Hy,
I`ve written here before and you guys have helped me out, hope you can help me out now.

Recently I started seeing a message when I shut down my pc, it said
end program - n its a standart shutdown program message.
My pc is a little slower than normaly.
I google this and found that it could be a virus/trojan

Here are some logs:
Logfile of AnVir Task Manager Free v6.2.0 http://www.anvir.com
Log saved at 2010.01.23. 11:31
Platform: Windows XP_32
MSIE: Internet Explorer v8.0

Running processes:
{Not Microsoft}
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe {CPU time=0:00}
C:\Program Files\Alwil Software\Avast4\ashServ.exe {CPU time=4:20, Memory=43 MB, PageFile=37 MB}
c:\Program Files\McAfee\SiteAdvisor\McSACore.exe {CPU time=0:03, Memory=4 MB, PageFile=10 MB}
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe {CPU time=0:02, PageFile=2 MB}
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe {CPU time=0:07, PageFile=32 MB}
C:\WINDOWS\system32\igfxtray.exe {CPU time=0:00, PageFile=1.5 MB}
C:\WINDOWS\system32\hkcmd.exe {CPU time=0:00, PageFile=1.7 MB}
C:\Program Files\Alwil Software\Avast4\ashDisp.exe {CPU time=0:00, PageFile=2 MB}
C:\Program Files\Tildes Birojs 2002\Pianists.exe {CPU time=0:01, PageFile=1.1 MB}
C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe {CPU time=0:05, Memory=3 MB, PageFile=2 MB}
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe {CPU time=5:47, Memory=2 MB, PageFile=12 MB}
C:\Program Files\AnVir Task Manager Free\AnVir.exe {CPU time=0:27, Memory=10 MB, PageFile=13 MB}
C:\Program Files\Stardock\ObjectDock\ObjectDock.exe {CPU time=0:08, Memory=2 MB, PageFile=11 MB}
C:\Program Files\ScanSoft\OmniPageSE4\OpWareSE4.exe {CPU time=0:00}
C:\PROGRAM FILES\Java\jre6\bin\jusched.exe {CPU time=0:00, PageFile=2 MB}
C:\WINDOWS\system32\ZoneLabs\vsmon.exe {CPU time=0:22, Memory=14 MB, PageFile=18 MB}
C:\Program Files\Winamp\winamp.exe {CPU time=0:56, Memory=17 MB, PageFile=31 MB}
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe {CPU time=8:40, Memory=43 MB, PageFile=39 MB}
{Microsoft}
C:\WINDOWS\system32\smss.exe {CPU time=0:00}
C:\WINDOWS\system32\csrss.exe {CPU time=0:10, Memory=1.5 MB, PageFile=1.4 MB}
C:\WINDOWS\system32\winlogon.exe {CPU time=0:01, Memory=1.4 MB, PageFile=6 MB}
C:\WINDOWS\system32\services.exe {CPU time=0:05, Memory=1.5 MB, PageFile=1.7 MB}
C:\WINDOWS\system32\lsass.exe {CPU time=0:01, Memory=1.4 MB, PageFile=3 MB}
C:\WINDOWS\system32\svchost.exe {CPU time=0:00, Memory=1.0 MB, PageFile=2 MB}
C:\WINDOWS\system32\svchost.exe {CPU time=0:00, Memory=1.4 MB, PageFile=1.7 MB}
C:\WINDOWS\system32\svchost.exe {CPU time=0:53, Memory=13 MB, PageFile=16 MB}
C:\WINDOWS\system32\svchost.exe {CPU time=0:00, Memory=1.2 MB, PageFile=1.2 MB}
C:\WINDOWS\system32\svchost.exe {CPU time=0:00, Memory=1.3 MB, PageFile=1.4 MB}
C:\WINDOWS\explorer.exe {CPU time=0:27, Memory=18 MB, PageFile=22 MB}
C:\WINDOWS\system32\spoolsv.exe {CPU time=0:00, Memory=1.1 MB, PageFile=3 MB}
C:\WINDOWS\system32\svchost.exe {CPU time=0:00, PageFile=1.3 MB}
C:\WINDOWS\system32\svchost.exe {CPU time=0:00, PageFile=2 MB}
C:\WINDOWS\system32\wdfmgr.exe {CPU time=0:00, PageFile=1.5 MB}
C:\WINDOWS\system32\alg.exe {CPU time=0:00, PageFile=1.1 MB}
C:\WINDOWS\system32\ctfmon.exe {CPU time=0:00, PageFile=1.0 MB}

R3 - MSIE UrlSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: KeyScramblerBHO Class - {2B9F5787-88A5-4945-90E7-C4B18563BC5E} - C:\Program Files\KeyScrambler\KeyScramblerIE.dll
O2 - BHO: TLFind Class - {8692FED1-9267-4624-96B9-3B94946A0524} - C:\Program Files\Tildes Birojs 2002\TLFindAddIn.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl Class - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [CheckCU] C:\PROGRA~1\TILDES~1\CheckCU.exe
O4 - HKLM\..\Run: [Pianists] C:\PROGRA~1\TILDES~1\Pianists.exe
O4 - HKLM\..\Run: [WinPatrol] C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe -expressboot
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\PROGRAM FILES\QT LITE\QTTASK.EXE" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [AnVir Task Manager Free] "C:\Program Files\AnVir Task Manager Free\AnVir.exe" Minimized
O4 - File: Stardock ObjectDock.lnk = C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
O9 - Extra button or menuitem: Tildes Meklētājs - {11FD30F4-F186-4ebe-A384-E22965FDEC7A} - C:\Program Files\Tildes Birojs 2002\TLFindAddIn.dll
O9 - Extra button or menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button or menuitem: KeyScrambler Options - {5C106A59-CC3C-4caa-81A4-6D909B5ACE23} - C:\Program Files\KeyScrambler\KeyScramblerIE.dll
O9 - Extra button or menuitem: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button or menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button or menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus (avast! Antivirus) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner (avast! Mail Scanner) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner (avast! Web Scanner) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: McAfee SiteAdvisor Service (McAfee SiteAdvisor Service) - McAfee, Inc. - c:\Program Files\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: ServiceLayer (ServiceLayer) - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

--
End of file - 7152 bytes



Malwarebytes' Anti-Malware 1.44
Database version: 3618
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

2010.01.23. 11:33:02
mbam-log-2010-01-23 (11-33-02).txt

Scan type: Full Scan (A:\|C:\|D:\|)
Objects scanned: 143512
Time elapsed: 35 minute(s), 16 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

Hi,

Does the End program window give any specific program name? Do you remember installing something before the thing began to occur?

Download DDS and save it to your desktop from here (http://www.techsupportforum.com/sectools/sUBs/dds) or here (http://download.bleepingcomputer.com/sUBs/dds.scr) or here (http://www.forospyware.com/sUBs/dds).
Disable any script blocker, and then double click dds.scr to run the tool.
When done, DDS will open two (2) logs:
DDS.txt
Attach.txt

Save both reports to your desktop. Post them back to your topic.

DDS (Ver_09-12-01.01) - NTFSx86
Run by Administrator at 23:11:39,40 on 2010.01.28.
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_17
Microsoft Windows XP Professional 5.1.2600.3.1257.371.1033.18.510.212 [GMT 2:00]

AV: avast! antivirus 4.8.1368 [VPS 100128-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: ZoneAlarm Firewall *enabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
C:\WINDOWS\system32\svchost -k rpcss
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\igfxtray.exe
c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\wdfmgr.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\alg.exe
C:\PROGRAM FILES\SCANSOFT\OMNIPAGESE4\OPWARESE4.EXE
C:\PROGRAM FILES\JAVA\JRE6\BIN\JUSCHED.EXE
C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe
C:\Program Files\Tildes Birojs 2002\MDICTION.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\Documents and Settings\Administrator\Desktop\dds.scr
C:\WINDOWS\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.lv/
uInternet Connection Wizard,ShellNext = hxxp://www.codecguide.com/
uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Skype add-on (mastermind): {22bf413b-c6d2-4d91-82a9-a0f997ba588c} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
BHO: PC Tools Browser Guard BHO: {2a0f3d1b-0909-4ff4-b272-609cce6054e7} - c:\program files\spyware doctor\bdt\PCTBrowserDefender.dll
BHO: KeyScramblerBHO Class: {2b9f5787-88a5-4945-90e7-c4b18563bc5e} - c:\program files\keyscrambler\KeyScramblerIE.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: TLFind Class: {8692fed1-9267-4624-96b9-3b94946a0524} - c:\program files\tildes birojs 2002\TLFindAddIn.dll
BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
TB: PC Tools Browser Guard: {472734ea-242a-422b-adf8-83d1e48cc825} - c:\program files\spyware doctor\bdt\PCTBrowserDefender.dll
uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe
uRun: [AnVir Task Manager Free] "c:\program files\anvir task manager free\AnVir.exe" Minimized
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
uRun: [FreeRAM XP] "c:\program files\yourware solutions\freeram xp pro\FreeRAM XP Pro.exe" -win
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [SSBkgdUpdate] "c:\program files\common files\scansoft shared\ssbkgdupdate\SSBkgdupdate.exe" -Embedding -boot
mRun: [avast!] c:\progra~1\alwils~1\avast4\ashDisp.exe
mRun: [CheckCU] c:\progra~1\tildes~1\CheckCU.exe
mRun: [Pianists] c:\progra~1\tildes~1\Pianists.exe
mRun: [WinPatrol] c:\program files\billp studios\winpatrol\winpatrol.exe -expressboot
mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
mRun: [ZoneAlarm Client] "c:\program files\zone labs\zonealarm\zlclient.exe"
mRun: [QuickTime Task] "c:\program files\qt lite\QTTASK.EXE" -atboottime
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t
IE: &Tulkot ar Tildes Datorvārdnīcu - c:\program files\tildes birojs 2002\TDVLauncher.DLL /201
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {11FD30F4-F186-4ebe-A384-E22965FDEC7A} - {8692FED1-9267-4624-96B9-3B94946A0524} - c:\program files\tildes birojs 2002\TLFindAddIn.dll
IE: {5067A26B-1337-4436-8AFE-EE169C2DA79F} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
IE: {5C106A59-CC3C-4caa-81A4-6D909B5ACE23} - {B745F984-EF2E-40D6-A9AC-D8CED7230E61} - c:\program files\keyscrambler\KeyScramblerIE.dll
IE: {77BF5300-1474-4EC7-9980-D32B190E9B07} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} - hxxp://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase8942.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: igfxcui - igfxsrvc.dll
AppInit_DLLs:
STS: FencesShlExt Class: {1984dd45-52cf-49cd-ab77-18f378fea264} - c:\program files\stardock\fences\FencesMenu.dll
Hosts: 127.0.0.1 www.spywareinfo.com

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\admini~1\applic~1\mozilla\firefox\profiles\y4ldzwwt.default\
FF - component: c:\documents and settings\administrator\application data\mozilla\firefox\profiles\y4ldzwwt.default\extensions\keyscrambler@qfx.software.corporation\components\KeyScramblerIE.dll
FF - component: c:\program files\mcafee\siteadvisor\components\McFFPlg.dll
FF - component: c:\program files\nokia\nokia pc suite 7\bkmrksync\components\BkMrkExt.dll
FF - plugin: c:\program files\k-lite codec pack\real\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\k-lite codec pack\real\browser\plugins\nprpjplug.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npwachk.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);

============= SERVICES / DRIVERS ===============

R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [2010-1-28 207792]
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2009-11-4 114768]
R1 vsdatant;vsdatant;c:\windows\system32\vsdatant.sys [2009-12-8 486280]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2009-11-4 20560]
R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast4\ashServ.exe [2009-11-4 138680]
R2 Browser Defender Update Service;Browser Defender Update Service;c:\program files\spyware doctor\bdt\BDTUpdateService.exe [2010-1-28 112592]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\progra~1\mcafee\sitead~1\mcsacore.exe [2009-11-5 93320]
R2 vsmon;TrueVector Internet Monitor;c:\windows\system32\zonelabs\vsmon.exe -service --> c:\windows\system32\zonelabs\vsmon.exe -service [?]
R3 KeyScrambler;KeyScrambler;c:\windows\system32\drivers\keyscrambler.sys [2009-11-9 115312]
S3 avast! Mail Scanner;avast! Mail Scanner;c:\program files\alwil software\avast4\ashMaiSv.exe [2009-11-4 254040]
S3 avast! Web Scanner;avast! Web Scanner;c:\program files\alwil software\avast4\ashWebSv.exe [2009-11-4 352920]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [2009-11-19 136704]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [2009-11-19 8320]
S3 sdAuxService;PC Tools Auxiliary Service;c:\program files\spyware doctor\pctsAuxs.exe [2010-1-28 359624]
S3 sdCoreService;PC Tools Security Service;c:\program files\spyware doctor\pctsSvc.exe [2010-1-28 1141712]

=============== Created Last 30 ================

2010-01-28 16:38:38 281 ----a-w- c:\windows\EReg072.dat
2010-01-28 16:36:31 0 d-----w- c:\program files\Maxis
2010-01-28 16:36:21 304128 ----a-w- c:\windows\IsUninst.exe
2010-01-28 16:36:17 0 d-----w- c:\documents and settings\administrator\WINDOWS
2010-01-28 13:20:23 767952 ----a-w- c:\windows\BDTSupport.dll
2010-01-28 13:20:22 882 ----a-w- c:\windows\RegSDImport.xml
2010-01-28 13:20:22 880 ----a-w- c:\windows\RegISSImport.xml
2010-01-28 13:20:22 149456 ----a-w- c:\windows\SGDetectionTool.dll
2010-01-28 13:20:22 131 ----a-w- c:\windows\IDB.zip
2010-01-28 13:20:21 165840 ----a-w- c:\windows\PCTBDRes.dll
2010-01-28 13:20:21 1640400 ----a-w- c:\windows\PCTBDCore.dll
2010-01-28 13:20:21 1152444 ----a-w- c:\windows\UDB.zip
2010-01-28 13:19:08 7387 ----a-w- c:\windows\system32\drivers\pctgntdi.cat
2010-01-28 13:19:08 233136 ----a-w- c:\windows\system32\drivers\pctgntdi.sys
2010-01-28 13:18:45 87784 ----a-w- c:\windows\system32\drivers\PCTAppEvent.sys
2010-01-28 13:18:45 7412 ----a-w- c:\windows\system32\drivers\PCTAppEvent.cat
2010-01-28 13:18:45 7383 ----a-w- c:\windows\system32\drivers\pctcore.cat
2010-01-28 13:18:45 207792 ----a-w- c:\windows\system32\drivers\PCTCore.sys
2010-01-28 13:18:19 7383 ----a-w- c:\windows\system32\drivers\pctplsg.cat
2010-01-28 13:18:19 70408 ----a-w- c:\windows\system32\drivers\pctplsg.sys
2010-01-28 13:17:35 0 d-----w- c:\program files\common files\PC Tools
2010-01-28 13:17:34 0 d-----w- c:\program files\Spyware Doctor
2010-01-28 13:17:34 0 d-----w- c:\docume~1\alluse~1\applic~1\PC Tools
2010-01-28 13:17:34 0 d-----w- c:\docume~1\admini~1\applic~1\PC Tools
2010-01-26 14:14:28 178 ----a-w- c:\windows\EQ3D.ini
2010-01-26 13:55:09 15212 ----a-w- c:\documents and settings\administrator\.recently-used.xbel
2010-01-26 13:53:44 0 d-----w- c:\program files\YourWare Solutions
2010-01-25 15:46:09 0 d-----w- c:\program files\Spybot - Search & Destroy
2010-01-25 15:46:09 0 d-----w- c:\docume~1\alluse~1\applic~1\Spybot - Search & Destroy
2010-01-25 13:48:18 0 d-----w- c:\docume~1\admini~1\applic~1\KALiNKOsoft
2010-01-24 09:38:51 1892184 ----a-w- c:\windows\system32\D3DX9_42.dll
2010-01-24 09:38:49 2414360 ----a-w- c:\windows\system32\d3dx9_31.dll
2010-01-24 09:38:36 0 d-----w- c:\windows\Logs
2010-01-24 09:38:22 0 d-----w- c:\program files\Winamp Detect
2010-01-23 19:15:26 0 d-----w- c:\docume~1\alluse~1\applic~1\SecTaskMan
2010-01-23 19:15:18 0 d-----w- c:\program files\Security Task Manager
2010-01-20 18:58:37 0 d-----w- C:\myyoutube
2010-01-20 18:57:37 0 d-----w- c:\program files\1-Click YouTube Downloader
2010-01-10 10:48:50 471552 -c----w- c:\windows\system32\dllcache\aclayers.dll
2010-01-10 10:39:50 0 d-----w- c:\program files\Belarc
2010-01-10 09:39:55 0 d-----w- c:\program files\common files\Stardock
2010-01-10 09:33:17 0 d-----w- c:\program files\CCleaner
2010-01-08 14:07:11 0 d-----w- c:\program files\JRE
2009-12-30 09:33:10 0 d-----w- c:\program files\AnVir Task Manager Free

==================== Find3M ====================

2010-01-25 13:45:30 119296 ----a-w- c:\windows\system32\zlib.dll
2010-01-07 14:07:14 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-01-07 14:07:04 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-12-21 19:14:05 916480 ----a-w- c:\windows\system32\wininet.dll
2009-12-08 19:15:09 4212 ---ha-w- c:\windows\system32\zllictbl.dat
2009-11-22 13:42:44 1238408 ----a-w- c:\windows\system32\zpeng25.dll
2009-11-02 18:42:06 195456 ------w- c:\windows\system32\MpSigStub.exe

============= FINISH: 23:15:01,96 ===============

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_09-12-01.01)

Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 2009.09.29. 12:34:06
System Uptime: 2010.01.28. 14:37:32 (9 hours ago)

Motherboard: IBM | | IBM
Processor: Intel(R) Pentium(R) 4 CPU 2.40GHz | WMT478/NWD | 2392/133mhz

==== Disk Partitions =========================

A: is Removable
C: is FIXED (NTFS) - 37 GiB total, 25,599 GiB free.
D: is CDROM ()

==== Disabled Device Manager Items =============

Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Intel(R) PRO/1000 MT Network Connection
Device ID: PCI\VEN_8086&DEV_100E&SUBSYS_02671014&REV_02\4&25296D99&0&58F0
Manufacturer: Intel
Name: Intel(R) PRO/1000 MT Network Connection
PNP Device ID: PCI\VEN_8086&DEV_100E&SUBSYS_02671014&REV_02\4&25296D99&0&58F0
Service: E1000

==== System Restore Points ===================

RP80: 2010.01.24. 11:38:45 - Installed DirectX
RP81: 2010.01.25. 14:06:54 - System Checkpoint
RP82: 2010.01.25. 15:42:36 - Installed Pinnacle Game Profiler
RP83: 2010.01.25. 15:49:20 - Revo Uninstaller's restore point - Pinnacle Game Profiler
RP84: 2010.01.25. 15:49:58 - Removed Pinnacle Game Profiler
RP85: 2010.01.25. 17:22:58 - Revo Uninstaller's restore point - IconTweaker
RP86: 2010.01.25. 17:24:04 - Revo Uninstaller's restore point - CNET TechTracker

==== Installed Programs ======================

1-Click YouTube Downloader 3.5
7-Zip 4.65
Acrobat.com
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 9.3
AnVir Task Manager Free
Apple Application Support
Apple Software Update
avast! Antivirus
Browser Defender 2.0.6.11
Canon MP Navigator 3.1
Canon MP140 series
Canon MP140 series User Registration
Canon Utilities Easy-LayoutPrint
Canon Utilities Easy-PhotoPrint
CCleaner
Fences
Free Fire Screensaver
Game Maker 7.0
GIMP 2.6.7

hy,
I`m not completely sure what program might have caused it, as far as I can remember I installed FreeRAM XP Pro that day, but I don`t think that caused the error.
The program that wouldn`t shut down was named n, that was what I thought was weird, now I haven`t seen that error anymore.
Yesterday I found Trojan.FakeAlert (By Malwarebytes) in a system restore point, but didn`t find any other infection.

It may have been some temporary thing. To me your logs look ok :)

thanks Blade81
:thanks:

Since this issue appears to be resolved ... this Topic has been closed. Glad I could help. :)

Note:If it has been four days or more since your last post, and the helper assisting you posted a response to that post to which you did not reply, your topic will not be reopened. At that point, if you still require help, please start a new topic and include a fresh HijackThis log and a link to your previous thread.

If it has been less than four days since your last response and you need the thread re-opened, please send me or MOD a private message (pm). A valid, working link to the closed topic is required.