Virus found: w32.fakealert.gen-p

Hello. Thanks in advance for your help. I first noticed a change in my microsoft office outlook ...then later in all of the office suite products. The physical appearance changed to one that appeared something more like "safe mode". After running the scan on my pc with Lightspeed Total Traffic Control, the virus w32.fakealert.gen-p was detected. I quarantined this and deleted it. After doing so, I uninstalled office, re-ran the scan, and then reinstalled office. The new install has the same issues. I read your recommendations and now am going to paste all of the log files to see if you can possibly help me. Thanks so much-

Mbam-log

Malwarebytes' Anti-Malware 1.50
www.malwarebytes.org

Database version: 5261

Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.13

12/9/2010 9:29:32 AM
mbam-log-2010-12-09 (09-29-32).txt

Scan type: Full scan (C:\|)
Objects scanned: 298565
Time elapsed: 1 hour(s), 8 minute(s), 56 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

GMERONE-

GMER 1.0.15.15530 - http://www.gmer.net
Rootkit quick scan 2010-12-08 14:31:17
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 ST980813AS rev.3.ADB
Running: qurh2chb.exe; Driver: C:\DOCUME~1\acryder\LOCALS~1\Temp\awliikog.sys

---- System - GMER 1.0.15 ----

SSDT 893BE5D3 ZwEnumerateKey
SSDT 893BE5FD ZwEnumerateValueKey
SSDT 893BEBE5 ZwQueryDirectoryFile
SSDT 893BEE31 ZwQuerySystemInformation

---- Devices - GMER 1.0.15 ----

AttachedDevice \Driver\Tcpip \Device\Ip IpmSecurityAgent1.sys (TDI Filter Driver/Lightspeed Systems)
AttachedDevice \Driver\Tcpip \Device\Tcp IpmSecurityAgent1.sys (TDI Filter Driver/Lightspeed Systems)
AttachedDevice \Driver\Tcpip \Device\Udp IpmSecurityAgent1.sys (TDI Filter Driver/Lightspeed Systems)
AttachedDevice \Driver\Tcpip \Device\RawIp IpmSecurityAgent1.sys (TDI Filter Driver/Lightspeed Systems)

---- EOF - GMER 1.0.15 ----

GMER two

GMER 1.0.15.15530 - http://www.gmer.net
Rootkit scan 2010-12-09 08:17:44
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 ST980813AS rev.3.ADB
Running: qurh2chb.exe; Driver: C:\DOCUME~1\acryder\LOCALS~1\Temp\awliikog.sys

---- System - GMER 1.0.15 ----

SSDT 893BE000 ZwAcceptConnectPort
SSDT 893BE015 ZwAccessCheck
SSDT 893BE02A ZwAccessCheckAndAuditAlarm
SSDT 893BE03F ZwAccessCheckByType
SSDT 893BE054 ZwAccessCheckByTypeAndAuditAlarm
SSDT 893BE069 ZwAccessCheckByTypeResultList
SSDT 893BE07E ZwAccessCheckByTypeResultListAndAuditAlarm
SSDT 893BE093 ZwAccessCheckByTypeResultListAndAuditAlarmByHandle
SSDT 893BE0A8 ZwAddAtom
SSDT 893BE0BD ZwAddBootEntry
SSDT 893BE0D2 ZwAdjustGroupsToken
SSDT 893BE0E7 ZwAdjustPrivilegesToken
SSDT 893BE0FC ZwAlertResumeThread
SSDT 893BE111 ZwAlertThread
SSDT 893BE126 ZwAllocateLocallyUniqueId
SSDT 893BE13B ZwAllocateUserPhysicalPages
SSDT 893BE150 ZwAllocateUuids
SSDT 893BE165 ZwAllocateVirtualMemory
SSDT 893BE17A ZwAreMappedFilesTheSame
SSDT 893BE18F ZwAssignProcessToJobObject
SSDT 893BE1A4 ZwCallbackReturn
SSDT 893BE1B9 ZwCancelDeviceWakeupRequest
SSDT 893BE1CE ZwCancelIoFile
SSDT 893BE1E3 ZwCancelTimer
SSDT 893BE1F8 ZwClearEvent
SSDT 893BE20D ZwClose
SSDT 893BE222 ZwCloseObjectAuditAlarm
SSDT 893BE237 ZwCompactKeys
SSDT 893BE24C ZwCompareTokens
SSDT 893BE261 ZwCompleteConnectPort
SSDT 893BE276 ZwCompressKey
SSDT 893BE28B ZwConnectPort
SSDT 893BE2A0 ZwContinue
SSDT 893BE2B5 ZwCreateDebugObject
SSDT 893BE2CA ZwCreateDirectoryObject
SSDT 893BE2DF ZwCreateEvent
SSDT 893BE2F4 ZwCreateEventPair
SSDT 893BE309 ZwCreateFile
SSDT 893BE31E ZwCreateIoCompletion
SSDT 893BE333 ZwCreateJobObject
SSDT 893BE348 ZwCreateJobSet
SSDT 893BE35D ZwCreateKey
SSDT 893BE372 ZwCreateMailslotFile
SSDT 893BE387 ZwCreateMutant
SSDT 893BE39C ZwCreateNamedPipeFile
SSDT 893BE3B1 ZwCreatePagingFile
SSDT 893BE3C6 ZwCreatePort
SSDT 893BE3DB ZwCreateProcess
SSDT 893BE3F0 ZwCreateProcessEx
SSDT 893BE405 ZwCreateProfile
SSDT 893BE41A ZwCreateSection
SSDT 893BE42F ZwCreateSemaphore
SSDT 893BE444 ZwCreateSymbolicLinkObject
SSDT 893BE459 ZwCreateThread
SSDT 893BE46E ZwCreateTimer
SSDT 893BE483 ZwCreateToken
SSDT 893BE498 ZwCreateWaitablePort
SSDT 893BE4AD ZwDebugActiveProcess
SSDT 893BE4C2 ZwDebugContinue
SSDT 893BE4D7 ZwDelayExecution
SSDT 893BE4EC ZwDeleteAtom
SSDT 893BE501 ZwDeleteBootEntry
SSDT 893BE516 ZwDeleteFile
SSDT 893BE52B ZwDeleteKey
SSDT 893BE540 ZwDeleteObjectAuditAlarm
SSDT 893BE555 ZwDeleteValueKey
SSDT 893BE56A ZwDeviceIoControlFile
SSDT 893BE57F ZwDisplayString
SSDT 893BE594 ZwDuplicateObject
SSDT 893BE5A9 ZwDuplicateToken
SSDT 893BE5BE ZwEnumerateBootEntries
SSDT 893BE5D3 ZwEnumerateKey
SSDT 893BE5E8 ZwEnumerateSystemEnvironmentValuesEx
SSDT 893BE5FD ZwEnumerateValueKey
SSDT 893BE612 ZwExtendSection
SSDT 893BE627 ZwFilterToken
SSDT 893BE63C ZwFindAtom
SSDT 893BE651 ZwFlushBuffersFile
SSDT 893BE666 ZwFlushInstructionCache
SSDT 893BE67B ZwFlushKey
SSDT 893BE690 ZwFlushVirtualMemory
SSDT 893BE6A5 ZwFlushWriteBuffer
SSDT 893BE6BA ZwFreeUserPhysicalPages
SSDT 893BE6CF ZwFreeVirtualMemory
SSDT 893BE6E4 ZwFsControlFile
SSDT 893BE6F9 ZwGetContextThread
SSDT 893BE70E ZwGetDevicePowerState
SSDT 893BE723 ZwGetPlugPlayEvent
SSDT 893BE738 ZwGetWriteWatch
SSDT 893BE74D ZwImpersonateAnonymousToken
SSDT 893BE762 ZwImpersonateClientOfPort
SSDT 893BE777 ZwImpersonateThread
SSDT 893BE78C ZwInitializeRegistry
SSDT 893BE7A1 ZwInitiatePowerAction
SSDT 893BE7B6 ZwIsProcessInJob
SSDT 893BE7CB ZwIsSystemResumeAutomatic
SSDT 893BE7E0 ZwListenPort
SSDT 893BE7F5 ZwLoadDriver
SSDT 893BE80A ZwLoadKey
SSDT 893BE81F ZwLoadKey2
SSDT 893BE834 ZwLockFile
SSDT 893BE849 ZwLockProductActivationKeys
SSDT 893BE85E ZwLockRegistryKey
SSDT 893BE873 ZwLockVirtualMemory
SSDT 893BE888 ZwMakePermanentObject
SSDT 893BE89D ZwMakeTemporaryObject
SSDT 893BE8B2 ZwMapUserPhysicalPages
SSDT 893BE8C7 ZwMapUserPhysicalPagesScatter
SSDT 893BE8DC ZwMapViewOfSection
SSDT 893BE8F1 ZwModifyBootEntry
SSDT 893BE906 ZwNotifyChangeDirectoryFile
SSDT 893BE91B ZwNotifyChangeKey
SSDT 893BE930 ZwNotifyChangeMultipleKeys
SSDT 893BE945 ZwOpenDirectoryObject
SSDT 893BE95A ZwOpenEvent
SSDT 893BE96F ZwOpenEventPair
SSDT 893BE984 ZwOpenFile
SSDT 893BE999 ZwOpenIoCompletion
SSDT 893BE9AE ZwOpenJobObject
SSDT 893BE9C3 ZwOpenKey
SSDT 893BE9D8 ZwOpenMutant
SSDT 893BE9ED ZwOpenObjectAuditAlarm
SSDT 893BEA02 ZwOpenProcess
SSDT 893BEA17 ZwOpenProcessToken
SSDT 893BEA2C ZwOpenProcessTokenEx
SSDT 893BEA41 ZwOpenSection
SSDT 893BEA56 ZwOpenSemaphore
SSDT 893BEA6B ZwOpenSymbolicLinkObject
SSDT 893BEA80 ZwOpenThread
SSDT 893BEA95 ZwOpenThreadToken
SSDT 893BEAAA ZwOpenThreadTokenEx
SSDT 893BEABF ZwOpenTimer
SSDT 893BEAD4 ZwPlugPlayControl
SSDT 893BEAE9 ZwPowerInformation
SSDT 893BEAFE ZwPrivilegeCheck
SSDT 893BEB13 ZwPrivilegeObjectAuditAlarm
SSDT 893BEB28 ZwPrivilegedServiceAuditAlarm
SSDT 893BEB3D ZwProtectVirtualMemory
SSDT 893BEB52 ZwPulseEvent
SSDT 893BEB67 ZwQueryAttributesFile
SSDT 893BEB7C ZwQueryBootEntryOrder
SSDT 893BEB91 ZwQueryBootOptions
SSDT 893BEBA6 ZwQueryDebugFilterState
SSDT 893BEBBB ZwQueryDefaultLocale
SSDT 893BEBD0 ZwQueryDefaultUILanguage
SSDT 893BEBE5 ZwQueryDirectoryFile
SSDT 893BEBFA ZwQueryDirectoryObject
SSDT 893BEC0F ZwQueryEaFile
SSDT 893BEC24 ZwQueryEvent
SSDT 893BEC39 ZwQueryFullAttributesFile
SSDT 893BEC4E ZwQueryInformationAtom
SSDT 893BEC63 ZwQueryInformationFile
SSDT 893BEC78 ZwQueryInformationJobObject
SSDT 893BEC8D ZwQueryInformationPort
SSDT 893BECA2 ZwQueryInformationProcess
SSDT 893BECB7 ZwQueryInformationThread
SSDT 893BECCC ZwQueryInformationToken
SSDT 893BECE1 ZwQueryInstallUILanguage
SSDT 893BECF6 ZwQueryIntervalProfile
SSDT 893BED0B ZwQueryIoCompletion
SSDT 893BED20 ZwQueryKey
SSDT 893BED35 ZwQueryMultipleValueKey
SSDT 893BED4A ZwQueryMutant
SSDT 893BED5F ZwQueryObject
SSDT 893BED74 ZwQueryOpenSubKeys
SSDT 893BED89 ZwQueryPerformanceCounter
SSDT 893BED9E ZwQueryQuotaInformationFile
SSDT 893BEDB3 ZwQuerySection
SSDT 893BEDC8 ZwQuerySecurityObject
SSDT 893BEDDD ZwQuerySemaphore
SSDT 893BEDF2 ZwQuerySymbolicLinkObject
SSDT 893BEE07 ZwQuerySystemEnvironmentValue
SSDT 893BEE1C ZwQuerySystemEnvironmentValueEx
SSDT 893BEE31 ZwQuerySystemInformation
SSDT 893BEE46 ZwQuerySystemTime
SSDT 893BEE5B ZwQueryTimer
SSDT 893BEE70 ZwQueryTimerResolution
SSDT 893BEE85 ZwQueryValueKey
SSDT 893BEE9A ZwQueryVirtualMemory
SSDT 893BEEAF ZwQueryVolumeInformationFile
SSDT 893BEEC4 ZwQueueApcThread
SSDT 893BEED9 ZwRaiseException
SSDT 893BEEEE ZwRaiseHardError
SSDT 893BEF03 ZwReadFile
SSDT 893BEF18 ZwReadFileScatter
SSDT 893BEF2D ZwReadRequestData
SSDT 893BEF42 ZwReadVirtualMemory
SSDT 893BEF57 ZwRegisterThreadTerminatePort
SSDT 893BEF6C ZwReleaseMutant
SSDT 893BEF81 ZwReleaseSemaphore
SSDT 893BEF96 ZwRemoveIoCompletion
SSDT 893BEFAB ZwRemoveProcessDebug
SSDT 893BEFC0 ZwRenameKey
SSDT 893BEFD5 ZwReplaceKey
SSDT 893BEFEA ZwReplyPort
SSDT 893BEFFF ZwReplyWaitReceivePort
SSDT 893BF014 ZwReplyWaitReceivePortEx
SSDT 893BF029 ZwReplyWaitReplyPort
SSDT 893BF03E ZwRequestDeviceWakeup
SSDT 893BF053 ZwRequestPort
SSDT 893BF068 ZwRequestWaitReplyPort
SSDT 893BF07D ZwRequestWakeupLatency
SSDT 893BF092 ZwResetEvent
SSDT 893BF0A7 ZwResetWriteWatch
SSDT 893BF0BC ZwRestoreKey
SSDT 893BF0D1 ZwResumeProcess
SSDT 893BF0E6 ZwResumeThread
SSDT 893BF0FB ZwSaveKey
SSDT 893BF110 ZwSaveKeyEx
SSDT 893BF125 ZwSaveMergedKeys
SSDT 893BF13A ZwSecureConnectPort
SSDT 893BF14F ZwSetBootEntryOrder
SSDT 893BF164 ZwSetBootOptions
SSDT 893BF179 ZwSetContextThread
SSDT 893BF18E ZwSetDebugFilterState
SSDT 893BF1A3 ZwSetDefaultHardErrorPort
SSDT 893BF1B8 ZwSetDefaultLocale
SSDT 893BF1CD ZwSetDefaultUILanguage
SSDT 893BF1E2 ZwSetEaFile
SSDT 893BF1F7 ZwSetEvent
SSDT 893BF20C ZwSetEventBoostPriority
SSDT 893BF221 ZwSetHighEventPair
SSDT 893BF236 ZwSetHighWaitLowEventPair
SSDT 893BF24B ZwSetInformationDebugObject
SSDT 893BF260 ZwSetInformationFile
SSDT 893BF275 ZwSetInformationJobObject
SSDT 893BF28A ZwSetInformationKey
SSDT 893BF29F ZwSetInformationObject
SSDT 893BF2B4 ZwSetInformationProcess
SSDT 893BF2C9 ZwSetInformationThread
SSDT 893BF2DE ZwSetInformationToken
SSDT 893BF2F3 ZwSetIntervalProfile
SSDT 893BF308 ZwSetIoCompletion
SSDT 893BF31D ZwSetLdtEntries
SSDT 893BF332 ZwSetLowEventPair
SSDT 893BF347 ZwSetLowWaitHighEventPair
SSDT 893BF35C ZwSetQuotaInformationFile
SSDT 893BF371 ZwSetSecurityObject
SSDT 893BF386 ZwSetSystemEnvironmentValue
SSDT 893BF39B ZwSetSystemEnvironmentValueEx
SSDT 893BF3B0 ZwSetSystemInformation
SSDT 893BF3C5 ZwSetSystemPowerState
SSDT 893BF3DA ZwSetSystemTime
SSDT 893BF3EF ZwSetThreadExecutionState
SSDT 893BF404 ZwSetTimer
SSDT 893BF419 ZwSetTimerResolution
SSDT 893BF42E ZwSetUuidSeed
SSDT 893BF443 ZwSetValueKey
SSDT 893BF458 ZwSetVolumeInformationFile
SSDT 893BF46D ZwShutdownSystem
SSDT 893BF482 ZwSignalAndWaitForSingleObject
SSDT 893BF497 ZwStartProfile
SSDT 893BF4AC ZwStopProfile
SSDT 893BF4C1 ZwSuspendProcess
SSDT 893BF4D6 ZwSuspendThread
SSDT 893BF4EB ZwSystemDebugControl
SSDT 893BF500 ZwTerminateJobObject
SSDT 893BF515 ZwTerminateProcess
SSDT 893BF52A ZwTerminateThread
SSDT 893BF53F ZwTestAlert
SSDT 893BF554 ZwTraceEvent
SSDT 893BF569 ZwTranslateFilePath
SSDT 893BF57E ZwUnloadDriver
SSDT 893BF593 ZwUnloadKey
SSDT 893BF5A8 ZwUnloadKeyEx
SSDT 893BF5BD ZwUnlockFile
SSDT 893BF5D2 ZwUnlockVirtualMemory
SSDT 893BF5E7 ZwUnmapViewOfSection
SSDT 893BF5FC ZwVdmControl
SSDT 893BF611 ZwWaitForDebugEvent
SSDT 893BF626 ZwWaitForMultipleObjects
SSDT 893BF63B ZwWaitForSingleObject
SSDT 893BF650 ZwWaitHighEventPair
SSDT 893BF665 ZwWaitLowEventPair
SSDT 893BF67A ZwWriteFile
SSDT 893BF68F ZwWriteFileGather
SSDT 893BF6A4 ZwWriteRequestData
SSDT 893BF6B9 ZwWriteVirtualMemory
SSDT 893BF6CE ZwYieldExecution
SSDT 893BF6E3 ZwCreateKeyedEvent
SSDT 893BF6F8 ZwOpenKeyedEvent
SSDT 893BF70D ZwReleaseKeyedEvent
SSDT 893BF722 ZwWaitForKeyedEvent
SSDT 893BF737 ZwQueryPortInformationProcess

---- Devices - GMER 1.0.15 ----

Device \FileSystem\Udfs \UdfsCdRom tfsnifs.sys (Drive Letter Access Component/Sonic Solutions)
Device \FileSystem\Udfs \UdfsDisk tfsnifs.sys (Drive Letter Access Component/Sonic Solutions)

AttachedDevice \Driver\Tcpip \Device\Ip IpmSecurityAgent1.sys (TDI Filter Driver/Lightspeed Systems)
AttachedDevice \Driver\Tcpip \Device\Tcp IpmSecurityAgent1.sys (TDI Filter Driver/Lightspeed Systems)
AttachedDevice \Driver\Tcpip \Device\Udp IpmSecurityAgent1.sys (TDI Filter Driver/Lightspeed Systems)
AttachedDevice \Driver\Tcpip \Device\RawIp IpmSecurityAgent1.sys (TDI Filter Driver/Lightspeed Systems)

Device \FileSystem\Cdfs \Cdfs tfsnifs.sys (Drive Letter Access Component/Sonic Solutions)

---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\000a9412a942
Reg HKLM\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\000a9412a942 (not active ControlSet)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Download@LastSuccessTime 2010-12-08 19:31:37

---- Files - GMER 1.0.15 ----

File C:\WINDOWS\SoftwareDistribution\DataStore\Logs\tmp.edb 0 bytes

---- EOF - GMER 1.0.15 ----

DDS.txt

DDS (Ver_09-06-26.01) - NTFSx86
Run by acryder at 10:50:00.28 on Thu 12/09/2010
Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_18
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3318.2266 [GMT -5:00]

AV: Lightspeed Systems Security Agent 7.02.05 *On-access scanning disabled* (Updated) {983E71A4-EDBC-4776-A28B-07BCBC8D6457}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
svchost.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\WINDOWS\system32\HPSIsvc.exe
C:\Program Files\Lightspeed Systems\SecurityAgent\SecurityAgent.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Intel\WiFi\bin\WLKeeper.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lightspeed Systems\SecurityAgent\SAAlert.exe
C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe
C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe
C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Program Files\Lightspeed Systems\SecurityAgent\satray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\eInstruction\Device Manager\Launch.exe
C:\Documents and Settings\acryder\Local Settings\Application Data\Google\Update\1.2.183.39\GoogleCrashHandler.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\LanSchool\lsproxy\lskproxy.exe
C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe
C:\Documents and Settings\acryder\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\acryder\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\acryder\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\acryder\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Documents and Settings\acryder\My Documents\Downloads\dds.scr

============== Pseudo HJT Report ===============

uInternet Settings,ProxyOverride = *.local;*.screven.k12.ga.us;<local>
uInternet Settings,ProxyServer = hxxp://172.16.1.2:8080
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: lsk_WebBlk Class: {1935e690-1ac1-4aa5-ba23-3d9d0ceb3a00} - c:\windows\system32\Lsk_iBlk.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: DriveLetterAccess: {5ca3d70e-1895-11cf-8e15-001234567890} - c:\windows\system32\dla\tfswshx.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
TB: {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No File
EB: Adobe PDF: {182ec0be-5110-49c8-a062-beb1d02a220b} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [MsnMsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
uRun: [Palringo] "c:\program files\palringo\Palringo.exe" /hidden
uRun: [H/PC Connection Agent] "c:\program files\microsoft activesync\wcescomm.exe"
uRun: [Google Update] "c:\documents and settings\acryder\local settings\application data\google\update\GoogleUpdate.exe" /c
mRun: [SigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\stsystra.exe
mRun: [IntelZeroConfig] "c:\program files\intel\wifi\bin\ZCfgSvc.exe"
mRun: [IntelWireless] "c:\program files\common files\intel\wirelesscommon\iFrmewrk.exe" /tf Intel Wireless Tray
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [dla] c:\windows\system32\dla\tfswctrl.exe
mRun: [googletalk] c:\program files\google\google talk\googletalk.exe /autostart
mRun: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [SecurityAgentTray] c:\program files\lightspeed systems\securityagent\satray.exe
mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
mRun: [Synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon
mRun: [Teacher] c:\program files\lanschool\teacher.exe
StartupFolder: c:\docume~1\acryder\startm~1\programs\startup\dropbox.lnk - c:\documents and settings\acryder\application data\dropbox\bin\Dropbox.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\einstr~1.lnk - c:\program files\einstruction\device manager\Launch.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\snagit~1.lnk - c:\program files\techsmith\snagit 9\Snagit32.exe
IE: Append to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert link target to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: Send to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htm
IE: Send To Bluetooth - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\progra~1\mi3aa1~1\INetRepl.dll
IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\progra~1\mi3aa1~1\INetRepl.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
LSP: c:\windows\system32\lskproxy.dll
DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - hxxp://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} - hxxp://www.photobiz.com/controlpanel/uploader/22/ImageUploader5.cab
DPF: {5D6F45B3-9043-443D-A792-115447494D24} - hxxp://messenger.zone.msn.com/EN-US/a-UNO1/GAME_UNO1.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1226521382248
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1268409368787
DPF: {8569D715-FF88-44BA-8D1D-AD3E59543DDE} - hxxps://financeweb.doe.k12.ga.us/CAWEB/Reports/arview2.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - c:\program files\belarc\advisor\system\BAVoilaX.dll
Notify: igfxcui - igfxdev.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\acryder\applic~1\mozilla\firefox\profiles\ljf5wdln.default\
FF - prefs.js: browser.search.selectedEngine - Bing
FF - prefs.js: browser.startup.homepage - hxxp://go.microsoft.com/fwlink/?LinkId=69157|http://www.google.com/ig?hl=en
FF - plugin: c:\documents and settings\acryder\local settings\application data\google\update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\program files\common files\research in motion\bbwebsllauncher\NPWebSLLauncher.dll
FF - plugin: c:\program files\microsoft\office live\npOLW.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npatgpc.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - truec:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("media.enforce_same_site_origin", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("media.cache_size", 51200);
c:\program files\mozilla firefox\greprefs\all.js - pref("media.ogg.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("media.wave.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("media.autoplay.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.urlbar.autocomplete.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("capability.policy.mailnews.*.wholeText", "noAccess");
c:\program files\mozilla firefox\greprefs\all.js - pref("dom.storage.default_quota", 5120);
c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.http.prompt-temp-redirect", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqz9s", true); // Traditional
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqs8s", true); // Simplified
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--j6w193g", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
c:\program files\mozilla firefox\greprefs\