[Multiple programs "has experienced a prob and needs to close" - HJT log]

ok, let me make a list of what's happening.

wscntfy.exe
dvldr32.exe (yes, i checked to make sure this was Creative file)
sdmep.exe
msascui.exe
McpServer
UserInitLogonApp

now, my problem is, when i log onto Windows these come up with the "has experienced a prob and needs to close" message.

also, these programs will not run anymore:

PowerDvd
Quicktime
Roboform
WindowsDefender
SuperAntiSpyware
ePSXe
StarDock
(also the same message with them)

i have Zonealarm, Avg free and Trojan hunter.
recently i was experiencing problems with the Lop infection.well, to make long short, i ran the programs recommended (HiJackThis, SuperAntiSpy, Killbox, Combofix, AdAware, SpyHunter, WindowsDefender, and Avg anti-rootkit.) prior to running these I normally just ran ZoneAkarm, Avg, TrojanHunter and had no problems. after running all these 2 days ago all my programs set to start w/Windows won't. except ZoneAlarm. Avg has been reinstalled and now starts normally. i have today run Stinger with no results.
oh, while scanning with SpyHunter it reported that my MBR was changed/corrupted. i am not a newbie by any means. all my friends and relatives call me when they have issues. this one sure confounds me. my conclusion is that one of the programs i ran ******* something up.i only had the "Avg detects the Lop thing " before. now nothing runs correctly.i can't go back in system restore as i had to turn it off prior to running certian progs. also, i can't restore with any of these progs i ran as now they won't initiate.
any suggestions. am trying to avoid a total reinstall. thanks in advance.

 

added

heres a new HijackThis log:
Logfile of HijackThis v1.99.1
Scan saved at 2:18:34 PM, on 10/29/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Universal Shield 4.1\US30Service.exe
C:\WINDOWS\System32\vssvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\devldr32.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\Program Files\Grisoft\AVG7\avgcc.exe
C:\hjt\Crusty.exe.exe

R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.2.7.dll
O3 - Toolbar: Veoh Video Finder - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O3 - Toolbar: ImageShack Toolbar - {6932D140-ABC4-4073-A44C-D4A541665E35} - C:\WINDOWS\ImageShackToolbar\ImageShackToolbar.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe "
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKCU\..\Run: [Hide Window Hotkey] C:\PROGRA~1\HIDEWI~1\HIDEWI~1.EXE -Start
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://toolbar.imageshack.us
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {6932D140-ABC4-4073-A44C-D4A541665E35} (ImageShack Toolbar) - http://toolbar.imageshack.us/toolbar/ImageShackToolbar.cab
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: MCPClient - C:\PROGRA~1\COMMON~1\Stardock\mcpstub.dll
O20 - Winlogon Notify: WBSrv - C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbsrv.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: US30Service - Unknown owner - C:\Program Files\Universal Shield 4.1\US30Service.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

 

have run Seagate Tools. Passed.
I suppose next i'll do fix-mbr in repair console. but that still doesn't address the nonrunning programs. thanks.

 

Hi tonyluwanna

On a hunch, please download FindAWF
Save the file to the Desktop
Double-click the FindAWF icon.

If a Security Alert shows, allow the program to run.
As instructed, press any key to continue.
Use the following option: Press 1 then Enter to scan for bak folders
The scan may take a while, please be patient.

When done, awf.txt will open. Please post it's contents here.

 

hi noahdfear. here's the log from Findawf:


Find AWF report by noahdfear ©2006
Version 1.40

The current date is: Mon 10/29/2007
The current time is: 23:22:40.43


bak folders found
~~~~~~~~~~~


Directory of C:\PROGRA~1\MESSEN~1\BAK

0 File(s) 0 bytes

Directory of C:\WINDOWS\SYSTEM32\BAK

0 File(s) 0 bytes

Directory of C:\PROGRA~1\COMMON~1\SYMANT~1\BAK

08/19/2002 11:22 PM 50,880 ccApp.exe
08/19/2002 11:23 PM 34,504 ccRegVfy.exe
2 File(s) 85,384 bytes


Duplicate files of bak directory contents
~~~~~~~~~~~~~~~~~~~~~~~

50880 Aug 19 2002 "C:\Program Files\Common Files\Symantec Shared\bak\ccApp.exe "
34504 Aug 19 2002 "C:\Program Files\Common Files\Symantec Shared\bak\ccRegVfy.exe "


end of report

anything suspicious in there? i can't make head nor tails of it. that's the 1st i've ever heard of this particular program. as far as those Symantec references, i don't have Norton av or any Symantec products installed. my cousin used to own this computer and he ran Norton. i am not partial to Norton av. huge resource hog i think.

 

There's an infection, widely dubbed AWF, that replaces legitimate files with a rogue, then moves the legit file into a folder it creates in the same directory named bak. The files replaced coincide with Run entries from the registry. Your machine was obviously infected at one time, though the rogue files don't appear to be present anymore, the legit files (what's left of them) are still in the bak folder. Since those belong to Norton, which you no longer use, they can be left alone or moved back to the parent folder.... your call.

Let's use another tool to get a better look at things.

Note: You must be logged onto an account with administrator privileges to complete the following.​

Download Deckard's System Scanner (dss.exe) to your desktop.

• Close all applications and windows.
• Double click on dss.exe to run it and follow the prompts.
• When the scan is complete, two text files will open; main.txt, which will be maximized and extra.txt, which will be minimized.

Post the contents of main.txt only for now.


I'll check it tomorrow evening. I need to get some sleep.

 

hi. heres the results of that:

Deckard's System Scanner v20071014.68
Run by tony_one on 2007-10-30 21:14:18
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.


-- Last 5 Restore Point(s) --
8: 2007-10-31 03:14:31 UTC - RP8 - Deckard's System Scanner Restore Point
7: 2007-10-31 00:46:10 UTC - RP7 - SPTD setup V1.50
6: 2007-10-30 21:15:27 UTC - RP6 - Installed SUPERAntiSpyware Free Edition
5: 2007-10-30 09:00:31 UTC - RP5 - Software Distribution Service 3.0
4: 2007-10-30 01:59:35 UTC - RP4 - Installed AVG 7.5


-- First Restore Point --
1: 2007-10-30 01:52:19 UTC - RP1 - System Checkpoint


Backed up registry hives.
Performed disk cleanup.

Percentage of Memory in Use: 83% (more than 75%).
Total Physical Memory: 256 MiB (512 MiB recommended).


-- HijackThis (run as tony_one.exe) --------------------------------------------

Unable to find log (file not found); running clone.
-- HijackThis Clone ------------------------------------------------------------


Emulating logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2007-10-30 21:15:45
Platform: Windows XP Service Pack 2 (5.01.2600)
MSIE: Internet Explorer (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\system32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Common Files\Stardock\SDMCP.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Grisoft\AVG7\avgamsvr.exe
C:\Program Files\Grisoft\AVG7\avgupsvc.exe
C:\Program Files\Grisoft\AVG7\avgemc.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\Program Files\Universal Shield 4.1\US30Service.exe
C:\WINDOWS\system32\vssvc.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Grisoft\AVG7\avgcc.exe
C:\WINDOWS\system32\devldr32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\tony_one\Desktop\dss.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://home.microsoft.com/access/autosearch.asp?p=%s
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.2.7.dll
O2 - BHO: Alcohol Toolbar Helper - {8126A4A5-BFD3-46FE-BBDF-BFB5CF78E489} - C:\Program Files\Alcohol Toolbar\v3.2.0.0\Alcohol_Toolbar.dll
O3 - Toolbar: Veoh Video Finder - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O3 - Toolbar: ImageShack Toolbar - {6932D140-ABC4-4073-A44C-D4A541665E35} - C:\WINDOWS\ImageShackToolbar\ImageShackToolbar.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Alcohol Toolbar - {ED4BD629-C1B6-4399-8A34-02CCAA921DC9} - C:\Program Files\Alcohol Toolbar\v3.2.0.0\Alcohol_Toolbar.dll
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe "
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKCU\..\Run: [Uniblue RegistryBooster 2] C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: https://online.musicmatch.com (HKLM)
O15 - Trusted Zone: http://toolbar.imageshack.us (HKCU)
O16 - DPF: {0000000A-0000-0010-8000-00AA00389B71} () - http://download.microsoft.com/download/d/4/4/d446e8a9-3a86-4b59-bb19-f5bd11b40367/wmavax.CAB
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} () - http://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB
O16 - DPF: {6932D140-ABC4-4073-A44C-D4A541665E35} (ImageShack Toolbar) - http://toolbar.imageshack.us/toolbar/ImageShackToolbar.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O20 - AppInit_DLLs: wbsys.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O21 - SSODL: 0aMCPClient - {F5DF91F9-15E9-416B-A7C3-7519B11ECBFC} - C:\Program Files\Common Files\Stardock\MCPCore.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\Program Files\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\Program Files\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\Program Files\Grisoft\AVG7\avgemc.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: US30Service - Unknown owner - C:\Program Files\Universal Shield 4.1\US30Service.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe


--
End of file - 6616 bytes

-- HijackThis Fixed Entries (C:\hjt\backups\) ----------------------------------

backup-20070327-163412-675 O2 - BHO: My Global Search Bar BHO - {37B85A21-692B-4205-9CAD-2626E4993404} - C:\Program Files\MyGlobalSearch\bar\1.bin\MGSBAR.DLL (file missing)
backup-20070503-185802-464 O23 - Service: NNServ - Unknown owner - C:\Program Files\NewDotNet\nnrun.exe" "C:\Program Files\NewDotNet\nncore.dll" ServiceStart (file missing)
backup-20070611-192316-521 O2 - BHO: C:\WINDOWS\lbbho.dll - {6626C68F-54DE-4FD2-863A-610E3CF0BBB8} - C:\WINDOWS\lbbho.dll
backup-20071023-203405-126 O2 - BHO: (no name) - {5B907490-6118-4639-BD91-F7F8DF5B407E} - C:\WINDOWS\mcduala.dll (file missing)
backup-20071023-203405-186 O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
backup-20071023-203405-823 O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
backup-20071023-203405-885 O20 - Winlogon Notify: kbfont - C:\WINDOWS\msagent\chars\kbfont.dll (file missing)

-- File Associations -----------------------------------------------------------

.bat - batfile - DefaultIcon - C:\WINDOWS\system32\shell32.dll,71
.ini - inifile - DefaultIcon - C:\WINDOWS\system32\shell32.dll,69
.txt - txtfile - DefaultIcon - C:\WINDOWS\system32\shell32.dll,70


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R1 SASDIFSV - c:\program files\superantispyware\sasdifsv.sys
R1 SASKUTIL - c:\program files\superantispyware\saskutil.sys
R1 SCDEmu - c:\windows\system32\drivers\scdemu.sys <Not Verified; PowerISO Computing, Inc.; scdemu>
R1 US30Sys - c:\windows\system32\drivers\us30xp.sys
R3 Afc (PPdus ASPI Shell) - c:\windows\system32\drivers\afc.sys <Not Verified; Arcsoft, Inc.; Arcsoft(R) ASPI Shell>
R3 pcouffin (VSO Software pcouffin) - c:\windows\system32\drivers\pcouffin.sys <Not Verified; VSO Software; Patin couffin engine>
R3 pfc (Padus ASPI Shell) - c:\windows\system32\drivers\pfc.sys <Not Verified; Padus, Inc.; Padus(R) ASPI Shell>
R3 SMBios (Intel (R) System Management BIOS Service) - c:\windows\system32\drivers\smbios.sys <Not Verified; Intel Corporation; Intel (R) System Management BIOS Driver>
R3 US30Kbd - c:\windows\system32\drivers\us30kbd2k.sys

S1 InCDPass - c:\windows\system32\drivers\incdpass.sys (file missing)
S1 InCDRm (InCD Reader) - c:\windows\system32\drivers\incdrm.sys (file missing)
S1 vcdrom (Virtual CD-ROM Device Driver) - c:\documents and settings\tony_one\desktop\new folder\vcdrom.sys (file missing)
S3 catchme - c:\docume~1\tony_one\locals~1\temp\catchme.sys (file missing)
S3 cpuz126 - c:\program files\pc wizard 2007\pcwiz32.sys (file missing)
S3 GetDataMip - c:\program files\getdata\mount image pro v2\mip32.sys (file missing)
S3 SASENUM - c:\program files\superantispyware\sasenum.sys <Not Verified; SuperAdBlocker, Inc.; SuperAntiSpyware>
S3 tbhsd (Tunebite High-Speed Dubbing) - c:\windows\system32\drivers\tbhsd.sys <Not Verified; RapidSolution Software AG; Tunebite High-Speed Dubbing>
S3 usbsermpt (Motorola USB Modem Driver for MPT) - c:\windows\system32\drivers\usbsermpt.sys <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) 2000 Operating System>
S3 vaxscsi - c:\windows\system32\drivers\vaxscsi.sys (file missing)
S4 InCDFs (InCD File System) - c:\windows\system32\drivers\incdfs.sys (file missing)


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 StarWindServiceAE (StarWind AE Service) - c:\program files\alcohol soft\alcohol 120\starwind\starwindserviceae.exe <Not Verified; Rocket Division Software; StarWind Alcohol Edition>
R2 US30Service - c:\program files\universal shield 4.1\us30service.exe


-- Device Manager: Disabled ----------------------------------------------------

Class GUID: {36FC9E60-C465-11CF-8056-444553540000}
Description: Intel(R) 82801DB/DBM USB Universal Host Controller - 24C2
Device ID: PCI\VEN_8086&DEV_24C2&SUBSYS_90551509&REV_02\3&13C0B0C5&0&E8
Manufacturer: Intel
Name: Intel(R) 82801DB/DBM USB Universal Host Controller - 24C2
PNP Device ID: PCI\VEN_8086&DEV_24C2&SUBSYS_90551509&REV_02\3&13C0B0C5&0&E8
Service: usbuhci

Class GUID: {36FC9E60-C465-11CF-8056-444553540000}
Description: Intel(R) 82801DB/DBM USB Universal Host Controller - 24C4
Device ID: PCI\VEN_8086&DEV_24C4&SUBSYS_90551509&REV_02\3&13C0B0C5&0&E9
Manufacturer: Intel
Name: Intel(R) 82801DB/DBM USB Universal Host Controller - 24C4
PNP Device ID: PCI\VEN_8086&DEV_24C4&SUBSYS_90551509&REV_02\3&13C0B0C5&0&E9
Service: usbuhci

Class GUID: {36FC9E60-C465-11CF-8056-444553540000}
Description: Intel(R) 82801DB/DBM USB Universal Host Controller - 24C7
Device ID: PCI\VEN_8086&DEV_24C7&SUBSYS_90551509&REV_02\3&13C0B0C5&0&EA
Manufacturer: Intel
Name: Intel(R) 82801DB/DBM USB Universal Host Controller - 24C7
PNP Device ID: PCI\VEN_8086&DEV_24C7&SUBSYS_90551509&REV_02\3&13C0B0C5&0&EA
Service: usbuhci

Class GUID: {36FC9E60-C465-11CF-8056-444553540000}
Description: Intel(R) 82801DB/DBM USB 2.0 Enhanced Host Controller - 24CD
Device ID: PCI\VEN_8086&DEV_24CD&SUBSYS_90551509&REV_02\3&13C0B0C5&0&EF
Manufacturer: Intel
Name: Intel(R) 82801DB/DBM USB 2.0 Enhanced Host Controller - 24CD
PNP Device ID: PCI\VEN_8086&DEV_24CD&SUBSYS_90551509&REV_02\3&13C0B0C5&0&EF
Service: usbehci

Class GUID: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Description: Tunebite High-Speed Dubbing
Device ID: ROOT\MEDIA\0000
Manufacturer: RapidSolution Software
Name: Tunebite High-Speed Dubbing
PNP Device ID: ROOT\MEDIA\0000
Service:

Class GUID: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Description: Tunebite High-Speed Dubbing (2)
Device ID: ROOT\MEDIA\0001
Manufacturer: RapidSolution Software
Name: Tunebite High-Speed Dubbing (2)
PNP Device ID: ROOT\MEDIA\0001
Service:

Class GUID: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Description: Tunebite High-Speed Dubbing (3)
Device ID: ROOT\MEDIA\0002
Manufacturer: RapidSolution Software
Name: Tunebite High-Speed Dubbing (3)
PNP Device ID: ROOT\MEDIA\0002
Service:

Class GUID: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Description: Tunebite High-Speed Dubbing (4)
Device ID: ROOT\MEDIA\0003
Manufacturer: RapidSolution Software
Name: Tunebite High-Speed Dubbing (4)
PNP Device ID: ROOT\MEDIA\0003
Service:

Class GUID: {4D36E97B-E325-11CE-BFC1-08002BE10318}
Description: NERO IMAGEDRIVE SCSI Controller
Device ID: IMAGEDRV\NEROIMAGEDRV\0000
Manufacturer: Unknown Manufacturer
Name: NERO IMAGEDRIVE SCSI Controller
PNP Device ID: IMAGEDRV\NEROIMAGEDRV\0000
Service: imagedrv


-- Scheduled Tasks -------------------------------------------------------------

2007-10-29 23:45:00 446 --a------ C:\WINDOWS\Tasks\SpyHunter.job


-- Files created between 2007-09-30 and 2007-10-30 -----------------------------

2007-10-30 18:53:23 229057 --a------ C:\WINDOWS\Alcohol_Toolbar_Uninstaller_7796.exe <Not Verified; Alcohol Soft; Alcohol Soft>
2007-10-30 18:53:21 0 d-------- C:\Program Files\Alcohol Toolbar
2007-10-30 18:53:11 0 d-------- C:\Program Files\Alcohol Soft
2007-10-30 18:46:10 685816 --a------ C:\WINDOWS\system32\drivers\sptd.sys
2007-10-30 14:52:46 0 dr-h----- C:\$VAULT$.AVG
2007-10-29 20:00:15 0 d-------- C:\Documents and Settings\tony_one\Application Data\AVG7
2007-10-29 19:59:57 0 d-------- C:\Documents and Settings\LocalService.NT AUTHORITY\Application Data\AVG7
2007-10-29 19:59:36 0 d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Grisoft
2007-10-29 19:54:45 0 d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Avg7
2007-10-29 19:49:14 0 d-------- C:\WINDOWS\Prefetch
2007-10-29 19:08:58 0 d-------- C:\WINDOWS\setup.pss
2007-10-29 18:50:02 0 d-------- C:\Documents and Settings\tony_one\Application Data\Uniblue
2007-10-28 09:25:13 0 d-------- C:\Program Files\capcom
2007-10-26 14:05:12 0 d-------- C:\Program Files\Serials 2005
2007-10-24 22:02:26 0 dr-h----- C:\Documents and Settings\tony_one\Recent
2007-10-23 19:47:55 0 d-------- C:\Documents and Settings\tony_one\Application Data\TrojanHunter
2007-10-23 19:27:13 0 d-------- C:\!KillBox
2007-10-23 19:19:38 1640 --a------ C:\WINDOWS\system32\tmp.reg
2007-10-23 19:11:01 0 d-------- C:\VundoFix Backups
2007-10-22 10:43:27 106 --a------ C:\delete.bat
2007-10-22 10:28:23 0 d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\SUPERAntiSpyware.com
2007-10-22 10:27:50 0 d-------- C:\Program Files\SUPERAntiSpyware
2007-10-22 10:27:49 0 d-------- C:\Documents and Settings\tony_one\Application Data\SUPERAntiSpyware.com
2007-10-21 20:29:30 0 d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Trymedia
2007-10-17 14:56:01 1056 --a------ C:\WINDOWS\alauds.dat
2007-10-17 14:56:01 8 --a------ C:\WINDOWS\alaudcb.dat
2007-10-17 14:56:01 8 --a------ C:\WINDOWS\alaudbb.dat
2007-10-17 14:55:58 8 --a------ C:\WINDOWS\alaudab.dat
2007-10-17 14:55:55 46 --a------ C:\WINDOWS\alaudl.dat
2007-10-17 14:55:50 8 --a------ C:\WINDOWS\alaudp1b.dat
2007-10-12 10:08:44 0 d-------- C:\Program Files\Common Files\DirectX
2007-10-06 16:50:23 0 d-------- C:\My Documents
2007-10-06 16:43:27 0 d-------- C:\GhostzillaCD-1.0.1-free-v1


-- Find3M Report ---------------------------------------------------------------

2007-10-30 16:15:19 0 d-------- C:\Program Files\vanBasco's Karaoke Player
2007-10-30 16:12:22 0 d-------- C:\Program Files\Smart Bro
2007-10-30 15:15:00 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2007-10-29 19:38:03 22780 --a------ C:\WINDOWS\system32\emptyregdb.dat
2007-10-29 10:06:46 0 d-------- C:\Program Files\CyberLink
2007-10-28 09:25:12 0 d--h----- C:\Program Files\InstallShield Installation Information
2007-10-26 22:39:48 0 d-------- C:\Documents and Settings\tony_one\Application Data\Orca Browser
2007-10-26 00:51:48 0 d-------- C:\Documents and Settings\tony_one\Application Data\Vso
2007-10-23 19:43:48 0 d-------- C:\Program Files\Common Files
2007-10-23 15:18:00 8 --ah----- C:\WINDOWS\system32\adb.dat
2007-10-22 06:13:21 664 --a------ C:\WINDOWS\system32\d3d9caps.dat
2007-10-20 23:13:28 0 d-------- C:\Program Files\Weather Pulse
2007-10-16 21:20:37 0 d-------- C:\Program Files\Common Files\EasyInfo
2007-10-06 11:42:18 0 d-------- C:\Documents and Settings\tony_one\Application Data\LimeWire
2007-10-02 15:17:14 0 d-------- C:\Documents and Settings\tony_one\Application Data\SlimBrowser
2007-09-24 12:34:53 0 d-------- C:\Program Files\SlimBrowser
2007-09-23 15:02:33 0 d-------- C:\Documents and Settings\tony_one\Application Data\Advanced Browser
2007-09-22 20:44:46 0 d-------- C:\Program Files\BitComet
2007-09-22 19:50:38 0 d-------- C:\Program Files\Google
2007-09-22 10:48:56 0 d-------- C:\Documents and Settings\tony_one\Application Data\Enigma Browser
2007-09-21 20:37:38 0 d-------- C:\Documents and Settings\tony_one\Application Data\Yahoo!
2007-09-21 14:49:42 0 d-------- C:\Program Files\Yahoo!
2007-09-18 19:14:13 0 d-------- C:\Documents and Settings\tony_one\Application Data\Browzar
2007-09-17 23:35:46 0 d-------- C:\Documents and Settings\tony_one\Application Data\Google
2007-09-16 15:20:29 1416 --a------ C:\WINDOWS\system32\d3d8caps.dat


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck "= "C:\WINDOWS\system32\NeroCheck.exe" [07/09/2001 10:50 AM]
"HotKeysCmds "= "C:\WINDOWS\system32\hkcmd.exe" [06/21/2005 04:44 PM]
"IgfxTray "= "C:\WINDOWS\system32\igfxtray.exe" [06/21/2005 04:48 PM]
"Zone Labs Client "= "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [06/18/2006 05:54 PM]
"MSConfig "= "C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe" [08/04/2004 06:00 AM]
"AVG7_CC "= "C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [10/30/2007 04:23 AM]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Uniblue RegistryBooster 2 "= "C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe" []

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"DWQueuedReporting "= "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} "= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [12/20/2006 01:55 PM 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 04/19/2007 01:41 PM 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\MCPClient]
C:\PROGRA~1\COMMON~1\Stardock\mcpstub.dll 01/31/2005 03:13 PM 49152 C:\PROGRA~1\COMMON~1\Stardock\MCPStub.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WBSrv]
C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbsrv.dll 02/28/2007 01:15 AM 176128 C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\WbSrv.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls "=wbsys.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Start Menu^Programs^Startup^LUMIX Simple Viewer.lnk]
path=C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\LUMIX Simple Viewer.lnk
backup=C:\WINDOWS\pss\LUMIX Simple Viewer.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^tony_one^Start Menu^Programs^Startup^Stardock ObjectDock.lnk]
path=C:\Documents and Settings\tony_one\Start Menu\Programs\Startup\Stardock ObjectDock.lnk
backup=C:\WINDOWS\pss\Stardock ObjectDock.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^tony_one^Start Menu^Programs^Startup^Yahoo! Widget Engine.lnk]
path=C:\Documents and Settings\tony_one\Start Menu\Programs\Startup\Yahoo! Widget Engine.lnk
backup=C:\WINDOWS\pss\Yahoo! Widget Engine.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^tony_one^Start Menu^Programs^Startup^YPOPs.lnk]
path=C:\Documents and Settings\tony_one\Start Menu\Programs\Startup\YPOPs.lnk
backup=C:\WINDOWS\pss\YPOPs.lnkStartup


[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ActivIcon]
C:\Program Files\ActivIcons\ACTIVICON.EXE /x

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Bexclock]
C:\Documents and Settings\tony_one\Desktop\Bexclock.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DesktopX]
"C:\Program Files\Stardock\Object Desktop\DesktopX\DesktopX.exe "

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EmsaTimeSync]
C:\Documents and Settings\tony_one\Desktop\TimeSynchronizer\TimeSynchronizer.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Eraser]
C:\Program Files\Eraser\eraser.exe -hide

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HD Tune]
C:\PROGRA~1\HDTUNE~1\HDTune.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Hide Window Hotkey]
C:\PROGRA~1\HIDEWI~1\HIDEWI~1.EXE -Start

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IncrediMail]
C:\Program Files\IncrediMail\bin\IncMail.exe /c

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MimBoot]
C:\PROGRA~1\MUSICM~1\MUSICM~1\mimboot.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
"C:\Program Files\QuickTime\qttask.exe" -atboottime

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]
"C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\tunebite.exe]
C:\Program Files\Tunebite\tunebite.exe -tray


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f6c806b1-0986-11dc-8c01-0013118dce25}]
AutoRun\command- G:\launcher.exe




-- End of Deckard's System Scanner: finished at 2007-10-30 21:16:57 ------------

sorry it got here so late. was running in circles trying to fix our 2nd vehicle.
hope this points to something. thanks!

 

Just a couple things that I can see. This will fix some corrupted file associations. Highlight and copy the bolded command below.

"%userprofile%\desktop\dss.exe" /daft

• Click Start>Run and paste the command in, then hit enter.
• An interface of Deckards file association fix will open.
• Click Scan.
• Check the box next to whatever comes up, then click Fix.
• Exit when complete.

Delete the following files.

C:\delete.bat
C:\WINDOWS\alauds.dat
C:\WINDOWS\alaudcb.dat
C:\WINDOWS\alaudbb.dat
C:\WINDOWS\alaudab.dat
C:\WINDOWS\alaudl.dat
C:\WINDOWS\alaudp1b.dat
C:\WINDOWS\system32\tmp.reg

And the following folders.

C:\!KillBox
C:\VundoFix Backups

Lets prep for and run an online scan. Download ATF Cleaner by Atribune and save it to your Desktop.

• Double click ATF-Cleaner.exe to run the program.
• Check the boxes to the left of:
  
  
  • Windows Temp
  • Current User Temp
  • All Users Temp
  • Temporary Internet Files
  • Prefetch
  • Java Cache
  • Recycle bin
  
  
• The rest are optional - if you want it to remove everything check "Select All ".
• Finally, click Empty Selected. When you get the "Done Cleaning" message, click OK.

Reboot

Please do an online scan with Kaspersky WebScanner

Click on Kaspersky Online Scanner

You will be promted to install an ActiveX component from Kaspersky, Click Yes.

• The program will launch and then begin downloading the latest definition files:
• Once the files have been downloaded click on NEXT
  
• Now click on Scan Settings
• In the scan settings make that the following are selected:
  • Scan using the following Anti-Virus database:
  • Extended (if available otherwise Standard)
  • Scan Options:
  • Scan Archives
    Scan Mail Bases
• Click OK
• Now under select a target to scan:
  • Select My Computer
• This will program will start and scan your system.
• The scan will take a while so be patient and let it run.
• Once the scan is complete it will display if your system has been infected.
  • Now click on the Save as Text button:
• Save the file to your desktop.

Post the Kaspersky log and one more fresh HijackThis log.

 

hi. i ran the start/run command and got none of what you told me to get rid of. here's what came up:

DAFT Log saved on 2007-10-30 21:55:52
-----------------------------------------------------------------------
.bat - batfile - DefaultIcon - C:\WINDOWS\system32\shell32.dll,71
.ini - inifile - DefaultIcon - C:\WINDOWS\system32\shell32.dll,69
.txt - txtfile - DefaultIcon - C:\WINDOWS\system32\shell32.dll,70

i left them alone. however, i did delete the Killbox and Vundo. i will run Kaspersky tonite and then HijackThis and post tomorrow around 5 or 6. i know it will take awhile as i have tons of progs and stuff to scan.
thanks again. take care!!

 

That was one set of instructions. It was meant to fix the .bat, .ini and .txt file associations that came up in the scan.

A separate set of instructions.

See ya tomorrow evening then.

 

alrighty. here's the Kaspersky log:

-------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER REPORT
Wednesday, October 31, 2007 10:07:55 AM
Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.98.0
Kaspersky Anti-Virus database last update: 31/10/2007
Kaspersky Anti-Virus database records: 449118
-------------------------------------------------------------------------------

Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true

Scan Target - My Computer:
A:\
C:\
D:\
E:\

Scan Statistics:
Total number of scanned objects: 149123
Number of viruses found: 8
Number of infected objects: 23
Number of suspicious objects: 0
Duration of the scan process: 01:56:28

Infected Object Name / Virus Name / Last Action
C:\Documents and Settings\All Users\Application Data\Broderbund Software\Print\Business Card Creator\PMWPRINT.INI Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Dr Watson\user.dmp Object is locked skipped
C:\Documents and Settings\All Users.WINDOWS\Application Data\Avg7\Log\emc.log Object is locked skipped
C:\Documents and Settings\All Users.WINDOWS\Application Data\Grisoft\Avg7Data\avg7log.log Object is locked skipped
C:\Documents and Settings\All Users.WINDOWS\Application Data\Grisoft\Avg7Data\avg7log.log.lck Object is locked skipped
C:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped
C:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService.NT AUTHORITY\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService.NT AUTHORITY\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService.NT AUTHORITY\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService.NT AUTHORITY\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\tony_one\.housecall6.6\Quarantine\game.class-506f6b50-5bfae53f.class.bac_a00376 Infected: Exploit.Java.Gimsh.a skipped
C:\Documents and Settings\tony_one\Application Data\Mozilla\Firefox\Profiles\ex6umv8b.default\cert8.db Object is locked skipped
C:\Documents and Settings\tony_one\Application Data\Mozilla\Firefox\Profiles\ex6umv8b.default\history.dat Object is locked skipped
C:\Documents and Settings\tony_one\Application Data\Mozilla\Firefox\Profiles\ex6umv8b.default\key3.db Object is locked skipped
C:\Documents and Settings\tony_one\Application Data\Mozilla\Firefox\Profiles\ex6umv8b.default\parent.lock Object is locked skipped
C:\Documents and Settings\tony_one\Application Data\Mozilla\Firefox\Profiles\ex6umv8b.default\search.sqlite Object is locked skipped
C:\Documents and Settings\tony_one\Application Data\Mozilla\Firefox\Profiles\ex6umv8b.default\urlclassifier2.sqlite Object is locked skipped
C:\Documents and Settings\tony_one\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\tony_one\Desktop\cliprex\Cdvd.exe/data0008 Infected: not-a-virus:AdTool.Win32.MyWebSearch.ak skipped
C:\Documents and Settings\tony_one\Desktop\cliprex\Cdvd.exe/data0009 Infected: not-a-virus:AdTool.Win32.WhenU.a skipped
C:\Documents and Settings\tony_one\Desktop\cliprex\Cdvd.exe NSIS: infected - 2 skipped
C:\Documents and Settings\tony_one\Desktop\cliprex\Cdvdr.exe/stream/data0009 Infected: not-a-virus:AdTool.Win32.MyWebSearch.ak skipped
C:\Documents and Settings\tony_one\Desktop\cliprex\Cdvdr.exe/stream/data0010 Infected: not-a-virus:AdTool.Win32.WhenU.a skipped
C:\Documents and Settings\tony_one\Desktop\cliprex\Cdvdr.exe/stream Infected: not-a-virus:AdTool.Win32.WhenU.a skipped
C:\Documents and Settings\tony_one\Desktop\cliprex\Cdvdr.exe NSIS: infected - 3 skipped
C:\Documents and Settings\tony_one\Desktop\lop\SmitfraudFix.exe/data.rar/SmitfraudFix/Reboot.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped
C:\Documents and Settings\tony_one\Desktop\lop\SmitfraudFix.exe/data.rar Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped
C:\Documents and Settings\tony_one\Desktop\lop\SmitfraudFix.exe RarSFX: infected - 2 skipped
C:\Documents and Settings\tony_one\Desktop\setups\SmitfraudFix\Reboot.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped
C:\Documents and Settings\tony_one\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\tony_one\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\tony_one\Local Settings\Application Data\Mozilla\Firefox\Profiles\ex6umv8b.default\Cache\_CACHE_001_ Object is locked skipped
C:\Documents and Settings\tony_one\Local Settings\Application Data\Mozilla\Firefox\Profiles\ex6umv8b.default\Cache\_CACHE_002_ Object is locked skipped
C:\Documents and Settings\tony_one\Local Settings\Application Data\Mozilla\Firefox\Profiles\ex6umv8b.default\Cache\_CACHE_003_ Object is locked skipped
C:\Documents and Settings\tony_one\Local Settings\Application Data\Mozilla\Firefox\Profiles\ex6umv8b.default\Cache\_CACHE_MAP_ Object is locked skipped
C:\Documents and Settings\tony_one\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\tony_one\Local Settings\Temp\~DF260C.tmp Object is locked skipped
C:\Documents and Settings\tony_one\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\tony_one\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\tony_one\ntuser.dat.LOG Object is locked skipped
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\logs\sw_ae-20071030-193236.log Object is locked skipped
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP19\A0003165.dll Infected: not-a-virus:FraudTool.Win32.SpySheriff.a skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP19\A0003166.dll Infected: not-a-virus:FraudTool.Win32.SpySheriff.a skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP19\A0003167.dll Infected: not-a-virus:FraudTool.Win32.SpySheriff.a skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP19\A0003168.dll Infected: not-a-virus:FraudTool.Win32.SpySheriff.a skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP24\A0003199.INI Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP4\A0001075.INI Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP44\A0015569.exe/data0002 Infected: not-a-virus:AdWare.Win32.PurityScan.fk skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP44\A0015569.exe/data0003 Infected: not-a-virus:AdWare.Win32.PurityScan.bu skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP44\A0015569.exe NSIS: infected - 2 skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP48\A0016598.exe Infected: not-a-virus:AdWare.Win32.PurityScan.ez skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP48\A0016599.exe/data0002 Infected: not-a-virus:AdWare.Win32.PurityScan.fk skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP48\A0016599.exe/data0003 Infected: not-a-virus:AdWare.Win32.PurityScan.bu skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP48\A0016599.exe NSIS: infected - 2 skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023498.inf Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023499.ver Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023500.msi Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023501.inf Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023502.exe Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023503.exe Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023504.dll Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023505.CAT Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023506.dll Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023507.exe Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023508.exe Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023509.inf Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023510.ini Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023511.dll Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023512.dll Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023513.dll Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023514.dll Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023515.inf Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023516.dll Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023517.dll Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023518.dll Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023519.dll Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023520.exe Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023521.exe Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023522.dll Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023523.dll Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023524.dll Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023525.dll Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023526.dll Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023527.dll Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023528.dll Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023529.dll Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023530.dll Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023531.dll Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023532.dll Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023533.dll Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023534.dll Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023535.dll Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023536.dll Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023537.dll Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023538.dll Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023539.dll Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023540.dll Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023541.dll Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023542.dll Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023543.dll Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023544.dll Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023545.dll Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023546.dll Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023547.dll Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023548.dll Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023549.dll Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023550.dll Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023551.dll Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023552.dll Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023553.dll Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023554.dll Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023555.dll Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023556.dll Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023557.dll Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023558.dll Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023559.dll Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023560.dll Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023561.dll Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023562.dll Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023563.exe Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023564.exe Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023565.exe Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023566.dll Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023567.exe Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023568.exe Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023569.dll Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023570.dll Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023571.tlb Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023572.dll Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023573.dll Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023574.dll Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023575.dll Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023576.dll Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023577.dll Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023578.dll Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023579.dll Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023580.dll Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023581.dll Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023582.dll Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023583.dll Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023584.dll Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023585.dll Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023586.dll Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023587.dll Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023588.dll Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023589.dll Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023590.dll Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023591.exe Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023592.exe Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023593.exe Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023594.exe Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023595.exe Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023596.exe Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023597.exe Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023598.dll Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023599.exe Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023600.sys Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023601.exe Object is locked

 

C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023618.exe Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023619.exe Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023620.ocx Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023621.exe Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023622.dll Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023623.dll Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023624.dll Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023625.dll Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023626.dll Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023627.dll Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023628.dll Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023629.dll Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023630.dll Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023631.dll Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023632.dll Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023633.dll Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023634.dll Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023635.dll Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023636.dll Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023637.dll Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023638.dll Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023639.dll Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023640.tlb Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023641.dll Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023642.dll Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023643.dll Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023644.dll Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023645.dll Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023646.dll Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023647.dll Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023648.msc Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023649.dll Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023650.dll Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023651.dll Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023652.cmd Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023653.mof Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023654.dll Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023655.sys Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023656.exe Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023657.dll Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023658.dll Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023659.msi Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023660.inf Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023661.inf Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023662.inf Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023663.sif Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023664.dll Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023665.inf Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023666.inf Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023667.inf Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023668.inf Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023669.inf Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023670.inf Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023671.inf Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023672.inf Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023673.inf Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023674.inf Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023675.inf Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023676.inf Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023677.exe Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023678.cat Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023679.dll Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023680.exe Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023681.dll Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023682.dll Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023683.exe Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023684.msi Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023685.inf Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023686.inf Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023687.inf Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023688.sif Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023689.dll Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023690.inf Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023691.inf Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023692.inf Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023693.inf Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023694.inf Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023695.inf Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023696.inf Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023697.inf Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023698.inf Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023699.inf Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023700.inf Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023701.inf Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023702.dll Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023703.exe Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023704.exe Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023705.dll Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023706.dll Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023707.dll Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023708.dll Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023709.exe Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023710.dll Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023711.exe Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023712.exe Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023713.exe Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023714.dll Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023715.dll Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023716.dll Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023717.dll Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023718.dll Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023719.dll Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023720.dll Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023721.dll Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023722.dll Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023723.dll Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023724.exe Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023725.dll Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023726.exe Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023727.sdb Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023728.dll Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023729.dll Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023730.exe Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023731.ini Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023732.dll Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023733.inf Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023734.exe Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023735.exe Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023736.dll Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023737.exe Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023738.exe Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023739.exe Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023740.dll Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023741.exe Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023742.exe Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023743.ini Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023744.ini Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023745.dll Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023746.cat Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023747.cat Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023748.dll Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023749.dll Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023750.cat Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023751.cat Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023752.dll Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023753.cat Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023754.cat Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023755.dll Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023756.cat Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023757.dll Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023758.cat Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023759.dll Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023760.cat Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023761.cat Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023762.cat Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023763.cat Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023764.dll Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023765.cat Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023766.exe Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023767.dll Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023768.wa_ Object is locked skipped
C:\System Volume Information\_restore{09FAE573-FB88-4938-9574-6071FA6F82CB}\RP55\A0023769.wa_ Object is locked skipped
C:\System Volume Information\_restore{AD59C916-FBD4-43DB-8E09-D9E0107ABF1B}\RP8\change.log Object is locked skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\Internet Logs\fwdbglog.txt Object is locked skipped
C:\WINDOWS\Internet Logs\fwpktlog.txt Object is locked skipped
C:\WINDOWS\Internet Logs\IAMDB.RDB Object is locked skipped
C:\WINDOWS\Internet Logs\TONYTWO-5FA3409.ldb Object is locked skipped
C:\WINDOWS\Internet Logs\tvDebug.log Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\default Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\software Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\system Object is locked skipped
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\drivers\sptd.sys Object is locked skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\TEMP\ZLT04f1a.TMP Object is locked skipped
C:\WINDOWS\TEMP\ZLT0523d.TMP Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped

Scan process completed.

 

Logfile of HijackThis v1.99.1
Scan saved at 10:15:19 AM, on 10/31/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\PROGRA~1\COMMON~1\Stardock\SDMCP.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\Program Files\Universal Shield 4.1\US30Service.exe
C:\WINDOWS\System32\vssvc.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\system32\devldr32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\hjt\Crusty.exe.exe

R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.2.7.dll
O2 - BHO: Alcohol Toolbar Helper - {8126A4A5-BFD3-46FE-BBDF-BFB5CF78E489} - C:\Program Files\Alcohol Toolbar\v3.2.0.0\Alcohol_Toolbar.dll
O3 - Toolbar: Veoh Video Finder - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O3 - Toolbar: ImageShack Toolbar - {6932D140-ABC4-4073-A44C-D4A541665E35} - C:\WINDOWS\ImageShackToolbar\ImageShackToolbar.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Alcohol Toolbar - {ED4BD629-C1B6-4399-8A34-02CCAA921DC9} - C:\Program Files\Alcohol Toolbar\v3.2.0.0\Alcohol_Toolbar.dll
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe "
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKCU\..\Run: [Uniblue RegistryBooster 2] C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://toolbar.imageshack.us
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english/kavwebscan_unicode.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {6932D140-ABC4-4073-A44C-D4A541665E35} (ImageShack Toolbar) - http://toolbar.imageshack.us/toolbar/ImageShackToolbar.cab
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: MCPClient - C:\PROGRA~1\COMMON~1\Stardock\mcpstub.dll
O20 - Winlogon Notify: WBSrv - C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbsrv.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: US30Service - Unknown owner - C:\Program Files\Universal Shield 4.1\US30Service.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

and heres the hijack log

 

Very similiar ( if not the same ) problem(s)

http://www.windowsbbs.com/showthread.php?t=68525

BillyBob

 

Just a couple of things of note in the Kaspersky scan.

C:\Documents and Settings\tony_one\Desktop\lop\SmitfraudFix.exe
C:\Documents and Settings\tony_one\Desktop\setups\SmitfraudFix

You should delete all SmitfraudFix files/folder. The tool is updated regularly and always available should you need it again (lets hope you don't )

The following file has some embedded WhenU Save files, which is Adware. Your choice what you do with it though, as it's not a real threat.

C:\Documents and Settings\tony_one\Desktop\cliprex\Cdvdr.exe

Other than that you have infected system restore points. I had actually thought to suggest trying a system restore because I'm not seeing active infection as a reason for the problem you're having. If you did use a restore point, and it fixes the problem, we can easily enough clean out any infections it restores. It's quite posssible that a scan with an updated AVG Anti-Spyware would clean those files from the restore points too, which would leave less chance of re-infecting from later using system restore.

Before you proceed with anything else, lets have a look at another log. Locate the extra.txt log from within a C:\Deckards subfolder and post it's contents.

 

ok. here's that extra.txt log:

Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------

-- System Information ----------------------------------------------------------

Microsoft Windows XP Home Edition (build 2600) SP 2.0
Architecture: X86; Language: English

CPU 0: Intel(R) Pentium(R) 4 CPU 2.60GHz
Percentage of Memory in Use: 83%
Physical Memory (total/avail): 255.48 MiB / 40.94 MiB
Pagefile Memory (total/avail): 1001.67 MiB / 694.67 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1928.96 MiB

A: is Removable (No Media)
C: is Fixed (NTFS) - 186.31 GiB total, 57.29 GiB free.
D: is CDROM (CDFS)

\\.\PHYSICALDRIVE0 - MAXTOR STM3200820A - 186.31 GiB - 1 partition
\PARTITION0 (bootable) - Installable File System - 186.31 GiB - C:



-- Security Center -------------------------------------------------------------

AUOptions is set to notify before install.
Windows Internal Firewall is disabled.

FirstRunDisabled is set.
FirewallOverride is set.

FW: ZoneAlarm Firewall v6.5.722.000 (Zone Labs, Inc.)
AV: AVG 7.5.503 v7.5.503 (Grisoft)

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe "= "%windir%\\system32\\sessmgr.exe:*:enabledxpsp2res.dll,-22019 "

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\\Program Files\\LimeWire\\LimeWire.exe "= "C:\\Program Files\\LimeWire\\LimeWire.exe:*:Enabled:LimeWire "
"%windir%\\system32\\sessmgr.exe "= "%windir%\\system32\\sessmgr.exe:*:enabledxpsp2res.dll,-22019 "
"C:\\Program Files\\Grisoft\\AVG7\\avginet.exe "= "C:\\Program Files\\Grisoft\\AVG7\\avginet.exe:*:Enabled:avginet.exe "
"C:\\Program Files\\Grisoft\\AVG7\\avgamsvr.exe "= "C:\\Program Files\\Grisoft\\AVG7\\avgamsvr.exe:*:Enabled:avgamsvr.exe "
"C:\\Program Files\\Grisoft\\AVG7\\avgcc.exe "= "C:\\Program Files\\Grisoft\\AVG7\\avgcc.exe:*:Enabled:avgcc.exe "
"C:\\Program Files\\Grisoft\\AVG7\\avgemc.exe "= "C:\\Program Files\\Grisoft\\AVG7\\avgemc.exe:*:Enabled:avgemc.exe "


-- Environment Variables -------------------------------------------------------

ALLUSERSPROFILE=C:\Documents and Settings\All Users.WINDOWS
APPDATA=C:\Documents and Settings\tony_one\Application Data
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=TONYTWO-5FA3409
ComSpec=C:\WINDOWS\system32\cmd.exe
DEFAULT_CA_NR=CA6
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\tony_one
LOGONSERVER=\\TONYTWO-5FA3409
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\system32\WBEM;C:\Program Files\Common Files\Teleca Shared
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 15 Model 2 Stepping 9, GenuineIntel
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=0209
ProgramFiles=C:\Program Files
PROMPT=$P$G
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\tony_one\LOCALS~1\Temp
TMP=C:\DOCUME~1\tony_one\LOCALS~1\Temp
tvdumpflags=8
USERDOMAIN=TONYTWO-5FA3409
USERNAME=tony_one
USERPROFILE=C:\Documents and Settings\tony_one
windir=C:\WINDOWS


-- User Profiles ---------------------------------------------------------------

tony_one (admin)
tonyone (admin)
Administrator (admin)


-- Add/Remove Programs ---------------------------------------------------------

--> "C:\Program Files\Universal Shield 4.1\Uninstall.exe" "C:\Program Files\Universal Shield 4.1\install.log" -u
--> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
--> C:\Program Files\DivX\ConverterUninstall.exe /CONVERTER
--> C:\Program Files\Nero\Nero 7\nero\uninstall\UNNERO.exe /UNINSTALL
--> C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL
--> C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL
--> C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL
--> C:\WINDOWS\UNNeroVision.exe /UNINSTALL
--> C:\WINDOWS\UNRecode.exe /UNINSTALL
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
µTorrent --> "C:\Program Files\uTorrent\uninstall.exe "
AC3Filter (remove only) --> C:\Program Files\AC3Filter\uninstall.exe
ACDSee 9 Photo Manager --> MsiExec.exe /X{B2D41883-3BFC-4BA0-A2F6-5A2C9836C238}
Ad-Aware SE Personal --> MsiExec.exe /X{78CC3BAB-DE2A-4FB4-8FBB-E4DADDC26747}
Add/Remove 4Good --> C:\PROGRA~1\ADDREM~1\UNWISE.EXE C:\PROGRA~1\ADDREM~1\INSTALL.LOG
Adobe Flash Player 9 ActiveX --> C:\WINDOWS\system32\Macromed\Flash\FlashUtil9b.exe -uninstallDelete
Adobe Flash Player Plugin --> C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Shockwave Player --> C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
Advanced Batch Converter --> "C:\Program Files\Advanced Batch Converter\uninstall.exe "
Alcohol Toolbar --> "C:\WINDOWS\Alcohol_Toolbar_Uninstaller_7796.exe" _?=C:\Program Files\Alcohol Toolbar
Any FLV Player 1.0.2 --> C:\Program Files\Any FLV Player\uninst.exe
ArcSoft Software Suite --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9E397B40-13F7-4CA2-9943-ADB29ACBBFDF}\Setup.exe" -l0x9
Ashampoo Movie Shrink & Burn 2 --> "C:\Program Files\Ashampoo\Ashampoo Movie Shrink & Burn 2\Uninstall\MSB2_Uninstall.EXE "
Avant Browser (remove only) --> "C:\Program Files\Avant Browser\uninst.exe "
AVG 7.5 --> C:\Program Files\Grisoft\AVG7\setup.exe /UNINSTALL
AVG Anti-Rootkit Free --> C:\Program Files\GRISOFT\AVG Anti-Rootkit Free\Uninstall.exe
AVI DVD Burner 2007 ver 2.25 --> "C:\Program Files\AviDvdBurner\unins000.exe "
AviSynth 2.5 --> "C:\Program Files\AviSynth 2.5\Uninstall.exe "
BearShare --> C:\PROGRA~1\BEARSH~1\UNWISE.EXE C:\PROGRA~1\BEARSH~1\INSTALL.LOG
BitComet 0.84 --> C:\Program Files\BitComet\uninst.exe
BitTornado 0.3.17 --> C:\Program Files\BitTornado\uninst.exe
Boilosft AVI to VCD SVCD DVD Converter 2.28 --> "C:\Program Files\Boilsoft AVI Converter\unins000.exe "
Call Of Cthulhu DCoTE --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0700\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E4406ED3-B04C-44F1-ABB4-08775B74934F}\setup.exe" -l0x9
Capturex --> "C:\Program Files\Capturex\uninstall.exe "
CCleaner (remove only) --> "C:\Program Files\CCleaner\uninst.exe "
Cliprex DVD Player Professional --> "C:\Program Files\Cliprex DVD Player Professional\uninstall.exe "
ControlCenter --> C:\PROGRA~1\OBJECT~1\CONTRO~1\UNWISE.EXE C:\PROGRA~1\OBJECT~1\CONTRO~1\INSTALL.LOG
ConvertXtoDVD 2.1.8.193 --> "C:\Program Files\vso\ConvertXtoDVD\unins000.exe "
Corel Paint Shop Pro X --> MsiExec.exe /I{1A15507A-8551-4626-915D-3D5FA095CC1B}
Cucusoft MPEG/MOV/RM/DivX/AVI to DVD/VCD/SVCD Creator Pro 7.07 --> "C:\Program Files\Cucusoft\avi-dvd-pro\unins000.exe "
Democracy Player 0.9.6.1 --> C:\Program Files\Participatory Culture Foundation\Democracy Player\uninstall.exe
DesktopX --> C:\PROGRA~1\Stardock\OBJECT~1\DesktopX\UNWISE.EXE C:\PROGRA~1\Stardock\OBJECT~1\DesktopX\INSTALL.LOG
dino2 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1879585A-D70B-4774-8A0A-FCF9763AC7CF}\Setup.exe"
DivX Codec --> C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DivX Content Uploader --> C:\Program Files\DivX\DivXContentUploaderUninstall.exe /CUPLOADER
DivX Converter --> C:\Program Files\DivX\ConverterUninstall.exe /CONVERTER
DivX Player --> C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Web Player --> C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
DVD2SVCD 1.2.3 Build 1 --> "C:\Program Files\DVD2SVCD\unins000.exe "
DVDFab Platinum 2.70 --> "C:\Program Files\DVDFab Platinum\unins000.exe "
eMule --> "C:\Program Files\eMule\Uninstall.exe "
EnhanceMovie 2.2 --> C:\Program Files\EnhanceMovie 2.2\uninst.exe
Eraser 5.82 --> "C:\Program Files\Eraser\unins000.exe "
EVEREST Ultimate Edition v3.01 --> "C:\Program Files\Lavalys\EVEREST Ultimate Edition\unins000.exe "
ffdshow (remove only) --> "C:\Program Files\ffdshow\uninstall.exe "
Folder Marker Pro v 2.0 --> "C:\Program Files\Folder Marker\unins000.exe "
Foxit Reader --> C:\Program Files\Foxit Software\Foxit Reader\Uninstall.exe
Google Video Player --> "C:\Program Files\Google\Google Video Player\Uninstall.exe "
HD Tune 2.53 --> "C:\Program Files\HD Tune\unins000.exe "
HijackThis 1.99.1 --> C:\hjt\HijackThis.exe /uninstall
Huffyuv AVI lossless video codec (Remove Only) --> rundll.exe setupx.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\HUFFYUV.INF
IconCool Studio v3.3x --> C:\PROGRA~1\ICONCO~2\ICONCO~1\UNWISE.EXE C:\PROGRA~1\ICONCO~2\ICONCO~1\INSTALL.LOG
IconPackager --> C:\PROGRA~1\Stardock\OBJECT~1\ICONPA~1\UNWISE.EXE C:\PROGRA~1\Stardock\OBJECT~1\ICONPA~1\INSTALL.LOG
IconX --> C:\PROGRA~1\Stardock\OBJECT~1\IconX\UNWISE.EXE C:\PROGRA~1\Stardock\OBJECT~1\IconX\INSTALL.LOG
Image Grabber II.NET --> MsiExec.exe /I{F343FA04-CFC0-487C-A617-A5E8CF4D7B10}
ImageShack Toolbar for Internet Explorer --> MsiExec.exe /I{A080492B-91D0-4CB8-AE02-9FF2EF9FFDC8}
IncrediMail Xe --> C:\PROGRA~1\INCRED~1\bin\imsetup.exe /remove /addon:IncrediMail /log:IncMail.log
Intel(R) Extreme Graphics Driver --> RUNDLL32.EXE C:\WINDOWS\system32\ialmrem.dll,UninstallW2KIGfx PCI\VEN_8086&DEV_2562
IrfanView (remove only) --> C:\Program Files\IrfanView\iv_uninstall.exe
IsoBuster 1.7 --> "C:\Program Files\Smart Projects\IsoBuster\Uninst\unins000.exe "
J2SE Runtime Environment 5.0 Update 3 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150030}
KaraWin Pro --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BFA52389-ECC9-4DA2-BDA0-D2C76F5B7F9A}\Setup.exe"
LimeWire 4.12.11 --> "C:\Program Files\LimeWire\uninstall.exe "
LUMIX Simple Viewer --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2CDCCE7E-55D5-40CC-AEA0-ABA54713501F}\setup.exe" -l0x9
Max Payne 2 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EFE1AB94-5466-4B6E-BE31-FF4C115FD25D}\setup.exe" -l0x9
MaxBlast 4 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{639858DD-4966-40F3-A706-7C838BCF3A2B}\setup.exe"
Microsoft Text-to-Speech Engine 4.0 (English) --> RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\msTTS.inf, Uninstall
Mozilla Firefox (2.0.0.7) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSN --> C:\Program Files\MSN\MsnInstaller\msninst.exe /Action:ARP
Musicmatch® Jukebox --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{85D3CC30-8859-481A-9654-FD9B74310BEF}\setup.exe" -l0x9 -uninst
Nero 7 Demo --> MsiExec.exe /I{84B2CF01-194D-2284-B313-F2E0D78D1033}
Netscape Navigator (9.0b2) --> C:\Program Files\Netscape\Navigator 9\uninstall\helper.exe
ObjectDock Plus --> C:\PROGRA~1\Stardock\OBJECT~2\objectdock.exe /uninstall
Peck's Power Join --> C:\WINDOWS\ST4UNST.EXE -n "C:\Program Files\PeckJoin\ST4UNST.LOG"
Power Video Converter 1.3.8 --> "C:\Program Files\Power Video Converter\unins000.exe "
PowerISO --> "C:\Program Files\PowerISO\uninstall.exe "
Project64 1.6 --> MsiExec.exe /X{9559F7CA-5E34-4237-A2D9-D856464AD727}
QuickTime Alternative 1.77 --> "C:\Program Files\QuickTime Alternative\unins000.exe "
RealPlayer --> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Realtek High Definition Audio Driver --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\setup.exe" REMOVE
RESIDENT EVIL --> C:\Program Files\ResidentEvil\RESIDENT EVIL\Uninstall.exe
S.T.A.L.K.E.R. - Shadow of Chernobyl --> "C:\Program Files\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\unins000.exe "
SCRABBLE Deluxe --> C:\PROGRA~1\ZONE~1.COM\SCRABB~1\UNWISE.EXE C:\PROGRA~1\ZONE~1.COM\SCRABB~1\INSTALL.LOG
SeaTools for Windows --> MsiExec.exe /I{98613C99-1399-416C-A07C-1EE1C585D872}
SkinStudio --> C:\PROGRA~1\Stardock\OBJECT~1\SKINST~1\UNWISE.EXE C:\PROGRA~1\Stardock\OBJECT~1\SKINST~1\INSTALL.LOG
SlimBrowser (remove only) --> "C:\Program Files\SlimBrowser\uninst.exe "
SmartStartup --> C:\PROGRA~1\COMMON~1\Stardock\UNWISE.EXE C:\PROGRA~1\COMMON~1\Stardock\INSTALL.LOG
Sony Ericsson PC Suite --> MsiExec.exe /I{788A9E76-1079-445D-B9A1-6DBB9420F7C3}
SUPERAntiSpyware Free Edition --> MsiExec.exe /X{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}
Tablane Browser 1.8.0 and TClipper 1.0.0 Build 1075 --> "C:\Program Files\Tablane\unins000.exe "
Theme Manager --> C:\PROGRA~1\Stardock\OBJECT~1\THEMEM~1\thememgr.exe /uninstallwise
Topaz Moment PE --> MsiExec.exe /I{88C04F89-7112-44E4-805C-1DC7DD1C317C}
Total Video Converter 3.10 --> "C:\Program Files\Total Video Converter\unins000.exe "
Tunebite 4.1.0.22 --> "C:\Program Files\Tunebite\unins000.exe "
Turok 3 --> C:\Games\Turok 3\Uninstall.exe
Turok Evolution --> C:\Games\Turok Evolution\Uninstall.exe
Unix Utilities for Yahoo! Widgets --> C:\Program Files\Yahoo!\Widgets\UnixUtils\uninstall.exe
Veoh Player --> C:\Program Files\InstallShield Installation Information\{D44208B0-45DD-425C-AE88-5E7EE85BC717}\setup.exe -runfromtemp -l0x0409
VideoLAN VLC media player 0.8.6c --> C:\Program Files\VideoLAN\VLC\uninstall.exe
Weather Pulse 2.05 build 36 --> "C:\Program Files\Weather Pulse\unins000.exe "
WindowBlinds --> C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\UNWISE.EXE C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\INSTALL.LOG
Windows Media Format 11 runtime --> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe "
WinRAR archiver --> C:\Program Files\WinRAR\uninstall.exe
Xvid 1.1.2 final uninstall --> "C:\Program Files\Xvid\unins000.exe "
Yahoo! Toolbar --> C:\PROGRA~1\Yahoo!\Common\unyt.exe
Yahoo! Widgets --> C:\PROGRA~1\Yahoo!\Widgets\uninstall.exe
YPOPs! 0.8.8 --> "C:\Program Files\YPOPs\unins000.exe "
ZoneAlarm --> C:\Program Files\Zone Labs\ZoneAlarm\zauninst.exe


-- Application Event Log -------------------------------------------------------

Event Record #/Type2429 / Error
Event Submitted/Written: 10/30/2007 04:54:10 PM
Event ID/Source: 1000 / Application Error
Event Description:
Faulting application epsxe.exe, version 0.0.0.0, faulting module msvcrt.dll, version 7.0.2600.2180, fault address 0x00037c7e.
Processing media-specific event for [epsxe.exe!ws!]

Event Record #/Type2421 / Warning
Event Submitted/Written: 10/30/2007 03:08:41 AM
Event ID/Source: 4356 / EventSystem
Event Description:
The COM+ Event System failed to create an instance of the subscriber partition:{41E90F3E-56C1-4633-81C3-6E8BAC8BDD70}!new:{58FC39EB-9DBD-4EA7-B7B4-9404CC6ACFAB}. CoGetObject returned HRESULT 8000401A.

Event Record #/Type2395 / Warning
Event Submitted/Written: 10/29/2007 07:49:30 PM
Event ID/Source: 4356 / EventSystem
Event Description:
The COM+ Event System failed to create an instance of the subscriber partition:{41E90F3E-56C1-4633-81C3-6E8BAC8BDD70}!new:{58FC39EB-9DBD-4EA7-B7B4-9404CC6ACFAB}. CoGetObject returned HRESULT 8000401A.

Event Record #/Type2392 / Warning
Event Submitted/Written: 10/29/2007 07:40:09 PM
Event ID/Source: 4353 / EventSystem
Event Description:
The COM+ Event System attempted to fire the EventObjectChange::ChangedSubscription event but received a bad return code. HRESULT was 80040201.

Event Record #/Type2391 / Warning
Event Submitted/Written: 10/29/2007 07:40:09 PM
Event ID/Source: 4356 / EventSystem
Event Description:
The COM+ Event System failed to create an instance of the subscriber partition:{41E90F3E-56C1-4633-81C3-6E8BAC8BDD70}!new:{D3938AB0-5B9D-11D1-8DD2-00AA004ABD5E}. CoGetObject returned HRESULT 80070422.



-- Security Event Log ----------------------------------------------------------

No Errors/Warnings found.


-- System Event Log ------------------------------------------------------------

Event Record #/Type4180 / Error
Event Submitted/Written: 10/30/2007 07:33:00 PM
Event ID/Source: 7000 / Service Control Manager
Event Description:
The MCSTRM service failed to start due to the following error:
%%2

Event Record #/Type4179 / Error
Event Submitted/Written: 10/30/2007 07:33:00 PM
Event ID/Source: 7000 / Service Control Manager
Event Description:
The ASCTRM service failed to start due to the following error:
%%2

Event Record #/Type4178 / Error
Event Submitted/Written: 10/30/2007 07:33:00 PM
Event ID/Source: 7023 / Service Control Manager
Event Description:
The Windows Driver Foundation - User-mode Driver Framework service terminated with the following error:
%%31

Event Record #/Type4121 / Error
Event Submitted/Written: 10/30/2007 06:49:03 PM
Event ID/Source: 7000 / Service Control Manager
Event Description:
The MCSTRM service failed to start due to the following error:
%%2

Event Record #/Type4120 / Error
Event Submitted/Written: 10/30/2007 06:49:03 PM
Event ID/Source: 7000 / Service Control Manager
Event Description:
The ASCTRM service failed to start due to the following error:
%%2



-- End of Deckard's System Scanner: finished at 2007-10-30 21:16:57 ------------

 

Frankly, I'm not seeing anything that would suggest to me your programs wouldn't run. I'd be more than happy to look at your event logs to see if there are any clues. You can export them and email to me here, if you want.

Did the programs stop working after installing a particular application, such as SuperAntiSpyware, AVG or Zone Alarm?

 

Did you receive the reply email I sent requesting exports?