Calcmsgpumpwnd

Hi, when I try to shut down or restart the computer the program "Calcmsgpumpwnd" still running and I do not see it in the task list.

Thanks!
Mcgo

Antivirus program used:
AGV 6.0 Anti-Virus System - Grisoft - Engine: 6.0.716 Virus db: 472

Antispy program used:
SpywareBlaster V. 3.1 of Javacool Software LLC

Firewall used:
ZoneAlarm True Vector Security Engine and Driver V. 5.0.590.043 Zone Labs Inc. security software

Step 1 with
Ad-aware 6 core application V. 6.0.1.181 Lavasoft Sweden
Spybot - Search & Destroy 1.3 Latest update 2004-6-23

Step 2
Logfile of HijackThis v1.97.7
Scan saved at 13:29:20, on 06/07/04
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\DIR00003\SYSTEM\KERNEL32.DLL
C:\DIR00003\SYSTEM\MSGSRV32.EXE
C:\DIR00003\SYSTEM\MPREXE.EXE
C:\DIR00003\SYSTEM\mmtask.tsk
C:\DIR00003\SYSTEM\MSTASK.EXE
C:\ARQUIVOS DE PROGRAMAS\GRISOFT\AVG6\AVGSERV9.EXE
C:\DIR00003\SYSTEM\ZONELABS\VSMON.EXE
C:\DIR00003\EXPLORER.EXE
C:\DIR00003\SYSTEM\RNAAPP.EXE
C:\DIR00003\SYSTEM\TAPISRV.EXE
C:\DIR00003\PTSNOOP.EXE
C:\DIR00003\TASKMON.EXE
C:\DIR00003\SYSTEM\SYSTRAY.EXE
C:\ARQUIVOS DE PROGRAMAS\GRISOFT\AVG6\AVGCC32.EXE
C:\ARQUIVOS DE PROGRAMAS\ARQUIVOS COMUNS\REAL\UPDATE_OB\REALSCHED.EXE
C:\DIR00003\LOADQM.EXE
C:\ARQUIVOS DE PROGRAMAS\ZONE LABS\ZONEALARM\ZONEALARM\ZLCLIENT.EXE
C:\ARQUIVOS DE PROGRAMAS\MSN MESSENGER\MSNMSGR.EXE
C:\DIR00003\SYSTEM\WMIEXE.EXE
C:\DIR00003\SYSTEM\CMMON32.EXE
C:\ARQUIVOS DE PROGRAMAS\HIJACKTHIS\HIJACKTHIS.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.apta.sp.gov.br/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://redirect.tucows.com/lycos/home
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
F1 - win.ini: load=ptsnoop.exe
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\ARQUIVOS DE PROGRAMAS\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\arquivos de programas\google\googletoolbar1.dll
O2 - BHO: Lexico Toolbar - {11359F4A-B191-42d7-905A-594F8CF0387B} - C:\DIR00003\DOWNLOADED PROGRAM FILES\LEXBAR.DLL
O2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\DIR00003\DOWNLOADED PROGRAM FILES\GBIEH.DLL
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Arquivos de programas\Spybot - Search & Destroy\SDHelper.dll
O3 - Toolbar: &Rádio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\DIR00003\SYSTEM\MSDXM.OCX
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\arquivos de programas\google\googletoolbar1.dll
O3 - Toolbar: Dictionary.com - {11359F4A-B191-42D7-905A-594F8CF0387B} - C:\DIR00003\DOWNLOADED PROGRAM FILES\LEXBAR.DLL
O4 - HKLM\..\Run: [ScanRegistry] C:\DIR00003\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] C:\DIR00003\taskmon.exe
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [CountrySelection] pctptt.exe
O4 - HKLM\..\Run: [McAfee.InstantUpdate.Monitor] "C:\Arquivos de programas\McAfee\McAfee Shared Components\Instant Updater\RuLaunch.exe" /startmonitor
O4 - HKLM\..\Run: [QuickTime Task] C:\WINDOWS\SYSTEM\QTTASK.EXE
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [AVG_CC] C:\ARQUIVOS DE PROGRAMAS\GRISOFT\AVG6\avgcc32.exe /startup
O4 - HKLM\..\Run: [TkBellExe] "C:\Arquivos de programas\Arquivos comuns\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [LoadQM] loadqm.exe
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Arquivos de programas\Zone Labs\ZoneAlarm\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [Avgserv9.exe] C:\ARQUIV~1\GRISOFT\AVG6\Avgserv9.exe
O4 - HKLM\..\RunServices: [TrueVector] C:\DIR00003\SYSTEM\ZONELABS\VSMON.EXE -service
O4 - HKCU\..\Run: [MsnMsgr] "C:\Arquivos de programas\MSN Messenger\MsnMsgr.Exe" /background
O4 - Startup: Microsoft Office.lnk = C:\Arquivos de programas\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &Google Search - res://C:\ARQUIVOS DE PROGRAMAS\GOOGLE\GOOGLETOOLBAR1.DLL/cmsearch.html
O8 - Extra context menu item: Cac&hed Snapshot of Page - res://C:\ARQUIVOS DE PROGRAMAS\GOOGLE\GOOGLETOOLBAR1.DLL/cmcache.html
O8 - Extra context menu item: Si&milar Pages - res://C:\ARQUIVOS DE PROGRAMAS\GOOGLE\GOOGLETOOLBAR1.DLL/cmsimilar.html
O8 - Extra context menu item: Backward &Links - res://C:\ARQUIVOS DE PROGRAMAS\GOOGLE\GOOGLETOOLBAR1.DLL/cmbacklinks.html
O8 - Extra context menu item: Search &Dictionary - C:\Program files\Lexico\Toolbar\dictionary.htm
O8 - Extra context menu item: Search &Thesaurus - C:\Program files\Lexico\Toolbar\thesaurus.htm
O9 - Extra button: MP3 (HKLM)
O9 - Extra 'Tools' menuitem: &WinMp3Locator (HKLM)
O9 - Extra button: Files (HKLM)
O9 - Extra 'Tools' menuitem: &FileLocator (HKLM)
O12 - Plugin for .mov: C:\ARQUIV~1\INTERN~1\PLUGINS\npqtplugin.dll
O12 - Plugin for .pdf: C:\ARQUIV~1\INTERN~1\PLUGINS\nppdf32.dll
O14 - IERESET.INF: START_PAGE_URL=http://redirect.tucows.com/lycos/home
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://www.apple.com/qtactivex/qtplugin.cab
O16 - DPF: {C1BAC744-8F0B-11D0-89E7-00C0A8295197} (Cameractl Class) - http://www.crtvg.es/camweb/camera.cab
O16 - DPF: {F0E42D60-368C-11D0-AD81-00A0C90DC8D9} (Snapshot Viewer Control 8.0) - http://activex.microsoft.com/activex/controls/access/Snapview.ocx
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (GpcContainer Class) - http://us3.webex.com/client/latest/webex/ieatgpc.cab
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/x86/ansi/iuctl.CAB?37907.4062615741
O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - http://www.ipix.com/viewers/ipixx.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/d052c1d7d32ead/housecall.antivirus.com/housecall/xscan53.cab
O16 - DPF: {90C9629E-CD32-11D3-BBFB-00105A1F0D68} (InstallShield International Setup Player) - http://www.installengine.com/engine/isetup.cab
O16 - DPF: FreedomAudio - http://www.radiosix.btinternet.co.uk/freedominstall.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://207.188.7.150/142b6ebc8eaba0f97e02/netzip/RdxIE601_br.cab
O16 - DPF: {E37CB5F0-51F5-4395-A808-5FA49E399F83} (GbPluginObj Class) - https://www14.bancobrasil.com.br/plugin/GbPluginBb.cab
O16 - DPF: {F0E2D69A-DC2F-4E9B-A993-684FB1C21DBC} - http://dictionary.reference.com/tools/toolbar/lexico.cab
O17 - HKLM\System\CCS\Services\VxD\MSTCP: Domain = terra.com.br
O17 - HKLM\System\CCS\Services\VxD\MSTCP: NameServer = 200.204.0.10,200.204.0.138