Inactive [InActive] Please check my DDS for viruses/malware

DDS (Ver_09-02-01.01) - NTFSx86
Run by randa at 21:05:13.04 on 08/03/2009
Internet Explorer: 6.0.2900.2180
Microsoft Windows XP Professional 5.1.2600.2.1252.44.1033.18.1015.537 [GMT 2:00]

AV: Kaspersky Internet Security *On-access scanning enabled* (Updated)
FW: Kaspersky Internet Security *enabled*

============== Running Processes ===============

E:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
E:\WINDOWS\System32\svchost.exe -k netsvcs
E:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
E:\WINDOWS\system32\spoolsv.exe
E:\Program Files\Analog Devices\SoundMAX\SMTray.exe
E:\Program Files\Broadcom\BACS\bacstray.exe
E:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
D:\My Documents\avp.exe
E:\WINDOWS\system32\ctfmon.exe
E:\Program Files\MSN Messenger\MsnMsgr.Exe
E:\Program Files\WinZip\WZQKPICK.EXE
D:\My Documents\avp.exe
E:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
E:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
E:\WINDOWS\System32\svchost.exe -k imgsvc
E:\Program Files\PC Connectivity Solution\ServiceLayer.exe
E:\WINDOWS\system32\wuauclt.exe
E:\Program Files\MSN Messenger\usnsvc.exe
E:\WINDOWS\system32\msiexec.exe
E:\WINDOWS\explorer.exe
E:\Program Files\Internet Explorer\iexplore.exe
E:\Program Files\Internet Explorer\iexplore.exe
E:\WINDOWS\system32\wuauclt.exe
E:\Documents and Settings\randa\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.com/
uSearch Page = hxxp://g.msn.co.uk/0SEENGB/SAOS01?FORM=TOOLBR
uSearch Bar = hxxp://g.msn.co.uk/0SEENGB/SAOS01?FORM=TOOLBR
mDefault_Search_URL = hxxp://www.google.com/ie
uInternet Connection Wizard,ShellNext = iexplore
uSearchURL,(Default) = hxxp://g.msn.co.uk/0SEENGB/SAOS01?FORM=TOOLBR
uURLSearchHooks: SearchSettings Class: {e312764e-7706-43f1-8dab-fcdd2b1e416d} - e:\program files\search settings\kb127\SearchSettings.dll
BHO: AcroIEHlprObj Class: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - e:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
BHO: IEVkbdBHO Class: {59273ab4-e7d3-40f9-a1a8-6fa9cca1862c} - d:\my documents\ievkbd.dll
BHO: DealioBHO Class: {6a87b991-a31f-4130-ae72-6d0c294bf082} - e:\program files\dealio\kb127\Dealio.dll
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - e:\program files\java\jre6\bin\ssv.dll
BHO: {7E853D72-626A-48EC-A868-BA8D5E23E045} - No File
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - e:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - e:\program files\google\google toolbar\GoogleToolbar.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - e:\program files\google\googletoolbarnotifier\5.0.926.3450\swg.dll
BHO: Windows Live Toolbar Helper: {bdbd1dad-c946-4a17-adc1-64b5b4ff55d0} - e:\program files\windows live toolbar\msntb.dll
BHO: NoExplorer - No File
BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - e:\program files\google\google toolbar\component\fastsearch_219B3E1547538286.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - e:\program files\java\jre6\bin\jp2ssv.dll
BHO: SearchSettings Class: {e312764e-7706-43f1-8dab-fcdd2b1e416d} - e:\program files\search settings\kb127\SearchSettings.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - e:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: Ask Toolbar BHO: {f0d4b231-da4b-4daf-81e4-dfee4931a4aa} - e:\program files\asksbar\bar\1.bin\ASKSBAR.DLL
TB: Ask Toolbar: {f0d4b239-da4b-4daf-81e4-dfee4931a4aa} - e:\program files\asksbar\bar\1.bin\ASKSBAR.DLL
TB: Windows Live Toolbar: {bdad1dad-c946-4a17-adc1-64b5b4ff55d0} - e:\program files\windows live toolbar\msntb.dll
TB: &Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - e:\program files\google\google toolbar\GoogleToolbar.dll
TB: Dealio: {e67c74f4-a00a-4f2c-9fec-fd9dc004a67f} - e:\program files\dealio\kb127\Dealio.dll
TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File
uRun: [kamsoft] e:\windows\system32\kamsoft.exe
uRun: [ctfmon.exe] e:\windows\system32\ctfmon.exe
uRun: [MsnMsgr] "e:\program files\msn messenger\MsnMsgr.Exe" /background
uRun: [swg] e:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe
uRun: [BitComet] "e:\program files\bitcomet\BitComet.exe" /tray
mRun: [Smapp] e:\program files\analog devices\soundmax\SMTray.exe
mRun: [bacstray] e:\program files\broadcom\bacs\bacstray.exe
mRun: [IMJPMIG8.1] "e:\windows\ime\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
mRun: [MSPY2002] e:\windows\system32\ime\pintlgnt\ImScInst.exe /SYNC
mRun: [PHIME2002ASync] e:\windows\system32\ime\tintlgnt\TINTSETP.EXE /SYNC
mRun: [PHIME2002A] e:\windows\system32\ime\tintlgnt\TINTSETP.EXE /IMEName
mRun: [PCSuiteTrayApplication] e:\program files\nokia\nokia pc suite 6\LaunchApplication.exe -startup
mRun: [TkBellExe] "e:\program files\mpcstar\codecs\real\rcaplugins\realsched.exe" -osboot
mRun: [SearchSettings] e:\program files\search settings\SearchSettings.exe
mRun: [XP-11646D96] e:\windows\system32\XP-11646D96.EXE
mRun: [AVP] "d:\my documents\avp.exe "
dRun: [Nokia.PCSync] e:\program files\nokia\nokia pc suite 6\PcSync2.exe /NoDialog
dRun: [ctfmon.exe] e:\windows\system32\ctfmon.exe
StartupFolder: e:\docume~1\randa\startm~1\programs\startup\75cd~1.lnk - e:\windows\system32\XP-11646D96.EXE
StartupFolder: e:\docume~1\alluse~1\startm~1\programs\startup\adober~1.lnk - e:\program files\adobe\acrobat 7.0\reader\reader_sl.exe
StartupFolder: e:\docume~1\alluse~1\startm~1\programs\startup\micros~1.lnk - e:\program files\microsoft office\office10\OSA.EXE
StartupFolder: e:\docume~1\alluse~1\startm~1\programs\startup\winzip~1.lnk - e:\program files\winzip\WZQKPICK.EXE
uPolicies-explorer: NofolderOptions = 1 (0x1)
uPolicies-system: DisableTaskMgr = 1 (0x1)
uPolicies-system: DisableRegistryTools = 1 (0x1)
dPolicies-explorer: NofolderOptions = 1 (0x1)
dPolicies-system: DisableTaskMgr = 1 (0x1)
dPolicies-system: DisableRegistryTools = 1 (0x1)
IE: &Windows Live Search - e:\program files\windows live toolbar\msntb.dll/search.htm
IE: Add to Banner Ad Blocker - d:\my documents\ie_banner_deny.htm
IE: E&xport to Microsoft Excel - e:\progra~1\micros~2\office10\EXCEL.EXE/3000
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - e:\program files\messenger\msmsgs.exe
IE: {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - {85E0B171-04FA-11D1-B7DA-00A0C90348D6} - d:\my documents\SCIEPlgn.dll
DPF: DirectAnimation Java Classes - file://e:\windows\java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://e:\windows\java\classes\xmldso.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_10-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_10-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_10-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - e:\program files\common files\microsoft shared\web folders\PKMCDO.DLL
Notify: klogon - e:\windows\system32\klogon.dll
AppInit_DLLs: d:\mydocu~1\mzvkbd.dll,d:\mydocu~1\mzvkbd3.dll,d:\mydocu~1\adialhk.dll,d:\mydocu~1\kloehk.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - e:\windows\system32\WPDShServiceObj.dll

============= SERVICES / DRIVERS ===============

R0 kl1;Kl1;e:\windows\system32\drivers\kl1.sys [2008-7-21 121872]
R0 klbg;Kaspersky Lab Boot Guard Driver;e:\windows\system32\drivers\klbg.sys [2008-1-29 33808]
R1 KLIF;Kaspersky Lab Driver;e:\windows\system32\drivers\klif.sys [2009-3-8 213520]
R2 AVP;Kaspersky Internet Security;d:\my documents\avp.exe [2008-7-29 206088]
R3 KLFLTDEV;Kaspersky Lab KLFltDev;e:\windows\system32\drivers\klfltdev.sys [2008-3-13 26640]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;e:\windows\system32\drivers\klim5.sys [2008-4-30 24592]
S3 AVPsys;AVPsys;\??\e:\windows\system32\drivers\cdaudio.sys --> e:\windows\system32\drivers\cdaudio.sys [?]

=============== Created Last 30 ================

2009-03-08 18:33 101,287 a------- e:\windows\system32\drivers\klin.dat
2009-03-08 18:33 89,601 a------- e:\windows\system32\drivers\klick.dat
2009-03-08 18:32 3,831,328 a--sh--- e:\windows\system32\drivers\fidbox.dat
2009-03-08 18:32 589,856 a--sh--- e:\windows\system32\drivers\fidbox2.dat
2009-03-08 18:32 33,108 a--sh--- e:\windows\system32\drivers\fidbox.idx
2009-03-08 18:32 5,192 a--sh--- e:\windows\system32\drivers\fidbox2.idx
2009-03-08 12:50 0 a------- e:\windows\system32\REN28.tmp
2009-03-08 12:50 0 a------- e:\windows\system32\REN27.tmp
2009-03-08 12:50 0 a------- e:\windows\system32\REN26.tmp
2009-03-08 12:20 <DIR> --d-h--- e:\windows\PIF
2009-03-07 23:10 <DIR> --d----- e:\docume~1\alluse~1\applic~1\Kaspersky Lab
2009-03-07 23:07 <DIR> --d----- e:\docume~1\alluse~1\applic~1\Kaspersky Lab Setup Files
2009-03-05 18:34 69 ---shr-- E:\autorun.inf
2009-03-04 18:44 20,992 a------- e:\windows\system32\APADB64.EXE
2009-03-04 18:44 20,992 ---sh--- e:\windows\system32\wemtoreg.exe
2009-03-03 07:55 56 a---h--- e:\windows\system32\ezsidmv.dat
2009-02-28 18:01 20,992 a------- e:\windows\system32\OA-AE13B.EXE
2009-02-28 18:01 20,992 ---sh--- e:\windows\system32\wemtareg.exe
2009-02-20 22:09 20,992 ---sh--- e:\windows\system32\wimtareg.exe
2009-02-19 18:35 20,992 a------- e:\windows\system32\OX-AE13B.EXE
2009-02-19 18:35 20,992 ---sh--- e:\windows\system32\wimzareg.exe
2009-02-14 23:05 1,097,728 ----h--- e:\windows\system32\krnln.fnr
2009-02-14 23:05 323,584 ----h--- e:\windows\system32\eAPI.fne
2009-02-14 23:05 270,336 ----h--- e:\windows\system32\com.run
2009-02-14 23:05 217,088 ----h--- e:\windows\system32\RegEx.fnr
2009-02-14 23:05 184,320 ----h--- e:\windows\system32\internet.fne
2009-02-14 23:05 114,688 ----h--- e:\windows\system32\dp1.fne
2009-02-14 23:05 73,728 ----h--- e:\windows\system32\spec.fne
2009-02-14 23:05 40,960 ----h--- e:\windows\system32\shell.fne
2009-02-14 23:04 2,404 a--sh--- e:\windows\system32\ul.dll
2009-02-14 23:04 2,048 -------- e:\windows\system32\og.EDT
2009-02-14 23:04 827 -------- e:\windows\system32\og.dll

==================== Find3M ====================

2009-03-08 19:48 94,720 ---shr-- e:\windows\system32\nmdfgds0.dll
2009-03-08 19:45 33,808 a------- e:\windows\system32\drivers\klbg.sys
2009-03-07 23:41 81,984 a------- e:\windows\system32\bdod.bin
2009-03-03 15:08 57,016 ac------ e:\docume~1\randa\applic~1\GDIPFONTCACHEV1.DAT
2008-12-22 08:05 410,976 a------- e:\windows\system32\deploytk.dll

============= FINISH: 21:05:46.62 ===============



UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_09-02-01.01)

Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 16/08/2008 20:43:52
System Uptime: 03/08/2009 20:22:47 (-3551 hours ago)

Motherboard: Hewlett-Packard | | 0984h
Processor: Intel(R) Pentium(R) 4 CPU 3.40GHz | XU1 PROCESSOR | 3391/800mhz
Processor: Intel(R) Pentium(R) 4 CPU 3.40GHz | XU1 PROCESSOR | 3391/800mhz

==== Disk Partitions =========================

A: is Removable
C: is FIXED (NTFS) - 44 GiB total, 36.597 GiB free.
D: is FIXED (NTFS) - 21 GiB total, 5.251 GiB free.
E: is FIXED (NTFS) - 10 GiB total, 2.062 GiB free.
F: is CDROM ()
G: is CDROM ()

==== Disabled Device Manager Items =============

Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description: Video Controller (VGA Compatible)
Device ID: PCI\VEN_8086&DEV_2582&SUBSYS_3005103C&REV_04\3&B1BFB68&0&10
Manufacturer:
Name: Video Controller (VGA Compatible)
PNP Device ID: PCI\VEN_8086&DEV_2582&SUBSYS_3005103C&REV_04\3&B1BFB68&0&10
Service:

Class GUID: {4D36E96F-E325-11CE-BFC1-08002BE10318}
Description: PS/2 Compatible Mouse
Device ID: ACPI\PNP0F13\4&1117367&0
Manufacturer: Microsoft
Name: PS/2 Compatible Mouse
PNP Device ID: ACPI\PNP0F13\4&1117367&0
Service: i8042prt

Class GUID: {4D36E96B-E325-11CE-BFC1-08002BE10318}
Description: Standard 101/102-Key or Microsoft Natural PS/2 Keyboard
Device ID: ACPI\PNP0303\4&1117367&0
Manufacturer: (Standard keyboards)
Name: Standard 101/102-Key or Microsoft Natural PS/2 Keyboard
PNP Device ID: ACPI\PNP0303\4&1117367&0
Service: i8042prt

Class GUID: {EEC5AD98-8080-425F-922A-DABF3DE3F69A}
Description: N93i
Device ID: ROOT\WPD\0000
Manufacturer: Nokia
Name: N93i
PNP Device ID: ROOT\WPD\0000
Service: WUDFRd

==== System Restore Points ===================

RP179: 08/03/2009 15:13:01 - Removed Kaspersky Internet Security 2009.
RP180: 08/03/2009 18:32:48 - Installed Kaspersky Internet Security 2009.

==== Installed Programs ======================

Adobe Reader 7.0
Apple Software Update
Ask Toolbar
Broadcom Management Programs
Choice Guard
Highlight Viewer (Windows Live Toolbar)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows XP (KB926239)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954708)
Java(TM) 6 Update 10
Kaspersky Internet Security 2009
Map Button (Windows Live Toolbar)
Media Player Codec Pack 3.2.0
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB928366)
Microsoft .NET Framework 2.0
Microsoft Application Error Reporting
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Office Live Add-in 1.3
Microsoft Office XP Professional
Microsoft Silverlight
Microsoft User-Mode Driver Framework Feature Pack 1.5
Nokia Connectivity Cable Driver
Nokia PC Suite
Octoshape add-in for Adobe Flash Player
PC Connectivity Solution
PCFriendly
QuickTime
QuickTime Converter 2.1
RealPlayer
Rhapsody Player Engine
Search Settings 1.2
Security Update for Windows Media Player (KB952069)
Security Update for Windows XP (KB901190)
Security Update for Windows XP (KB923789)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB944338-v2)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950749)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953838)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956390)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958215)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB960714)
Security Update for Windows XP (KB960715)
Sibelius Scorch (ActiveX Only)
Smart Menus (Windows Live Toolbar)
SoundMAX
Update for Windows XP (KB898461)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
WebFldrs XP
Windows Driver Package - Nokia (WUDFRd) WPD (06/01/2007 6.84.33.0)
Windows Driver Package - Nokia Modem (02/15/2007 3.1)
Windows Driver Package - Nokia Modem (05/24/2007 6.84.0.1)
Windows Imaging Component
Windows Installer 3.1 (KB893803)
Windows Live Mail
Windows Live Messenger
Windows Live Sign-in Assistant
Windows Live Toolbar
Windows Live Toolbar Extension (Windows Live Toolbar)
Windows Media Format 11 runtime
Windows XP Hotfix - KB885884
Windows XP Service Pack 2
WinRAR archiver
WinZip 11.2

==== Event Viewer Messages From Past Week ========

01/03/2009 12:03:07, error: Service Control Manager [7000] - The BitDefender Desktop Update Service service failed to start due to the following error: The system cannot find the file specified.
01/03/2009 07:42:44, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: i8042prt
01/03/2009 22:12:14, error: Print [6161] -
05/03/2009 16:24:34, error: Service Control Manager [7022] - The Windows Image Acquisition (WIA) service hung on starting.
05/03/2009 16:25:19, error: Service Control Manager [7022] - The BitDefender Virus Shield service hung on starting.
05/03/2009 16:31:03, error: Service Control Manager [7023] - The Computer Browser service terminated with the following error: This operation returned because the timeout period expired.
05/03/2009 16:35:56, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the JavaQuickStarterService service.
05/03/2009 16:36:23, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the PlugPlay service.
05/03/2009 16:37:00, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the WZCSVC service.
05/03/2009 16:38:11, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the ShellHWDetection service.
05/03/2009 16:38:57, error: Service Control Manager [7000] - The Network Location Awareness (NLA) service failed to start due to the following error: All pipe instances are busy.
05/03/2009 16:43:02, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Application Layer Gateway Service service to connect.
05/03/2009 16:45:33, error: Service Control Manager [7000] - The Application Layer Gateway Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
07/03/2009 23:34:16, error: Service Control Manager [7000] - The AVPsys service failed to start due to the following error: A device attached to the system is not functioning.
07/03/2009 23:34:16, error: Service Control Manager [7000] - The AVPsys service failed to start due to the following error: The system cannot find the file specified.
07/03/2009 23:38:25, error: Service Control Manager [7031] - The Kaspersky Internet Security service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.
08/03/2009 08:02:36, error: Service Control Manager [7000] - The Java Quick Starter service failed to start due to the following error: The system cannot find the path specified.
07/03/2009 23:34:32, information: Windows File Protection [64002] - File replacement was attempted on the protected system file cdaudio.sys. This file was restored to the original version to maintain system stability. The file version of the system file is 5.1.2600.0.
08/03/2009 07:52:54, information: Windows File Protection [64002] - File replacement was attempted on the protected system file e:\program files\msn gaming zone\windows\bckg.dll. This file was restored to the original version to maintain system stability. The file version of the system file is 1.2.626.1.
08/03/2009 07:52:54, information: Windows File Protection [64002] - File replacement was attempted on the protected system file e:\program files\msn gaming zone\windows\bckgres.dll. This file was restored to the original version to maintain system stability. The file version of the system file is 1.2.626.1.
08/03/2009 07:52:54, information: Windows File Protection [64002] - File replacement was attempted on the protected system file e:\program files\msn gaming zone\windows\bckgzm.exe. This file was restored to the original version to maintain system stability. The file version of the system file is 1.2.626.1.
08/03/2009 07:52:54, information: Windows File Protection [64002] - File replacement was attempted on the protected system file e:\program files\msn gaming zone\windows\chkr.dll. This file was restored to the original version to maintain system stability. The file version of the system file is 1.2.626.1.
08/03/2009 07:52:54, information: Windows File Protection [64002] - File replacement was attempted on the protected system file e:\program files\msn gaming zone\windows\chkrres.dll. This file was restored to the original version to maintain system stability. The file version of the system file is 1.2.626.1.
08/03/2009 07:52:54, information: Windows File Protection [64002] - File replacement was attempted on the protected system file e:\program files\msn gaming zone\windows\chkrzm.exe. This file was restored to the original version to maintain system stability. The file version of the system file is 1.2.626.1.
08/03/2009 07:52:54, information: Windows File Protection [64002] - File replacement was attempted on the protected system file e:\program files\msn gaming zone\windows\cmnclim.dll. This file was restored to the original version to maintain system stability. The file version of the system file is 1.2.629.1.
08/03/2009 07:52:55, information: Windows File Protection [64002] - File replacement was attempted on the protected system file e:\program files\msn gaming zone\windows\cmnresm.dll. This file was restored to the original version to maintain system stability. The file version of the system file is 1.2.626.1.
08/03/2009 07:52:55, information: Windows File Protection [64002] - File replacement was attempted on the protected system file e:\program files\msn gaming zone\windows\hrtz.dll. This file was restored to the original version to maintain system stability. The file version of the system file is 1.2.626.1.
08/03/2009 07:52:55, information: Windows File Protection [64002] - File replacement was attempted on the protected system file e:\program files\msn gaming zone\windows\hrtzres.dll. This file was restored to the original version to maintain system stability. The file version of the system file is 1.2.626.1.
08/03/2009 07:52:55, information: Windows File Protection [64002] - File replacement was attempted on the protected system file e:\program files\msn gaming zone\windows\hrtzzm.exe. This file was restored to the original version to maintain system stability. The file version of the system file is 1.2.626.1.
08/03/2009 07:52:55, information: Windows File Protection [64002] - File replacement was attempted on the protected system file e:\program files\msn gaming zone\windows\rvse.dll. This file was restored to the original version to maintain system stability. The file version of the system file is 1.2.626.1.
08/03/2009 07:52:55, information: Windows File Protection [64002] - File replacement was attempted on the protected system file e:\program files\msn gaming zone\windows\rvseres.dll. This file was restored to the original version to maintain system stability. The file version of the system file is 1.2.626.1.
08/03/2009 07:52:55, information: Windows File Protection [64002] - File replacement was attempted on the protected system file e:\program files\msn gaming zone\windows\rvsezm.exe. This file was restored to the original version to maintain system stability. The file version of the system file is 1.2.626.1.
08/03/2009 07:52:55, information: Windows File Protection [64002] - File replacement was attempted on the protected system file e:\program files\msn gaming zone\windows\shvl.dll. This file was restored to the original version to maintain system stability. The file version of the system file is 1.2.626.1.
08/03/2009 07:52:55, information: Windows File Protection [64002] - File replacement was attempted on the protected system file e:\program files\msn gaming zone\windows\shvlres.dll. This file was restored to the original version to maintain system stability. The file version of the system file is 1.2.626.1.
08/03/2009 07:52:55, information: Windows File Protection [64002] - File replacement was attempted on the protected system file e:\program files\msn gaming zone\windows\shvlzm.exe. This file was restored to the original version to maintain system stability. The file version of the system file is 1.2.626.1.
08/03/2009 07:52:55, information: Windows File Protection [64002] - File replacement was attempted on the protected system file e:\program files\msn gaming zone\windows\uniansi.dll. This file was restored to the original version to maintain system stability. The file version of the system file is 1.2.626.1.
08/03/2009 07:52:55, information: Windows File Protection [64002] - File replacement was attempted on the protected system file e:\program files\msn gaming zone\windows\zclientm.exe. This file was restored to the original version to maintain system stability. The file version of the system file is 1.2.626.1.
08/03/2009 07:52:55, information: Windows File Protection [64002] - File replacement was attempted on the protected system file e:\program files\msn gaming zone\windows\zcorem.dll. This file was restored to the original version to maintain system stability. The file version of the system file is 1.2.626.1.
08/03/2009 07:52:55, information: Windows File Protection [64002] - File replacement was attempted on the protected system file e:\program files\msn gaming zone\windows\zeeverm.dll. This file was restored to the original version to maintain system stability. The file version of the system file is 1.2.629.1.
08/03/2009 07:52:55, information: Windows File Protection [64002] - File replacement was attempted on the protected system file e:\program files\msn gaming zone\windows\znetm.dll. This file was restored to the original version to maintain system stability. The file version of the system file is 1.2.626.1.
08/03/2009 07:52:55, information: Windows File Protection [64002] - File replacement was attempted on the protected system file e:\program files\msn gaming zone\windows\zoneclim.dll. This file was restored to the original version to maintain system stability. The file version of the system file is 1.2.626.1.
08/03/2009 07:52:55, information: Windows File Protection [64002] - File replacement was attempted on the protected system file e:\program files\msn gaming zone\windows\zonelibm.dll. This file was restored to the original version to maintain system stability. The file version of the system file is 1.2.626.1.

==== End Of File ===========================

 

Hi and welcome


Download Combofix from any of the links below. You must rename it before saving it. Save it to your desktop.

Link 1
Link 2
Link 3





--------------------------------------------------------------------
Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools

(Click on this link to see a list of programs that should be disabled.)
http://www.bleepingcomputer.com/forums/topic114351.html


Double click on Combo-Fix.exe & follow the prompts.

Please allow ComboFix to install, if needed, Windows Recovery Console. It is a simple procedure that will only take a few moments of your time.

No Validation is Required.

The Windows Recovery Console will allow you to boot up into a special recovery (repair) mode. This allows us to more easily help you should your computer have a problem after an attempted removal of malware. It is a simple procedure that will only take a few moments of your time.



** Please Note:
At times ComboFix may appear to stall, please be patient.

• When finished, it will produce a report for you.
• Please post the C:\ComboFix.txt along with a HijackThis log so we can continue cleaning the system.

Please only run the tool once, ty.

Extra note: After you have installed the Recovery Console - if you reboot your computer, right after reboot, you'll see the option for the Recovery Console now as well.
Don't select to run the Recovery Console as we don't need it.
By default, your main OS is selected there. The screen stays for 2 seconds and then it proceeds to load Windows.

You may need several replies to post the requested logs, otherwise they might get cut off.

 

Due to the lack of feedback this Topic is closed.


If you need this topic reopened, please contact a Staff member. Include the address of this thread in your request. This applies only to the original topic starter.