I've followed the self-help instructions and I am posting my mbam log first and then my hijackthis log second.

The problems in the beginning of the infection were pop-ups from my web browser, and a very slow computer.
Now the pop-ups don't happen anymore but my computer is extremely slow, and it seems to have affected
my Norton Endpoint Protection by disabling auto-protect I think. This is a recent development.

As for the steps I've taken to rid my computer of trojan.virtumonde or trojan.vundo they are as follows:
the first thing was a virus scan that picked up the trojan and variations of it, then spybot scans.
Then I downloaded spydoctor and that finds the trojan but doesn't rid my computer of it. Then I
downloaded vundo fix, which doesn't even find it on my computer. Then I have several scans in
safe-mode from bitdefender online scanner. Then I finally decided to post here.

Here is the Mbam log:

Malwarebytes' Anti-Malware 1.36
Database version: 2097
Windows 5.1.2600 Service Pack 3

5/8/2009 10:58:45 PM
mbam-log-2009-05-08 (22-58-45).txt

Scan type: Quick Scan
Objects scanned: 85371
Time elapsed: 5 minute(s), 14 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 3
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Track System (Trojan.Vundo) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)


My hijackthis log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:05:25 PM, on 5/8/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16827)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device

Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\Program Files\Dell Support Center\bin\sprtsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HP1006MC.EXE
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\Program Files\Symantec\Symantec Endpoint Protection\SmcGui.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\AnalogX\NetStat Live\nsl.exe
C:\Program Files\Verizon\McciTrayApp.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Verizon\VSP\VerizonServicepoint.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\IObit\IObit SmartDefrag\IObit SmartDefrag.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

http://www.dell.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: Adobe PDF Reader Link Helper -

{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common

Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {22A8420E-3EC6-4C5D-BE44-8B3A3039DE4D} - (no file)
O2 - BHO: Spybot-S&D IE Protection -

{53707962-6F74-2D53-2644-206D7942484F} -

C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -

C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper -

{9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common

Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {AFCC0D73-0A68-4BAE-8285-700022AC6B7C} - (no file)
O2 - BHO: Java™ Plug-In 2 SSV Helper -

{DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program

Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: (no name) - {E560A06B-E708-44F0-9170-A37CB4F53D1F} - (no file)
O2 - BHO: JQSIEStartDetectorImpl -

{E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program

Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: (no name) - {E8A3BEF9-F976-4416-AA84-3EB8ED28B6F3} - (no file)
O3 - Toolbar: StumbleUpon Toolbar -

{5093EB4C-3E93-40AB-9266-B607BA87BDC8} - C:\Program

Files\StumbleUpon\StumbleUponIEBar.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program

Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program

Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common

Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common

Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [NetStat Live] C:\Program Files\AnalogX\NetStat

Live\nsl.exe
O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support

Center\gs_agent\custom\dsca.exe"
O4 - HKLM\..\Run: [Verizon_McciTrayApp] C:\Program

Files\Verizon\McciTrayApp.exe
O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support

Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program

Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program

Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [VerizonServicepoint.exe] "C:\Program

Files\Verizon\VSP\VerizonServicepoint.exe" /AUTORUN
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI]

C:\WINDOWS\system32\WLTRAY.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SmartDefrag] "C:\Program Files\IObit\IObit

SmartDefrag\IObit SmartDefrag.exe" /StartUp
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec

Shared\ccApp.exe"
O4 - HKLM\..\Run: [hpbdfawep] C:\Program

Files\HP\Dfawep\bin\hpbdfawep.exe 1
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program

Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program

Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware

Doctor\pctsTray.exe"
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program

Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search &

Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DellSupport] "C:\Program

Files\DellSupport\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support

Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe"

/background
O4 - HKCU\..\Run: [Advanced SystemCare 3] "C:\Program

Files\IObit\Advanced SystemCare 3\AWC.exe" /startup
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft

Office\Office10\OSA.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -

C:\Program Files\Java\jre6\bin\npjpi160_10.dll
O9 - Extra 'Tools' menuitem: Sun Java Console -

{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program

Files\Java\jre6\bin\npjpi160_10.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} -

C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 -

{85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} -

(no file)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} -

C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration -

{DFB852A3-47F8-48C4-A200-58CAB36FD2A2} -

C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} -

C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 -

{e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network

Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -

C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger -

{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program

Files\Messenger\msmsgs.exe
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com

Configuration Class) -

http://pccheckup.dellfix.com/sdccommon/download/tgctlcm.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control)

- http://download.bitdefender.com/resources/scan8/oscan8.cab
O20 - AppInit_DLLs: jmvoib.dll wiqjin.dll pekljd.dll ssflgc.dll

pwrhib.dll vgnpkt.dll
O20 - Winlogon Notify: iiffGYqQ - iiffGYqQ.dll (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program

Files\Common Files\Apple\Mobile Device

Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program

Files\Bonjour\mDNSResponder.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. -

C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation

- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec

Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program

Files\DellSupport\brkrsvc.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. -

C:\Program Files\Common Files\Macrovision Shared\FLEXnet

Publisher\FNPLicensingService.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program

Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision

Corporation - C:\Program Files\Common

Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program

Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun

Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LiveUpdate - Symantec Corporation -

C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program

Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools -

C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools -

C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: Symantec Management Client (SmcService) - Symantec

Corporation - C:\Program Files\Symantec\Symantec Endpoint

Protection\Smc.exe
O23 - Service: Symantec Network Access Control (SNAC) - Symantec

Corporation - C:\Program Files\Symantec\Symantec Endpoint

Protection\SNAC.EXE
O23 - Service: SupportSoft Sprocket Service (dellsupportcenter)

(sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell

Support Center\bin\sprtsvc.exe
O23 - Service: StumbleUponUpdateService - stumbleupon.com - C:\Program

Files\StumbleUpon\StumbleUponUpdateService.exe
O23 - Service: Symantec Endpoint Protection (Symantec AntiVirus) -

Symantec Corporation - C:\Program Files\Symantec\Symantec Endpoint

Protection\Rtvscan.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown

owner - C:\WINDOWS\System32\WLTRYSVC.EXE

--
End of file - 11416 bytes

Hi there it is very hard to read the logs when word wrap is selected in notepad please unselect it

OK lets look a tad deeper

Download Rooter.exe to your desktop

1. Doubleclick it to start the tool.
2. A Notepad file containing the report will open, also found at %systemdrive%(usually C:)\Rooter.txt. Copy and paste it with your OTLI log.

THEN

• Download OTListIt2 to your desktop.
• Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
• When the window appears, underneath Output at the top change it to Minimal Output.
• Check the boxes beside LOP Check and Purity Check.
• Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  
  • When the scan completes, it will open two notepad windows. OTListIt.Txt and Extras.Txt. These are saved in the same location as OTListIt2.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply.

Thanks essexboy. Here is as you requested:


OTListIt logfile created on: 5/9/2009 8:22:00 AM - Run 1
OTListIt2 by OldTimer - Version 2.0.15.4 Folder = C:\Documents and Settings\albertk\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1015.37 Mb Total Physical Memory | 358.50 Mb Available Physical Memory | 35.31% Memory free
2.38 Gb Paging File | 1.45 Gb Available in Paging File | 60.96% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 71.49 Gb Total Space | 22.66 Gb Free Space | 31.70% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
Drive F: | 149.05 Gb Total Space | 86.34 Gb Free Space | 57.93% Space Free | Partition Type: NTFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: ALSLAPTOP
Current User Name: albertk
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Output = Minimal
File Age = 30 Days
Company Name Whitelist: On

========== Processes (SafeList) ==========

PRC - C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe (Symantec Corporation)
PRC - C:\WINDOWS\Explorer.EXE (Microsoft Corporation)
PRC - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation)
PRC - C:\WINDOWS\System32\WLTRYSVC.EXE ()
PRC - C:\WINDOWS\System32\bcmwltry.exe (Dell Inc.)
PRC - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
PRC - C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe (Dell Inc.)
PRC - C:\Program Files\Spyware Doctor\pctsAuxs.exe (PC Tools)
PRC - C:\Program Files\Spyware Doctor\pctsSvc.exe (PC Tools)
PRC - C:\Program Files\Dell Support Center\bin\sprtsvc.exe (SupportSoft, Inc.)
PRC - C:\Program Files\Spyware Doctor\pctsTray.exe (PC Tools)
PRC - C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe (Symantec Corporation)
PRC - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HP1006MC.EXE (Software 2000 Limited)
PRC - C:\Program Files\Canon\CAL\CALMAIN.exe (Canon Inc.)
PRC - C:\Program Files\Symantec\Symantec Endpoint Protection\SmcGui.exe (Symantec Corporation)
PRC - C:\WINDOWS\system32\wbem\wmiprvse.exe (Microsoft Corporation)
PRC - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
PRC - C:\WINDOWS\stsystra.exe (SigmaTel, Inc.)
PRC - C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe (CyberLink Corp.)
PRC - C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
PRC - C:\Program Files\AnalogX\NetStat Live\nsl.exe ()
PRC - C:\Program Files\Verizon\McciTrayApp.exe (Motive Communications, Inc.)
PRC - C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
PRC - C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
PRC - C:\Program Files\Verizon\VSP\VerizonServicepoint.exe (Verizon)
PRC - C:\WINDOWS\system32\WLTRAY.exe (Dell Inc.)
PRC - C:\WINDOWS\system32\hkcmd.exe (Intel Corporation)
PRC - C:\WINDOWS\system32\igfxpers.exe (Intel Corporation)
PRC - C:\Program Files\IObit\IObit SmartDefrag\IObit SmartDefrag.exe (IObit)
PRC - C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
PRC - C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
PRC - C:\Program Files\DellSupport\DSAgnt.exe (Gteko Ltd.)
PRC - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
PRC - C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe (IObit)
PRC - C:\Program Files\Digital Line Detect\DLG.exe (BVRP Software)
PRC - C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Documents and Settings\albertk\Desktop\OTListIt2.exe (OldTimer Tools)

========== Win32 Services (SafeList) ==========

SRV - (Apple Mobile Device [Auto | Running]) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (aspnet_state [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (Microsoft Corporation)
SRV - (Bonjour Service [Auto | Running]) -- C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
SRV - (CCALib8 [Auto | Running]) -- C:\Program Files\Canon\CAL\CALMAIN.exe (Canon Inc.)
SRV - (ccEvtMgr [Auto | Running]) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation)
SRV - (ccSetMgr [Auto | Running]) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation)
SRV - (clr_optimization_v2.0.50727_32 [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (DSBrokerService [On_Demand | Stopped]) -- C:\Program Files\DellSupport\brkrsvc.exe ()
SRV - (FLEXnet Licensing Service [On_Demand | Stopped]) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (FontCache3.0.0.0 [On_Demand | Stopped]) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation)
SRV - (gusvc [Auto | Stopped]) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (Google)
SRV - (helpsvc [Auto | Running]) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)
SRV - (IDriverT [On_Demand | Stopped]) -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe (Macrovision Corporation)
SRV - (idsvc [Unknown | Stopped]) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe (Microsoft Corporation)
SRV - (iPod Service [On_Demand | Running]) -- C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.)
SRV - (JavaQuickStarterService [Auto | Running]) -- C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
SRV - (LiveUpdate [On_Demand | Stopped]) -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_3.EXE (Symantec Corporation)
SRV - (NetTcpPortSharing [Disabled | Stopped]) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe (Microsoft Corporation)
SRV - (NICCONFIGSVC [Auto | Running]) -- C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe (Dell Inc.)
SRV - (sdAuxService [Auto | Running]) -- C:\Program Files\Spyware Doctor\pctsAuxs.exe (PC Tools)
SRV - (sdCoreService [Auto | Running]) -- C:\Program Files\Spyware Doctor\pctsSvc.exe (PC Tools)
SRV - (SmcService [Auto | Running]) -- C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe (Symantec Corporation)
SRV - (SNAC [On_Demand | Stopped]) -- C:\Program Files\Symantec\Symantec Endpoint Protection\SNAC.EXE (Symantec Corporation)
SRV - (sprtsvc_dellsupportcenter [Auto | Running]) -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe (SupportSoft, Inc.)
SRV - (StumbleUponUpdateService [On_Demand | Stopped]) -- C:\Program Files\StumbleUpon\StumbleUponUpdateService.exe (stumbleupon.com)
SRV - (Symantec AntiVirus [Auto | Running]) -- C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe (Symantec Corporation)
SRV - (usnjsvc [On_Demand | Stopped]) -- C:\Program Files\Windows Live\Messenger\usnsvc.exe (Microsoft Corporation)
SRV - (WLSetupSvc [On_Demand | Stopped]) -- C:\Program Files\Windows Live\installer\WLSetupSvc.exe (Microsoft Corporation)
SRV - (wltrysvc [Auto | Running]) -- C:\WINDOWS\System32\WLTRYSVC.EXE ()
SRV - (WMPNetworkSvc [On_Demand | Stopped]) -- C:\Program Files\Windows Media Player\WMPNetwk.exe (Microsoft Corporation)

========== Driver Services (SafeList) ==========

DRV - (AliIde [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\aliide.sys (Acer Laboratories Inc.)
DRV - (amdagp [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\amdagp.sys (Advanced Micro Devices, Inc.)
DRV - (APPDRV [System | Running]) -- C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS (Dell Inc)
DRV - (asc [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\asc.sys (Advanced System Products, Inc.)
DRV - (asc3550 [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\asc3550.sys (Advanced System Products, Inc.)
DRV - (ASPI32 [System | Running]) -- C:\WINDOWS\System32\drivers\Aspi32.sys (Adaptec)
DRV - (BCM43XX [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\bcmwl5.sys (Broadcom Corporation)
DRV - (bcm4sbxp [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys (Broadcom Corporation)
DRV - (CmdIde [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\cmdide.sys (CMD Technology, Inc.)
DRV - (COH_Mon [On_Demand | Stopped]) -- C:\WINDOWS\system32\Drivers\COH_Mon.sys (Symantec Corporation)
DRV - (dac2w2k [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys (Mylex Corporation)
DRV - (DSproct [On_Demand | Running]) -- C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys (Gteko Ltd.)
DRV - (dsunidrv [Auto | Running]) -- C:\WINDOWS\system32\DRIVERS\dsunidrv.sys (Gteko Ltd.)
DRV - (dtscsi [On_Demand | Running]) -- C:\WINDOWS\System32\Drivers\dtscsi.sys ()
DRV - (E100B [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\e100b325.sys (Intel Corporation)
DRV - (eeCtrl [System | Running]) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys (Symantec Corporation)
DRV - (EraserUtilRebootDrv [On_Demand | Running]) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation)
DRV - (GEARAspiWDM [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys (GEAR Software Inc.)
DRV - (HDAudBus [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\HDAudBus.sys (Windows ® Server 2003 DDK provider)
DRV - (HSFHWAZL [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys (Conexant Systems, Inc.)
DRV - (HSF_DPV [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys (Conexant Systems, Inc.)
DRV - (ialm [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\ialmnt5.sys (Intel Corporation)
DRV - (IKFileSec [Boot | Running]) -- C:\WINDOWS\system32\drivers\ikfilesec.sys (PCTools Research Pty Ltd.)
DRV - (IKSysFlt [System | Running]) -- C:\WINDOWS\system32\drivers\iksysflt.sys (PCTools Research Pty Ltd.)
DRV - (IKSysSec [System | Running]) -- C:\WINDOWS\system32\drivers\iksyssec.sys (PCTools Research Pty Ltd.)
DRV - (mdmxsdk [Auto | Running]) -- C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys (Conexant)
DRV - (mraid35x [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys (American Megatrends Inc.)
DRV - (MREMPR5 [On_Demand | Stopped]) -- C:\Program Files\Common Files\Motive\MREMPR5.sys (Motive, Inc.)
DRV - (MRENDIS5 [On_Demand | Stopped]) -- C:\Program Files\Common Files\Motive\MRENDIS5.sys (Motive, Inc.)
DRV - (NAVENG [On_Demand | Running]) -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20090504.023\NAVENG.SYS (Symantec Corporation)
DRV - (NAVEX15 [On_Demand | Running]) -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20090504.023\NAVEX15.SYS (Symantec Corporation)
DRV - (nv [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\nv4_mini.sys (NVIDIA Corporation)
DRV - (Ptilink [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\ptilink.sys (Parallel Technologies, Inc.)
DRV - (PxHelp20 [Boot | Running]) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys (Sonic Solutions)
DRV - (ql1080 [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\ql1080.sys (QLogic Corporation)
DRV - (ql12160 [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\ql12160.sys (QLogic Corporation)
DRV - (ql1280 [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\ql1280.sys (QLogic Corporation)
DRV - (Secdrv [Auto | Running]) -- C:\WINDOWS\system32\DRIVERS\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
DRV - (sisagp [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\sisagp.sys (Silicon Integrated Systems Corporation)
DRV - (Sparrow [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\sparrow.sys (Adaptec, Inc.)
DRV - (SPBBCDrv [System | Running]) -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys (Symantec Corporation)
DRV - (sptd [Boot | Running]) -- C:\WINDOWS\System32\Drivers\sptd.sys ()
DRV - (SRTSP [System | Running]) -- C:\WINDOWS\System32\Drivers\SRTSP.SYS (Symantec Corporation)
DRV - (SRTSPL [On_Demand | Stopped]) -- C:\WINDOWS\System32\Drivers\SRTSPL.SYS (Symantec Corporation)
DRV - (SRTSPX [System | Running]) -- C:\WINDOWS\System32\Drivers\SRTSPX.SYS (Symantec Corporation)
DRV - (STHDA [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\sthda.sys (SigmaTel, Inc.)
DRV - (symc810 [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\symc810.sys (Symbios Logic Inc.)
DRV - (symc8xx [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys (LSI Logic)
DRV - (SymEvent [On_Demand | Running]) -- C:\WINDOWS\system32\Drivers\SYMEVENT.SYS (Symantec Corporation)
DRV - (sym_hi [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys (LSI Logic)
DRV - (sym_u3 [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys (LSI Logic)
DRV - (SynTP [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\SynTP.sys (Synaptics, Inc.)
DRV - (SysPlant [Disabled | Stopped]) -- C:\WINDOWS\SYSTEM32\Drivers\SysPlant.sys (Symantec Corporation)
DRV - (Teefer2 [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\teefer2.sys (Symantec Corporation)
DRV - (ultra [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\ultra.sys (Promise Technology, Inc.)
DRV - (winachsf [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys (Conexant Systems, Inc.)
DRV - (WPS [System | Running]) -- C:\WINDOWS\system32\drivers\wpsdrvnt.sys (Symantec Corporation)
DRV - (WpsHelper [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\WpsHelper.sys (Symantec Corporation)

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?p...ER}&ar=home
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = http://www.google.com/ig/dell?hl=en
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/hws/sb/dell/en/side.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = http://www.google.com/ig/dell?hl=en

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/dell?hl=en
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com/hws/sb/dell/en/side.html
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?wl=true
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "www.gmail.com"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}:6.0.02
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}:6.0.03
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}:6.0.07
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}:6.0.10
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}:6.0.01
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.0
FF - prefs.js..extensions.enabledItems: {AE93811A-5C9A-4d34-8462-F7B864FC4696}:3.29
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.10

FF - HKLM\software\mozilla\Firefox\extensions\\jqs@sun.com: C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF [2008/12/15 14:17:04 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION\ [2009/02/02 00:01:19 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.10\extensions\\Components: C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS [2009/05/04 21:12:43 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.10\extensions\\Plugins: C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS [2009/04/29 12:06:29 | 00,000,000 | ---D | M]

[2008/06/28 22:25:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\albertk\Application Data\mozilla\Extensions
[2008/06/28 22:25:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\albertk\Application Data\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/05/08 22:47:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\albertk\Application Data\mozilla\Firefox\Profiles\535zfcuo.default\extensions
[2009/04/25 08:25:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\albertk\Application Data\mozilla\Firefox\Profiles\535zfcuo.default\extensions\{AE93811A-5C9A-4d34-8462-F7B864FC4696}
[2007/09/19 07:46:16 | 00,000,000 | ---D | M] -- C:\Documents and Settings\albertk\Application Data\mozilla\Firefox\Profiles\535zfcuo.default\extensions\videodowloader@videodownloader.net
[2009/05/01 16:27:28 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009/04/29 12:06:29 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2007/05/04 17:45:24 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}
[2007/09/03 10:02:58 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}
[2007/10/04 23:38:40 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}
[2008/10/02 17:44:51 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
[2008/12/15 14:17:33 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}
[2009/04/29 12:06:22 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009/04/29 12:06:22 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2009/01/22 20:49:14 | 00,001,394 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom.xml
[2009/01/22 20:49:15 | 00,002,193 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\answers.xml
[2009/01/22 20:49:15 | 00,001,534 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml
[2009/01/22 20:49:15 | 00,002,343 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay.xml
[2009/01/22 20:49:15 | 00,001,706 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2009/01/22 20:49:15 | 00,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia.xml
[2009/01/22 20:49:15 | 00,000,792 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo.xml

O1 HOSTS File: (306700 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.123topsearch.com
O1 - Hosts: 127.0.0.1 123topsearch.com
O1 - Hosts: 127.0.0.1 www.132.com
O1 - Hosts: 127.0.0.1 132.com
O1 - Hosts: 127.0.0.1 www.136136.net
O1 - Hosts: 127.0.0.1 136136.net
O1 - Hosts: 127.0.0.1 www.163ns.com
O1 - Hosts: 127.0.0.1 163ns.com
O1 - Hosts: 10559 more lines...
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {22A8420E-3EC6-4C5D-BE44-8B3A3039DE4D} - Reg Error: Key error. File not found
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - Reg Error: Key error. File not found
O2 - BHO: (Windows Live Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (no name) - {AFCC0D73-0A68-4BAE-8285-700022AC6B7C} - Reg Error: Key error. File not found
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (no name) - {E560A06B-E708-44F0-9170-A37CB4F53D1F} - Reg Error: Key error. File not found
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O2 - BHO: (no name) - {E8A3BEF9-F976-4416-AA84-3EB8ED28B6F3} - Reg Error: Key error. File not found
O3 - HKLM\..\Toolbar: (StumbleUpon Toolbar) - {5093EB4C-3E93-40AB-9266-B607BA87BDC8} - C:\Program Files\StumbleUpon\StumbleUponIEBar.dll (stumbleupon.com)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - Reg Error: Key error. File not found
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.exe (Dell Inc.)
O4 - HKLM..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" (Symantec Corporation)
O4 - HKLM..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter (SupportSoft, Inc.)
O4 - HKLM..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe" ( )
O4 - HKLM..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe" (CyberLink Corp.)
O4 - HKLM..\Run: [hpbdfawep] C:\Program Files\HP\Dfawep\bin\hpbdfawep.exe 1 ()
O4 - HKLM..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe" (PC Tools)
O4 - HKLM..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup (InstallShield Software Corporation)
O4 - HKLM..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start (InstallShield Software Corporation)
O4 - HKLM..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" (Apple Inc.)
O4 - HKLM..\Run: [NetStat Live] C:\Program Files\AnalogX\NetStat Live\nsl.exe ()
O4 - HKLM..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime (Apple Inc.)
O4 - HKLM..\Run: [SigmatelSysTrayApp] stsystra.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [SmartDefrag] "C:\Program Files\IObit\IObit SmartDefrag\IObit SmartDefrag.exe" /StartUp (IObit)
O4 - HKLM..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [Verizon_McciTrayApp] C:\Program Files\Verizon\McciTrayApp.exe (Motive Communications, Inc.)
O4 - HKLM..\Run: [VerizonServicepoint.exe] "C:\Program Files\Verizon\VSP\VerizonServicepoint.exe" /AUTORUN (Verizon)
O4 - HKCU..\Run: [Advanced SystemCare 3] "C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe" /startup (IObit)
O4 - HKCU..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup (Gteko Ltd.)
O4 - HKCU..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter (SupportSoft, Inc.)
O4 - HKCU..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background (Microsoft Corporation)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent (Malwarebytes Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe (BVRP Software)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\npjpi160_10.dll (Sun Microsystems, Inc.)
O9 - Extra 'Tools' menuitem : Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe ()
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [mdnsNSP] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKLM\..Trusted Domains: 49 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: 54 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} http://pccheckup.dellfix.com/sdccommon/download/tgctlcm.cab (Support.com Configuration Class)
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} http://download.bitdefender.com/resources/scan8/oscan8.cab (BDSCANONLINE Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_10)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab (Java Plug-in 1.5.0_10)
O16 - DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab (Java Plug-in 1.5.0_11)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_01)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_10)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_10)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwa...ash/swflash.cab (Shockwave Flash Object)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (Microsoft Corporation)
O20 - AppInit_DLLs: (jmvoib.dll) - File not found
O20 - AppInit_DLLs: (wiqjin.dll) - File not found
O20 - AppInit_DLLs: (pekljd.dll) - File not found
O20 - AppInit_DLLs: (ssflgc.dll) - File not found
O20 - AppInit_DLLs: (pwrhib.dll) - File not found
O20 - AppInit_DLLs: (vgnpkt.dll) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\iiffGYqQ: DllName - iiffGYqQ.dll - File not found
O20 - Winlogon\Notify\NavLogon: DllName - C:\WINDOWS\system32\NavLogon.dll - C:\WINDOWS\system32\NavLogon.dll ()
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/06/04 14:41:31 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2007/05/31 15:15:50 | 00,000,118 | ---- | M] () - F:\autorun.inf -- [ NTFS ]
O33 - MountPoints2\F\Shell\AutoRun\command - "" = .\Encryption Tool\MaxtorEncryption.exe
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found

========== Files/Folders - Created Within 30 Days ==========

[1 C:\WINDOWS\*.tmp files]
[2009/05/09 08:21:04 | 00,502,272 | ---- | C] (OldTimer Tools) -- C:\DOCUME~1\albertk\Desktop\OTListIt2.exe
[2009/05/09 08:14:50 | 00,000,000 | ---D | C] -- C:\Rooter$
[2009/05/09 08:14:36 | 00,267,612 | ---- | C] () -- C:\DOCUME~1\albertk\Desktop\Rooter.exe
[2009/05/09 01:52:21 | 00,000,320 | ---- | C] () -- C:\WINDOWS\tasks\HP WEP.job
[2009/05/09 00:08:31 | 00,000,000 | ---D | C] -- C:\DOCUME~1\albertk\Desktop\Scan Logs
[2009/05/08 22:52:16 | 00,000,000 | ---D | C] -- C:\Documents and Settings\albertk\Application Data\Malwarebytes
[2009/05/08 22:52:07 | 00,015,504 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/05/08 22:52:04 | 00,038,496 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/05/08 22:52:03 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/05/08 22:52:03 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2009/05/08 22:49:46 | 02,967,800 | ---- | C] (Malwarebytes Corporation ) -- C:\DOCUME~1\albertk\Desktop\mbam-setup.exe
[2009/05/07 06:42:35 | 00,001,649 | ---- | C] () -- C:\DOCUME~1\albertk\Desktop\Spyware Doctor.lnk
[2009/05/05 19:27:10 | 00,000,000 | ---D | C] -- C:\WINDOWS\BDOSCAN8
[2009/05/04 17:39:32 | 00,000,000 | ---D | C] -- C:\DOCUME~1\albertk\Desktop\West Huntsville Sermons
[2009/05/01 19:13:47 | 00,025,088 | ---- | C] () -- C:\DOCUME~1\albertk\Desktop\New Microsoft Word Document (4).doc
[2009/04/18 11:57:29 | 00,010,752 | ---- | C] () -- C:\DOCUME~1\albertk\Desktop\New Microsoft Word Document (3).doc
[2009/04/16 20:14:29 | 00,284,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pdh.dll
[2009/04/16 20:14:28 | 00,401,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rpcss.dll
[2009/04/16 20:14:28 | 00,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\services.exe
[2009/04/16 20:14:28 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sc.exe
[2009/04/16 20:14:27 | 00,473,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fastprox.dll
[2009/04/16 20:14:27 | 00,453,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiprvsd.dll
[2009/04/16 20:14:27 | 00,227,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiprvse.exe
[2009/04/16 20:14:26 | 00,729,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lsasrv.dll
[2009/04/16 20:14:26 | 00,714,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntdll.dll
[2009/04/16 20:14:26 | 00,617,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\advapi32.dll
[2009/04/16 20:12:23 | 00,002,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpsp4res.dll
[2009/04/16 20:12:12 | 01,203,922 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sysmain.sdb
[2009/04/16 20:12:08 | 00,215,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wordpad.exe
[2009/04/09 12:06:35 | 00,001,734 | ---- | C] () -- C:\DOCUME~1\albertk\Desktop\HijackThis.lnk
[2009/04/09 12:06:05 | 00,812,344 | ---- | C] (Trend Micro Inc.) -- C:\DOCUME~1\albertk\Desktop\HJTInstall.exe
[2009/02/11 17:43:15 | 00,065,536 | ---- | C] () -- C:\WINDOWS\System32\HPPLVS.dll
[2009/01/23 00:38:01 | 00,000,120 | -HS- | C] () -- C:\WINDOWS\System32\xemupwlr.ini
[2009/01/22 00:38:05 | 00,000,120 | -HS- | C] () -- C:\WINDOWS\System32\likvxysb.ini
[2009/01/21 00:38:10 | 00,000,120 | -HS- | C] () -- C:\WINDOWS\System32\ujndjpxn.ini
[2009/01/20 00:35:12 | 00,000,120 | -HS- | C] () -- C:\WINDOWS\System32\poqghnqp.ini
[2009/01/19 00:35:00 | 00,000,120 | -HS- | C] () -- C:\WINDOWS\System32\mwbkxgak.ini
[2009/01/18 00:32:06 | 00,000,120 | -HS- | C] () -- C:\WINDOWS\System32\asibtgdl.ini
[2009/01/17 00:34:56 | 00,000,660 | ---- | C] () -- C:\WINDOWS\System32\nlniccud.dll
[2009/01/17 00:31:57 | 00,000,660 | ---- | C] () -- C:\WINDOWS\System32\mnbamrjb.dll
[2009/01/16 00:33:39 | 00,000,120 | -HS- | C] () -- C:\WINDOWS\System32\nuhcjssi.ini
[2009/01/05 22:53:50 | 00,086,016 | ---- | C] () -- C:\WINDOWS\System32\preflib.dll
[2009/01/05 22:53:44 | 00,757,760 | ---- | C] () -- C:\WINDOWS\System32\bcm1xsup.dll
[2008/02/07 11:05:18 | 00,163,840 | ---- | C] () -- C:\WINDOWS\System32\hppatusg01.dll
[2008/01/17 22:07:55 | 00,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008/01/09 15:01:48 | 00,000,453 | ---- | C] () -- C:\WINDOWS\bdoscandellang.ini
[2007/11/11 13:50:28 | 00,223,128 | ---- | C] () -- C:\WINDOWS\System32\drivers\dtscsi.sys
[2007/11/11 13:48:04 | 00,664,064 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2007/11/11 13:48:04 | 00,096,384 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd0525.sys
[2006/07/31 22:15:38 | 00,069,632 | ---- | C] () -- C:\WINDOWS\System32\xmltok.dll
[2006/07/31 22:15:38 | 00,036,864 | ---- | C] () -- C:\WINDOWS\System32\xmlparse.dll
[2006/06/28 12:38:51 | 00,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2006/05/04 16:46:30 | 00,000,037 | ---- | C] () -- C:\WINDOWS\marscam.ini
[2006/05/02 15:38:24 | 00,000,748 | ---- | C] () -- C:\WINDOWS\SetBrowser.ini
[2006/02/22 23:23:16 | 00,000,000 | ---- | C] () -- C:\WINDOWS\AoADVDRipper.INI
[2006/02/15 18:50:26 | 00,000,059 | ---- | C] () -- C:\WINDOWS\ANS2000.INI
[2006/02/15 18:50:26 | 00,000,020 | -H-- | C] () -- C:\WINDOWS\akebook.ini
[2006/02/15 18:50:26 | 00,000,004 | -H-- | C] () -- C:\WINDOWS\a3kebook.ini
[2006/02/15 11:43:51 | 00,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2006/02/15 02:51:04 | 00,005,852 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2006/02/15 02:51:04 | 00,000,104 | RHS- | C] () -- C:\WINDOWS\System32\ECD7B0A291.sys
[2006/02/07 21:03:29 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/02/07 20:48:53 | 00,000,138 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2006/02/07 20:17:28 | 00,000,391 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2005/04/09 16:04:54 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2004/11/29 16:08:30 | 00,127,059 | ---- | C] ( ) -- C:\WINDOWS\System32\DSLLK189.dll
[2004/08/10 12:12:05 | 00,000,780 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/08/10 12:01:18 | 00,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004/08/10 11:51:28 | 00,001,397 | ---- | C] () -- C:\WINDOWS\win.ini
[2004/08/10 11:51:26 | 00,000,288 | ---- | C] () -- C:\WINDOWS\system.ini
[2002/01/18 17:07:32 | 00,045,056 | ---- | C] () -- C:\WINDOWS\System32\NavLogon.dll

========== Files - Modified Within 30 Days ==========

[1 C:\WINDOWS\System32\*.tmp files]
[1 C:\WINDOWS\*.tmp files]
[2009/05/09 08:21:07 | 00,502,272 | ---- | M] (OldTimer Tools) -- C:\DOCUME~1\albertk\Desktop\OTListIt2.exe
[2009/05/09 08:14:37 | 00,267,612 | ---- | M] () -- C:\DOCUME~1\albertk\Desktop\Rooter.exe
[2009/05/09 07:54:04 | 00,000,320 | ---- | M] () -- C:\WINDOWS\tasks\HP WEP.job
[2009/05/08 22:50:16 | 02,967,800 | ---- | M] (Malwarebytes Corporation ) -- C:\DOCUME~1\albertk\Desktop\mbam-setup.exe
[2009/05/08 16:39:27 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/05/08 16:36:54 | 00,000,868 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2009/05/08 16:36:15 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/05/08 16:36:11 | 00,000,062 | -HS- | M] () -- C:\Documents and Settings\albertk\Local Settings\desktop.ini
[2009/05/08 16:35:52 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/05/07 06:42:35 | 00,001,649 | ---- | M] () -- C:\DOCUME~1\albertk\Desktop\Spyware Doctor.lnk
[2009/05/06 20:53:59 | 00,306,700 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2009/05/06 20:53:25 | 00,306,700 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20090506-205359.backup
[2009/05/06 17:56:02 | 00,007,680 | -HS- | M] () -- C:\WINDOWS\Thumbs.db
[2009/05/03 07:32:53 | 00,025,088 | ---- | M] () -- C:\DOCUME~1\albertk\Desktop\New Microsoft Word Document (4).doc
[2009/04/26 22:00:06 | 00,000,388 | ---- | M] () -- C:\WINDOWS\tasks\SmartDefrag.job
[2009/04/18 11:57:29 | 00,010,752 | ---- | M] () -- C:\DOCUME~1\albertk\Desktop\New Microsoft Word Document (3).doc
[2009/04/17 03:18:48 | 00,524,016 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/04/17 03:18:48 | 00,443,034 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/04/17 03:18:48 | 00,072,134 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009/04/17 03:06:33 | 00,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2009/04/09 12:06:35 | 00,001,734 | ---- | M] () -- C:\DOCUME~1\albertk\Desktop\HijackThis.lnk
[2009/04/09 12:06:16 | 00,812,344 | ---- | M] (Trend Micro Inc.) -- C:\DOCUME~1\albertk\Desktop\HJTInstall.exe

========== LOP Check ==========

[2009/05/08 22:52:16 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\albertk\Application Data
[2009/02/25 07:40:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\albertk\Application Data\Adobe
[2007/03/11 20:36:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\albertk\Application Data\AdobeUM
[2007/09/03 11:11:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\albertk\Application Data\Apple Computer
[2006/10/10 11:25:57 | 00,000,000 | ---D | M] -- C:\Documents and Settings\albertk\Application Data\ArcSoft
[2007/11/11 15:59:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\albertk\Application Data\BitTorrent
[2008/03/12 15:44:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\albertk\Application Data\BitTorrent DNA
[2008/02/10 07:43:20 | 00,000,000 | ---D | M] -- C:\Documents and Settings\albertk\Application Data\Canon
[2006/02/07 20:58:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\albertk\Application Data\Corel
[2006/02/15 02:51:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\albertk\Application Data\Corel Photo Album
[2006/02/17 14:53:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\albertk\Application Data\CyberLink
[2008/08/31 22:19:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\albertk\Application Data\DNA
[2008/09/21 00:51:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\albertk\Application Data\Flickr
[2008/04/27 23:27:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\albertk\Application Data\Flock
[2007/01/01 19:56:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\albertk\Application Data\Google
[2007/04/11 22:02:14 | 00,000,000 | -H-D | M] -- C:\Documents and Settings\albertk\Application Data\Gtek
[2008/10/26 14:04:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\albertk\Application Data\gtk-2.0
[2008/01/17 21:57:15 | 00,000,000 | ---D | M] -- C:\Documents and Settings\albertk\Application Data\Help
[2004/08/10 12:08:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\albertk\Application Data\Identities
[2007/04/11 23:19:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\albertk\Application Data\iLike
[2007/01/24 12:08:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\albertk\Application Data\Intuit
[2009/01/28 08:09:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\albertk\Application Data\IObit
[2007/04/03 23:14:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\albertk\Application Data\IrfanView
[2006/02/14 13:14:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\albertk\Application Data\Macromedia
[2009/05/08 22:52:16 | 00,000,000 | ---D | M] -- C:\Documents and Settings\albertk\Application Data\Malwarebytes
[2008/01/19 08:50:55 | 00,000,000 | --SD | M] -- C:\Documents and Settings\albertk\Application Data\Microsoft
[2008/03/31 14:22:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\albertk\Application Data\Motive
[2008/06/28 22:25:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\albertk\Application Data\Mozilla
[2007/10/05 21:45:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\albertk\Application Data\NCH Swift Sound
[2009/04/29 17:07:57 | 00,000,000 | ---D | M] -- C:\Documents and Settings\albertk\Application Data\OpenOffice.org2
[2009/01/25 09:46:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\albertk\Application Data\PC Tools
[2006/06/03 00:40:18 | 00,000,000 | ---D | M] -- C:\Documents and Settings\albertk\Application Data\Real
[2006/08/17 01:44:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\albertk\Application Data\RecordPad
[2009/03/10 05:29:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\albertk\Application Data\StumbleUpon
[2006/02/07 20:36:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\albertk\Application Data\Sun
[2007/10/05 18:31:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\albertk\Application Data\Uniblue
[2009/02/05 22:52:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\albertk\Application Data\Verizon
[2008/08/17 23:19:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\albertk\Application Data\W Photo Studio Viewer
[2007/11/09 23:31:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\albertk\Application Data\WinRAR
[2009/05/08 22:52:03 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Application Data
[2008/12/14 10:01:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[2009/03/08 09:01:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2006/02/15 11:44:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AOL
[2007/07/04 12:14:16 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple
[2006/09/13 10:46:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple Computer
[2007/01/23 17:55:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\COMMON FILES
[2008/03/07 23:51:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Dell
[2007/08/13 18:51:15 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FLEXnet
[2009/05/08 16:36:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Google Updater
[2007/10/05 21:45:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GTek
[2009/02/11 17:44:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HPSSUPPLY
[2006/02/07 20:49:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\InstallShield
[2007/01/24 11:59:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Intuit
[2009/05/08 22:52:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2008/08/15 13:38:52 | 00,000,000 | --SD | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2008/12/11 16:43:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Motive
[2006/08/17 01:44:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound
[2006/02/07 20:48:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\QuickTime
[2004/08/10 12:13:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SBSI
[2008/11/02 09:16:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
[2008/02/01 06:18:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SupportSoft
[2009/02/05 23:11:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Symantec
[2009/05/09 05:19:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2006/04/11 22:01:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Trymedia
[2009/02/05 22:52:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Verizon
[2006/02/07 20:48:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2006/06/30 11:21:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[2008/06/23 16:57:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WLInstaller
[2004/08/04 04:00:00 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\desktop.ini
[2009/05/08 16:36:54 | 00,000,868 | ---- | M] () -- C:\WINDOWS\Tasks\Google Software Updater.job
[2009/05/09 07:54:04 | 00,000,320 | ---- | M] () -- C:\WINDOWS\Tasks\HP WEP.job
[2009/05/08 16:36:15 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT
[2009/04/26 22:00:06 | 00,000,388 | ---- | M] () -- C:\WINDOWS\Tasks\SmartDefrag.job

========== Purity Check ==========


========== Alternate Data Streams ==========

@Alternate Data Stream - 120 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:767A78E5
@Alternate Data Stream - 117 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:30FD0CBD
@Alternate Data Stream - 114 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:FA5F15C4
@Alternate Data Stream - 114 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
@Alternate Data Stream - 112 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:B63300D1
< End of report >

OTListIt Extras logfile created on: 5/9/2009 8:22:00 AM - Run 1
OTListIt2 by OldTimer - Version 2.0.15.4 Folder = C:\Documents and Settings\albertk\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1015.37 Mb Total Physical Memory | 358.50 Mb Available Physical Memory | 35.31% Memory free
2.38 Gb Paging File | 1.45 Gb Available in Paging File | 60.96% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 71.49 Gb Total Space | 22.66 Gb Free Space | 31.70% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
Drive F: | 149.05 Gb Total Space | 86.34 Gb Free Space | 57.93% Space Free | Partition Type: NTFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: ALSLAPTOP
Current User Name: albertk
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Output = Minimal
File Age = 30 Days
Company Name Whitelist: On

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
"EnableFirewall" = 0
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL File not found
C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL File not found
C:\Program Files\America Online 9.0\waol.exe:*:Enabled:AOL File not found
%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 (Microsoft Corporation)
C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger (Microsoft Corporation)
C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone) (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger (Microsoft Corporation)
C:\BLUEBYTE\S3AmazonDemo\S3_A_Demo.exe:*:Disabled:Siedler3 (Blue Byte )
C:\WINDOWS\system32\dplaysvr.exe:*:Disabled:Microsoft DirectPlay Helper (Microsoft Corporation)
%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 (Microsoft Corporation)
C:\Program Files\Warcraft III\Warcraft III.exe:*:Enabled:Warcraft III (Blizzard Entertainment)
C:\WINDOWS\system32\mmc.exe:*:Disabled:Microsoft Management Console (Microsoft Corporation)
C:\Program Files\DNA\btdna.exe:*:Enabled:DNA File not found
C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger (Microsoft Corporation)
C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone) (Microsoft Corporation)
C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour (Apple Inc.)
C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes (Apple Inc.)
C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe:*:Enabled:SMC Service (Symantec Corporation)
C:\Program Files\Symantec\Symantec Endpoint Protection\SNAC.EXE:*:Enabled:SNAC Service (Symantec Corporation)
C:\Program Files\Common Files\Symantec Shared\ccApp.exe:*:Enabled:Symantec Email (Symantec Corporation)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{011A2240-08DF-45BB-AA4E-1A78637CCF80}" = RPS CRT
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{0EB5D9B7-8E6C-4A9E-B74F-16B7EE89A67B}" = Microsoft Plus! Photo Story 2 LE
"{0F756CD9-4A1E-409B-B101-601DDC4C03AA}" = Qualxserve Service Agreement
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}" = Google Earth
"{1F528948-0E80-4C96-B455-DE4167CB1DF7}" = Internal Network Card Power Management
"{21657574-BD54-48A2-9450-EB03B2C7FC29}" = Sonic MyDVD LE
"{24D7346D-D4B4-45E8-98EA-75EC14B42DD8}" = Adobe ExtendScript Toolkit 2
"{26A24AE4-039D-4CA4-87B4-2F83216010FF}" = Java™ 6 Update 10
"{26E1BFB0-E87E-4696-9F89-B467F01F81E5}" = Broadcom Management Programs
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{318AB667-3230-41B5-A617-CB3BF748D371}" = iTunes
"{3248F0A8-6813-11D6-A77B-00B0D0150060}" = J2SE Runtime Environment 5.0 Update 6
"{3248F0A8-6813-11D6-A77B-00B0D0150100}" = J2SE Runtime Environment 5.0 Update 10
"{3248F0A8-6813-11D6-A77B-00B0D0150110}" = J2SE Runtime Environment 5.0 Update 11
"{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java™ SE Runtime Environment 6 Update 1
"{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java™ 6 Update 2
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java™ 6 Update 3
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java™ 6 Update 7
"{33BB4982-DC52-4886-A03B-F4C5C80BEE89}" = Windows Media Player 10
"{33CF7CDF-9805-4500-9CC7-D19D52AD63C4}" = Canon Camera WIA Driver
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35260E0B-A8C2-4D25-97E2-448DE7275C85}" = Canon Camera WIA Driver
"{3BAB4914-9CC1-4CC2-A3DA-56EF62DFD373}" = Symantec Endpoint Protection
"{3D047C15-C859-45F7-81CE-F2681778069B}" = iPod for Windows 2006-01-10
"{3D7E3EC9-46CF-4359-9289-39CE01DFB82F}" = Adobe Photoshop CS3
"{41169060-81E5-11D6-85BE-00E04CE0BDED}" = SonixStorage1.82
"{4667B940-BB01-428B-986E-A0CC46497BF7}" = ELIcon
"{508CE775-4BA4-4748-82DF-FE28DA9F03B0}" = Windows Live Messenger
"{51846830-E7B2-4218-8968-B77F0FF475B8}" = Adobe Color EU Extra Settings
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{5905F42D-3F5F-4916-ADA6-94A3646AEE76}" = Dell Driver Reset Tool
"{5A3F6A80-7913-475E-8B96-477A952CFA43}" = SupportSoft Assisted Service
"{62BD0AE0-4EB1-4BBB-8F43-B6400C8FEB2C}" = AOLIcon
"{63569CE9-FA00-469C-AF5C-E5D4D93ACF91}" = Windows Genuine Advantage v1.3.0254.0
"{64C1FA9A-FA94-4B6E-B3E4-8573738E4AD1}" = Adobe Setup
"{652C4ADF-0A29-4B02-9211-EE61675847DE}" = Canon Camera WIA Driver
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD 5.5
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6B3CA80E-6AC0-4725-BABF-9B0FEF880CB3}" = Power Tab Editor 1.7
"{6D4AC5A4-4CF9-4F90-8111-B9B53CE257BF}" = Adobe Color Common Settings
"{6D5FCA42-1486-4E32-AFE8-1B7E2AA59D33}" = Digital Content Portal
"{6E45BA47-383C-4C1E-8ED0-0D4845C293D7}" = Microsoft Plus! Digital Media Edition Installer
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{74F7662C-B1DB-489E-A8AC-07A06B24978B}" = Dell System Restore
"{764D06D8-D8DE-411E-A1C8-D9E9380F8A84}" = Microsoft Works 7.0
"{7902E313-FF0F-4493-ACB1-A8147B78DCD0}" = HPSSupply
"{7B02BF60-796D-4616-908B-B31A63CFDEFB}" = HPCarePackCore
"{7EE9DE0D-9228-4C33-B80E-FDD1773600DF}" = Microsoft Works Suite Add-in for Microsoft Word
"{7EFA5E6F-74F7-4AFB-8AEA-AA790BD3A76D}" = DellSupport
"{7F142D56-3326-11D5-B229-002078017FBF}" = Modem Helper
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel® Graphics Media Accelerator Driver for Mobile
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{911B0409-6000-11D3-8CFE-0050048383C9}" = Microsoft Word 2002
"{9422C8EA-B0C6-4197-B8FC-DC797658CA00}" = Windows Live Sign-in Assistant
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{95655ED4-7CA5-46DF-907F-7144877A32E5}" = Adobe Color NA Recommended Settings
"{987AE1EA-9AF0-484D-A0F9-11A2E0EB4AA0}" = OpenOffice.org 2.0
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A683A2C0-821C-486F-858C-FA634DB5E864}" = EducateU
"{A7E4ECCA-4A8E-4258-8EC8-2DCCF5B11320}" = Windows Live installer
"{A82D052A-0806-42DF-80CD-1730A1AC0ED3}" = MrvlUsgTracking
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-7AD7-1033-7B44-A81300000003}" = Adobe Reader 8.1.3
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B3C02EC1-A7B0-4987-9A43-8789426AAA7D}" = Adobe Setup
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BB3AB664-D92B-4CB5-8B3E-D841841F4E68}" = Canon Camera WIA Driver
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C5074CC4-0E26-4716-A307-960272A90040}" = QuickSet
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D050D7362D214723AD585B541FFB6C11}" = DivX Content Uploader
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D64DCF1C-7A95-49A4-BAFA-C42B5CF6B8B6}" = Works Suite OS Pack
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{E3BFEE55-39E2-4BE0-B966-89FE583822C1}" = Dell Support Center (Support Software)
"{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{EC4455AB-F155-4CC1-A4C5-88F3777F9886}" = Apple Mobile Device Support
"{ECA31632-C2AD-4774-A3CA-2813D47E4DD0}" = HPCarePackProducts
"{F958CA02-BB40-4007-894B-258729456EE4}" = QuickTime
"{FF11004C-F42A-4A31-9BCF-7F5C8FDBE53C}" = Adobe Setup
"{FF70923C-8A51-47F4-A7E9-893C6D54EB68}" = TES Construction Set
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player
"Adobe_3e054d2218e7aa282c2369d939e58ff" = Adobe ExtendScript Toolkit 2
"Adobe_6c8e2cb4fd241c55406016127a6ab2e" = Adobe Color Common Settings
"Adobe_719d6f144d0c086a0dfa7ff76bb9ac1" = Adobe Photoshop CS3
"Advanced SystemCare 3_is1" = Advanced SystemCare 3
"AnalogX NetStat Live" = AnalogX NetStat Live
"Audacity_is1" = Audacity 1.2.6
"Broadcom 802.11b Network Adapter" = Dell Wireless WLAN Card
"CAL" = Canon Camera Access Library
"CameraWindowDVC5" = Canon Camera Window DC_DV 5 for ZoomBrowser EX
"CameraWindowDVC6" = Canon Camera Window DC_DV 6 for ZoomBrowser EX
"CameraWindowMC" = Canon Camera Window MC 6 for ZoomBrowser EX
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_14F100C3" = Conexant HDA D110 MDC V.92 Modem
"Conquest_is1" = Conquest 3.0
"CSCLIB" = Canon Camera Support Core Library
"Dell Digital Jukebox Driver" = Dell Digital Jukebox Driver
"Dell Game Console" = Dell Game Console
"DPP" = Canon Utilities Digital Photo Professional 2.1
"EOS Utility" = Canon Utilities EOS Utility
"Eusing Free Registry Cleaner" = Eusing Free Registry Cleaner
"Flickr Uploadr" = Flickr Uploadr 3.0.5
"Google Updater" = Google Updater
"Guitar Guru_is1" = Guitar Guru Version 2.1.2
"HijackThis" = HijackThis 2.0.2
"HP LaserJet P1000 series" = HP LaserJet P1000 series
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"InstallShield_{33CF7CDF-9805-4500-9CC7-D19D52AD63C4}" = Canon EOS Kiss_N REBEL_XT 350D WIA Driver
"InstallShield_{35260E0B-A8C2-4D25-97E2-448DE7275C85}" = Canon EOS-1D Mark II N WIA Driver
"InstallShield_{3D047C15-C859-45F7-81CE-F2681778069B}" = iPod for Windows 2006-01-10
"InstallShield_{652C4ADF-0A29-4B02-9211-EE61675847DE}" = Canon EOS-1Ds Mark II WIA Driver
"InstallShield_{BB3AB664-D92B-4CB5-8B3E-D841841F4E68}" = Canon EOS 5D WIA Driver
"IrfanView" = IrfanView (remove only)
"Jigsaw Puzzle Lite" = Jigsaw Puzzle Lite (remove only)
"LiveUpdate" = LiveUpdate 3.3 (Symantec Corporation)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.0.10)" = Mozilla Firefox (3.0.10)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Mystery Case Files - Huntsville" = Mystery Case Files - Huntsville (remove only)
"Mystery Case Files - Prime Suspects" = Mystery Case Files - Prime Suspects (remove only)
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"PhotoStitch" = Canon Utilities PhotoStitch
"Picasa 3" = Picasa 3
"RadialpointClientGateway_is1" = Verizon Servicepoint 1.5.22
"RAW Image Task" = Canon RAW Image Task for ZoomBrowser EX
"RemoteCaptureTask" = Canon RemoteCapture Task for ZoomBrowser EX
"Siedler3DemoDeinstall" = S3 Amazons Demo
"Slide" = Slide
"Smart Defrag_is1" = Smart Defrag 1.10
"Spybot - Search & Destroy_is1" = Spybot - Search & Destroy 1.5.2.20
"Spyware Doctor" = Spyware Doctor 6.0
"Starcraft" = Starcraft
"StreetPlugin" = Learn2 Player (Uninstall Only)
"StumbleUponIEToolbar" = StumbleUpon IE Toolbar
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Verizon Online Help and Support" = Verizon Online Help and Support
"ViewpointMediaPlayer" = Viewpoint Media Player
"Winamp" = Winamp
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinGimp-2.0_is1" = GIMP 2.4.7
"WinRAR archiver" = WinRAR archiver
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Word Search Deluxe" = Word Search Deluxe (remove only)
"Works2003Setup" = Microsoft Works 2003 Setup Launcher
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XviD_is1" = XviD 1.1 final uninstall
"ZoomBrowser EX" = Canon Utilities ZoomBrowser EX

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"BitTorrent DNA" = DNA
"Warcraft III" = Warcraft III

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 5/7/2009 9:43:23 AM | Computer Name = ALSLAPTOP | Source = Symantec AntiVirus | ID = 16711725
Description = SYMANTEC TAMPER PROTECTION ALERT Target: C:\Program Files\Symantec\Symantec
Endpoint Protection\SmcGui.exe Event Info: Allocation Memory Action Taken: Logged
Actor
Process: C:\Program Files\Spyware Doctor\pctsSvc.exe (PID 3596) Time: Thursday,
May 07, 2009 6:43:23 AM

Error - 5/7/2009 9:43:23 AM | Computer Name = ALSLAPTOP | Source = Symantec AntiVirus | ID = 16711725
Description = SYMANTEC TAMPER PROTECTION ALERT Target: C:\Program Files\Symantec\Symantec
Endpoint Protection\SmcGui.exe Event Info: Write Memory Action Taken: Logged Actor
Process: C:\Program Files\Spyware Doctor\pctsSvc.exe (PID 3596) Time: Thursday,
May 07, 2009 6:43:23 AM

Error - 5/7/2009 9:43:23 AM | Computer Name = ALSLAPTOP | Source = Symantec AntiVirus | ID = 16711725
Description = SYMANTEC TAMPER PROTECTION ALERT Target: C:\Program Files\Symantec\Symantec
Endpoint Protection\SmcGui.exe Event Info: Create Thread Action Taken: Logged Actor
Process: C:\Program Files\Spyware Doctor\pctsSvc.exe (PID 3596) Time: Thursday,
May 07, 2009 6:43:23 AM

Error - 5/7/2009 9:43:23 AM | Computer Name = ALSLAPTOP | Source = Symantec AntiVirus | ID = 16711725
Description = SYMANTEC TAMPER PROTECTION ALERT Target: C:\Program Files\Symantec\Symantec
Endpoint Protection\SmcGui.exe Event Info: Resume Thread Action Taken: Logged Actor
Process: C:\Program Files\Spyware Doctor\pctsSvc.exe (PID 3596) Time: Thursday,
May 07, 2009 6:43:23 AM

Error - 5/7/2009 9:43:25 AM | Computer Name = ALSLAPTOP | Source = Symantec AntiVirus | ID = 16711725
Description = SYMANTEC TAMPER PROTECTION ALERT Target: C:\Program Files\Symantec\Symantec
Endpoint Protection\SavUI.exe Event Info: Allocation Memory Action Taken: Logged
Actor
Process: C:\Program Files\Spyware Doctor\pctsSvc.exe (PID 3596) Time: Thursday,
May 07, 2009 6:43:25 AM

Error - 5/7/2009 9:43:25 AM | Computer Name = ALSLAPTOP | Source = Symantec AntiVirus | ID = 16711725
Description = SYMANTEC TAMPER PROTECTION ALERT Target: C:\Program Files\Symantec\Symantec
Endpoint Protection\SavUI.exe Event Info: Write Memory Action Taken: Logged Actor
Process: C:\Program Files\Spyware Doctor\pctsSvc.exe (PID 3596) Time: Thursday,
May 07, 2009 6:43:25 AM

Error - 5/7/2009 9:43:25 AM | Computer Name = ALSLAPTOP | Source = Symantec AntiVirus | ID = 16711725
Description = SYMANTEC TAMPER PROTECTION ALERT Target: C:\Program Files\Symantec\Symantec
Endpoint Protection\SavUI.exe Event Info: Create Thread Action Taken: Logged Actor
Process: C:\Program Files\Spyware Doctor\pctsSvc.exe (PID 3596) Time: Thursday,
May 07, 2009 6:43:25 AM

Error - 5/7/2009 9:43:25 AM | Computer Name = ALSLAPTOP | Source = Symantec AntiVirus | ID = 16711725
Description = SYMANTEC TAMPER PROTECTION ALERT Target: C:\Program Files\Symantec\Symantec
Endpoint Protection\SavUI.exe Event Info: Resume Thread Action Taken: Logged Actor
Process: C:\Program Files\Spyware Doctor\pctsSvc.exe (PID 3596) Time: Thursday,
May 07, 2009 6:43:25 AM

Error - 5/8/2009 7:36:19 PM | Computer Name = ALSLAPTOP | Source = SupportSoft Agent | ID = 0
Description =

Error - 5/8/2009 7:48:54 PM | Computer Name = ALSLAPTOP | Source = SescLU | ID = 13
Description = LiveUpdate returned a non-critical error. Available content updates
may have failed to install.

[ System Events ]
Error - 5/7/2009 9:50:04 AM | Computer Name = ALSLAPTOP | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service EventSystem
with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 5/7/2009 9:50:09 AM | Computer Name = ALSLAPTOP | Source = Service Control Manager | ID = 7001
Description = The DHCP Client service depends on the NetBios over Tcpip service
which failed to start because of the following error: %%31

Error - 5/7/2009 9:50:09 AM | Computer Name = ALSLAPTOP | Source = Service Control Manager | ID = 7001
Description = The DNS Client service depends on the TCP/IP Protocol Driver service
which failed to start because of the following error: %%31

Error - 5/7/2009 9:50:09 AM | Computer Name = ALSLAPTOP | Source = Service Control Manager | ID = 7001
Description = The TCP/IP NetBIOS Helper service depends on the AFD service which
failed to start because of the following error: %%31

Error - 5/7/2009 9:50:09 AM | Computer Name = ALSLAPTOP | Source = Service Control Manager | ID = 7001
Description = The Apple Mobile Device service depends on the TCP/IP Protocol Driver
service which failed to start because of the following error: %%31

Error - 5/7/2009 9:50:09 AM | Computer Name = ALSLAPTOP | Source = Service Control Manager | ID = 7001
Description = The Bonjour Service service depends on the TCP/IP Protocol Driver
service which failed to start because of the following error: %%31

Error - 5/7/2009 9:50:09 AM | Computer Name = ALSLAPTOP | Source = Service Control Manager | ID = 7001
Description = The IPSEC Services service depends on the IPSEC driver service which
failed to start because of the following error: %%31

Error - 5/7/2009 9:50:09 AM | Computer Name = ALSLAPTOP | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
AFD APPDRV ASPI32 eeCtrl Fips intelppm IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss SPBBCDrv SRTSP
SRTSPX
Tcpip
WPS

Error - 5/8/2009 12:35:00 AM | Computer Name = ALSLAPTOP | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service EventSystem
with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 5/8/2009 7:36:40 PM | Computer Name = ALSLAPTOP | Source = Service Control Manager | ID = 7000
Description = The Security Services Driver (x86) service failed to start due to
the following error: %%2

[ Verizon Events ]
Error - 4/4/2008 5:58:16 PM | Computer Name = ALSLAPTOP | Source = VerizonClientLog | ID = 0
Description = Unable to communicate with service. Possible reasons: Firewall might
have blocked the communication port Or Port might be in use by other application.

Please
cantact to : www.verizon.net

Error - 4/4/2008 5:58:17 PM | Computer Name = ALSLAPTOP | Source = VerizonClientLog | ID = 0
Description = Unable to communicate with service. Possible reasons: Firewall might
have blocked the communication port Or Port might be in use by other application.

Please
cantact to : www.verizon.net

Error - 4/4/2008 5:58:18 PM | Computer Name = ALSLAPTOP | Source = VerizonClientLog | ID = 0
Description = Unable to communicate with service. Possible reasons: Firewall might
have blocked the communication port Or Port might be in use by other application.

Please
cantact to : www.verizon.net

Error - 4/4/2008 5:58:19 PM | Computer Name = ALSLAPTOP | Source = VerizonClientLog | ID = 0
Description = Unable to communicate with service. Possible reasons: Firewall might
have blocked the communication port Or Port might be in use by other application.

Please
cantact to : www.verizon.net

Error - 4/4/2008 5:58:20 PM | Computer Name = ALSLAPTOP | Source = VerizonClientLog | ID = 0
Description = Unable to communicate with service. Possible reasons: Firewall might
have blocked the communication port Or Port might be in use by other application.

Please
cantact to : www.verizon.net

Error - 4/4/2008 5:58:52 PM | Computer Name = ALSLAPTOP | Source = VerizonClientLog | ID = 0
Description = Unable to communicate with service. Possible reasons: Firewall might
have blocked the communication port Or Port might be in use by other application.

Please
cantact to : www.verizon.net

Error - 4/4/2008 5:59:01 PM | Computer Name = ALSLAPTOP | Source = VerizonClientLog | ID = 0
Description = Unable to communicate with service. Possible reasons: Firewall might
have blocked the communication port Or Port might be in use by other application.

Please
cantact to : www.verizon.net

Error - 4/4/2008 6:10:26 PM | Computer Name = ALSLAPTOP | Source = VerizonClientLog | ID = 0
Description = Unable to communicate with service. Possible reasons: Firewall might
have blocked the communication port Or Port might be in use by other application.

Please
cantact to : www.verizon.net

Error - 4/4/2008 6:11:56 PM | Computer Name = ALSLAPTOP | Source = VerizonClientLog | ID = 0
Description = Unable to communicate with service. Possible reasons: Firewall might
have blocked the communication port Or Port might be in use by other application.

Please
cantact to : www.verizon.net

Error - 4/4/2008 9:03:35 PM | Computer Name = ALSLAPTOP | Source = VerizonClientLog | ID = 0
Description = Unable to communicate with service. Possible reasons: Firewall might
have blocked the communication port Or Port might be in use by other application.

Please
cantact to : www.verizon.net


< End of report >

Microsoft Windows XP Home Edition (5.1.2600) Service Pack 3

C:\ [Fixed] - NTFS - (Total:73202 Mo/Free:2729 Mo)
D:\ [CD-Rom] (Total:0 Mo/Free:0 Mo)
E:\ [CD-Rom] (Total:0 Mo/Free:0 Mo)
F:\ [Fixed] - NTFS - (Total:152625 Mo/Free:2393 Mo)

Sat 05/09/2009| 8:14

----------------------\\ Processes..

--Locked-- [System Process]
---------- System
---------- \SystemRoot\System32\smss.exe
---------- \??\C:\WINDOWS\system32\csrss.exe
---------- \??\C:\WINDOWS\system32\winlogon.exe
---------- C:\WINDOWS\system32\services.exe
---------- C:\WINDOWS\system32\lsass.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\WINDOWS\System32\svchost.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\WINDOWS\Explorer.EXE
---------- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
---------- C:\WINDOWS\System32\WLTRYSVC.EXE
---------- C:\WINDOWS\System32\bcmwltry.exe
---------- C:\WINDOWS\system32\spoolsv.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
---------- C:\Program Files\Bonjour\mDNSResponder.exe
---------- C:\Program Files\Java\jre6\bin\jqs.exe
---------- C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
---------- C:\Program Files\Spyware Doctor\pctsAuxs.exe
---------- C:\Program Files\Spyware Doctor\pctsSvc.exe
---------- C:\Program Files\Dell Support Center\bin\sprtsvc.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\Program Files\Spyware Doctor\pctsTray.exe
---------- C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe
---------- C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HP1006MC.EXE
---------- C:\Program Files\Canon\CAL\CALMAIN.exe
---------- C:\Program Files\Symantec\Symantec Endpoint Protection\SmcGui.exe
---------- C:\WINDOWS\System32\alg.exe
---------- C:\WINDOWS\system32\wbem\wmiprvse.exe
---------- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
---------- C:\WINDOWS\stsystra.exe
---------- C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
---------- C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
---------- C:\Program Files\AnalogX\NetStat Live\nsl.exe
---------- C:\Program Files\Verizon\McciTrayApp.exe
---------- C:\Program Files\Dell Support Center\bin\sprtcmd.exe
---------- C:\Program Files\iTunes\iTunesHelper.exe
---------- C:\Program Files\Verizon\VSP\VerizonServicepoint.exe
---------- C:\WINDOWS\system32\WLTRAY.exe
---------- C:\WINDOWS\system32\hkcmd.exe
---------- C:\WINDOWS\system32\igfxpers.exe
---------- C:\Program Files\IObit\IObit SmartDefrag\IObit SmartDefrag.exe
---------- C:\Program Files\Common Files\Symantec Shared\ccApp.exe
---------- C:\Program Files\Java\jre6\bin\jusched.exe
---------- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
---------- C:\WINDOWS\system32\ctfmon.exe
---------- C:\Program Files\DellSupport\DSAgnt.exe
---------- C:\Program Files\Messenger\msmsgs.exe
---------- C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe
---------- C:\Program Files\Digital Line Detect\DLG.exe
---------- C:\Program Files\iPod\bin\iPodService.exe
---------- C:\Program Files\Mozilla Firefox\firefox.exe
---------- C:\WINDOWS\system32\cmd.exe
---------- C:\Rooter$\RK.exe

----------------------\\ Search..

----------------------\\ ROOTKIT !!



1 - "C:\Rooter$\Rooter_1.txt" - Sat 05/09/2009| 8:15

----------------------\\ Scan completed at 8:15

On completion of this run can you let me know of any problems you are still experiencing

Run OTList2.exe

• Under the Custom Scans/Fixes box at the bottom, paste in the following
  
  CODE
  :OTLI
  O2 - BHO: (no name) - {22A8420E-3EC6-4C5D-BE44-8B3A3039DE4D} - Reg Error: Key error. File not found
  O2 - BHO: (no name) - {AFCC0D73-0A68-4BAE-8285-700022AC6B7C} - Reg Error: Key error. File not found
  O2 - BHO: (no name) - {E560A06B-E708-44F0-9170-A37CB4F53D1F} - Reg Error: Key error. File not found
  O2 - BHO: (no name) - {E8A3BEF9-F976-4416-AA84-3EB8ED28B6F3} - Reg Error: Key error. File not found
  O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - Reg Error: Key error. File not found
  O20 - AppInit_DLLs: (jmvoib.dll) - File not found
  O20 - AppInit_DLLs: (wiqjin.dll) - File not found
  O20 - AppInit_DLLs: (pekljd.dll) - File not found
  O20 - AppInit_DLLs: (ssflgc.dll) - File not found
  O20 - AppInit_DLLs: (pwrhib.dll) - File not found
  O20 - AppInit_DLLs: (vgnpkt.dll) - File not found
  O20 - Winlogon\Notify\iiffGYqQ: DllName - iiffGYqQ.dll - File not found
  [2009/01/23 00:38:01 | 00,000,120 | -HS- | C] () -- C:\WINDOWS\System32\xemupwlr.ini
  [2009/01/22 00:38:05 | 00,000,120 | -HS- | C] () -- C:\WINDOWS\System32\likvxysb.ini
  [2009/01/21 00:38:10 | 00,000,120 | -HS- | C] () -- C:\WINDOWS\System32\ujndjpxn.ini
  [2009/01/20 00:35:12 | 00,000,120 | -HS- | C] () -- C:\WINDOWS\System32\poqghnqp.ini
  [2009/01/19 00:35:00 | 00,000,120 | -HS- | C] () -- C:\WINDOWS\System32\mwbkxgak.ini
  [2009/01/18 00:32:06 | 00,000,120 | -HS- | C] () -- C:\WINDOWS\System32\asibtgdl.ini
  [2009/01/17 00:34:56 | 00,000,660 | ---- | C] () -- C:\WINDOWS\System32\nlniccud.dll
  [2009/01/17 00:31:57 | 00,000,660 | ---- | C] () -- C:\WINDOWS\System32\mnbamrjb.dll
  [2009/01/16 00:33:39 | 00,000,120 | -HS- | C] () -- C:\WINDOWS\System32\nuhcjssi.ini
  
  :Commands
  [purity]
  [emptytemp]
  [Reboot]
• Then click the Run Fix button at the top
• Let the program run unhindered, reboot when it is done
• Then post a new OTL2 log ( don't check the boxes beside LOP Check or Purity this time )

THEN

Please download Malwarebytes' Anti-Malware from Here.

Double Click mbam-setup.exe to install the application.

• Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
• If an update is found, it will download and install the latest version.
• Once the program has loaded, select "Perform Quick Scan", then click Scan.
• The scan may take some time to finish,so please be patient.
• When the scan is complete, click OK, then Show Results to view the results.
• Make sure that everything is checked, and click Remove Selected.
• When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
• The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
• Copy&Paste the entire report in your next reply.

Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediatly.

Firefox is still running REALLY slow, and I had two errors while applying the custom fix in OTLISTIT


========== OTLISTIT ==========
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22A8420E-3EC6-4C5D-BE44-8B3A3039DE4D}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{22A8420E-3EC6-4C5D-BE44-8B3A3039DE4D}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AFCC0D73-0A68-4BAE-8285-700022AC6B7C}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AFCC0D73-0A68-4BAE-8285-700022AC6B7C}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E560A06B-E708-44F0-9170-A37CB4F53D1F}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E560A06B-E708-44F0-9170-A37CB4F53D1F}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E8A3BEF9-F976-4416-AA84-3EB8ED28B6F3}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E8A3BEF9-F976-4416-AA84-3EB8ED28B6F3}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:jmvoib.dll deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:wiqjin.dll deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:pekljd.dll deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:ssflgc.dll deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:pwrhib.dll deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:vgnpkt.dll deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\iiffGYqQ\ deleted successfully.
C:\WINDOWS\System32\xemupwlr.ini moved successfully.
C:\WINDOWS\System32\likvxysb.ini moved successfully.
C:\WINDOWS\System32\ujndjpxn.ini moved successfully.
C:\WINDOWS\System32\poqghnqp.ini moved successfully.
C:\WINDOWS\System32\mwbkxgak.ini moved successfully.
C:\WINDOWS\System32\asibtgdl.ini moved successfully.
LoadLibrary failed for C:\WINDOWS\System32\nlniccud.dll
C:\WINDOWS\System32\nlniccud.dll NOT unregistered.
C:\WINDOWS\System32\nlniccud.dll moved successfully.
LoadLibrary failed for C:\WINDOWS\System32\mnbamrjb.dll
C:\WINDOWS\System32\mnbamrjb.dll NOT unregistered.
C:\WINDOWS\System32\mnbamrjb.dll moved successfully.
C:\WINDOWS\System32\nuhcjssi.ini moved successfully.
========== COMMANDS ==========
File delete failed. C:\Documents and Settings\albertk\Local Settings\Temp\etilqs_518k9Y1f5cvS67zD7OYw scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\albertk\Local Settings\Temp\Perflib_Perfdata_bd8.dat scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\albertk\Local Settings\Temp\Perflib_Perfdata_c84.dat scheduled to be deleted on reboot.
User's Temp folder emptied.
User's Internet Explorer cache folder emptied.
Local Service Temp folder emptied.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
Local Service Temporary Internet Files folder emptied.
Network Service Temp folder emptied.
Network Service Temporary Internet Files folder emptied.
File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_21c.dat scheduled to be deleted on reboot.
Windows Temp folder emptied.
Java cache emptied.
Temp folders emptied.

OTListIt2 by OldTimer - Version 2.0.15.4 log created on 05092009_100226

Files moved on Reboot...
File C:\Documents and Settings\albertk\Local Settings\Temp\etilqs_518k9Y1f5cvS67zD7OYw not found!
File C:\Documents and Settings\albertk\Local Settings\Temp\Perflib_Perfdata_bd8.dat not found!
File C:\Documents and Settings\albertk\Local Settings\Temp\Perflib_Perfdata_c84.dat not found!
File C:\WINDOWS\temp\Perflib_Perfdata_21c.dat not found!

Registry entries deleted on Reboot...

Malwarebytes' Anti-Malware 1.36
Database version: 2099
Windows 5.1.2600 Service Pack 3

5/9/2009 10:23:11 AM
mbam-log-2009-05-09 (10-23-11).txt

Scan type: Quick Scan
Objects scanned: 85306
Time elapsed: 5 minute(s), 43 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

Lets have a look at the speed problem now

Please download ATF Cleaner by Atribune.
This program is for XP, Vista and Windows 2000 only

Double-click ATF-Cleaner.exe to run the program.
Under Main choose: Select All
Click the Empty Selected button.

If you use Firefox browser

Click Firefox at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.

If you use Opera browser

Click Opera at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.

Click Exit on the Main menu to close the program.
For Technical Support, double-click the e-mail address located at the bottom of each menu.

ON COMPLETION

Download and run Auslogics Disc Defragmenter

Let me know of any ongoing problems once finished

Running MUCH faster now...

Doesn't seem to be any problems or warnings popping up anywhere.

Thats what I like a happy bunny

Now the best part of the day ----- Your log now appears clean

A good workman always cleans up after himself so..Run OTListit and hit the cleanup button. It will remove all the programmes we have used plus itself. MBAM can be uninstalled via control panel add/remove along with ERUNT. But they may be useful tools to keep

We will now confirm that your hidden files are set to that, as some of the tools I use will change that

• Click Start.
• Open My Computer.
• Select the Tools menu and click Folder Options.
• Select the View Tab.
• Under the Hidden files and folders heading select Do not show hidden files and folders.
• Click Yes to confirm.
• Click OK.

Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system. Please follow these steps to remove older version of Java components and upgrade the application. Beware it is NOT supported for use in 9x or ME and probably will not install in those systems

Upgrading Java:

• Download the latest version of Java SE Runtime Environment (JRE)JRE 6 Update 13.
• Click the "Download" button to the right.
• Select your Platform and check the box that says: "I agree to the Java SE Runtime Environment 6 License Agreement.".
• Click on Continue.
• Click on the link to download Windows Offline Installation (jre-6u13-windows-i586-p.exe) and save it to your desktop. Do NOT use the Sun Download Manager..
• Close any programs you may have running - especially your web browser.
• Go to Start > Control Panel, double-click on Add/Remove programs and remove all older versions of Java.
• Check any item with Java Runtime Environment (JRE or J2SE) in the name.
• Click the Remove or Change/Remove button.
• Repeat as many times as necessary to remove each Java version.
• Reboot your computer once all Java components are removed.
• Then from your desktop double-click on the download to install the newest version.(Vista users, right click on the jre-6u13-windows-i586-p.exe and select "Run as an Administrator.")

XP
Now to get you off to a good start we will clean your restore points so that all the bad stuff is gone for good. Then if you need to restore at some stage you will be clean. There are several ways to reset your restore points, but this is my method:

• Select Start > All Programs > Accessories > System tools > System Restore.
• On the dialogue box that appears select Create a Restore Point
• Click NEXT
• Enter a name e.g. Clean
• Click CREATE

You now have a clean restore point, to get rid of the bad ones:

• Select Start > All Programs > Accessories > System tools > Disk Cleanup.
• In the Drop down box that appears select your main drive e.g. C
• Click OK
• The System will do some calculation and the display a dialogue box with TABS
• Select the More Options Tab.
• At the bottom will be a system restore box with a CLEANUP button click this
• Accept the Warning and select OK again, the program will close and you are done

Now that you are clean, to help protect your computer in the future I recommend that you get the following free programmes:

• SpywareBlaster to help prevent spyware from installing in the first place.
• SuperAntispyware Run weekly to keep your system clean

It is critical to have both a firewall and anti virus to protect your system and to keep them updated.

To keep your operating system up to date visit

• Secunia Software inspector To check your programme update status
• Microsoft Windows Update

To learn more about how to protect yourself while on the internet read our little guide How did I get infected in the first place ?
Keep safe

You are the man! Thanks very much!

Since this issue appears to be resolved ... this Topic has been closed. Glad we could be of assistance.

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.