Help on Malware removal - SpybotSD not a valid Win32 application

**hottroc** · 2008-01-30, 23:39

Hi, thanks for your continuing support. But nothing ever goes easy for me....

"Kaspersky Online Scanner license has expired!"

"Initialization failed!"

Doesn't seem to give me any other options.

**katana** · 2008-01-30, 23:51

Well, that's a new one

Try this instead

TotalScan
Your Antivirus and/or Antispyware may give a warning during the scan. This is perfectly normal
Please go to this site Link >> TotalScan << LINK

Under Scan Now click the Full Scan button
Follow the prompts to install the Active X if necessary
Go and make a cup of tea/coffee/beverage of your choice and watch some TV
When the scan is finished, a report will be generated
Next to Scan Details click the small Save button and save the report to your desktop.
Please post the report in your reply.

**hottroc** · 2008-01-31, 02:58

That one seemed to run OK, thanks, here is the log file:

;***********************************************************************************************************************************************************************************
ANALYSIS: 2008-01-31 01:46:12
PROTECTIONS: 1
MALWARE: 15
SUSPECTS: 0
;***********************************************************************************************************************************************************************************
PROTECTIONS
Description Version Active Updated
;===================================================================================================================================================================================
Windows Defender 1.1.3109.0 No No
;===================================================================================================================================================================================
MALWARE
Id Description Type Active Severity Disinfectable Disinfected Location
;===================================================================================================================================================================================
00139535 Application/Processor HackTools No 0 Yes No C:\WINDOWS\BDOSCAN8\SDFix\apps\Process.exe
00139535 Application/Processor HackTools No 0 Yes No C:\Program Files\smirfraudremover\SmitfraudFix\Process.exe
00139535 Application/Processor HackTools No 0 Yes No C:\WINDOWS\system32\Process.exe
00139535 Application/Processor HackTools No 0 Yes No C:\download\l2mfix.exe[l2mfix/Process.exe]
00139535 Application/Processor HackTools No 0 Yes No C:\download\l2mfix\l2mfix\Process.exe
00139535 Application/Processor HackTools No 0 No No C:\download\SDFix.exe[SDFix\apps\Process.exe]
00159860 Application/Psshutdown.A HackTools No 0 Yes No C:\download\winxpinout\Author_Extras\Author Extras\shutdown.exe
00159881 Application/Pskill.A HackTools No 0 Yes No C:\download\Pstools.zip[pskill.exe]
00170554 Cookie/Overture TrackingCookie No 0 Yes No C:\Documents and Settings\lisa.TIGGER\Cookies\lisa@overture[1].txt
00179430 Application/PsExec.D HackTools No 0 Yes No C:\download\Pstools.zip[psexec.exe]
00261870 Trj/Small.SA Virus/Trojan No 1 Yes No C:\Program Files\Backup of all mailtraq\Mailtraq\database\mail\inbox\mailstore.afv[spring_scr.vir]
00261870 Trj/Small.SA Virus/Trojan No 1 Yes No C:\Program Files\Backup of all mailtraq\Mailtraq\database\mail\inbox\mailstore.afv[spring_scr.vir]
00517584 Application/SuperFast HackTools No 0 Yes No C:\Program Files\smirfraudremover\SmitfraudFix\restart.exe
01185375 Application/Psexec.A HackTools No 0 Yes No C:\System Volume Information\_restore{99260036-CEB2-4684-93E4-F2CCFF5FA11E}\RP18\A0008716.EXE
01185375 Application/Psexec.A HackTools No 0 Yes No C:\System Volume Information\_restore{99260036-CEB2-4684-93E4-F2CCFF5FA11E}\RP34\A0018565.EXE
01185375 Application/Psexec.A HackTools No 0 Yes No C:\System Volume Information\_restore{99260036-CEB2-4684-93E4-F2CCFF5FA11E}\RP35\A0018820.EXE
01185375 Application/Psexec.A HackTools No 0 Yes No C:\System Volume Information\_restore{99260036-CEB2-4684-93E4-F2CCFF5FA11E}\RP35\A0019926.EXE
01185375 Application/Psexec.A HackTools No 0 Yes No C:\System Volume Information\_restore{99260036-CEB2-4684-93E4-F2CCFF5FA11E}\RP15\A0008340.EXE
01185375 Application/Psexec.A HackTools No 0 Yes No C:\System Volume Information\_restore{99260036-CEB2-4684-93E4-F2CCFF5FA11E}\RP11\A0007781.EXE
01185375 Application/Psexec.A HackTools No 0 Yes No C:\System Volume Information\_restore{2B9BC6EC-D68F-4248-A5F3-DD12E9F63783}\RP610\A0376426.EXE
01185375 Application/Psexec.A HackTools No 0 Yes No C:\System Volume Information\_restore{2B9BC6EC-D68F-4248-A5F3-DD12E9F63783}\RP609\A0376350.EXE
01185375 Application/Psexec.A HackTools No 0 Yes No C:\System Volume Information\_restore{99260036-CEB2-4684-93E4-F2CCFF5FA11E}\RP17\A0008672.EXE
01185375 Application/Psexec.A HackTools No 0 Yes No C:\System Volume Information\_restore{99260036-CEB2-4684-93E4-F2CCFF5FA11E}\RP28\A0011863.EXE
01185375 Application/Psexec.A HackTools No 0 Yes No C:\System Volume Information\_restore{99260036-CEB2-4684-93E4-F2CCFF5FA11E}\RP29\A0014324.EXE
01185375 Application/Psexec.A HackTools No 0 Yes No C:\System Volume Information\_restore{99260036-CEB2-4684-93E4-F2CCFF5FA11E}\RP29\A0016293.EXE
01185375 Application/Psexec.A HackTools No 0 Yes No C:\System Volume Information\_restore{99260036-CEB2-4684-93E4-F2CCFF5FA11E}\RP31\A0016561.EXE
01185375 Application/Psexec.A HackTools No 0 Yes No C:\System Volume Information\_restore{99260036-CEB2-4684-93E4-F2CCFF5FA11E}\RP33\A0017367.EXE
01185375 Application/Psexec.A HackTools No 0 Yes No C:\System Volume Information\_restore{99260036-CEB2-4684-93E4-F2CCFF5FA11E}\RP25\A0010591.EXE
01262593 Application/NirCmd.A HackTools No 0 No No C:\System Volume Information\_restore{2B9BC6EC-D68F-4248-A5F3-DD12E9F63783}\RP607\A0364823.exe[nircmd.cfexe]
01262593 Application/NirCmd.A HackTools No 0 No No C:\System Volume Information\_restore{2B9BC6EC-D68F-4248-A5F3-DD12E9F63783}\RP607\A0364860.exe[nircmd.com]
01262593 Application/NirCmd.A HackTools No 0 No No C:\System Volume Information\_restore{2B9BC6EC-D68F-4248-A5F3-DD12E9F63783}\RP607\A0364860.exe[nircmd.cfexe]
01262593 Application/NirCmd.A HackTools No 0 No No C:\System Volume Information\_restore{2B9BC6EC-D68F-4248-A5F3-DD12E9F63783}\RP607\A0365924.exe[nircmd.com]
01262593 Application/NirCmd.A HackTools No 0 No No C:\System Volume Information\_restore{2B9BC6EC-D68F-4248-A5F3-DD12E9F63783}\RP607\A0365924.exe[nircmd.cfexe]
01262593 Application/NirCmd.A HackTools No 0 No No C:\System Volume Information\_restore{2B9BC6EC-D68F-4248-A5F3-DD12E9F63783}\RP607\A0366969.exe[nircmd.com]
01262593 Application/NirCmd.A HackTools No 0 No No C:\System Volume Information\_restore{2B9BC6EC-D68F-4248-A5F3-DD12E9F63783}\RP607\A0366969.exe[nircmd.cfexe]
01262593 Application/NirCmd.A HackTools No 0 No No C:\System Volume Information\_restore{2B9BC6EC-D68F-4248-A5F3-DD12E9F63783}\RP607\A0363838.exe[nircmd.cfexe]
01262593 Application/NirCmd.A HackTools No 0 No No C:\System Volume Information\_restore{2B9BC6EC-D68F-4248-A5F3-DD12E9F63783}\RP607\A0363838.exe[nircmd.com]
01262593 Application/NirCmd.A HackTools No 0 No No C:\System Volume Information\_restore{2B9BC6EC-D68F-4248-A5F3-DD12E9F63783}\RP607\A0362854.exe[nircmd.cfexe]
01262593 Application/NirCmd.A HackTools No 0 No No C:\System Volume Information\_restore{2B9BC6EC-D68F-4248-A5F3-DD12E9F63783}\RP607\A0362854.exe[nircmd.com]
01262593 Application/NirCmd.A HackTools No 0 No No C:\System Volume Information\_restore{2B9BC6EC-D68F-4248-A5F3-DD12E9F63783}\RP607\A0361845.exe[nircmd.cfexe]
01262593 Application/NirCmd.A HackTools No 0 No No C:\System Volume Information\_restore{2B9BC6EC-D68F-4248-A5F3-DD12E9F63783}\RP607\A0361845.exe[nircmd.com]
01262593 Application/NirCmd.A HackTools No 0 Yes No C:\System Volume Information\_restore{2B9BC6EC-D68F-4248-A5F3-DD12E9F63783}\RP609\A0376305.com
01262593 Application/NirCmd.A HackTools No 0 Yes No C:\System Volume Information\_restore{2B9BC6EC-D68F-4248-A5F3-DD12E9F63783}\RP609\A0376337.com
01262593 Application/NirCmd.A HackTools No 0 No No C:\System Volume Information\_restore{2B9BC6EC-D68F-4248-A5F3-DD12E9F63783}\RP607\A0361775.exe[nircmd.cfexe]
01262593 Application/NirCmd.A HackTools No 0 Yes No C:\System Volume Information\_restore{2B9BC6EC-D68F-4248-A5F3-DD12E9F63783}\RP610\A0376414.com
01262593 Application/NirCmd.A HackTools No 0 No No C:\System Volume Information\_restore{2B9BC6EC-D68F-4248-A5F3-DD12E9F63783}\RP607\A0361775.exe[nircmd.com]
01262593 Application/NirCmd.A HackTools No 0 Yes No C:\System Volume Information\_restore{2B9BC6EC-D68F-4248-A5F3-DD12E9F63783}\RP610\A0376429.exe
01262593 Application/NirCmd.A HackTools No 0 No No C:\System Volume Information\_restore{2B9BC6EC-D68F-4248-A5F3-DD12E9F63783}\RP610\A0376437.exe[nircmd.com]
01262593 Application/NirCmd.A HackTools No 0 No No C:\System Volume Information\_restore{2B9BC6EC-D68F-4248-A5F3-DD12E9F63783}\RP610\A0376437.exe[nircmd.cfexe]
01262593 Application/NirCmd.A HackTools No 0 Yes No C:\System Volume Information\_restore{2B9BC6EC-D68F-4248-A5F3-DD12E9F63783}\RP610\A0376457.com
01262593 Application/NirCmd.A HackTools No 0 No No C:\System Volume Information\_restore{2B9BC6EC-D68F-4248-A5F3-DD12E9F63783}\RP607\A0361608.exe[nircmd.cfexe]
01262593 Application/NirCmd.A HackTools No 0 No No C:\System Volume Information\_restore{2B9BC6EC-D68F-4248-A5F3-DD12E9F63783}\RP607\A0361608.exe[nircmd.com]
01262593 Application/NirCmd.A HackTools No 0 Yes No C:\WINDOWS\Nircmd.exe
01262593 Application/NirCmd.A HackTools No 0 No No C:\Documents and Settings\james.TIGGER\Desktop\Combo-Fix.exe[327882R2FWJFW\nircmd.cfexe]
01262593 Application/NirCmd.A HackTools No 0 No No C:\System Volume Information\_restore{2B9BC6EC-D68F-4248-A5F3-DD12E9F63783}\RP607\A0364823.exe[nircmd.com]
01262593 Application/NirCmd.A HackTools No 0 No No C:\Documents and Settings\james.TIGGER\Desktop\Combo-Fix.exe[327882R2FWJFW\nircmd.com]
02197130 Trj/Rebooter.J Virus/Trojan No 1 Yes No C:\Program Files\smirfraudremover\SmitfraudFix\Reboot.exe
02891356 Trj/Spammer.ADX Virus/Trojan No 1 Yes No C:\Program Files\Mailtraq\database\mail\inbox\mailstore.afv[photos.zip][photos.scr]
02891356 Trj/Spammer.ADX Virus/Trojan No 1 Yes No james mail\deleted items\[spam:0.32] you have card\photos.zip[photos.scr]
02891356 Trj/Spammer.ADX Virus/Trojan No 1 Yes No james mail\deleted items\[spam:0.32] you have card\photos.zip[photos.scr]
02892755 Trj/Spammer.ADX Virus/Trojan No 1 Yes No james mail\deleted items\[spam:0.11] merry christmas\ecard.zip[eCard.exe]
02892755 Trj/Spammer.ADX Virus/Trojan No 1 Yes No C:\Program Files\Mailtraq\database\mail\inbox\mailstore.afv[eCard.zip][eCard.exe]
02892755 Trj/Spammer.ADX Virus/Trojan No 1 Yes No james mail\deleted items\[spam:0.11] merry christmas\ecard.zip[eCard.exe]
02893167 W32/Bagle.RC.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{2B9BC6EC-D68F-4248-A5F3-DD12E9F63783}\RP607\A0370279.exe
02893167 W32/Bagle.RC.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{2B9BC6EC-D68F-4248-A5F3-DD12E9F63783}\RP607\A0370177.exe
02893638 Trj/Spammer.ADX Virus/Trojan No 1 Yes No C:\Program Files\Mailtraq\database\mail\inbox\mailstore.afv[eCard.zip][eCard.scr]
02893638 Trj/Spammer.ADX Virus/Trojan No 1 Yes No james mail\deleted items\[spam:0.22] you have card\ecard.zip[eCard.scr]
02895391 W32/Bagle.RC.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{2B9BC6EC-D68F-4248-A5F3-DD12E9F63783}\RP607\A0370180.exe
02895391 W32/Bagle.RC.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{2B9BC6EC-D68F-4248-A5F3-DD12E9F63783}\RP607\A0370277.exe
02895391 W32/Bagle.RC.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{2B9BC6EC-D68F-4248-A5F3-DD12E9F63783}\RP607\A0370280.exe
02895391 W32/Bagle.RC.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{2B9BC6EC-D68F-4248-A5F3-DD12E9F63783}\RP608\A0374262.exe
;===================================================================================================================================================================================
SUSPECTS
Location
;===================================================================================================================================================================================
;===================================================================================================================================================================================

**katana** · 2008-01-31, 04:25

Unfortunately, you may need to reinstall any programs that give you the "not a valid Win32 application" error.
The infection has corrupted those files and it is very difficult to clean them.

You have an E-mail program Mailtraq, there are some infected files in the mail.
You will need to remove these yourself, as they are stored in a database rather than folders.
C:\Program Files\Backup of all mailtraq\Mailtraq\database\mail\inbox\mailstore.afv[spring_scr.vir]
C:\Program Files\Backup of all mailtraq\Mailtraq\database\mail\inbox\mailstore.afv[spring_scr.vir]
C:\Program Files\Mailtraq\database\mail\inbox\mailstore.afv[photos.zip][photos.scr]
james mail\deleted items\[spam:0.32] you have card\photos.zip[photos.scr]
james mail\deleted items\[spam:0.32] you have card\photos.zip[photos.scr]
james mail\deleted items\[spam:0.11] merry christmas\ecard.zip[eCard.exe]
C:\Program Files\Mailtraq\database\mail\inbox\mailstore.afv[eCard.zip][eCard.exe]
james mail\deleted items\[spam:0.11] merry christmas\ecard.zip[eCard.exe]
C:\Program Files\Mailtraq\database\mail\inbox\mailstore.afv[eCard.zip][eCard.scr]
james mail\deleted items\[spam:0.22] you have card\ecard.zip[eCard.scr]

Uninstall HJT, and download a fresh copy

Click here to download HJTinstall.exe

Save HJTinstall.exe to your desktop.
Double click on the HJTinstall.exe icon on your desktop.
By default it will install to C:\\Program Files\\Trend Micro\\Hijack This.
Click I accept
Click on the Do a system scan and save a log file button. It will scan and then ask you to save the log.
Click Save to save the log file and then the log will open in notepad.
Click on "Edit > Select All" then click on "Edit > Copy" to copy the entire contents of the log.
Come back here to this thread and Paste the log in your next reply.
DO NOT have Hijack This fix anything yet. Most of what it finds will be harmless or even required.

Installed Programs
Please could you give me a list of the programs that are installed.

Start HijackThis
Click on the Config button
Click on the Misc Tools button
Click on the Open Uninstall Manager button.

You will see a list with the programs installed in your computer.
Click on save list button and specify where you would like to save this file.
When you press Save button a notepad will open with the contents of that file.
Simply copy and paste the contents of that notepad into your next post.

**hottroc** · 2008-01-31, 19:50

Originally Posted by katana

Unfortunately, you may need to reinstall any programs that give you the "not a valid Win32 application" error..

Should i do that now or wait till you give the all-clear? I'm a bit worried about re-infection or hackers while my system is unprotected.

The infected files in the mail server mentioned are mainly in old backups but I will try to delete them anyhow.

I'll get back to you with the results of my HJT attempts shortly.

**hottroc** · 2008-01-31, 20:23

Here is the HJT log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:12:10, on 31/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\Netropa\Multimedia Keyboard\nhksrv.exe
C:\Program Files\Comodo\CBOClean\BOCORE.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Mailtraq\mtqsvc.exe
c:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Mailtraq\mailtraq.exe
C:\WINDOWS\system32\mnmsrvc.exe
c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\slserv.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\UPHClean\uphclean.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\Program Files\DynDNS Updater\DynDNS.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Mailtraq\MailtraqAVG\MAVAVG.EXE
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\PDF Printer Pilot SE\PDFPRPRXY.EXE
C:\progra~1\vision~1\paperp~1\pptd40nt.exe
C:\Program Files\Netropa\Multimedia Keyboard\MMKeybd.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\BT Voyager 105 ADSL Modem\dslstat.exe
C:\Program Files\BT Voyager 105 ADSL Modem\dslagent.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Netropa\Multimedia Keyboard\TrayMon.exe
C:\Program Files\Netropa\Onscreen Display\OSD.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\PROGRA~1\Comodo\CBOClean\BOC425.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\devldr32.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\AVERTV2K\QuickTV.exe
C:\Program Files\DLMage\DnloadMage.exe
C:\Program Files\Iolo\Macro Magic\Macros.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:8080
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [Tweak UI] RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [PP7600usb] C:\PROGRA~1\VISION~1\PAPERP~1\FBDirect.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [PDFPrinterPilotAgent] "C:\Program Files\PDF Printer Pilot SE\PDFPRPRXY.EXE"
O4 - HKLM\..\Run: [PaperPort PTD] c:\progra~1\vision~1\paperp~1\pptd40nt.exe
O4 - HKLM\..\Run: [MULTIMEDIA KEYBOARD] C:\Program Files\Netropa\Multimedia Keyboard\MMKeybd.exe
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [DSLSTATEXE] C:\Program Files\BT Voyager 105 ADSL Modem\dslstat.exe icon
O4 - HKLM\..\Run: [DSLAGENTEXE] C:\Program Files\BT Voyager 105 ADSL Modem\dslagent.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [HPHUPD08] C:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [BOC-425] C:\PROGRA~1\Comodo\CBOClean\BOC425.exe
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\Comodo\Firewall\cfp.exe" -s
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user')
O4 - Startup: Disk Detector.lnk = C:\Program Files\Creative\ShareDLL\CTNotify.exe
O4 - Startup: Download Mage.lnk = C:\Program Files\DLMage\DnloadMage.exe
O4 - Startup: Iolo Macro Magic.lnk = C:\Program Files\Iolo\Macro Magic\Macros.exe
O4 - Startup: TeleSA.lnk = C:\Program Files\AVer Teletext\AVerSA.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: AutoCAD Startup Accelerator.lnk = C:\Program Files\Common Files\Autodesk Shared\acstart16.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: devldr32.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: QuickTV.lnk = C:\AVERTV2K\QuickTV.exe
O4 - Global Startup: TeleSA.lnk = C:\Program Files\AVer Teletext\AVerSA.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: ICQ Pro - {6224f700-cba3-4071-b251-47cb894244cd} - C:\PROGRA~1\ICQ\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\PROGRA~1\ICQ\ICQ.exe
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: *.tigger
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/par...an_unicode.cab
O16 - DPF: {1B9B97D0-C0F4-4045-9B42-50A4535C9041} (WCLoaderCtl Class) - http://download.paltalk.com/wcloader_prod/wcloader.cab
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/ho...vex/hcImpl.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/S...in/AvSniff.cab
O16 - DPF: {4CCA4E6B-9259-11D9-AC6E-444553544200} (FixController Control) - http://h30155.www3.hp.com/ediags/dd/...allMgr_v01.cab
O16 - DPF: {512FC5A1-7DE1-43F1-BC0C-371622FCB409} (TotalScan Installer Class) - http://www.nanoscan.com/as/cabs/ascstubie.cab
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - http://www.eset.eu/buxus/docs/OnlineScanner.cab
O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://catalog.update.microsoft.com/...?1201393948625
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.co.uk/scan_uk/scan8/oscan8.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/...toUploader.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/wind...?1187901181390
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/S.../bin/cabsa.cab
O16 - DPF: {85D1F3B2-2A21-11D7-97B9-0010DC2A6243} (SecureLogin class) - http://secure2.comned.com/signuptemp...ogin-devel.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/actives...ree/asinst.cab
O16 - DPF: {9D190AE6-C81E-4039-8061-978EBAD10073} (F-Secure Online Scanner 3.0) - http://support.f-secure.com/ols/fscax.cab
O16 - DPF: {AE9DCB17-F804-11D2-A44A-0020182C1446} (IntraLaunch.MainControl) - file:///D:/system/IntraLaunch.CAB
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ge...sh/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{2284E881-2005-4C2F-A9AE-559B69C94A5E}: NameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{76191383-D5FD-4413-AB3B-7A9A7B9A5FCB}: NameServer = 80.189.92.2,80.189.94.2
O20 - AppInit_DLLs: C:\WINDOWS\system32\guard32.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Unknown owner - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe (file missing)
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Autodesk Licensing Service - Autodesk, Inc. - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: BOCore - COMODO - C:\Program Files\Comodo\CBOClean\BOCORE.exe
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: COMODO Firewall Pro Helper Service (cmdAgent) - COMODO - C:\Program Files\Comodo\Firewall\cmdagent.exe
O23 - Service: DynDNS Updater Service (DynDNS_Updater_Service) - Kana Solution - C:\Program Files\DynDNS Updater\DynDNS.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LUPLET - Sysinternals - www.sysinternals.com - C:\DOCUME~1\JAMES~1.TIG\LOCALS~1\Temp\LUPLET.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: MailtraqServer - Unknown owner - C:\Program Files\Mailtraq\mtqsvc.exe
O23 - Service: Netropa NHK Server (nhksrv) - Unknown owner - C:\Program Files\Netropa\Multimedia Keyboard\nhksrv.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005\RpcSandraSrv.exe
O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe

--
End of file - 15308 bytes

**hottroc** · 2008-01-31, 20:33

And here is the apps list from HJT:

3Com U.S. Robotics Connections
Active@ ISO Burner v 1.1
ADM Files For XP SP2
Adobe Flash Player 9 ActiveX
Adobe Flash Player ActiveX
Adobe Photoshop CS
Adobe Reader 7.0.9
Adobe Shockwave Player
AutoCAD 2005 - English
AutoCAD 2005 Express Tools Volumes 1-9
Autodesk Architectural 2004 Object Enabler
Autodesk Architectural Desktop 2005
Autodesk DWF Viewer
AVer Teletext
AVerTV
AVG Anti-Rootkit Free
AVG Anti-Spyware 7.5
AVG Free Edition
BOClean
BT Voyager 105 ADSL Modem
Canon Camera Support Core Library
Canon Camera Window for ZoomBrowser EX
Canon Internet Library for ZoomBrowser EX
Canon MovieEdit Task for ZoomBrowser EX
Canon PhotoRecord
Canon RAW Image Task for ZoomBrowser EX
Canon RemoteCapture Task for ZoomBrowser EX
Canon Utilities PhotoStitch 3.1
Canon Utilities ZoomBrowser EX
CD Mate 2.0
Cole2k Media - Codec Pack (Standard) 6.0.9
COMODO Firewall Pro
conexant soft56k Data FAX Modem
CuteFTP 8 Professional
CyberKit
ddoc Print and Preview v1.6a
Disc2Phone
DivX Codec
DivX Content Uploader
DivX Converter
DivX Player
DivX Web Player
Dorgem 2.1.0
DynDNS Updater 3.1
eMule
ESET Online Scanner
Family Tree Maker 2006
FilterSDK
Google Earth
Google Updater
Guitar Power 1.5.0
GuitarFX 3
High Definition Audio Driver Package - KB888111
HijackThis 2.0.2
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB914440)
Hotfix for Windows XP (KB915865)
Hotfix for Windows XP (KB916089)
Hotfix for Windows XP (KB926239)
Hotfix for Windows XP (KB935448)
hp deskjet 5550 series
hp deskjet 5550 series (Remove only)
HP Driver Diagnostics
HP Imaging Device Functions 5.3
HP Photosmart 330,380,420,470,7800,8000,8200 Series
HP Photosmart Essential
HP Software Update
HP Solution Center & Imaging Support Tools 5.3
Huge Pine USB to UART Driver
ICQ
ICQ6
Intel(R) Graphics Media Accelerator Driver
IsoBuster 1.9.1
J2SE Runtime Environment 5.0 Update 10
J2SE Runtime Environment 5.0 Update 11
J2SE Runtime Environment 5.0 Update 9
Java(TM) 6 Update 2
Java(TM) 6 Update 3
Java(TM) SE Runtime Environment 6 Update 1
Kaspersky Online Scanner
Kazaa Lite 2.6.1
K-Lite Codec Pack 2.81 Full
Logitech Audio Echo Cancellation Component
Logitech QuickCam
Logitech® Camera Driver
Mailtraq
ManyCam 2.1 (remove only)
MetFileRegenerator v3.0.16
MGI PhotoSuite
MGI PhotoSuite II SE (Remove Only)
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB928366)
Microsoft .NET Framework 2.0 Service Pack 1
Microsoft .NET Framework 3.0 Service Pack 1
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Document Explorer 2005
Microsoft Document Explorer 2005
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office Professional Edition 2003
Microsoft SQL Server 2005
Microsoft SQL Server 2005 Express Edition (SQLEXPRESS)
Microsoft SQL Server 2005 Tools Express Edition
Microsoft SQL Server Management Studio Express
Microsoft SQL Server Native Client
Microsoft SQL Server Setup Support Files (English)
Microsoft SQL Server VSS Writer
Microsoft Tool Web Package:GPOTOOL.EXE
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Virtual PC 2007
Microsoft Visual Basic 6.0 Professional Edition
Microsoft Visual Basic PowerPacks 2.0
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual J# .NET Redistributable Package 1.1
Microsoft Visual Studio .NET 2003 Hotfix (KB841870)
Microsoft Visual Studio .NET Professional 2003 - English
Microsoft Web Publishing Wizard 1.53
Microsoft Windows XP Inside Out eBook
mIRC
MixPad
MSDN Library - Visual Studio 6.0a
MSDN Library for Visual Studio 2005
MSDN Library for Visual Studio 2005
MSRS Recording System Uninstall
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 6.0 Parser (KB933579)
MVision
My DSC
NCH Toolbox Uninstall
Office Keyboard
Panda ActiveScan
Panda TotalScan
Paragon Partition Manager 8.0 Personal
PDF Printer Pilot SE 1.21
PitchPerfect Uninstall
PowerDVD
Process Master 1.1
QuickTime
REALTEK Gigabit and Fast Ethernet NIC Driver
Realtek High Definition Audio Driver
Registry Mechanic 6.0
Security Update for Windows Internet Explorer 7 (KB928090)
Security Update for Windows Internet Explorer 7 (KB929969)
Security Update for Windows Internet Explorer 7 (KB931768)
Security Update for Windows Internet Explorer 7 (KB933566)
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows Media Player 9 (KB917734)
Security Update for Windows XP (KB890046)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB896424)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899589)
Security Update for Windows XP (KB899591)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB904706)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB911562)
Security Update for Windows XP (KB911567)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB912919)
Security Update for Windows XP (KB913433)
Security Update for Windows XP (KB913580)
Security Update for Windows XP (KB914388)
Security Update for Windows XP (KB914389)
Security Update for Windows XP (KB917344)
Security Update for Windows XP (KB917422)
Security Update for Windows XP (KB917537)
Security Update for Windows XP (KB917953)
Security Update for Windows XP (KB918118)
Security Update for Windows XP (KB918439)
Security Update for Windows XP (KB918899)
Security Update for Windows XP (KB919007)
Security Update for Windows XP (KB920213)
Security Update for Windows XP (KB920214)
Security Update for Windows XP (KB920670)
Security Update for Windows XP (KB920683)
Security Update for Windows XP (KB920685)
Security Update for Windows XP (KB921398)
Security Update for Windows XP (KB921503)
Security Update for Windows XP (KB921883)
Security Update for Windows XP (KB922616)
Security Update for Windows XP (KB922819)
Security Update for Windows XP (KB923191)
Security Update for Windows XP (KB923414)
Security Update for Windows XP (KB923694)
Security Update for Windows XP (KB923810)
Security Update for Windows XP (KB923980)
Security Update for Windows XP (KB924191)
Security Update for Windows XP (KB924270)
Security Update for Windows XP (KB924496)
Security Update for Windows XP (KB924667)
Security Update for Windows XP (KB925486)
Security Update for Windows XP (KB925902)
Security Update for Windows XP (KB926247)
Security Update for Windows XP (KB926255)
Security Update for Windows XP (KB926436)
Security Update for Windows XP (KB927779)
Security Update for Windows XP (KB927802)
Security Update for Windows XP (KB928255)
Security Update for Windows XP (KB928843)
Security Update for Windows XP (KB929123)
Security Update for Windows XP (KB930178)
Security Update for Windows XP (KB931261)
Security Update for Windows XP (KB931784)
Security Update for Windows XP (KB932168)
Security Update for Windows XP (KB933729)
Security Update for Windows XP (KB935839)
Security Update for Windows XP (KB935840)
Security Update for Windows XP (KB936021)
Security Update for Windows XP (KB937894)
Security Update for Windows XP (KB938829)
Security Update for Windows XP (KB939373)
Security Update for Windows XP (KB941202)
Security Update for Windows XP (KB941568)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB941644)
Security Update for Windows XP (KB943460)
Security Update for Windows XP (KB943485)
Security Update for Windows XP (KB944653)
Self Test Practice Test Engine
Self Test Software: Exam 70-290
SmartFTP
Sonic Audio module
Sonic DLA
Sonic MyDVD LE
Sonic RecordNow Copy
Sonic RecordNow Data
Sonic Update Manager
Sony Ericsson PC Suite 1.20.224
SoundTap
Spybot - Search & Destroy 1.4
SpywareBlaster v3.5.1
SRTalkV1.0 (remove only)
SUPERAntiSpyware Free Edition
Symantec pcAnywhere
The Rosetta Stone
TrackerCam
UMVPLStandalone
Update for Windows XP (KB894391)
Update for Windows XP (KB898461)
Update for Windows XP (KB900485)
Update for Windows XP (KB900930)
Update for Windows XP (KB904942)
Update for Windows XP (KB908531)
Update for Windows XP (KB910437)
Update for Windows XP (KB911280)
Update for Windows XP (KB916595)
Update for Windows XP (KB920342)
Update for Windows XP (KB920872)
Update for Windows XP (KB922582)
Update for Windows XP (KB925720)
Update for Windows XP (KB927891)
Update for Windows XP (KB929338)
Update for Windows XP (KB930916)
Update for Windows XP (KB931836)
Update for Windows XP (KB933360)
Update for Windows XP (KB936357)
Update for Windows XP (KB938828)
Update for Windows XP (KB942763)
User Profile Hive Cleanup Service
VideoLAN VLC media player 0.8.5
Visioneer 7600 USB Scanner Driver
Visioneer PaperPort 6.1
Voyager 105 ADSL Modem
WavePad Uninstall
WIDCOMM Bluetooth Software
Windows Defender
Windows Imaging Component
Windows Installer 3.1 (KB893803)
Windows Installer Clean Up
Windows Internet Explorer 7
Windows Live Messenger
Windows Media Format 11 runtime
Windows Media Format 11 runtime
Windows Media Player 11
Windows Media Player 11
Windows Presentation Foundation
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB885884
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB891781
WinPcap 3.0
X-Copy Pro

Admittedly there is some unused junk on there and I need to do a cleanup. There are also 1 or 2 I don't recognise, and some that don't work. But most stuff I use from time to time.

Thanks for your ongoing help.

**katana** · 2008-01-31, 20:45

That looks fine

You can start reinstalling your programs whenever you are ready now

Your Java and Adobe is out of date. Older versions have vulnerabilities that malware can use to infect your system.

Please follow these steps to remove older version Java and Adobe components and update.

Updating Java:

Download the latest version of Java Runtime Environment (JRE) 6u4 from http://java.sun.com/javase/downloads/index.jsp
Scroll down to where it says "The J2SE Runtime Environment (JRE) allows end-users to run Java applications".
Click the "Download" button to the right.
Check the box that says: "Accept License Agreement".
The page will refresh.
Click on the link to download Windows Offline Installation with or without Multi-language and save to your desktop.

Update Adobe Acrobat Reader

Please go to this link Adobe Acrobat Reader Download Link
Cllick Download
On the right Untick Adobe Phototshop Album Starter Edition if you do not wish to include this in the installation.
Click the Continue button
Click Run, and click Run again
Next click the Install Now button and follow the on screen prompts

Now close all windows, including your browser.
Double click on the Java installation that you downloaded and follow the prompts.

Remove Programs
Now click Start---Control Panel. Double click Add or Remove Programs. If any of the following programs are listed there,
click on the program to highlight it, and click on remove.

Adobe Reader 7.0.9
J2SE Runtime Environment 5.0 Update 10
J2SE Runtime Environment 5.0 Update 11
J2SE Runtime Environment 5.0 Update 9
Java(TM) 6 Update 2
Java(TM) 6 Update 3
Java(TM) SE Runtime Environment 6 Update 1

Now close the Control Panel.

Reboot your machine.

For the programs that don't work, and the ones that you want to remove I will give you a link to CCleaner shortly.
It can run the uninstall for the programs, and if the files have already been deleted then it can remove the entry from the list
Do you have any other problems ?

**hottroc** · 2008-01-31, 22:01

You can start reinstalling your programs whenever you are ready now

Should I uninstall first or can I do a "Repair" install for things like AVG and Comodo firewall (hopefully to prevent having to re-learn my firewall)?

And I am getting the message from AVG Anti-spyware about being unable to make a connection to the service.
Presumably I will need to re-install that too? (though I may ditch it and use SuperAntiSpyware instead)

Also still getting the following:
Application Launcher.exe - Unable to Locate Component
This application has failed to start because Telecalib_logging.dll was not found. Re-installing the application may fix this problem.

I think Application Launcher.exe is part of my Sony Ericsson data suite hence legit.

Should I reinstall that too?

I updated my Acrobat Reader as recommended (which removed its older version).
And I installed the new Java as stated then removed all the old ones via Cont. Panel. (but not tested yet!)

Finally and maybe more importantly I am a bit concerned that the startup is still as in my first post ie taking much longer than normal. It is between the POST/BIOS and the Boot Menu, now taking a couple of mins, whereas before it was seconds.
Is there any other checks I should do?

**katana** · 2008-01-31, 23:27

Any program that has a repair function then it is fine to use it,
any other programs you will need to reinstall.

Telecalib_logging.dll was not found. missing seems tbe a common problem, try reinstalling it and see if that works.

Let's see if we can get a bit more info about the boot problem
Download Deckard's System Scanner (DSS) to your Desktop. Note: You must be logged onto an account with administrator privileges.

Close all applications and windows.
Double-click on dss.exe to run it, and follow the prompts.
When the scan is complete, two text files will open - main.txt <- this one will be maximized and extra.txt<-this one will be minimized
Copy (Ctrl+A then Ctrl+C) and paste (Ctrl+V) the contents of main.txt and the extra.txt to your post. in your reply

Thread: Help on Malware removal - SpybotSD not a valid Win32 application

Thread Tools

Display

Posting Permissions