Page 2 of 8 FirstFirst 123456 ... LastLast
Results 11 to 20 of 75

Thread: How do I remove ZLOB malware

  1. #11
    Security Expert: Emeritus
    Join Date
    Oct 2006
    Location
    Finland
    Posts
    29,374

    Default

    No unfortunately it is not gone as it is running.

    To access the Uninstall Manager you would do the following:

    1. Start HijackThis
    2. Click on the Config button
    3. Click on the Misc Tools button
    4. Click on the Open Uninstall Manager button.

    You will now be presented with a screen similar to the one below:



    5. Click on the Save list... button and specify where you would like to save this file. When you press Save button a notepad will open with the contents of that file. Simply copy and paste the contents of that notepad here on your next reply.
    Microsoft MVP Consumer Security 2008-2011

    Member of ASAP and UNITE since 2006

  2. #12
    Member
    Join Date
    Jul 2009
    Location
    University Place, Wa 98466
    Posts
    61

    Cool Zlob as requested

    6.4.9.0
    Adobe Acrobat 5.0
    Adobe Flash Player 10 ActiveX
    Adobe Reader 7.1.0
    Adobe Type Manager 4.0
    Advanced Registry Optimizer
    AI RoboForm (All Users)
    Apple Mobile Device Support
    Apple Software Update
    Applian FLV Player
    aspi
    Camel's MPEGJoin
    Camel's MPEGJoin (g:\)
    CCHelp
    CCleaner (remove only)
    CCScore
    CinemaNow Media Manager
    CinemaNow Media Manager
    COMODO Registry Cleaner 1.0.17.23
    CR2
    Critical Update for Windows Media Player 11 (KB959772)
    CyberLink PowerDVD 9
    CyberLink PowerDVD 9
    DataGaurd 2009 Pro
    Defraggler (remove only)
    DivX Codec
    DivX Converter
    DivX Player
    DivX Plus DirectShow Filters
    DivX Web Player
    Driver Detective
    E.M. Youtube Video Download Tool 2.55
    ERUNT 1.1j
    ESSAdpt
    ESSANUP
    ESSBrwr
    ESSCAM
    ESSCDBK
    ESScore
    ESSCT
    ESSgui
    ESShelp
    ESSini
    ESSPCD
    ESSTUTOR
    ESSvpaht
    ESSvpot
    Free FLV Player
    GamingHarbor Toolbar
    GamingHarbor Toolbar
    Google Talk (remove only)
    Highlight Viewer (Windows Live Toolbar)
    HighMAT Extension to Microsoft Windows XP CD Writing Wizard
    HijackThis 2.0.2
    HLPCCTR
    HLPIndex
    Hotfix for Windows Media Format 11 SDK (KB929399)
    Hotfix for Windows XP (KB896344)
    Hotfix for Windows XP (KB914440)
    Hotfix for Windows XP (KB915865)
    Hotfix for Windows XP (KB926239)
    Hotfix for Windows XP (KB935448)
    Hotfix for Windows XP (KB952287)
    HP PrecisionScan
    ICQ6
    InCD (Ahead Software)
    Internet Download Manager
    iTunes
    J2SE Runtime Environment 5.0 Update 1
    J2SE Runtime Environment 5.0 Update 11
    J2SE Runtime Environment 5.0 Update 6
    Java(TM) 6 Update 2
    Java(TM) 6 Update 7
    Java(TM) SE Runtime Environment 6 Update 1
    Join (Merge, Combine) Multiple FLV Files Into One Software 7.0
    Kate's Video Joiner
    Lexmark 640 Series
    Logitech Audio Echo Cancellation Component
    Logitech Desktop Messenger
    Logitech Legacy USB Camera Driver Package
    Logitech QuickCam
    Logitech QuickCam Driver Package
    Logitech SetPoint
    Logitech Video Enumerator
    Macromedia Shockwave Player
    ManageEngine NetFlow Analyzer 7
    Map Button (Windows Live Toolbar)
    McAfee SecurityCenter
    Microsoft .NET Framework 1.1
    Microsoft .NET Framework 1.1
    Microsoft .NET Framework 1.1 Hotfix (KB928366)
    Microsoft .NET Framework 2.0
    Microsoft Compression Client Pack 1.0 for Windows XP
    Microsoft English TTS Engine
    Microsoft Internationalized Domain Names Mitigation APIs
    Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
    Microsoft Money 2005
    Microsoft National Language Support Downlevel APIs
    Microsoft Office Outlook Connector
    Microsoft Office XP Media Content
    Microsoft Office XP Small Business
    Microsoft Picture It! Express 9
    Microsoft Picture It! Library 9
    Microsoft SQL Server 2005 Compact Edition [ENU]
    Microsoft Streets & Trips 2007
    Microsoft User-Mode Driver Framework Feature Pack 1.0
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    Microsoft Visual C++ Run Time Lib Setup
    Microsoft Windows XP Video Decoder Checkup Utility
    mIRC
    Movica
    Movie Downloader
    Mozilla Firefox (3.0.11)
    MP3 & MPEG Joiner 1.5
    MSN
    MSN Encarta Plus Support Files
    MSXML 4.0 SP2 (KB927978)
    MSXML 4.0 SP2 (KB954430)
    Musicmatch® Jukebox
    MVision
    neroxml
    Netflix Movie Viewer
    Notifier
    OmniPage SE
    OTtBP
    PC ScanAndSweep
    PCDLNCH
    Performance Center
    PowerDVD
    ProSavageDDR and Utilities
    QuickCam
    QuickTime
    RealPlayer
    RegistrySmart
    Rhapsody
    Rhapsody Player Engine
    Riva FLV Player
    River Past DirectShow Detective
    RunAlyzer
    S3Display
    S3Gamma2
    S3Info2
    S3Overlay
    Security Update for CAPICOM (KB931906)
    Security Update for CAPICOM (KB931906)
    Security Update for Step By Step Interactive Training (KB898458)
    Security Update for Windows Internet Explorer 7 (KB938127)
    Security Update for Windows Internet Explorer 7 (KB938127-v2)
    Security Update for Windows Internet Explorer 7 (KB953838)
    Security Update for Windows Internet Explorer 7 (KB956390)
    Security Update for Windows Internet Explorer 7 (KB958215)
    Security Update for Windows Internet Explorer 7 (KB960714)
    Security Update for Windows Internet Explorer 7 (KB961260)
    Security Update for Windows Internet Explorer 8 (KB969897)
    Security Update for Windows Internet Explorer 8 (KB972260)
    Security Update for Windows Media Player (KB911564)
    Security Update for Windows Media Player (KB952069)
    Security Update for Windows Media Player 10 (KB911565)
    Security Update for Windows Media Player 11 (KB936782)
    Security Update for Windows Media Player 11 (KB954154)
    Security Update for Windows Media Player 6.4 (KB925398)
    Security Update for Windows XP (KB883939)
    Security Update for Windows XP (KB890046)
    Security Update for Windows XP (KB893066)
    Security Update for Windows XP (KB893756)
    Security Update for Windows XP (KB896358)
    Security Update for Windows XP (KB896422)
    Security Update for Windows XP (KB896423)
    Security Update for Windows XP (KB896424)
    Security Update for Windows XP (KB896428)
    Security Update for Windows XP (KB896688)
    Security Update for Windows XP (KB899587)
    Security Update for Windows XP (KB899588)
    Security Update for Windows XP (KB899591)
    Security Update for Windows XP (KB900725)
    Security Update for Windows XP (KB901017)
    Security Update for Windows XP (KB901214)
    Security Update for Windows XP (KB902400)
    Security Update for Windows XP (KB903235)
    Security Update for Windows XP (KB904706)
    Security Update for Windows XP (KB905414)
    Security Update for Windows XP (KB905749)
    Security Update for Windows XP (KB905915)
    Security Update for Windows XP (KB908519)
    Security Update for Windows XP (KB911562)
    Security Update for Windows XP (KB911567)
    Security Update for Windows XP (KB911927)
    Security Update for Windows XP (KB912812)
    Security Update for Windows XP (KB912919)
    Security Update for Windows XP (KB913446)
    Security Update for Windows XP (KB913580)
    Security Update for Windows XP (KB914388)
    Security Update for Windows XP (KB914389)
    Security Update for Windows XP (KB916281)
    Security Update for Windows XP (KB917344)
    Security Update for Windows XP (KB917422)
    Security Update for Windows XP (KB917953)
    Security Update for Windows XP (KB918118)
    Security Update for Windows XP (KB918439)
    Security Update for Windows XP (KB919007)
    Security Update for Windows XP (KB920213)
    Security Update for Windows XP (KB920670)
    Security Update for Windows XP (KB920683)
    Security Update for Windows XP (KB920685)
    Security Update for Windows XP (KB922819)
    Security Update for Windows XP (KB923191)
    Security Update for Windows XP (KB923414)
    Security Update for Windows XP (KB923561)
    Security Update for Windows XP (KB923694)
    Security Update for Windows XP (KB923980)
    Security Update for Windows XP (KB924191)
    Security Update for Windows XP (KB924270)
    Security Update for Windows XP (KB924496)
    Security Update for Windows XP (KB924667)
    Security Update for Windows XP (KB925902)
    Security Update for Windows XP (KB926255)
    Security Update for Windows XP (KB926436)
    Security Update for Windows XP (KB927779)
    Security Update for Windows XP (KB927802)
    Security Update for Windows XP (KB928090)
    Security Update for Windows XP (KB928255)
    Security Update for Windows XP (KB928843)
    Security Update for Windows XP (KB929123)
    Security Update for Windows XP (KB930178)
    Security Update for Windows XP (KB931261)
    Security Update for Windows XP (KB931768)
    Security Update for Windows XP (KB931784)
    Security Update for Windows XP (KB932168)
    Security Update for Windows XP (KB933729)
    Security Update for Windows XP (KB935839)
    Security Update for Windows XP (KB935840)
    Security Update for Windows XP (KB936021)
    Security Update for Windows XP (KB938464)
    Security Update for Windows XP (KB938829)
    Security Update for Windows XP (KB941202)
    Security Update for Windows XP (KB941568)
    Security Update for Windows XP (KB941569)
    Security Update for Windows XP (KB941644)
    Security Update for Windows XP (KB941693)
    Security Update for Windows XP (KB943055)
    Security Update for Windows XP (KB943460)
    Security Update for Windows XP (KB943485)
    Security Update for Windows XP (KB944653)
    Security Update for Windows XP (KB945553)
    Security Update for Windows XP (KB946026)
    Security Update for Windows XP (KB946648)
    Security Update for Windows XP (KB948590)
    Security Update for Windows XP (KB948881)
    Security Update for Windows XP (KB950749)
    Security Update for Windows XP (KB950760)
    Security Update for Windows XP (KB950762)
    Security Update for Windows XP (KB950974)
    Security Update for Windows XP (KB951066)
    Security Update for Windows XP (KB951376)
    Security Update for Windows XP (KB951376-v2)
    Security Update for Windows XP (KB951698)
    Security Update for Windows XP (KB951748)
    Security Update for Windows XP (KB952004)
    Security Update for Windows XP (KB952954)
    Security Update for Windows XP (KB953839)
    Security Update for Windows XP (KB954211)
    Security Update for Windows XP (KB954600)
    Security Update for Windows XP (KB955069)
    Security Update for Windows XP (KB956391)
    Security Update for Windows XP (KB956572)
    Security Update for Windows XP (KB956802)
    Security Update for Windows XP (KB956803)
    Security Update for Windows XP (KB956841)
    Security Update for Windows XP (KB957095)
    Security Update for Windows XP (KB957097)
    Security Update for Windows XP (KB958644)
    Security Update for Windows XP (KB958687)
    Security Update for Windows XP (KB958690)
    Security Update for Windows XP (KB959426)
    Security Update for Windows XP (KB960225)
    Security Update for Windows XP (KB960715)
    Security Update for Windows XP (KB960803)
    Security Update for Windows XP (KB961371)
    Security Update for Windows XP (KB961373)
    Security Update for Windows XP (KB961501)
    Security Update for Windows XP (KB968537)
    Security Update for Windows XP (KB969898)
    Security Update for Windows XP (KB970238)
    Security Update for Windows XP (KB971633)
    Security Update for Windows XP (KB973346)
    SFR
    SFR2
    SlowView
    Smart Link 56K V.90 Voice Modem
    Smart Menus (Windows Live Toolbar)
    Spybot - Search & Destroy
    Spybot-S&D Distributed Testing Client
    SpyHunter
    TextBridge Classic 2.0
    TTS Wrapper
    TuneUp Utilities 2007
    TuneUp Utilities 2008
    TVAnts 1.0
    Tweak UI
    Update for Windows Internet Explorer 8 (KB968220)
    Update for Windows XP (KB894391)
    Update for Windows XP (KB896727)
    Update for Windows XP (KB898461)
    Update for Windows XP (KB900485)
    Update for Windows XP (KB904942)
    Update for Windows XP (KB908531)
    Update for Windows XP (KB910437)
    Update for Windows XP (KB911280)
    Update for Windows XP (KB916595)
    Update for Windows XP (KB920872)
    Update for Windows XP (KB922582)
    Update for Windows XP (KB927891)
    Update for Windows XP (KB929338)
    Update for Windows XP (KB930916)
    Update for Windows XP (KB931836)
    Update for Windows XP (KB932823-v3)
    Update for Windows XP (KB933360)
    Update for Windows XP (KB936357)
    Update for Windows XP (KB938828)
    Update for Windows XP (KB942763)
    Update for Windows XP (KB951072-v2)
    Update for Windows XP (KB955839)
    Update for Windows XP (KB967715)
    VC80CRTRedist - 8.0.50727.762
    VCAMCEN
    VIA Rhine-Family Fast Ethernet Adapter
    VideoLAN VLC media player 0.8.6f
    Visual C++ 2008 x86 Runtime - (v9.0.30729)
    Visual C++ 2008 x86 Runtime - v9.0.30729.01
    Windows Imaging Component
    Windows Installer 3.1 (KB893803)
    Windows Internet Explorer 8
    Windows Live Favorites for Windows Live Toolbar
    Windows Live installer
    Windows Live Local Add-in for Microsoft Office Outlook
    Windows Live Mail
    Windows Live Messenger
    Windows Live Photo Gallery
    Windows Live Sign-in Assistant
    Windows Live Toolbar
    Windows Live Toolbar
    Windows Live Toolbar Extension (Windows Live Toolbar)
    Windows Live Writer
    Windows Media Format 11 runtime
    Windows Media Format 11 runtime
    Windows Media Player 11
    Windows Media Player 11
    Windows XP Hotfix - KB873333
    Windows XP Hotfix - KB873339
    Windows XP Hotfix - KB885250
    Windows XP Hotfix - KB885835
    Windows XP Hotfix - KB885836
    Windows XP Hotfix - KB885884
    Windows XP Hotfix - KB886185
    Windows XP Hotfix - KB887472
    Windows XP Hotfix - KB887742
    Windows XP Hotfix - KB887797
    Windows XP Hotfix - KB888113
    Windows XP Hotfix - KB888302
    Windows XP Hotfix - KB890175
    Windows XP Hotfix - KB890859
    Windows XP Hotfix - KB890923
    Windows XP Hotfix - KB891781
    Windows XP Hotfix - KB893086
    WinRAR archiver
    WinZip
    Yahoo! Messenger
    ZC DivX to DVD Creator 6.4.4

  3. #13
    Security Expert: Emeritus
    Join Date
    Oct 2006
    Location
    Finland
    Posts
    29,374

    Default

    Is D another hard drive or another partition?
    Microsoft MVP Consumer Security 2008-2011

    Member of ASAP and UNITE since 2006

  4. #14
    Member
    Join Date
    Jul 2009
    Location
    University Place, Wa 98466
    Posts
    61

    Cool Zlob malwar removal

    "D" is anothr hard drive

  5. #15
    Security Expert: Emeritus
    Join Date
    Oct 2006
    Location
    Finland
    Posts
    29,374

    Default

    So we then remove it manually.

    Copy text below to Notepad and save it as remavg.bat (save it as all files, *.*)

    @ECHO OFF
    sc stop Avg7Alrt
    sc delete Avg7Alrt
    sc stop Avg7UpdSvc
    sc delete Avg7UpdSvc
    del remavg.bat

    It should look like this ->

    Doubleclick remavg.bat; black dos windows will flash, that's normal.

    Reboot.

    Delete these files:

    D:\avgamsvr.exe
    D:\avgupsvc.exe

    Empty Recycle Bin.

    Post back a fresh HijackThis log, please.
    Microsoft MVP Consumer Security 2008-2011

    Member of ASAP and UNITE since 2006

  6. #16
    Member
    Join Date
    Jul 2009
    Location
    University Place, Wa 98466
    Posts
    61

    Cool Zlob removal

    I am not sure I understood your directions. although I believe I was able to delet those files. After saving remavg.bat to the note pad. I went into windows explore found the remavg.bat double click on it and the black screen did flash and then I was right back to where I started. so I went back into windows explorer drive "D" and found D:\avgamsvr.exe & D:\avgupsvc.exe ans deleted them am I ok?
    Randy

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 08:14:51, on 08/01/2009
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v8.00 (8.00.6001.18702)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
    C:\WINDOWS\system32\lxdacoms.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
    c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
    c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
    C:\Program Files\McAfee\VirusScan\McShield.exe
    c:\PROGRA~1\mcafee.com\agent\mcagent.exe
    C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\QuickTime\QTTask.exe
    D:\Program Files\PowerDVD9\PDVD9Serv.exe
    C:\Program Files\Cyberlink\Shared Files\brs.exe
    C:\Program Files\Messenger\msmsgs.exe
    D:\Program Files\Internet Download Manager\IDMan.exe
    C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
    C:\Program Files\SDistTest\SDistTestSvc.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\TUProgSt.exe
    C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
    C:\Program Files\iPod\bin\iPodService.exe
    D:\Program Files\Internet Download Manager\IEMonitor.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\WINDOWS\system32\wuauclt.exe
    C:\Documents and Settings\Owner\Application Data\mjusbsp\magicJack.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
    R3 - URLSearchHook: (no name) - {E38FA08E-F56A-4169-ABF5-5C71E3C153A1} - (no file)
    O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - D:\Program Files\Internet Download Manager\IDMIECC.dll
    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - (no file)
    O2 - BHO: StumbleUpon Launcher - {145B29F4-A56B-4b90-BBAC-45784EBEBBB7} - (no file)
    O2 - BHO: Download Manager Browser Helper Object - {19C8E43B-07B3-49CB-BFFC-6777B593E6F8} - C:\PROGRA~1\COMMON~1\fluxDVD\DOWNLO~1\XEBDLH~1.DLL
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll
    O2 - BHO: RoboForm - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\RoboForm.dll
    O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O2 - BHO: NetAssistantBHO - {E38FA08E-F56A-4169-ABF5-5C71E3C153A1} - (no file)
    O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\RoboForm.dll
    O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - (no file)
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
    O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O3 - Toolbar: (no name) - {5093EB4C-3E93-40AB-9266-B607BA87BDC8} - (no file)
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [RemoteControl9] "D:\Program Files\PowerDVD9\PDVD9Serv.exe"
    O4 - HKLM\..\Run: [BDRegion] C:\Program Files\Cyberlink\Shared Files\brs.exe
    O4 - HKLM\..\RunServices: [RegisterDropHandler] C:\PROGRA~1\TEXTBR~1.0\Bin\REGIST~1.EXE
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [cdloader] "C:\Documents and Settings\Owner\Application Data\mjusbsp\cdloader2.exe" MAGICJACK
    O4 - HKCU\..\Run: [IDMan] D:\Program Files\Internet Download Manager\IDMan.exe /onboot
    O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
    O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] D:\avgw.exe /RUNONCE (User 'SYSTEM')
    O4 - HKUS\S-1-5-18\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" (User 'SYSTEM')
    O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] D:\avgw.exe /RUNONCE (User 'Default user')
    O4 - Startup: ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE
    O4 - Startup: Scheduler.lnk.disabled
    O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
    O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
    O8 - Extra context menu item: Customize Menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
    O8 - Extra context menu item: Download All Links with IDM - D:\Program Files\Internet Download Manager\IEGetAll.htm
    O8 - Extra context menu item: Download FLV video content with IDM - D:\Program Files\Internet Download Manager\IEGetVL.htm
    O8 - Extra context menu item: Download with IDM - D:\Program Files\Internet Download Manager\IEExt.htm
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
    O8 - Extra context menu item: Fill Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
    O8 - Extra context menu item: RoboForm Toolbar - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
    O8 - Extra context menu item: Save Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
    O9 - Extra 'Tools' menuitem: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
    O9 - Extra button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
    O9 - Extra 'Tools' menuitem: Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
    O9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
    O9 - Extra 'Tools' menuitem: RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
    O9 - Extra button: StumbleUpon - {75C9223A-409A-4795-A3CA-08DE6B075B4B} - C:\WINDOWS\System32\shdocvw.dll
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
    O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
    O15 - Trusted Zone: http://*.mcafee.com
    O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data Collection Control) - https://support.microsoft.com/OAS/ActiveX/MSDcode.cab
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab
    O16 - DPF: {54823A9D-6BAE-11D5-B519-0050BA2413EB} (ChkDVDCtl Class) - http://www.cyberlink.com/english/cyb...dio/ChkDVD.cab
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1150911803117
    O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} (Crucial cpcScan) - http://www.crucial.com/controls/cpcScanner.cab
    O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAV...oadManager.ocx
    O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/is...18/mcfscan.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{32D26098-F363-49E5-A718-9F82E83DBC5C}: NameServer = 208.67.220.220,208.67.222.222
    O18 - Protocol: bw+0 - {599CCC03-1B0C-4253-8385-6C1868AC8118} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw+0s - {599CCC03-1B0C-4253-8385-6C1868AC8118} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0 - {599CCC03-1B0C-4253-8385-6C1868AC8118} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0s - {599CCC03-1B0C-4253-8385-6C1868AC8118} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00 - {599CCC03-1B0C-4253-8385-6C1868AC8118} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00s - {599CCC03-1B0C-4253-8385-6C1868AC8118} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10 - {599CCC03-1B0C-4253-8385-6C1868AC8118} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10s - {599CCC03-1B0C-4253-8385-6C1868AC8118} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20 - {599CCC03-1B0C-4253-8385-6C1868AC8118} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20s - {599CCC03-1B0C-4253-8385-6C1868AC8118} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30 - {599CCC03-1B0C-4253-8385-6C1868AC8118} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30s - {599CCC03-1B0C-4253-8385-6C1868AC8118} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40 - {599CCC03-1B0C-4253-8385-6C1868AC8118} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40s - {599CCC03-1B0C-4253-8385-6C1868AC8118} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50 - {599CCC03-1B0C-4253-8385-6C1868AC8118} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50s - {599CCC03-1B0C-4253-8385-6C1868AC8118} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60 - {599CCC03-1B0C-4253-8385-6C1868AC8118} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60s - {599CCC03-1B0C-4253-8385-6C1868AC8118} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70 - {599CCC03-1B0C-4253-8385-6C1868AC8118} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70s - {599CCC03-1B0C-4253-8385-6C1868AC8118} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80 - {599CCC03-1B0C-4253-8385-6C1868AC8118} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80s - {599CCC03-1B0C-4253-8385-6C1868AC8118} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90 - {599CCC03-1B0C-4253-8385-6C1868AC8118} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90s - {599CCC03-1B0C-4253-8385-6C1868AC8118} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0 - {599CCC03-1B0C-4253-8385-6C1868AC8118} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0s - {599CCC03-1B0C-4253-8385-6C1868AC8118} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0 - {599CCC03-1B0C-4253-8385-6C1868AC8118} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0s - {599CCC03-1B0C-4253-8385-6C1868AC8118} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0 - {599CCC03-1B0C-4253-8385-6C1868AC8118} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0s - {599CCC03-1B0C-4253-8385-6C1868AC8118} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0 - {599CCC03-1B0C-4253-8385-6C1868AC8118} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0s - {599CCC03-1B0C-4253-8385-6C1868AC8118} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0 - {599CCC03-1B0C-4253-8385-6C1868AC8118} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0s - {599CCC03-1B0C-4253-8385-6C1868AC8118} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0 - {599CCC03-1B0C-4253-8385-6C1868AC8118} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0s - {599CCC03-1B0C-4253-8385-6C1868AC8118} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O18 - Protocol: bwg0 - {599CCC03-1B0C-4253-8385-6C1868AC8118} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwg0s - {599CCC03-1B0C-4253-8385-6C1868AC8118} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0 - {599CCC03-1B0C-4253-8385-6C1868AC8118} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0s - {599CCC03-1B0C-4253-8385-6C1868AC8118} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0 - {599CCC03-1B0C-4253-8385-6C1868AC8118} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0s - {599CCC03-1B0C-4253-8385-6C1868AC8118} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0 - {599CCC03-1B0C-4253-8385-6C1868AC8118} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0s - {599CCC03-1B0C-4253-8385-6C1868AC8118} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0 - {599CCC03-1B0C-4253-8385-6C1868AC8118} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0s - {599CCC03-1B0C-4253-8385-6C1868AC8118} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0 - {599CCC03-1B0C-4253-8385-6C1868AC8118} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0s - {599CCC03-1B0C-4253-8385-6C1868AC8118} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0 - {599CCC03-1B0C-4253-8385-6C1868AC8118} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0s - {599CCC03-1B0C-4253-8385-6C1868AC8118} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0 - {599CCC03-1B0C-4253-8385-6C1868AC8118} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0s - {599CCC03-1B0C-4253-8385-6C1868AC8118} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0 - {599CCC03-1B0C-4253-8385-6C1868AC8118} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0s - {599CCC03-1B0C-4253-8385-6C1868AC8118} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0 - {599CCC03-1B0C-4253-8385-6C1868AC8118} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0s - {599CCC03-1B0C-4253-8385-6C1868AC8118} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0 - {599CCC03-1B0C-4253-8385-6C1868AC8118} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0s - {599CCC03-1B0C-4253-8385-6C1868AC8118} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0 - {599CCC03-1B0C-4253-8385-6C1868AC8118} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0s - {599CCC03-1B0C-4253-8385-6C1868AC8118} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0 - {599CCC03-1B0C-4253-8385-6C1868AC8118} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0s - {599CCC03-1B0C-4253-8385-6C1868AC8118} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0 - {599CCC03-1B0C-4253-8385-6C1868AC8118} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0s - {599CCC03-1B0C-4253-8385-6C1868AC8118} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0 - {599CCC03-1B0C-4253-8385-6C1868AC8118} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0s - {599CCC03-1B0C-4253-8385-6C1868AC8118} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0 - {599CCC03-1B0C-4253-8385-6C1868AC8118} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0s - {599CCC03-1B0C-4253-8385-6C1868AC8118} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0 - {599CCC03-1B0C-4253-8385-6C1868AC8118} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0s - {599CCC03-1B0C-4253-8385-6C1868AC8118} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0 - {599CCC03-1B0C-4253-8385-6C1868AC8118} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0s - {599CCC03-1B0C-4253-8385-6C1868AC8118} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0 - {599CCC03-1B0C-4253-8385-6C1868AC8118} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0s - {599CCC03-1B0C-4253-8385-6C1868AC8118} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0 - {599CCC03-1B0C-4253-8385-6C1868AC8118} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0s - {599CCC03-1B0C-4253-8385-6C1868AC8118} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: offline-8876480 - {599CCC03-1B0C-4253-8385-6C1868AC8118} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O23 - Service: McAfee Application Installer Cleanup (0004531239936051) (0004531239936051mcinstcleanup) - Unknown owner - C:\WINDOWS\TEMP\0004531239936051mcinst.exe (file missing)
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
    O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
    O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
    O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
    O23 - Service: lxda_device - - C:\WINDOWS\system32\lxdacoms.exe
    O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
    O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
    O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VirusScan\mcods.exe
    O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
    O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\McShield.exe
    O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
    O23 - Service: ManageEngine NetFlow Analyzer 7 (netflowanalyzer) - Unknown owner - C:\AdventNet\ME\NetFlow\bin\wrapper.exe (file missing)
    O23 - Service: SpybotSnD Distributed Testing (SDisTestService) - Safer Networking Limited - C:\Program Files\SDistTest\SDistTestSvc.exe
    O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
    O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe

    --
    End of file - 25609 bytes

  7. #17
    Security Expert: Emeritus
    Join Date
    Oct 2006
    Location
    Finland
    Posts
    29,374

    Default

    Yes that is fine.

    Download at your desktop DDS from one of the links below:

    Link 1
    Link 2
    • Double click the tool to run it.
    • A black Screen will open, just read the contents and do nothing.
    • When the tool finish it will open 2 reports.
    • Copy/paste both reports back here and remove DDS from your desktop.
    Microsoft MVP Consumer Security 2008-2011

    Member of ASAP and UNITE since 2006

  8. #18
    Member
    Join Date
    Jul 2009
    Location
    University Place, Wa 98466
    Posts
    61

    Cool Zlob malware removal

    DDS (Ver_09-07-30.01) - NTFSx86
    Run by Owner at 11:31:13.64 on 08/01/2009
    Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_07
    Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.991.456 [GMT -7:00]

    AV: AVG 7.5.476 *On-access scanning disabled* (Outdated) {41564737-3200-1071-989B-0000E87B4FB1}
    AV: McAfee VirusScan *On-access scanning enabled* (Updated) {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}
    FW: Norton AntiVirus *enabled* {990F9400-4CEE-43EA-A83A-D013ADD8EA6E}

    ============== Running Processes ===============

    C:\WINDOWS\system32\svchost -k DcomLaunch
    svchost.exe
    C:\WINDOWS\System32\svchost.exe -k netsvcs
    svchost.exe
    svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
    C:\WINDOWS\Explorer.EXE
    svchost.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
    C:\WINDOWS\system32\lxdacoms.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
    c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
    c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
    C:\Program Files\McAfee\VirusScan\McShield.exe
    c:\PROGRA~1\mcafee.com\agent\mcagent.exe
    C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\QuickTime\QTTask.exe
    D:\Program Files\PowerDVD9\PDVD9Serv.exe
    C:\Program Files\Cyberlink\Shared Files\brs.exe
    C:\Program Files\Messenger\msmsgs.exe
    D:\Program Files\Internet Download Manager\IDMan.exe
    C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
    C:\Program Files\SDistTest\SDistTestSvc.exe
    C:\WINDOWS\System32\svchost.exe -k imgsvc
    C:\WINDOWS\System32\TUProgSt.exe
    C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
    C:\Program Files\iPod\bin\iPodService.exe
    D:\Program Files\Internet Download Manager\IEMonitor.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Documents and Settings\Owner\Application Data\mjusbsp\magicJack.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Documents and Settings\Owner\Desktop\dds.EXE

    ============== Pseudo HJT Report ===============

    uStart Page = about:blank
    uSearch Page =
    uDefault_Page_URL = hxxp://www.msn.com
    uInternet Settings,ProxyOverride = *.local
    mSearchAssistant =
    uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll
    uURLSearchHooks: H - No File
    mURLSearchHooks: H - No File
    mURLSearchHooks: H - No File
    BHO: IDMIEHlprObj Class: {0055c089-8582-441b-a0bf-17b458c2a3a8} - d:\program files\internet download manager\IDMIECC.dll
    BHO: Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll
    BHO: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - Adobe PDF Reader Link Helper
    BHO: {145B29F4-A56B-4b90-BBAC-45784EBEBBB7} - No File
    BHO: Download Manager Browser Helper Object: {19c8e43b-07b3-49cb-bffc-6777b593e6f8} - c:\progra~1\common~1\fluxdvd\downlo~1\XEBDLH~1.DLL
    BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot - search & destroy\SDHelper.dll
    BHO: RoboForm: {724d43a9-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\RoboForm.dll
    BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\program files\mcafee\virusscan\scriptsn.dll
    BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
    BHO: Windows Live Toolbar Helper: {bdbd1dad-c946-4a17-adc1-64b5b4ff55d0} - c:\program files\windows live toolbar\msntb.dll
    BHO: 1 (0x1) - No File
    BHO: {E38FA08E-F56A-4169-ABF5-5C71E3C153A1} - No File
    TB: &RoboForm: {724d43a0-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\RoboForm.dll
    TB: Easy-WebPrint: {327c2873-e90d-4c37-aa9d-10ac9baba46c} -
    TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll
    TB: Windows Live Toolbar: {bdad1dad-c946-4a17-adc1-64b5b4ff55d0} - c:\program files\windows live toolbar\msntb.dll
    TB: {5093EB4C-3E93-40AB-9266-B607BA87BDC8} - No File
    TB: {C7768536-96F8-4001-B1A2-90EE21279187} - No File
    TB: {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No File
    TB: {D0523BB4-21E7-11DD-9AB7-415B56D89593} - No File
    EB: {4528BBE0-4E08-11D5-AD55-00010333D0AD} - No File
    EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File
    uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
    uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
    uRun: [cdloader] "c:\documents and settings\owner\application data\mjusbsp\cdloader2.exe" MAGICJACK
    uRun: [IDMan] d:\program files\internet download manager\IDMan.exe /onboot
    uRun: [Messenger (Yahoo!)] "c:\program files\yahoo!\messenger\YahooMessenger.exe" -quiet
    mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
    mRun: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
    mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
    mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
    mRun: [RemoteControl9] "d:\program files\powerdvd9\PDVD9Serv.exe"
    mRun: [BDRegion] c:\program files\cyberlink\shared files\brs.exe
    mRunServices: [RegisterDropHandler] c:\progra~1\textbr~1.0\bin\REGIST~1.EXE
    dRun: [AVG7_Run] D:\avgw.exe /RUNONCE
    dRun: [RoboForm] "c:\program files\siber systems\ai roboform\RoboTaskBarIcon.exe"
    dRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
    StartupFolder: c:\docume~1\owner\startm~1\programs\startup\erunt autobackup.lnk - c:\program files\erunt\AUTOBACK.EXE
    StartupFolder: c:\documents and settings\owner\start menu\programs\startup\Scheduler.lnk.disabled
    IE: &Windows Live Search - c:\program files\windows live toolbar\msntb.dll/search.htm
    IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
    IE: Customize Menu - file://c:\program files\siber systems\ai roboform\RoboFormComCustomizeIEMenu.html
    IE: Download All Links with IDM - d:\program files\internet download manager\IEGetAll.htm
    IE: Download FLV video content with IDM - d:\program files\internet download manager\IEGetVL.htm
    IE: Download with IDM - d:\program files\internet download manager\IEExt.htm
    IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office10\EXCEL.EXE/3000
    IE: Fill Forms - file://c:\program files\siber systems\ai roboform\RoboFormComFillForms.html
    IE: RoboForm Toolbar - file://c:\program files\siber systems\ai roboform\RoboFormComShowToolbar.html
    IE: Save Forms - file://c:\program files\siber systems\ai roboform\RoboFormComSavePass.html
    IE: {320AF880-6646-11D3-ABEE-C5DBF3571F46} - c:\program files\siber systems\ai roboform\RoboFormComFillForms.html
    IE: {320AF880-6646-11D3-ABEE-C5DBF3571F49} - c:\program files\siber systems\ai roboform\RoboFormComSavePass.html
    IE: {724d43aa-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\RoboFormComShowToolbar.html
    IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
    IE: {E59EB121-F339-4851-A3BA-FE49C35617C2} - c:\program files\icq6\ICQ.exe
    IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
    IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0_07\bin\ssv.dll
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
    IE: {75C9223A-409A-4795-A3CA-08DE6B075B4B} - {145B29F4-A56B-4b90-BBAC-45784EBEBBB7}
    IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot - search & destroy\SDHelper.dll
    Trusted Zone: internet
    Trusted Zone: magicjack.com\my
    Trusted Zone: mcafee.com
    Trusted Zone: talk4free.com\reg
    Trusted Zone: musicmatch.com\online
    DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/templates/ieawsdc.cab
    DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} - hxxps://support.microsoft.com/OAS/ActiveX/MSDcode.cab
    DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/9/b/d/9bdc68ef-6a9f-4505-8fb8-d0d2d160e512/LegitCheckControl.cab
    DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} - hxxp://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab
    DPF: {54823A9D-6BAE-11D5-B519-0050BA2413EB} - hxxp://www.cyberlink.com/english/cyberstore/audiopack/xp_audio/ChkDVD.cab
    DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1150911803117
    DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
    DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} - hxxp://www.crucial.com/controls/cpcScanner.cab
    DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} - hxxps://h17000.www1.hp.com/ewfrf-JAVA/Secure/HPGetDownloadManager.ocx
    DPF: {CAFEEFAC-0015-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_01-windows-i586.cab
    DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
    DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_11-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
    DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
    DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} - hxxp://download.mcafee.com/molbin/iss-loc/mcfscan/2,2,0,5418/mcfscan.cab
    TCP: {32D26098-F363-49E5-A718-9F82E83DBC5C} = 208.67.220.220,208.67.222.222
    Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\logitech\desktop messenger\8876480\program\GAPlugProtocol-8876480.dll
    SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
    SEH: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - No File
    LSA: Notification Packages = scecli scecli scecli

    ================= FIREFOX ===================

    FF - ProfilePath -

    ============= SERVICES / DRIVERS ===============

    R0 BsStor;InCD Storage Helper Driver;c:\windows\system32\drivers\bsstor.sys [2005-9-12 9344]
    R1 ATMhelpr;ATMhelpr;c:\windows\system32\drivers\ATMHELPR.SYS [2008-9-20 4064]
    R1 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2008-12-23 201320]
    R2 {B154377D-700F-42cc-9474-23858FBDF4BD};Power Control [2009/05/03 01:12:42];d:\program files\powerdvd9\000.fcl [2009-3-30 87536]
    R2 DataGuardService;Data Guard Service;c:\windows\system32\dataguard.sys [2009-7-20 49152]
    R2 lxda_device;lxda_device;c:\windows\system32\lxdacoms.exe -service --> c:\windows\system32\lxdacoms.exe -service [?]
    R2 McProxy;McAfee Proxy Service;c:\progra~1\common~1\mcafee\mcproxy\mcproxy.exe [2008-12-23 359248]
    R2 McShield;McAfee Real-time Scanner;c:\program files\mcafee\virusscan\Mcshield.exe [2008-12-23 144704]
    R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0;c:\program files\common files\nero\nero backitup 4\NBService.exe [2008-12-5 935208]
    R2 SDisTestService;SpybotSnD Distributed Testing;c:\program files\sdisttest\SDistTestSvc.exe [2009-7-30 907680]
    R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service;c:\windows\system32\TUProgSt.exe [2009-2-27 603904]
    R3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2008-12-23 79304]
    R3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2008-12-23 35240]
    S0 Lbd;Lbd;c:\windows\system32\drivers\lbd.sys --> c:\windows\system32\drivers\Lbd.sys [?]
    S1 Avg7Core;AVG7 Kernel;c:\windows\system32\drivers\avg7core.sys --> c:\windows\system32\drivers\avg7core.sys [?]
    S1 Avg7RsW;AVG7 Wrap Driver;c:\windows\system32\drivers\avg7rsw.sys --> c:\windows\system32\drivers\avg7rsw.sys [?]
    S1 Avg7RsXP;AVG7 Rezident Driver;c:\windows\system32\drivers\avg7rsxp.sys --> c:\windows\system32\drivers\avg7rsxp.sys [?]
    S1 AvgClean;AVG Clean Driver;c:\windows\system32\drivers\avgclean.sys --> c:\windows\system32\drivers\avgclean.sys [?]
    S2 0004531239936051mcinstcleanup;McAfee Application Installer Cleanup (0004531239936051);c:\windows\temp\0004531239936051mcinst.exe c:\progra~1\common~1\mcafee\installer\cleanup.ini -cleanup -nolog -service --> c:\windows\temp\0004531239936051mcinst.exe c:\progra~1\common~1\mcafee\installer\cleanup.ini -cleanup -nolog -service [?]
    S2 AvgTdi;AVG Network redirector;c:\windows\system32\drivers\avgtdi.sys --> c:\windows\system32\drivers\avgtdi.sys [?]
    S2 netflowanalyzer;ManageEngine NetFlow Analyzer 7;c:\adventnet\me\netflow\bin\wrapper.exe -s c:\adventnet\me\netflow\bin\\..\server\default\conf\wrapper.conf --> c:\adventnet\me\netflow\bin\wrapper.exe -s c:\adventnet\me\netflow\bin\\..\server\default\conf\wrapper.conf [?]
    S3 CMC AntiRootkit Service;CMC AntiRootkit Servic;c:\windows\system32\drivers\cmcantirootkit.sys --> c:\windows\system32\drivers\cmcantirootkit.sys [?]
    S3 KProcWatch;KProcWatch;\??\c:\windows\system32\drivers\kprocwatch.sys --> c:\windows\system32\drivers\KProcWatch.sys [?]
    S3 METROP;Hewlett Packard ScanJet 5300C;c:\windows\system32\drivers\hp53pw2k.sys [2000-5-5 96300]
    S3 mferkdk;McAfee Inc. mferkdk;c:\windows\system32\drivers\mferkdk.sys [2008-12-23 33832]
    S3 mfesmfk;McAfee Inc. mfesmfk;c:\windows\system32\drivers\mfesmfk.sys [2008-12-23 40488]
    S3 NPF;Netgroup Packet Filter;c:\windows\system32\drivers\npf.sys [2008-9-24 42512]
    S4 adwarealert;adwarealert;c:\windows\system32\drivers\adwarealert.sys [2008-3-2 19696]
    S4 BsUDF;InCD UDF Driver;c:\windows\system32\drivers\bsudf.sys [2005-9-12 434944]
    S4 McSysmon;McAfee SystemGuards;c:\progra~1\mcafee\virusscan\mcsysmon.exe [2008-12-23 695624]

    =============== Created Last 30 ================

    2009-08-01 01:02 <DIR> --d----- c:\docume~1\owner\applic~1\INAC
    2009-08-01 01:02 <DIR> --d----- c:\docume~1\alluse~1\applic~1\INAC
    2009-07-31 10:17 1,560 a------- c:\windows\system32\drivers\kgpcpy.cfg
    2009-07-30 08:07 <DIR> --d----- c:\program files\SDistTest
    2009-07-29 17:00 <DIR> -cd-h--- c:\docume~1\alluse~1\applic~1\{FC0EF073-EDB5-4CBE-B92D-5CE9A223F37B}
    2009-07-28 07:41 <DIR> --d----- c:\program files\common files\DivX Shared
    2009-07-25 18:34 <DIR> --d----- c:\program files\Trend Micro
    2009-07-25 17:56 <DIR> --d----- c:\docume~1\owner\applic~1\Malwarebytes
    2009-07-25 17:55 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Malwarebytes
    2009-07-25 17:55 <DIR> --d----- c:\program files\Malwarebytes' Anti-Malware
    2009-07-23 22:02 <DIR> --d----- c:\docume~1\alluse~1\applic~1\SITEguard
    2009-07-23 21:55 <DIR> --d----- c:\program files\common files\iS3
    2009-07-23 21:55 <DIR> --d----- c:\docume~1\alluse~1\applic~1\STOPzilla!
    2009-07-20 13:39 49,152 a------- c:\windows\system32\dataguard.sys
    2009-07-20 13:39 <DIR> --d----- c:\program files\DataGuard
    2009-07-20 11:41 162,304 a------- c:\windows\system32\ztvunrar36.dll
    2009-07-20 11:41 77,312 a------- c:\windows\system32\ztvunace26.dll
    2009-07-20 11:41 69,632 a------- c:\windows\system32\ztvcabinet.dll
    2009-07-20 11:41 <DIR> --d----- c:\docume~1\owner\applic~1\Simply Super Software
    2009-07-20 11:41 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Simply Super Software
    2009-07-20 07:41 <DIR> --d----- c:\program files\Enigma Software Group
    2009-07-19 09:26 <DIR> --d----- C:\!!My Images
    2009-07-18 10:02 <DIR> --d----- c:\program files\Exterminate It!
    2009-07-12 15:10 737,280 a------- c:\windows\iun6002.exe
    2009-07-12 15:10 <DIR> --d----- C:\spywarebegone-fs
    2009-07-12 06:41 <DIR> --d----- c:\program files\Trojan Remover
    2009-07-12 05:39 <DIR> --d----- c:\program files\Free FLV Player
    2009-07-09 00:34 <DIR> --d----- c:\program files\common files\ynshare
    2009-07-04 03:04 0 a---h--- c:\windows\system32\drivers\Msft_Kernel_NuidFltr_01005.Wdf
    2009-07-04 03:04 0 a---h--- c:\windows\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
    2009-07-04 03:02 21,504 a------- c:\windows\system32\drivers\hidserv.dll

    ==================== Find3M ====================

    2009-07-03 10:09 915,456 a------- c:\windows\system32\wininet.dll
    2009-06-18 13:02 1,880 a------- c:\windows\AUTOLNCH.REG
    2009-06-16 07:55 119,808 a------- c:\windows\system32\t2embed.dll
    2009-06-16 07:55 82,432 a------- c:\windows\system32\fontsub.dll
    2009-06-03 12:27 1,290,752 a------- c:\windows\system32\quartz.dll
    2009-05-09 01:14 1,418,120 a------- c:\windows\system32\wdfcoinstaller01005.dll
    2009-05-07 08:44 344,064 a------- c:\windows\system32\localspl.dll
    2009-05-07 08:44 344,064 a------- c:\windows\system32\dllcache\localspl.dll
    2008-11-29 21:20 68,568 a------- c:\docume~1\owner\applic~1\GDIPFONTCACHEV1.DAT
    2007-07-07 19:38 1,568 a------- c:\docume~1\owner\applic~1\mpauth.dat
    1999-01-26 11:01 131,072 a------- c:\documents and settings\owner\CaMPGj.exe
    2005-09-13 21:06 32 a--sh--- c:\windows\{085A70A8-7533-46B8-9CAC-560302DB1A3B}.dat
    2005-09-13 21:06 32 a--sh--- c:\windows\system32\{4786301E-7BA3-4044-A7FF-C16DCDD4FC34}.dat

    ============= FINISH: 11:33:23.67 ===============

    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT

    DDS (Ver_09-07-30.01)

    Microsoft Windows XP Home Edition
    Boot Device: \Device\HarddiskVolume1
    Install Date: 09/09/2005 04:52:55 AM
    System Uptime: 08/01/2009 07:56:51 AM (4 hours ago)

    Motherboard: MICRO-STAR INTERNATIONAL CO., LTD | | MS-7095
    Processor: Intel(R) Celeron(R) CPU 2.40GHz | Socket 478 | 2400/100mhz

    ==== Disk Partitions =========================

    A: is Removable
    C: is FIXED (NTFS) - 112 GiB total, 67.833 GiB free.
    D: is FIXED (FAT32) - 114 GiB total, 72.698 GiB free.
    E: is CDROM ()
    F: is Removable
    X: is CDROM (CDFS)

    ==== Disabled Device Manager Items =============

    Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
    Description: VIA Rhine II Fast Ethernet Adapter
    Device ID: PCI\VEN_1106&DEV_3065&SUBSYS_70951462&REV_78\3&13C0B0C5&0&90
    Manufacturer: VIA Technologies, Inc.
    Name: VIA Rhine II Fast Ethernet Adapter
    PNP Device ID: PCI\VEN_1106&DEV_3065&SUBSYS_70951462&REV_78\3&13C0B0C5&0&90
    Service: FETND5BV

    Class GUID: {4D36E96F-E325-11CE-BFC1-08002BE10318}
    Description: Logitech-compatible Mouse PS/2
    Device ID: ACPI\PNP0F13\3&13C0B0C5&0
    Manufacturer: Logitech
    Name: Logitech-compatible Mouse PS/2
    PNP Device ID: ACPI\PNP0F13\3&13C0B0C5&0
    Service: i8042prt

    Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
    Description: VIA VT86C100A Rhine Fast Ethernet Adapter
    Device ID: ROOT\NET\0000
    Manufacturer: VIA Technologies, Inc.
    Name: VIA VT86C100A Rhine Fast Ethernet Adapter
    PNP Device ID: ROOT\NET\0000
    Service: FETND5BV

    ==== System Restore Points ===================

    RP1: 07/27/2009 04:04:40 PM - System Checkpoint
    RP2: 07/27/2009 04:18:18 PM - Software Distribution Service 3.0
    RP3: 07/28/2009 03:01:02 AM - Software Distribution Service 3.0
    RP4: 07/29/2009 03:01:04 AM - Software Distribution Service 3.0
    RP5: 07/30/2009 03:00:51 AM - Software Distribution Service 3.0
    RP6: 07/31/2009 03:01:33 AM - Software Distribution Service 3.0
    RP7: 07/31/2009 09:27:19 AM - Avira AntiVir Personal - 07/31/2009 09:27
    RP8: 07/31/2009 01:17:37 PM - Removed STOPzilla. Available with Windows Installer version 1.2 and later.
    RP9: 07/31/2009 01:30:55 PM - Removed SUPERAntiSpyware Free Edition
    RP10: 08/01/2009 01:06:53 AM - Removed Bonjour
    RP11: 08/01/2009 03:00:42 AM - Software Distribution Service 3.0

    ==== Installed Programs ======================

    6.4.9.0
    AAC Decoder
    Adobe Acrobat 5.0
    Adobe Flash Player 10 ActiveX
    Adobe Reader 7.1.0
    Adobe Type Manager 4.0
    Advanced Registry Optimizer
    Advertising Center
    AI RoboForm (All Users)
    Apple Mobile Device Support
    Apple Software Update
    Applian FLV Player
    aspi
    AutoUpdate
    Camel's MPEGJoin
    Camel's MPEGJoin (g:\)
    CCHelp
    CCleaner (remove only)
    CCScore
    CinemaNow Media Manager
    COMODO Registry Cleaner 1.0.17.23
    CR2
    Critical Update for Windows Media Player 11 (KB959772)
    CyberLink PowerDVD 9
    DataGaurd 2009 Pro
    Defraggler (remove only)
    DIGOpt
    DIGReqEx
    DivX Codec
    DivX Converter
    DivX Player
    DivX Plus DirectShow Filters
    DivX Version Checker
    DivX Web Player
    Driver Detective
    E.M. Youtube Video Download Tool 2.55
    ERUNT 1.1j
    ESSAdpt
    ESSANUP
    ESSBrwr
    ESSCAM
    ESSCDBK
    ESScore
    ESSCT
    ESSgui
    ESShelp
    ESSini
    ESSPCD
    ESSTUTOR
    ESSvpaht
    ESSvpot
    Free FLV Player
    GamingHarbor Toolbar
    Google Talk (remove only)
    H.264 Decoder
    Highlight Viewer (Windows Live Toolbar)
    HighMAT Extension to Microsoft Windows XP CD Writing Wizard
    HijackThis 2.0.2
    HLPCCTR
    HLPIndex
    Hotfix for Windows Media Format 11 SDK (KB929399)
    Hotfix for Windows XP (KB896344)
    Hotfix for Windows XP (KB914440)
    Hotfix for Windows XP (KB915865)
    Hotfix for Windows XP (KB926239)
    Hotfix for Windows XP (KB935448)
    Hotfix for Windows XP (KB952287)
    HP PrecisionScan
    ICQ6
    ImagXpress
    InCD (Ahead Software)
    Internet Download Manager
    iTunes
    J2SE Runtime Environment 5.0 Update 1
    J2SE Runtime Environment 5.0 Update 11
    J2SE Runtime Environment 5.0 Update 6
    Java(TM) 6 Update 2
    Java(TM) 6 Update 7
    Java(TM) SE Runtime Environment 6 Update 1
    Join (Merge, Combine) Multiple FLV Files Into One Software 7.0
    Kate's Video Joiner
    Lexmark 640 Series
    Logitech Audio Echo Cancellation Component
    Logitech Desktop Messenger
    Logitech Legacy USB Camera Driver Package
    Logitech QuickCam
    Logitech QuickCam Driver Package
    Logitech SetPoint
    Logitech Video Enumerator
    Macromedia Shockwave Player
    ManageEngine NetFlow Analyzer 7
    Map Button (Windows Live Toolbar)
    McAfee SecurityCenter
    Microsoft .NET Framework 1.1
    Microsoft .NET Framework 1.1 Hotfix (KB928366)
    Microsoft .NET Framework 2.0
    Microsoft Compression Client Pack 1.0 for Windows XP
    Microsoft English TTS Engine
    Microsoft Internationalized Domain Names Mitigation APIs
    Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
    Microsoft Money 2005
    Microsoft National Language Support Downlevel APIs
    Microsoft Office Outlook Connector
    Microsoft Office XP Media Content
    Microsoft Office XP Small Business
    Microsoft Picture It! Express 9
    Microsoft Picture It! Library 9
    Microsoft SQL Server 2005 Compact Edition [ENU]
    Microsoft Streets & Trips 2007
    Microsoft User-Mode Driver Framework Feature Pack 1.0
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    Microsoft Visual C++ Run Time Lib Setup
    Microsoft Windows XP Video Decoder Checkup Utility
    Microsoft XML Parser
    mIRC
    MKV Splitter
    Movica
    Movie Downloader
    Mozilla Firefox (3.0.11)
    MP3 & MPEG Joiner 1.5
    MSN
    MSN Encarta Plus Support Files
    MSXML 4.0 SP2 (KB927978)
    MSXML 4.0 SP2 (KB954430)
    Musicmatch® Jukebox
    MVision
    Nero BurnRights
    Nero CoverDesigner
    Nero DriveSpeed
    Nero InfoTool
    Nero Recode
    Nero Rescue Agent
    Nero ShowTime
    Nero StartSmart
    Nero Vision
    Nero WaveEditor
    NeroBurningROM
    NeroExpress
    neroxml
    Netflix Movie Viewer
    Notifier
    OmniPage SE
    OTtBP
    PC ScanAndSweep
    PCDLNCH
    Performance Center
    PowerDVD
    ProSavageDDR and Utilities
    QuickCam
    QuickTime
    RealPlayer
    RegistrySmart
    Rhapsody
    Rhapsody Player Engine
    Riva FLV Player
    River Past DirectShow Detective
    RunAlyzer
    S3Display
    S3Gamma2
    S3Info2
    S3Overlay
    Security Update for CAPICOM (KB931906)
    Security Update for Step By Step Interactive Training (KB898458)
    Security Update for Windows Internet Explorer 7 (KB938127-v2)
    Security Update for Windows Internet Explorer 7 (KB938127)
    Security Update for Windows Internet Explorer 7 (KB953838)
    Security Update for Windows Internet Explorer 7 (KB956390)
    Security Update for Windows Internet Explorer 7 (KB958215)
    Security Update for Windows Internet Explorer 7 (KB960714)
    Security Update for Windows Internet Explorer 7 (KB961260)
    Security Update for Windows Internet Explorer 8 (KB969897)
    Security Update for Windows Internet Explorer 8 (KB972260)
    Security Update for Windows Media Player (KB911564)
    Security Update for Windows Media Player (KB952069)
    Security Update for Windows Media Player 10 (KB911565)
    Security Update for Windows Media Player 11 (KB936782)
    Security Update for Windows Media Player 11 (KB954154)
    Security Update for Windows Media Player 6.4 (KB925398)
    Security Update for Windows XP (KB883939)
    Security Update for Windows XP (KB890046)
    Security Update for Windows XP (KB893066)
    Security Update for Windows XP (KB893756)
    Security Update for Windows XP (KB896358)
    Security Update for Windows XP (KB896422)
    Security Update for Windows XP (KB896423)
    Security Update for Windows XP (KB896424)
    Security Update for Windows XP (KB896428)
    Security Update for Windows XP (KB896688)
    Security Update for Windows XP (KB899587)
    Security Update for Windows XP (KB899588)
    Security Update for Windows XP (KB899591)
    Security Update for Windows XP (KB900725)
    Security Update for Windows XP (KB901017)
    Security Update for Windows XP (KB901214)
    Security Update for Windows XP (KB902400)
    Security Update for Windows XP (KB903235)
    Security Update for Windows XP (KB904706)
    Security Update for Windows XP (KB905414)
    Security Update for Windows XP (KB905749)
    Security Update for Windows XP (KB905915)
    Security Update for Windows XP (KB908519)
    Security Update for Windows XP (KB911562)
    Security Update for Windows XP (KB911567)
    Security Update for Windows XP (KB911927)
    Security Update for Windows XP (KB912812)
    Security Update for Windows XP (KB912919)
    Security Update for Windows XP (KB913446)
    Security Update for Windows XP (KB913580)
    Security Update for Windows XP (KB914388)
    Security Update for Windows XP (KB914389)
    Security Update for Windows XP (KB916281)
    Security Update for Windows XP (KB917344)
    Security Update for Windows XP (KB917422)
    Security Update for Windows XP (KB917953)
    Security Update for Windows XP (KB918118)
    Security Update for Windows XP (KB918439)
    Security Update for Windows XP (KB919007)
    Security Update for Windows XP (KB920213)
    Security Update for Windows XP (KB920670)
    Security Update for Windows XP (KB920683)
    Security Update for Windows XP (KB920685)
    Security Update for Windows XP (KB922819)
    Security Update for Windows XP (KB923191)
    Security Update for Windows XP (KB923414)
    Security Update for Windows XP (KB923561)
    Security Update for Windows XP (KB923694)
    Security Update for Windows XP (KB923980)
    Security Update for Windows XP (KB924191)
    Security Update for Windows XP (KB924270)
    Security Update for Windows XP (KB924496)
    Security Update for Windows XP (KB924667)
    Security Update for Windows XP (KB925902)
    Security Update for Windows XP (KB926255)
    Security Update for Windows XP (KB926436)
    Security Update for Windows XP (KB927779)
    Security Update for Windows XP (KB927802)
    Security Update for Windows XP (KB928090)
    Security Update for Windows XP (KB928255)
    Security Update for Windows XP (KB928843)
    Security Update for Windows XP (KB929123)
    Security Update for Windows XP (KB930178)
    Security Update for Windows XP (KB931261)
    Security Update for Windows XP (KB931768)
    Security Update for Windows XP (KB931784)
    Security Update for Windows XP (KB932168)
    Security Update for Windows XP (KB933729)
    Security Update for Windows XP (KB935839)
    Security Update for Windows XP (KB935840)
    Security Update for Windows XP (KB936021)
    Security Update for Windows XP (KB938464)
    Security Update for Windows XP (KB938829)
    Security Update for Windows XP (KB941202)
    Security Update for Windows XP (KB941568)
    Security Update for Windows XP (KB941569)
    Security Update for Windows XP (KB941644)
    Security Update for Windows XP (KB941693)
    Security Update for Windows XP (KB943055)
    Security Update for Windows XP (KB943460)
    Security Update for Windows XP (KB943485)
    Security Update for Windows XP (KB944653)
    Security Update for Windows XP (KB945553)
    Security Update for Windows XP (KB946026)
    Security Update for Windows XP (KB946648)
    Security Update for Windows XP (KB948590)
    Security Update for Windows XP (KB948881)
    Security Update for Windows XP (KB950749)
    Security Update for Windows XP (KB950760)
    Security Update for Windows XP (KB950762)
    Security Update for Windows XP (KB950974)
    Security Update for Windows XP (KB951066)
    Security Update for Windows XP (KB951376-v2)
    Security Update for Windows XP (KB951376)
    Security Update for Windows XP (KB951698)
    Security Update for Windows XP (KB951748)
    Security Update for Windows XP (KB952004)
    Security Update for Windows XP (KB952954)
    Security Update for Windows XP (KB953839)
    Security Update for Windows XP (KB954211)
    Security Update for Windows XP (KB954600)
    Security Update for Windows XP (KB955069)
    Security Update for Windows XP (KB956391)
    Security Update for Windows XP (KB956572)
    Security Update for Windows XP (KB956802)
    Security Update for Windows XP (KB956803)
    Security Update for Windows XP (KB956841)
    Security Update for Windows XP (KB957095)
    Security Update for Windows XP (KB957097)
    Security Update for Windows XP (KB958644)
    Security Update for Windows XP (KB958687)
    Security Update for Windows XP (KB958690)
    Security Update for Windows XP (KB959426)
    Security Update for Windows XP (KB960225)
    Security Update for Windows XP (KB960715)
    Security Update for Windows XP (KB960803)
    Security Update for Windows XP (KB961371)
    Security Update for Windows XP (KB961373)
    Security Update for Windows XP (KB961501)
    Security Update for Windows XP (KB968537)
    Security Update for Windows XP (KB969898)
    Security Update for Windows XP (KB970238)
    Security Update for Windows XP (KB971633)
    Security Update for Windows XP (KB973346)
    SFR
    SFR2
    SlowView
    Smart Link 56K V.90 Voice Modem
    Smart Menus (Windows Live Toolbar)
    SmartDraw 2009
    SoundTrax
    Spybot-S&D Distributed Testing Client
    Spybot - Search & Destroy
    SpyHunter
    TextBridge Classic 2.0
    TTS Wrapper
    TuneUp Utilities 2007
    TuneUp Utilities 2008
    TVAnts 1.0
    Tweak UI
    Update for Windows Internet Explorer 8 (KB968220)
    Update for Windows XP (KB894391)
    Update for Windows XP (KB896727)
    Update for Windows XP (KB898461)
    Update for Windows XP (KB900485)
    Update for Windows XP (KB904942)
    Update for Windows XP (KB908531)
    Update for Windows XP (KB910437)
    Update for Windows XP (KB911280)
    Update for Windows XP (KB916595)
    Update for Windows XP (KB920872)
    Update for Windows XP (KB922582)
    Update for Windows XP (KB927891)
    Update for Windows XP (KB929338)
    Update for Windows XP (KB930916)
    Update for Windows XP (KB931836)
    Update for Windows XP (KB932823-v3)
    Update for Windows XP (KB933360)
    Update for Windows XP (KB936357)
    Update for Windows XP (KB938828)
    Update for Windows XP (KB942763)
    Update for Windows XP (KB951072-v2)
    Update for Windows XP (KB955839)
    Update for Windows XP (KB967715)
    VC80CRTRedist - 8.0.50727.762
    VCAMCEN
    VIA Rhine-Family Fast Ethernet Adapter
    VideoLAN VLC media player 0.8.6f
    Visual C++ 2008 x86 Runtime - (v9.0.30729)
    Visual C++ 2008 x86 Runtime - v9.0.30729.01
    WebFldrs XP
    Windows Genuine Advantage Validation Tool (KB892130)
    Windows Imaging Component
    Windows Installer 3.1 (KB893803)
    Windows Internet Explorer 8
    Windows Live Favorites for Windows Live Toolbar
    Windows Live installer
    Windows Live Local Add-in for Microsoft Office Outlook
    Windows Live Mail
    Windows Live Messenger
    Windows Live Photo Gallery
    Windows Live Sign-in Assistant
    Windows Live Toolbar
    Windows Live Toolbar Extension (Windows Live Toolbar)
    Windows Live Writer
    Windows Media Format 11 runtime
    Windows Media Player 11
    Windows XP Hotfix - KB873333
    Windows XP Hotfix - KB873339
    Windows XP Hotfix - KB885250
    Windows XP Hotfix - KB885835
    Windows XP Hotfix - KB885836
    Windows XP Hotfix - KB885884
    Windows XP Hotfix - KB886185
    Windows XP Hotfix - KB887472
    Windows XP Hotfix - KB887742
    Windows XP Hotfix - KB887797
    Windows XP Hotfix - KB888113
    Windows XP Hotfix - KB888302
    Windows XP Hotfix - KB890175
    Windows XP Hotfix - KB890859
    Windows XP Hotfix - KB890923
    Windows XP Hotfix - KB891781
    Windows XP Hotfix - KB893086
    WinRAR archiver
    WinZip
    Yahoo! Messenger
    ZC DivX to DVD Creator 6.4.4

    ==== Event Viewer Messages From Past Week ========

    08/01/2009 12:50:59 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Avg7Core Avg7RsW Avg7RsXP AvgClean Cdr4_xp Lbd
    08/01/2009 12:50:59 AM, error: Service Control Manager [7000] - The AVG Network redirector service failed to start due to the following error: The system cannot find the file specified.
    07/31/2009 11:34:08 AM, error: DCOM [10005] - DCOM got error "%1058" attempting to start the service upnphost with arguments "" in order to run the server: {204810B9-73B2-11D4-BF42-00B0D0118B56}
    07/31/2009 10:13:48 AM, error: Service Control Manager [7031] - The McAfee Real-time Scanner service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
    07/31/2009 10:12:44 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Cdr4_xp Lbd SASKUTIL viaagp
    07/31/2009 10:12:44 AM, error: Service Control Manager [7024] - The Routing and Remote Access service terminated with service-specific error 2 (0x2).
    07/31/2009 10:12:44 AM, error: Service Control Manager [7000] - The Upload Manager service failed to start due to the following error: The account specified for this service is different from the account specified for other services running in the same process.
    07/31/2009 10:12:43 AM, error: Service Control Manager [7000] - The ManageEngine NetFlow Analyzer 7 service failed to start due to the following error: The system cannot find the path specified.
    07/31/2009 10:12:07 AM, error: RemoteAccess [20103] - Unable to load C:\WINDOWS\System32\iprtrmgr.dll.
    07/31/2009 10:10:56 AM, error: Print [23] - Printer HP OfficeJet Series 600 Print failed to initialize because a suitable HP OfficeJet Series 600 Print driver could not be found.
    07/31/2009 10:10:56 AM, error: Print [23] - Printer HP OfficeJet Series 600 Fax failed to initialize because a suitable HP OfficeJet Series 600 Fax driver could not be found.
    07/31/2009 03:10:19 AM, error: Windows Update Agent [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft Office XP (KB921596).
    07/31/2009 03:05:21 AM, error: Windows Update Agent [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft Word 2002 (KB969602).
    07/31/2009 02:17:36 PM, error: Service Control Manager [7031] - The McAfee Real-time Scanner service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
    07/31/2009 01:30:58 PM, error: Service Control Manager [7000] - The SASKUTIL service failed to start due to the following error: The system cannot find the path specified.
    07/31/2009 01:21:50 PM, error: Service Control Manager [7023] - The Application Management service terminated with the following error: The system cannot find the file specified.
    07/31/2009 01:16:41 PM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the service.
    07/31/2009 01:16:11 PM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the szserver service.
    07/30/2009 03:28:06 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Cdr4_xp SASKUTIL viaagp
    07/30/2009 01:24:58 AM, error: DCOM [10000] - Unable to start a DCOM Server: {1F87137D-0E7C-44D5-8C73-4EFFB68962F2}. The error: "%5" Happened while starting this command: C:\WINDOWS\system32\wbem\wmiprvse.exe -secured -Embedding
    07/27/2009 10:10:30 AM, error: DCOM [10000] - Unable to start a DCOM Server: {98D9A6F1-4696-4B5E-A2E8-36B3F9C1E12C}. The error: "%5" Happened while starting this command: "C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32Info.exe" /PDFShell -Embedding
    07/27/2009 01:41:54 PM, error: Cdrom [11] - The driver detected a controller error on \Device\CdRom2.
    07/25/2009 12:30:17 PM, error: Service Control Manager [7034] - The STOPzilla Service service terminated unexpectedly. It has done this 1 time(s).
    07/25/2009 12:28:56 PM, error: SideBySide [59] - Generate Activation Context failed for C:\WINDOWS\system32\ieframe.dll. Reference error message: The operation completed successfully. .
    07/25/2009 01:15:55 PM, error: DCOM [10000] - Unable to start a DCOM Server: {00BF57EF-C57F-47D4-9119-1F31FAD912C8}. The error: "%1455" Happened while starting this command: "C:\Program Files\Windows Live Toolbar\msn_sl.exe" -Embedding
    07/25/2009 01:15:55 PM, error: DCOM [10000] - Unable to start a DCOM Server: {00BF57EF-C57F-47D4-9119-1F31FAD912C8}. The error: "%1450" Happened while starting this command: "C:\Program Files\Windows Live Toolbar\msn_sl.exe" -Embedding

    ==== End Of File ===========================

  9. #19
    Security Expert: Emeritus
    Join Date
    Oct 2006
    Location
    Finland
    Posts
    29,374

    Default

    Do you recognize this?

    Advertising Center
    Microsoft MVP Consumer Security 2008-2011

    Member of ASAP and UNITE since 2006

  10. #20
    Member
    Join Date
    Jul 2009
    Location
    University Place, Wa 98466
    Posts
    61

    Cool Zlob Malware Removal

    Advertising Center

    I'm not sure what your refering too. If that is something within my file I do not reconize this at all.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •