Spybot stalls after finding virtumonde.dll

I have run the following which found nothing:
McAfee Stinger AdAware CA Anti-Spy CA Anti-Virus

I have copied HiJackThis to a different folder than it was originally installed in and my log follows:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 3:40:55 PM, on 11/11/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\CA\eTrust Internet Security Suite\CA Anti-Virus\ISafe.exe
C:\WINDOWS\system32\HDDSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\CA\SharedComponents\PPRT\bin\ITMRTSVC.exe
C:\Program Files\MozyHome\mozybackup.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe
C:\WINDOWS\System32\ezSP_Px.exe
C:\Program Files\CA\eTrust Internet Security Suite\CA Anti-Virus\VetMsg.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\WINDOWS\system32\ICO.EXE
C:\WINDOWS\System32\igfxtray.exe
C:\WINDOWS\System32\hkcmd.exe
C:\Program Files\Sony\HotKey Utility\HKserv.exe
C:\Program Files\eFax Messenger 4.2\J2GDllCmd.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\CA\eTrust Internet Security Suite\cctray\cctray.exe
C:\Program Files\CA\eTrust Internet Security Suite\CA Anti-Spam\QSP-6.0.1.33\QOELoader.exe
C:\Program Files\CA\eTrust Internet Security Suite\CA Anti-Virus\CAVRID.exe
C:\Program Files\CA\eTrust Internet Security Suite\caissdt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Sony\HotKey Utility\HKWnd.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\Common Files\DataViz\DvzIncMsgr.exe
C:\Program Files\FileBX\FileBX.exe
C:\Program Files\Pantone\huey\hueyTray.exe
C:\Program Files\CA\eTrust PestPatrol\CAPPActiveProtection.exe
C:\Program Files\PowerPanel\Program\PcfMgr.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\ShortKeys2\shortkey.exe
C:\Program Files\CA\eTrust PestPatrol\PPCtlPriv.exe
C:\Program Files\CA\eTrust Internet Security Suite\ccprovsp.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: Popup Manager - {08E74C67-99A6-45C7-94DA-A397A8FD8082} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: CitiUS Shared Browser Helper Object - {387EDF53-1CF2-4523-BC2F-13462651BE8C} - C:\WINDOWS\system32\BhoCitUS.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: RoboForm - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {BBE59AF5-EE22-4A3A-AB26-3F774D1B4216} - C:\PROGRA~1\FOLDER~1\FOLDER~1.DLL
O2 - BHO: Switch Manager IE Watcher - {F8147928-0836-4fd4-B1D9-6C55901D5CD4} - (no file)
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\System32\ezSP_Px.exe
O4 - HKLM\..\Run: [ZTgServerSwitch] c:\program files\support.com\client\lserver\server.vbs
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
O4 - HKLM\..\Run: [TheLaptopLock] C:\Program Files\The LaptopLock\LaptopLock.exe /startup
O4 - HKLM\..\Run: [Show missed alarms] C:\Program Files\Alarm\Alarm.exe
O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] ICO.EXE
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [HKSERV.EXE] C:\Program Files\Sony\HotKey Utility\HKserv.exe
O4 - HKLM\..\Run: [eFax 4.2] "C:\Program Files\eFax Messenger 4.2\J2GDllCmd.exe" /R
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [cctray] "C:\Program Files\CA\eTrust Internet Security Suite\cctray\cctray.exe"
O4 - HKLM\..\Run: [QOELOADER] "C:\Program Files\CA\eTrust Internet Security Suite\CA Anti-Spam\QSP-6.0.1.33\QOELoader.exe"
O4 - HKLM\..\Run: [CAVRID] "C:\Program Files\CA\eTrust Internet Security Suite\CA Anti-Virus\CAVRID.exe"
O4 - HKLM\..\Run: [CitiVAN] C:\Program Files\Citi Virtual Account Numbers\CitiVAN.exe /dontopenmycards
O4 - HKLM\..\Run: [CaISSDT] "C:\Program Files\CA\eTrust Internet Security Suite\caissdt.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [TClockEx] C:\Program Files\TClockEx\TCLOCKEX.EXE
O4 - HKCU\..\RunOnce: [] C:\Program Files\Internet Explorer\iexplore.exe http://www.symantec.com/techsupp/servlet/ProductMessages?module=2009&error=0&language=en&product=SymNRT&version=2009.0.0.41&build=Symantec&a=00000082.00000007.0000000f&b=00000082.00000015.00000022&c=00000082.00000021.0000004d&d=00000082.0000006e.00000141
O4 - HKUS\S-1-5-18\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [IETI] C:\Program Files\Skype\Phone\IEPlugin\unins000.exe /VERYSILENT /SUPPRESSMSGBOXES /NORESTART (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [IETI] C:\Program Files\Skype\Phone\IEPlugin\unins000.exe /VERYSILENT /SUPPRESSMSGBOXES /NORESTART (User 'Default user')
O4 - Startup: BHO Cop.lnk = C:\Program Files\BHOCop\BHOCop.exe
O4 - Global Startup: DataViz Inc Messenger.lnk = C:\Program Files\Common Files\DataViz\DvzIncMsgr.exe
O4 - Global Startup: FileBox eXtender.lnk = C:\Program Files\FileBX\FileBX.exe
O4 - Global Startup: hueyTray.lnk = C:\Program Files\Pantone\huey\hueyTray.exe
O4 - Global Startup: PowerPanel.lnk = ?
O4 - Global Startup: ShortKeys 2.lnk = C:\Program Files\ShortKeys2\shortkey.exe
O8 - Extra context menu item: &Check Spelling - res://C:\Program Files\ieSpell\iespell.dll/SPELLCHECK.HTM
O8 - Extra context menu item: &ieSpell Options - res://C:\Program Files\ieSpell\iespell.dll/SPELLOPTION.HTM
O8 - Extra context menu item: + &Download Express: download this file - C:\Program Files\Download Express\Add_Url.htm
O8 - Extra context menu item: Customize Menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Fill Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O8 - Extra context menu item: Save Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra 'Tools' menuitem: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra button: (no name) - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra 'Tools' menuitem: ieSpell Options - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra 'Tools' menuitem: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra 'Tools' menuitem: Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: Citi - {4C730913-3961-439b-83D5-F4E445520422} - C:\Program Files\Citi Virtual Account Numbers\CitiVAN.exe
O9 - Extra button: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Program Files\ICQ\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Program Files\ICQ\ICQ.exe
O9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra 'Tools' menuitem: RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Mail This Page! - {A453794C-C643-4295-98A5-597CFC8D72EC} - C:\Program Files\Mail This Page\MailThisPage.exe
O9 - Extra 'Tools' menuitem: Mail This Page! - {A453794C-C643-4295-98A5-597CFC8D72EC} - C:\Program Files\Mail This Page\MailThisPage.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.sony.com/vaiopeople
O16 - DPF: {0990D180-4226-4530-9777-AB82315505B9} - https://www.accountonline.com/svc/consumer/cbna/cb/content/en/van/includes/oinstall.cab
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.goldenram.com/upgradedetect/upgradedetect.cab?3155
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} - http://www.symantec.com/techsupp/asa/ctrl/LSSupCtl.cab
O16 - DPF: {2D0CBE69-DAFC-11D3-96D2-0020182E2E27} - http://itanium2.dialcom.com/videoskype/spontania4skype083.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1162676169001
O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} (Crucial cpcScan) - http://www.crucial.com/controls/cpcScanner.cab
O16 - DPF: {C6B086D2-146B-47A4-A218-B82DCAF2D872} (cpbrxpie Control) - http://a19.g.akamai.net/7/19/7125/4007/ftp.coupons.com/r3120/cpbrxpie.cab
O16 - DPF: {CAFEEFAC-0014-0000-0003-ABCDEFFEDCBA} (Java Runtime Environment 1.4.0_03) -
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Adobe Active File Monitor V6 (AdobeActiveFileMonitor6.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CaCCProvSP - CA, Inc. - C:\Program Files\CA\eTrust Internet Security Suite\ccprovsp.exe
O23 - Service: CAISafe - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Internet Security Suite\CA Anti-Virus\ISafe.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: HDD Information Service (HDDSvc) - AltrixSoft (http://www.altrixsoft.com/) - C:\WINDOWS\system32\HDDSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: CA Pest Patrol Realtime Protection Service (ITMRTSVC) - CA, Inc. - C:\Program Files\CA\SharedComponents\PPRT\bin\ITMRTSVC.exe
O23 - Service: MozyHome Backup Service (mozybackup) - Unknown owner - C:\Program Files\MozyHome\mozybackup.exe
O23 - Service: PPCtlPriv - CA, Inc. - C:\Program Files\CA\eTrust PestPatrol\PPCtlPriv.exe
O23 - Service: PTFB Pro Workstation Unlock Svc - Technology Lighthouse - C:\Program Files\Technology Lighthouse\PTFB Pro\PTFBProSvc.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\PROGRA~1\COMMON~1\SONYSH~1\AVLib\Sptisrv.exe
O23 - Service: Acronis Try And Decide Service (TryAndDecideService) - Unknown owner - C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe
O23 - Service: VAIO Media Music Server (VAIOMediaPlatform-MusicServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Music Server\SSSvr.exe
O23 - Service: VAIO Media Music Server (HTTP) (VAIOMediaPlatform-MusicServer-HTTP) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\sv_httpd.exe
O23 - Service: VAIO Media Music Server (UPnP) (VAIOMediaPlatform-MusicServer-UPnP) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\UPnPFramework.exe
O23 - Service: VAIO Media Photo Server (VAIOMediaPlatform-PhotoServer-AppServer) - Sony Corporation - C:\Program Files\Sony\Photo Server\appsrv\PhotoAppSrv.exe
O23 - Service: VAIO Media Photo Server (HTTP) (VAIOMediaPlatform-PhotoServer-HTTP) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\SV_Httpd.exe
O23 - Service: VAIO Media Photo Server (UPnP) (VAIOMediaPlatform-PhotoServer-UPnP) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\UPnPFramework.exe
O23 - Service: VET Message Service (VETMSGNT) - CA, Inc. - C:\Program Files\CA\eTrust Internet Security Suite\CA Anti-Virus\VetMsg.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

--
End of file - 17371 bytes

Welcome to Safer Networking, I wish to be sure you have viewed and understand this information.
"BEFORE you POST" (READ this Procedure before Requesting Assistance) http://forums.spybot.info/showthread.php?t=288
All advice given is taken at your own risk.
Please make sure you have read this information so we are on the same page.

Make sure you read and follow the directions, anything else will slow the process and waste both of our time. I suggest you keep this computer offline except when troubleshooting, the junk may download more. If you have any tool I use, delete it and download it new from the link I provide. Read and follow the directions carefully, the tools will not work unless you do.
The junk can be tough to remove, so do not expect fast or easy.

CA eTrust being your antivirus, do you know what these Symantec items are in the log for?
O4 - HKCU\..\RunOnce: [] C:\Program Files\Internet Explorer\iexplore.exe http://www.symantec.com/techsupp/ser...0006e.00000141
O4 - HKUS\S-1-5-18\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (User 'Default user')

Download Express <<< see this information about this program
Gamespot's "Download Manager" Hides Spyware, DRM
http://www.extremetech.com/article2/0,3973,365073,00.asp

According to the information I am seeing, eTrust Internet Security Suite supplies a firewall as well as antivirus protection and spyware protection.
If this is the case, you might get away with running Windows Defender (though I would not) but you certainly will create problems for both firewalls with Zone Alarm running.
http://www.pcmag.com/article2/0,1895,1902877,00.asp
Please provide some feedback about this.

If you still want help, let's start like this:

1) Open Hijackthis.
Click the "Open the Misc Tools" section Button.
Click the "Open Uninstall Manager" Button.
Click the "Save list..." Button.
Save it to your desktop. Copy and paste the contents into your reply.

2) Download Malwarebytes' Anti-Malware to your Desktop
http://www.besttechie.net/tools/mbam-setup.exe

* Double-click mbam-setup.exe and follow the prompts to install the program.
* Be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform FULL SCAN, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When completed, a log will open in Notepad. Please save it to a convenient location. The log can also be opened by going to Start > All Programs > Malwarebytes' Anti-Malware > Logs > log-date.txt
* Please post contents of that file & a new HJT log in your next reply.

Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts. Click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot will prevent MBAM from removing all the malware.

Tutorial if needed:
http://www.techsupportteam.org/forum/tutorials/2282-malwarebytes-anti-malware-mbam.html

Post also any information I requested above.

Thanks

CA eTrust being your antivirus, do you know what these Symantec items are in the log for?
O4 - HKCU\..\RunOnce: [] C:\Program Files\Internet Explorer\iexplore.exe http://www.symantec.com/techsupp/ser...0006e.00000141
O4 - HKUS\S-1-5-18\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (User 'Default user')


I previously used Symantic Norton System Works and when my license ended a few weeks ago I started using CA Internet Security. Only CA Anti-Spam, Anti-Virus, and Anti-Spyware are installed, not the Firewall. Anti-Spam and Anti-Virus are active and Anti-Spyware is inactive but run as a scanning tool once per week.

Download Express <<< see this information about this program
Gamespot's "Download Manager" Hides Spyware, DRM
http://www.extremetech.com/article2/...,365073,00.asp


I do not download from Gamespot.
Download Express is free from MetaProducts and I have used it for many years.


According to the information I am seeing, eTrust Internet Security Suite supplies a firewall as well as antivirus protection and spyware protection.
If this is the case, you might get away with running Windows Defender (though I would not) but you certainly will create problems for both firewalls with Zone Alarm running.
http://www.pcmag.com/article2/0,1895,1902877,00.asp
Please provide some feedback about this.


As noted above I have not installed or used CA's firewall


HJT Uninstall List
=====================
7-Zip 4.57
Abandoned Well
Acrobat.com
Acrobat.com
Acronis*True*Image*Home
Active Share Monitor
ActivePython-2.2
Ad-Aware
Adobe AIR
Adobe AIR
Adobe Flash Player ActiveX
Adobe Photoshop Elements 6.0
Adobe Premiere 6 LE
Adobe Reader 9
Adobe Shockwave Player
Age of Empires II
Age Of Japan
Age Of Japan II
Air Strike 2
AirXonix version 1.41
AnswerWorks 5.0 English Runtime
Apple Mobile Device Support
Apple Software Update
Aqua Bubble
Aqua Bubble 2
Aqua Pearls
Arabica 1.0
Argali White & Yellow
Around the World in 80 Days 1.0
ASAP Utilities
Astro Avenger 2 1.0
Atlantis Quest 1.0
Automatic Photo Sorter 2.0
Avanquest update
AvantGo Client
AVS DVD Player version 2.4
Azangara version 1.31
Backgammon
Bejeweled 1.5
BF Mines (remove only)
BHO Cop
BlueSoleil
Bonjour
Bookmark Wizard (Remove Only)
Bookstories 1.0
Brave Dwarves Back for Treasures Set 5 1.1
Brickshooter Egypt 1.0
Bubble Ice Age
Bubble Odyssey 1.0
BWB MJ16
CA Anti-Spyware
CA Anti-Virus
CA Internet Security Suite
CA Pest Patrol Realtime Protection
Canon i320
Captain Mobile Tropical Nights (PDA version)
CCleaner (remove only)
Chak`s Temple 1.0
Citi Virtual Account Numbers
ClearTweak
CLIE MS SCSI Driver
CmdHere Powertoy For Windows XP
Cross Sum 1.0
Crystalix
Cubozoid
Cursed Weel 1.0
Dawn
Documents To Go
Driver Magician 3.28
DropMyRights
DVgate Plus
EC Software TNT Screen Capture 2.1
Edraw Max 4
eFax Messenger 4.2
Egyptian Ball
Egyptoid
Egyptoid2
EndItAll 2.0
Eudora
Experience VAIO
EZ Viewer 3.0
Farkle 3.0.7.6
FavOrg
FileBox eXtender
FileBox eXtender
Flowers Story - Fairy Quest
Folder Marker v 1.4
FolderBox 1.2
Foxit Reader
Foxy Jumper 2
Foxy Jumper 2 Winter Adventures
Full Tilt Poker
GeBall 1.0
Halloween Night
Hard Drive Inspector for Notebooks 2.42 build # 402
Hebrew Calendar 9
Hebrew Calendar for Windows
HelpSmith 1.3
HighMAT Extension to Microsoft Windows XP CD Writing Wizard
HijackThis 2.0.2
Home Office Page for Experience VAIO
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB952287)
HotKey Utility
huey 1.0.5
HyperLoad - Mah Jongg
Hyperspace Invader
Ice Puzzle Deluxe
Icon Restore 1.0
ICQ
ieSpell 2.0.0 (build 577)
ImageStation Tour
Inca Ball 1.01
InControl 2.5
Intel(R) Extreme Graphics Driver
Intel(R) PRO Network Adapters and Drivers
IrfanView (remove only)
iTunes
Java(TM) 6 Update 7
Jets'n'Guns GOLD 1.222
Jewel Craft 1.0
Just Great Software EditPad Lite 6.4.3
Karen's Drive Info
Karen's Replicator
Karen's Time Sync
KeyTweak - Keyboard Remapper (remove only)
Kit And Ellis
LaserAge
Last Galaxy Hero
MachineHell version 1.3
Mad Cars
Magic Ball 2
Magic Lens Max 5.0.2
Magic Tea
Magnifying Glass Pro 1.7
Mahjong Epic
Mail This Page! by Chilkat Software, Inc.
MeggieSoft Games Gin Rummy
MeggieSoft Games Pinochle
MeggieSoft Games Plus Pack Version 3.1
MeggieSoft Games Rummy 500
MeggieSoft Games Version 9.4
Memory Stick Formatter
MetaProducts Download Express
Meteor version 2.1.0
Microsoft .NET Framework 2.0 Service Pack 1
Microsoft Baseline Security Analyzer 2.0
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Data Access Components KB870669
Microsoft English TTS Engine
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Location Finder
Microsoft National Language Support Downlevel APIs
Microsoft Office Converter Pack
Microsoft Office Excel Viewer 2003
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Professional Edition 2003
Microsoft Office Word Viewer 2003
Microsoft Pocket Streets for Pocket PC
Microsoft PowerPoint Viewer 97
Microsoft Streets & Trips 2008
Microsoft Upgrade Offer
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Windows Journal Viewer
MikeMary
MiniGolf
Minigolf Championship 1.0
MoodLogic
Motorola Phone Tools
MozyHome 1.8.8.2
MS Export
MSN Messenger 5.0
Music Visualizer Library 1.4.00
MyDsc2
Network Smart Capture
New Folder Here
NoAds
Norton PartitionMagic 8.0
Numericon
OpenMG Limited Patch 3.2-03-02-21-08
OpenMG Limited Patch 3.2-03-02-25-01
OpenMG Secure Module 3.2
Palm
Patiences
PDF to Word
Phantasia 2 1.02
PictureGear 4.6Lite
PictureGear Studio 1.0
Places Bar Wizard for Microsoft Office
Planetary Defence
Pocket GNU Go
Poker Superstars(TM) III Gold Chip Challenge
PowerCmd 1.7.219
PowerPanel
PTFB Pro 3.5.2.0
Puzzle Hero 1.1.1
Q-Dir
Quicken 2008
QuickTime
Race Cars 1.0
Rebate! Rebate! 2.0
Registry Mechanic 8.0
Screenblast ACID 2.0a
Secunia PSI (RC3)
Security Update for CAPICOM (KB931906)
Security Update for CAPICOM (KB931906)
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 7 (KB928090)
Security Update for Windows Internet Explorer 7 (KB929969)
Security Update for Windows Internet Explorer 7 (KB931768)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Seven Seas 1.01
ShortKeys 2
SkyMaze version 3.0
Skype™ 3.8
Snowy. Puzzle Islands
Snowy. Space Trip
SoftK56 Data Fax
Solway's Multimail v1.5
SonicStage 1.5.50
SonicStage Mastering Studio 1.0
SonicStage Mastering Studio Plugins 1.0
SonicStage MP3 Add-on program
Sony Certificate PCH
Sony Notebook Setup
Sony on Yahoo! Essentials
Sony USB Mouse
Sony Utilities DLL
Sony Video Shared Library
SoundMAX
Spamnix
Spelling Dictionaries Support For Adobe Reader 8
Spybot - Search & Destroy
Spybot - Search & Destroy 1.4
Stickies 6.7a
Strike Ball 2 Deluxe
Super Cubes 1.0
Swap & Fall 2
Talking Alarm Clock
Tank Wars
TClockEx
The LangaList Complete Archives 2002.12
The LangaList Complete Archives 2003.12
The LaptopLock 0.94
The Rise of Atlantis 1.0
Theseus and the Minotaur
Time Breaker
Turbo Tax Offer
Turtle Odyssey
Turtle Odyssey 2
Uninstall PySol for Windows
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
USA TODAY MileTracker
VAIO DeepSea Wallpaper
VAIO Edit Components
VAIO Help and Support
VAIO Media 2.5
VAIO Media Music Server 2.5
VAIO Media Photo Server 2.5
VAIO Media Platform 2.5
VAIO Media Redistribution 2.5
VAIO Media Setup 2.5
VAIO Pictures Page
VAIO Registration
VAIO Support
VAIO Survey Standalone
Visual Sokoban 2.01
Windows Defender
Windows Defender Signatures
Windows Genuine Advantage v1.3.0254.0
Windows Media Connect
Windows Media Format 11 runtime
Windows Media Format 11 runtime
Windows Media Player 11
Windows Media Player 11
Windows XP Service Pack 3
Wondershare Photo Story Gold Giveaway Edition version 3.0.0
XP Context Tools
XXConsole: Super Console Generator ver 0.93
Yankee Clipper III
Z-Ball Shareware 1.05b
ZoneAlarm
=====================

Malwarebytes' Anti-Malware 1.30
Database version: 1390
Windows 5.1.2600 Service Pack 3

11/12/2008 9:15:55 PM
mbam-log-2008-11-12 (21-15-55).txt

Scan type: Full Scan (C:\|)
Objects scanned: 184499
Time elapsed: 1 hour(s), 54 minute(s), 55 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

=========================

No new HJT Log because no changes

Thanks for returning your information and the feedback, let's look at the uninstall list first.

Uninstall list: I look for malware and security issues and will not know all of your programs, but you should.

Hackers are using out of date programs to infect folks more and more,
Here is a small free tool that lets you know when something needs an update if you are interested: https://psi.secunia.com/ While PSI runs in the System Tray for realtime notifications, I personally prefer to turn it off in MSConfig and run it from All Programs when I want to do a check.

Spybot - Search & Destroy 1.4 <<< uninstall the old version.
I can not point at any other problem, but I repeat again, there is no way I can know all programs, but PSI will.

Scan saved at 3:40:55 PM, on 11/11/2008 <<< looking at this HJT log.

1) How to make files and folders visible:
Click Start > Open My Computer.
Select the Tools menu and click Folder Options.
Select the View Tab. Under the Hidden files and folders heading, select Show hidden files and folders.
Uncheck: Hide file extensions for known file types
Uncheck the Hide protected operating system files (recommended) option.
Click Yes to confirm. Click OK.
You may reverse this for safety when we are finished.

2) Please download ATF Cleaner by Atribune
http://www.atribune.org/public-beta/ATF-Cleaner.exe
Save it to your Desktop. We will use this later.

3) Open HijackThis and choose "Do a system scan only" then check the box in front of these line items:

(leave this if you set it that way)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

O2 - BHO: Popup Manager - {08E74C67-99A6-45C7-94DA-A397A8FD8082} - (no file)
O2 - BHO: Switch Manager IE Watcher - {F8147928-0836-4fd4-B1D9-6C55901D5CD4} - (no file)
O4 - HKCU\..\RunOnce: [] C:\Program Files\Internet Explorer\iexplore.exe http://www.symantec.com/techsupp/ser...0006e.00000141
O4 - HKUS\S-1-5-18\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (User 'Default user')
O16 - DPF: {C6B086D2-146B-47A4-A218-B82DCAF2D872} (cpbrxpie Control) - http://a19.g.akamai.net/7/19/7125/40...0/cpbrxpie.cab
http://www.systemlookup.com/O16/351.html <<< see this
O16 - DPF: {CAFEEFAC-0014-0000-0003-ABCDEFFEDCBA} (Java Runtime Environment 1.4.0_03) -

Close all programs but HJT and all browser windows, then click on "Fix Checked"

4) Right click Start > Explore and navigate to these files/folders and delete them if there.

C:\Program Files\Symantec\ <<< if there

5) Run ATF Cleaner
Double-click ATF-Cleaner.exe to run the program.
Click Select All found at the bottom of the list.
Click the Empty Selected button.
Click Exit on the Main menu to close the program.

*Cleaning Prefetch may result in a few slow starts until the folder is repopulated:
http://www.windowsnetworking.com/articles_tutorials/Gaining-Speed-Empty-Prefetch-XP.html

Once the above instructions are completed, make sure Spybot S&D 1.6 is totally up to date and fully immunized, then let me know if you still have issues. Some good information:
http://www.safer-networking.org/en/faq/index.html

Some good information for you:
http://users.telenet.be/bluepatchy/miekiemoes/slowcomputer.html
http://www.microsoft.com/windowsxp/using/helpandsupport/learnmore/tips/mcgill1.mspx

Here is some great information from experts in this field that will help you stay clean and safe online.
http://users.telenet.be/bluepatchy/miekiemoes/prevention.html
http://forums.spybot.info/showthread.php?t=279
http://russelltexas.com/malware/allclear.htm
http://forum.malwareremoval.com/viewtopic.php?t=14
http://www.bleepingcomputer.com/forums/topict2520.html
http://cybercoyote.org/security/not-admin.shtml

http://www.malwarecomplaints.info/

Thanks...pskelley
Safer Networking Forums
http://www.spybot.info/en/donate/index.html
If you are reading this information...thank a teacher,
If you are reading it in English...thank a soldier.

http://users.telenet.be/bluepatchy/miekiemoes/Links.html

I do use Secunia PSI. Running now only gives a few suggested changes to Flash (which I did) and for the current MS WinXP updates (which I did NOT do).

--- Spybot - Search & Destroy 1.4 -
Not sure why this was still there but I uninstalled it

--- Open HijackThis and choose "Do a system scan only"
I checked all requested and "fixed".

--- Remove C:\Program Files\Symantec\
Did NOT do because Partition Magic is there but nothing outside P/M Folder.

--- Run ATF Cleaner
Done

--- Run Spybot S&D 1.6 up to date and immunized
SB removed some other temp files when started and when updated said Updater and another system were corrupted. I redownloaded SB 1.6, installed, updated, and immunized with no more warnings.

Running SB produced the same stall at Virumone.dll - NOT Vertimund.

I wonder if the sudden spurt in this problem on your site is because of a problem with SB 1.6 vs 1.5?

This thread is about my Laptop. I found that my Desktop was running SB 1.5 and I do not think I observed the problem there (run it weekly) until I upgraded to SB 1.6 two days ago.

For reference the attached doc/zip is from my Desktop but illustrates what I have observed on both machines which are basically identical in set up and programs.

Thanks for providing this feedback, if you suspect a problem with Spybot S&D, please post that here:
http://forums.spybot.info/forumdisplay.php?f=4
where experts with that tool can look at it.
If you suspect it is a false positive, you can post that here:
http://forums.spybot.info/forumdisplay.php?f=16

Thanks

[QUOTE=ebloch;252889]
Running SB produced the same stall at Virumone.dll - NOT Vertimund.

Sorry - typos, above should be:

Running SB produced the same stall at Virtumonde.dll - NOT Virtumonde.
(see the doc/zip I attached to last message)

I have made a post about v1.6 at
http://forums.spybot.info/showthread.php?t=36449

I let SB run to completion which took about 4 hours.

It did not report any threats BUT I did observe that it scanned Virtumonde and Virtumonde.dll.

Should not those have been recorded as threats and listed for removal?

Eric

What you see running at the bottom is the database of bad stuff Spybot is scanning your computer for.
Here are faq's:
http://www.safer-networking.org/en/faq/index.html
http://www.youtube.com/watch?v=xdKqwN61BJY <<< older verion but good info.
http://www.lockergnome.com/blade/2008/07/29/spybot-sd-16-has-arrived/

:oops: My interpretation was in error - but the initial SB runs did stall so your suggested actions have helped.

I just ran a Kaspersky Online scan with the result of one threat:
HJT\Backups\backup-20081114-141457-757.dll Infected: not-a-virus: AdWare.Win32.Coupons

Thanks for your help. :2thumb:

http://www.bleepingcomputer.com/tutorials/tutorial42.html << HJT tutorial

When we remove items with HJT they are placed in "Backups" in the event we make an error, they can be restored ordeleted from there, see this link:
http://www.bleepingcomputer.com/tutorials/tutorial42.html#HTRestore
In this case the item is adware so check the bad item and delete it from your computer.

Thanks