Logfile of HijackThis v1.99.1 Scan saved at 9:00:59 PM, on 6/12/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\System32\wltrysvc.exe C:\WINDOWS\System32\bcmwltry.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\atievxx.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Canon\CAL\CALMAIN.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\QuickTime\qttask.exe C:\WINDOWS\system32\WLANSTA.EXE C:\WINDOWS\system32\wltray.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\Program Files\802.11 Wireless LAN\802.11g Wireless Cardbus & PCI Adapter HW.51 V1.00\WlanCU.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Hijackthis\HijackThis.exe O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [WLANSTA.EXE] WLANSTA.EXE START O4 - HKLM\..\Run: [wltray.exe] C:\WINDOWS\system32\wltray.exe O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O4 - Global Startup: Wireless Configuration Utility HW.51.lnk = C:\Program Files\802.11 Wireless LAN\802.11g Wireless Cardbus & PCI Adapter HW.51 V1.00\WlanCU.exe O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\wltrysvc.exe -------------------------------------- AbiWord 2.4.6 (remove only) Adobe Flash Player Plugin Adobe Illustrator 10.0.3 Adobe Photoshop 7.0 Adobe Reader 6.0 Adobe Shockwave Player Adobe SVG Viewer 3.0 avast! Antivirus AVG Anti-Spyware 7.5 Belkin Wireless Utility Canon Camera Access Library Canon Camera Support Core Library Canon Camera Window DC_DV 5 for ZoomBrowser EX Canon Camera Window DC_DV 6 for ZoomBrowser EX Canon Camera Window MC 6 for ZoomBrowser EX Canon RAW Image Task for ZoomBrowser EX Canon RemoteCapture Task for ZoomBrowser EX Canon Utilities Digital Photo Professional 2.2 Canon Utilities EOS Utility Canon Utilities PhotoStitch Canon Utilities ZoomBrowser EX Hijackthis 1.99.1 HijackThis 1.99.1 Hotfix for Windows XP (KB914440) Hotfix for Windows XP (KB915865) IEEE 802.11g Wireless Cardbus/PCI Adapter Inspiration 8 Microsoft Internationalized Domain Names Mitigation APIs Microsoft National Language Support Downlevel APIs Microsoft Office 2000 Disc 2 Microsoft Office 2000 Professional Microsoft Text-to-Speech Engine 4.0 (English) Mozilla Firefox (2.0.0.3) Mozilla Firefox (2.0.0.4) Mozilla Thunderbird (2.0.0.0) PowerDVD QuickTime Security Update for Windows Media Player (KB911564) Security Update for Windows XP (KB890046) Security Update for Windows XP (KB896358) Security Update for Windows XP (KB896428) Security Update for Windows XP (KB900725) Security Update for Windows XP (KB901214) Security Update for Windows XP (KB902400) Security Update for Windows XP (KB904706) Security Update for Windows XP (KB905414) Security Update for Windows XP (KB905749) Security Update for Windows XP (KB908519) Security Update for Windows XP (KB913580) Security Update for Windows XP (KB914388) Security Update for Windows XP (KB914389) Security Update for Windows XP (KB917344) Security Update for Windows XP (KB917422) Security Update for Windows XP (KB917953) Security Update for Windows XP (KB918118) Security Update for Windows XP (KB918439) Security Update for Windows XP (KB919007) Security Update for Windows XP (KB920213) Security Update for Windows XP (KB920670) Security Update for Windows XP (KB920683) Security Update for Windows XP (KB923191) Security Update for Windows XP (KB923689) Security Update for Windows XP (KB923694) Security Update for Windows XP (KB923789) Security Update for Windows XP (KB925902) Security Update for Windows XP (KB926255) Security Update for Windows XP (KB926436) Security Update for Windows XP (KB928843) Security Update for Windows XP (KB930178) Security Update for Windows XP (KB932168) SUPERAntiSpyware Free Edition Update for Windows XP (KB894391) Update for Windows XP (KB898461) Update for Windows XP (KB904942) Update for Windows XP (KB908531) Update for Windows XP (KB910437) Update for Windows XP (KB916595) Update for Windows XP (KB920872) Update for Windows XP (KB922582) Update for Windows XP (KB930916) Windows Installer 3.1 (KB893803) Windows Media Format Runtime Windows Media Player 10 Windows XP Hotfix - KB886185 Windows XP Hotfix - KB888302 Windows XP Hotfix - KB890859 Windows XP Hotfix - KB891781 Winupdate ZoneAlarm -------------- [ie7.log] 1.042: ================================================================================ 1.042: 2007/06/11 22:17:00.650 (local) 1.042: c:\42bcafd921e93e3551280e\update\update.exe (version 6.2.29.0) 1.112: Hotfix started with following command line: /quiet /norestart /er /log:C:\WINDOWS 10.786: IECUSTOM: Scanning for proper registry permissions... 13.289: IECUSTOM: Scanning for proper registry permissions... 14.261: IECUSTOM: Scanning for proper registry permissions... 23.804: In Function TestVolatileFlag, line 11873, RegOpenKeyEx failed with error 0x2 23.804: In Function TestVolatileFlag, line 11905, RegOpenKeyEx failed with error 0x2 23.804: DoInstallation: CleanPFR failed: 0x2 23.844: SetProductTypes: InfProductBuildType=BuildType.IP 23.854: SetAltOsLoaderPath: No section uses DirId 65701; done. 23.884: IncludeDirectoryIdFromInfSection: No DirId found for: DontRemoveOnUninstall.System32.DirId 23.904: DoInstallation: FetchSourceURL for c:\42bcafd921e93e3551280e\update\update.inf failed 23.904: CreateUninstall = 1,Directory = C:\WINDOWS\ie7 23.945: LoadFileQueues: UpdSpGetSourceFileLocation for halacpi.dll failed: 0xe0000102 24.065: BuildCabinetManifest: update.url absent 24.125: Starting AnalyzeComponents 24.125: AnalyzePhaseZero used 0 ticks 24.125: No c:\windows\INF\updtblk.inf file. 24.125: OEM file scan used 0 ticks 34.219: AnalyzePhaseOne: used 10094 ticks 34.219: AnalyzeComponents: Hotpatch analysis disabled; skipping. 34.219: AnalyzeComponents: Hotpatching is disabled. 34.309: AnalyzePhaseTwo used 90 ticks 34.309: AnalyzePhaseThree used 0 ticks 34.309: AnalyzePhaseFive used 0 ticks 34.309: AnalyzePhaseSix used 0 ticks 34.309: AnalyzeComponents used 10184 ticks 34.309: Downloading 0 files 34.309: bPatchMode = FALSE 34.309: Inventory complete: ReturnStatus=0, 10405 ticks 34.309: Num Ticks for invent : 10405 34.309: Allocation size of drive C: is 4096 bytes, free space = 6048792576 bytes 34.309: AnalyzeDiskUsage: Skipping EstimateDiskUsageForUninstall. 34.309: Drive C: free 5768MB req: 77MB w/uninstall: NOT CALCULATED. 34.309: CabinetBuild complete 34.309: Num Ticks for Cabinet build : 0 34.309: ProcessDynamicStrings: RegQueryValueEx failed to read value: 0x2 34.309: ProcessDynamicStrings: InstallPathRegistryKey for SOFTWARE\Microsoft\Internet Explorer,BrandGUID failed 34.309: ProcessDynamicStrings: CustomStringTable for DownloadedProgramFiles returned Downloaded Program Files 34.319: ProcessDynamicStrings: all %DownloadedProgramFiles% replaced with Downloaded Program Files. 34.319: ProcessDynamicStrings: CustomFunction for GetProductIDCode returned 84876-600-0011903-00102 34.319: ProcessDynamicStrings: all %ProductIDCode% replaced with 84876-600-0011903-00102. 34.319: ProcessDynamicStrings: CustomStringTable for SystemTools returned Accessories\System Tools 34.319: ProcessDynamicStrings: all %SystemTools% replaced with Accessories\System Tools. 34.430: FileInUse:: Detection disabled. 34.430: LoadFileQueues: UpdSpGetSourceFileLocation for halacpi.dll failed: 0xe0000102 36.953: ArchiveQueue: component occache.ini: no target c:\windows\downloaded program files\desktop.ini 58.194: ArchiveFileForUninstall:ArchiveSingleFile Cancelled 59.125: DoInstallation:UpdSpCommitFileQueue for AlwaysQueue Failed: 0x4c7 67.137: DeRegistering the Uninstall Program -> ie7, 2 67.137: Internet Explorer 7 Setup canceled. 67.137: Update.exe extended error code = 0xf00d