll
TB: MSN Toolbar: {1e61ed7c-7cb8-49d6-b9e9-ab4c880c8414} - c:\program files\msn\toolbar\3.0.0311.0\msneshellx.dll
TB: Dealio: {e67c74f4-a00a-4f2c-9fec-fd9dc004a67f} - c:\program files\dealio\kb127\Dealio.dll
TB: {C7768536-96F8-4001-B1A2-90EE21279187} - No File
TB: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
TB: {C75C8E7E-5059-4469-AC11-D7544B260382} - No File
EB: Real.com: {fe54fa40-d68c-11d2-98fa-00c0f0318afe} - c:\windows\system32\Shdocvw.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [swg] c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe
uRun: [Aim6] "c:\program files\aim6\aim6.exe" /d locale=en-US ee://aol/imApp
uRun: [DW6] "c:\program files\the weather channel fw\desktop\DesktopWeather.exe"
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [My Web Search Bar Search Scope Monitor] "c:\progra~1\mywebs~1\bar\1.bin\m3SrchMn.exe" /m=2 /w
mRun: [FaxCenterServer] "c:\program files\dell pc fax\fm3032.exe" /s
mRun: [ISUSPM Startup] "c:\program files\common files\installshield\updateservice\ISUSPM.exe" -startup
mRun: [Atari Launcher 2] c:\program files\infogrames\atari anniversary edition\volume 2\Atari icon.exe
mRun: [AtariBanner] "c:\program files\infogrames\atari anniversary edition\volume 2\Banner.exe" /0
mRun: [REGSHAVE] c:\program files\regshave\REGSHAVE.EXE /AUTORUN
mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\bin\AppleSyncNotifier.exe
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [au] c:\program files\dealio\DealioAU.exe
mRun: [SearchSettings] c:\program files\search settings\SearchSettings.exe
mRun: [dlcxmon.exe] "c:\program files\dell photo aio printer 926\dlcxmon.exe"
mRun: [MemoryCardManager] "c:\program files\dell photo aio printer 926\memcard.exe"
mRun: [Corel Photo Downloader] c:\program files\corel\corel photo album 6\MediaDetect.exe
mRun: [DLCXCATS] rundll32 c:\windows\system32\spool\drivers\w32×86\3\DLCXtime.dll,_RunDLLEntry@16
StartupFolder: c:\docume~1\robinm~1\startm~1\programs\startup\webshots.lnk - c:\program files\webshots\Launcher.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adober~1.lnk - c:\program files\adobe\acrobat 7.0\reader\reader_sl.exe
IE: &AOL Toolbar Search - c:\program files\aol\aim toolbar 5.0\resources\en-us\local\search.html
IE: &Search - http://edits.mywebsearch.com/toolbar…p=ZUxdm082YYUS
IE: &Webshots Photo Search - c:\program files\webshots\WSToolbar4IE.dll/MENUSEARCH.HTM
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Compare Prices with &Dealio - c:\documents and settings\robin mccullough\application data\dealio\kb127\res\DealioSearch.html
IE: E&xport to Microsoft Excel - c:\progra~1\mi1933~1\office10\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBC} - c:\program files\java\jre1.5.0_06\bin\ssv.dll
IE: {2E5E800E-6AC0-411E-940A-369530A35E43} - {A6790AA5-C6C7-4BCF-A46D-0FDAC4EA90EB}
IE: {3369AF0D-62E9-4bda-8103-B4C75499B578} - {DE9C389F-3316-41A7-809B-AA305ED9D922} - c:\program files\aol\aim toolbar 5.0\aoltb.dll
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE} - c:\windows\system32\Shdocvw.dll
IE: {E908B145-C847-4e85-B315-07E2E70DECF8} - {9F038672-0425-4792-BC9C-36DE3308E8AA} - c:\program files\dealio\kb127\Dealio.dll
Notify: GoToAssist - c:\program files\citrix\gotoassist\480\G2AWinLogon.dll
AppInit_DLLs: c:\progra~1\google\google~1\GOEC62~1.DLL
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
============= SERVICES / DRIVERS ===============
R1 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2007-4-23 201320]
R3 McSysmon;McAfee SystemGuards;c:\progra~1\mcafee\viruss~1\mcsysmon.exe [2007-4-23 695624]
R3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2007-4-23 79304]
R3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2007-4-23 35240]
R3 mfesmfk;McAfee Inc. mfesmfk;c:\windows\system32\drivers\mfesmfk.sys [2007-4-23 40488]
R4 dlcx_device;dlcx_device;c:\windows\system32\dlcxcoms.exe -service –> c:\windows\system32\dlcxcoms.exe -service [?]
R4 McProxy;McAfee Proxy Service;c:\progra~1\common~1\mcafee\mcproxy\mcproxy.exe [2007-4-23 359248]
R4 McShield;McAfee Real-time Scanner;c:\progra~1\mcafee\viruss~1\mcshield.exe [2007-4-23 144704]
R4 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\viewpoint\common\ViewpointService.exe [2007-10-27 24652]
S3 BW2NDIS5;BW2NDIS5;c:\windows\system32\drivers\bw2ndis5.sys –> c:\windows\system32\drivers\BW2NDIS5.sys [?]
S3 getPlus(R) Helper;getPlus(R) Helper;c:\program files\nos\bin\getPlus_HelperSvc.exe [2008-10-16 33752]
S3 mferkdk;McAfee Inc. mferkdk;c:\windows\system32\drivers\mferkdk.sys [2007-4-23 33832]
S3 Wdm1;USB Bridge Cable Driver;c:\windows\system32\drivers\usbbc.sys [2007-5-3 15576]
=============== Created Last 30 ================
2009-01-18 12:52 <DIR> –d—– c:\program files\common files\Corel
2009-01-18 12:52 <DIR> –d—– c:\program files\Corel
2009-01-18 12:50 323,584 a——- c:\windows\system32\dlcxhcp.dll
2009-01-18 12:50 274,432 a——- c:\windows\system32\dlcxinst.dll
2009-01-18 12:50 <DIR> –d—– c:\program files\Dell Photo AIO Printer 926
2008-12-23 15:43 <DIR> –d—– c:\docume~1\robinm~1\applic~1\Search Settings
2008-12-23 15:43 <DIR> –d—– c:\program files\Search Settings
2008-12-23 15:42 <DIR> –d—– c:\program files\Dealio
2008-12-23 15:42 <DIR> –d—– c:\docume~1\robinm~1\applic~1\Dealio
2008-12-22 19:43 <DIR> –d—– c:\program files\Bonjour
==================== Find3M ====================
2008-12-13 00:40 3,593,216 ——– c:\windows\system32\dllcache\mshtml.dll
2008-12-12 11:18 87,336 a——- c:\windows\system32\dns-sd.exe
2008-12-12 11:11 61,440 a——- c:\windows\system32\dnssd.dll
2008-12-11 04:57 333,952 a——- c:\windows\system32\drivers\srv.sys
2008-12-11 04:57 333,952 ——– c:\windows\system32\dllcache\srv.sys
2008-11-17 14:04 2,306,113 a——- c:\windows\system32\GPhotos.scr
2008-10-24 05:21 455,296 ——– c:\windows\system32\dllcache\mrxsmb.sys
2008-10-23 06:36 286,720 a——- c:\windows\system32\gdi32.dll
2008-10-23 06:36 286,720 ——– c:\windows\system32\dllcache\gdi32.dll
2008-10-04 07:37 75,776 a——- c:\docume~1\robinm~1\applic~1\GDIPFONTCACHEV1.DAT
2008-03-26 15:50 60,968 a——- c:\documents and settings\robin mccullough\GoToAssistDownloadHelper.exe
2007-11-10 14:38 716,193 a——- c:\program files\address book.WAB
2008-05-01 08:54 104 —shr– c:\windows\system32\0C6ADA4348.sys
2008-05-01 08:54 5,852 a–sh— c:\windows\system32\KGyGaAvL.sys
2008-09-24 14:40 32,768 a–sh— c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008092420080925\index.dat
============= FINISH: 14:30:13.43 ===============
Please visit the following webpage for instructions for downloading and running ComboFix
How to use ComboFix
Download ComboFix by sUBs from here, saving the file to your desktop.
Disable realtime protection applications as they sometimes interfere with the tool. Check this link for your applicable programs.
Close all open programs and windows
Double click ComboFix.exe and follow the prompts.
It may reboot your computer and resume running when you logon. Wait for it to complete. When finished, it will open a log for you. Post that log in your next reply.
Note: Do not mouseclick combofix’s window while its running. That may cause it to stall
**NOTE - I recommend you allow the Recovery Console to be downloaded and installed if or when prompted.
Related Posts:
Comments
Leave a Reply
You must be logged in to post a comment.