Solved Wild Tangent Removal, psqlpwd.dll detected as trojan

[Resolved] Wild Tangent Removal, psqlpwd.dll detected as trojan

Spybot detected psqlpwd.dll as Virtumonde. I have protector suite installed on my laptop. Should I be worried? I am afraid that if spybot removes that file, will protector suite not work right.

My toshiba came pre-loaded with a bunch of games on it. I removed all of the games through through the WT Remover tool.
When I run spybot, Wild Tangent constantly comes up in results after even removing it again and again. So I do not know how to get rid of these creatures.

By the way, I just reformatted my laptop and have not been on any cracks or torrents sites since.

 

info

info.txt logfile of random's system information tool 1.04 2008-11-08 02:09:50

======Uninstall list======

-->MsiExec.exe /I{0F122737-72B2-4095-8B3E-7AAE753DFD3D}
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {FAD8A83E-9BAC-4179-9268-A35948034D85}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-00A1-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0115-0409-0000-0000000FF1CE} /uninstall {FAD8A83E-9BAC-4179-9268-A35948034D85}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}
Adobe Acrobat 8.1.3 Professional-->msiexec /I {AC76BA86-1033-F400-7760-000000000003}
Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)-->MsiExec.exe /X{6846389C-BAC0-4374-808E-B120F86AF5D7}
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
AIM 6 Cloned--> "C:\Program Files\AIM6_Cloned\unins000.exe "
AIM 6-->C:\Program Files\AIM6\uninst.exe
ALPS Touch Pad Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}\setup.exe" UNINSTALL
AusLogics Disk Defrag--> "C:\Program Files\Auslogics\AusLogics Disk Defrag\unins000.exe "
AusLogics Registry Defrag--> "C:\Program Files\Auslogics\AusLogics Registry Defrag\unins000.exe "
avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll ",RunSetup
CCleaner (remove only)--> "C:\Program Files\CCleaner\uninst.exe "
CD/DVD Drive Acoustic Silencer-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}\Setup.exe" -l0x9
Cloudmark Desktop for Mozilla Thunderbird-->MsiExec.exe /X{527B9B7E-5249-4681-9259-018F7DDB351C}
Combined Community Codec Pack 2008-09-21 16:18--> "C:\Program Files\Combined Community Codec Pack\unins000.exe "
DVD-RAM Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9D765FA6-F2BC-40AF-8145-50808F9BDF4E}\setup.exe" -l0x9 DVD-RAM Driver
ExtractNow--> "C:\Program Files\ExtractNow\unins000.exe "
filehippo.com Update Checker--> "C:\Program Files\filehippo.com\uninstall.exe "
Google Toolbar for Internet Explorer--> "C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_0C68A50B7874478D.exe" /uninstall
Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}
High Definition Audio Driver Package - KB888111--> "C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe "
HijackThis 2.0.2--> "C:\Program Files\trend micro\HijackThis.exe" /uninstall
Hotfix for Windows Media Format 11 SDK (KB929399)--> "C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe "
Hotfix for Windows Media Player 10 (KB903157)--> "C:\WINDOWS\$NtUninstallKB903157$\spuninst\spuninst.exe "
Hotfix for Windows Media Player 11 (KB939683)--> "C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe "
Hotfix for Windows XP (KB952287)--> "C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe "
Intel(R) Graphics Media Accelerator Driver-->RUNDLL32.EXE C:\WINDOWS\system32\ialmrem.dll,UninstallW2KIGfx2ID PCI\VEN_8086&DEV_27A6 PCI\VEN_8086&DEV_27A2
Intel(R) Network Connections Drivers-->Prounstl.exe
Intel(R) PROSet/Wireless Software-->C:\WINDOWS\Installer\iProInst.exe
J2SE Runtime Environment 5.0 Update 4-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150040}
Java(TM) 6 Update 10-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216010FF}
Java(TM) 6 Update 4-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160040}
Learning Essentials for Microsoft Office-->MsiExec.exe /X{75F3A4B2-F6E8-434D-A2EF-DBBC016C6CB2}
Macromedia Flash Player 8-->MsiExec.exe /X{6815FCDD-401D-481E-BA88-31B4754C2B46}
Malwarebytes' Anti-Malware--> "C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe "
mCore-->MsiExec.exe /I{E81667C6-2856-46D6-ABEA-6A2F42166779}
mDrWiFi-->MsiExec.exe /I{F6090A17-0967-4A8A-B3C3-422A1B514D49}
Metamail (Toshiba Registration Utility)-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BE3F89C0-42D5-11D5-A40A-00105AC8331A}\setup.exe" -l0x9
mHelp-->MsiExec.exe /I{8C6BB412-D3A8-4AAE-A01B-35B681789D68}
Microsoft .NET Framework 1.1 Hotfix (KB928366)--> "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp "
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
Microsoft Compression Client Pack 1.0 for Windows XP--> "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe "
Microsoft Office Excel MUI (English) 2007-->MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE}
Microsoft Office Home and Student 2007--> "C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall HOMESTUDENTR /dll OSETUP.DLL
Microsoft Office Home and Student 2007-->MsiExec.exe /X{91120000-002F-0000-0000-0000000FF1CE}
Microsoft Office OneNote MUI (English) 2007-->MsiExec.exe /X{90120000-00A1-0409-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (English) 2007-->MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (English) 2007-->MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}
Microsoft Office Shared MUI (English) 2007-->MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}
Microsoft Office Shared Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}
Microsoft Office Word MUI (English) 2007-->MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE}
Microsoft Student 2007 for Learning Essentials-->RunDll32.exe advpack.dll, LaunchINFSectionEx C:\Program Files\Learning Essentials\1.0\en\US\Microsoft Student 2007\Uninstall\Uninstall.inf,Uninstall,,,N
Microsoft Student with Encarta Premium 2008-->MsiExec.exe /I{08041881-FCA5-44A7-B863-D66037A16AAF}
Microsoft User-Mode Driver Framework Feature Pack 1.0--> "C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe "
mIWA-->MsiExec.exe /I{3E9D596A-61D4-4239-BD19-2DB984D2A16F}
mLogView-->MsiExec.exe /I{0E2B0B41-7E08-4F9F-B21F-41C4133F43B7}
mMHouse-->MsiExec.exe /I{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}
Mozilla Thunderbird (2.0.0.17)-->C:\Program Files\Mozilla Thunderbird\uninstall\helper.exe
mPfMgr-->MsiExec.exe /I{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}
mPfWiz-->MsiExec.exe /I{90B0D222-8C21-4B35-9262-53B042F18AF9}
mProSafe-->MsiExec.exe /I{23FB368F-1399-4EAC-817C-4B83ECBE3D83}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 6.0 Parser-->MsiExec.exe /I{AEB9948B-4FF2-47C9-990E-47014492A0FE}
mWlsSafe-->MsiExec.exe /I{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}
mXML-->MsiExec.exe /I{9CC89556-3578-48DD-8408-04E66EBEF401}
mZConfig-->MsiExec.exe /I{94658027-9F16-4509-BBD7-A59FE57C3023}
Nero OEM-->C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
Office 2003 Trial Assistant-->MsiExec.exe /I{47D2103B-FD51-4017-9C20-DD408B17D726}
Opera 9.62-->MsiExec.exe /X{8318FEFD-F467-44D6-82B8-129374BFE9B1}
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -l0x9 -removeonly
Royale Remixed Theme-->MsiExec.exe /I{993A94A9-DCE3-4774-B35D-D8C74FC1E0BE}
SD Secure Module-->MsiExec.exe /X{C45F4811-31D5-4786-801D-F79CD06EDD85}
Security Update for 2007 Microsoft Office System (KB951944)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {797AE457-BA17-4BBC-B501-25FB3A0103C7}
Security Update for 2007 Microsoft Office System (KB955936)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {1D94099C-2BBA-440E-BD5E-093BBDF8F028}
Security Update for Microsoft Office Excel 2007 (KB955470)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {6E8637D8-10D6-4568-AA06-E2706F31685E}
Security Update for Microsoft Office PowerPoint 2007 (KB951338)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {558B709B-821B-4FC5-90FC-9A8890641E77}
Security Update for Microsoft Office system 2007 (KB951808)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {8F375E11-4FD6-4B89-9E2B-A76D48B51E00}
Security Update for Microsoft Office system 2007 (KB954326)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {5F7F6FFF-395D-480E-8450-64F385D82C5F}
Security Update for Microsoft Office Word 2007 (KB950113)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {AD72BABE-C733-4FCF-9674-4314466191B9}
Security Update for Windows Media Player 11 (KB936782)--> "C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe "
Security Update for Windows Media Player 11 (KB954154)--> "C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe "
Security Update for Windows XP (KB923689)--> "C:\WINDOWS\$NtUninstallKB923689$\spuninst\spuninst.exe "
Security Update for Windows XP (KB938464)--> "C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe "
Security Update for Windows XP (KB941569)--> "C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe "
Security Update for Windows XP (KB946648)--> "C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe "
Security Update for Windows XP (KB950762)--> "C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe "
Security Update for Windows XP (KB950974)--> "C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe "
Security Update for Windows XP (KB951066)--> "C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe "
Security Update for Windows XP (KB951376-v2)--> "C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe "
Security Update for Windows XP (KB951698)--> "C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe "
Security Update for Windows XP (KB951748)--> "C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe "
Security Update for Windows XP (KB952954)--> "C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe "
Security Update for Windows XP (KB953838)--> "C:\WINDOWS\$NtUninstallKB953838$\spuninst\spuninst.exe "
Security Update for Windows XP (KB953839)--> "C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe "
Security Update for Windows XP (KB954211)--> "C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe "
Security Update for Windows XP (KB956390)--> "C:\WINDOWS\$NtUninstallKB956390$\spuninst\spuninst.exe "
Security Update for Windows XP (KB956391)--> "C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe "
Security Update for Windows XP (KB956803)--> "C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe "
Security Update for Windows XP (KB956841)--> "C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe "
Security Update for Windows XP (KB957095)--> "C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe "
Security Update for Windows XP (KB958644)--> "C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe "
SMSC IrCC V5.1.3600.5 SP2-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0700\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F1B8DB67-D30E-4FF9-A85F-3CEE51825AA2}\setup.exe" -l0x9 UNINSTALL
Sonic Encoders-->MsiExec.exe /I{9941F0AA-B903-4AF4-A055-83A9815CC011}
Spybot - Search & Destroy--> "C:\Program Files\Spybot - Search & Destroy\unins000.exe "
Spyware Terminator--> "C:\Program Files\Spyware Terminator\unins000.exe "
SpywareBlaster 4.1--> "C:\Program Files\SpywareBlaster\unins000.exe "
TOSHIBA Accessibility-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{3A57482F-BEBC-47E4-ADA1-6302403C7E50} /l1033
TOSHIBA Assist-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{12B3A009-A080-4619-9A2A-C6DB151D8D67}\Setup.exe" -l0x9
TOSHIBA ConfigFree-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BDD83DC9-BEE9-4654-A5DA-CC46C250088D}\setup.exe" -l0x9 UNINSTALL
TOSHIBA Controls-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{5BCA8D15-BCB6-421E-9654-238B43456A4F} /l1033
TOSHIBA Fn-esse-->C:\WINDOWS\UnInst32.exe Fn-esse.UNI
TOSHIBA Hardware Setup-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{5279374D-87FE-4879-9385-F17278EBB9D3} /l1033
TOSHIBA Hotkey Utility-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{7900D3A6-A9E8-4954-ACCB-AB15867978BF} /l1033
TOSHIBA PC Diagnostic Tool-->C:\WINDOWS\IsUninst.exe -f "C:\Program Files\TOSHIBA\PCDiag\Uninst.isu "
TOSHIBA Power Saver-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{A38D57D1-5F29-4691-B3DD-FE4B3A7B3AFE} /l1033
TOSHIBA SD Memory Card Format-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{48CF9A66-5F03-4025-ABD0-B3A3FA095A59}\Setup.exe"
TOSHIBA Software Modem-->Tosmreg -U
TOSHIBA Software Upgrades-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{425A2BC2-AA64-4107-9C29-484245BBEA05}\setup.exe"
TOSHIBA Speech System Applications-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EE033C1F-443E-41EC-A0E2-559B539A4E4D}\Setup.exe" -l0x9
TOSHIBA Speech System SR Engine(U.S.) Version1.0-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{008D69EB-70FF-46AB-9C75-924620DF191A}\Setup.exe" -l0x9 UNINSTALL
TOSHIBA Speech System TTS Engine(U.S.) Version1.0-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3FBF6F99-8EC6-41B4-8527-0A32241B5496}\Setup.exe" -l0x9
TOSHIBA Supervisor Password-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE} /l1033
TOSHIBA Virtual Sound-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8B12BA86-ADAC-4BA6-B441-FFC591087252}\Setup.exe" /uninstall
TOSHIBA Zooming Utility-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{02EED746-8C5A-43C8-BB3D-D29C8B363A4D} /l1033
Touch and Launch-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5D96E2B1-D9AC-46E0-9073-425C5F63E338}\Setup.exe"
TouchPad On/Off Utility-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{80977342-27E8-4FF7-8B6A-D8D89461DA7F} /l1033
Unlocker 1.8.7-->C:\Program Files\Unlocker\uninst.exe
Update for Office 2007 (KB946691)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278}
Update for Windows XP (KB898461)--> "C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe "
Update for Windows XP (KB943729)--> "C:\WINDOWS\$NtUninstallKB943729$\spuninst\spuninst.exe "
Update for Windows XP (KB951072-v2)--> "C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe "
Update for Windows XP (KB951978)--> "C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe "
Update Rollup 2 for Windows XP Media Center Edition 2005-->C:\WINDOWS\$NtUninstallKB900325$\spuninst\spuninst.exe
User Profile Hive Cleanup Service-->MsiExec.exe /I{FF77941A-2BFA-4A18-BE2E-69B9498E4D55}
Viewpoint Media Player-->C:\Program Files\Viewpoint\Viewpoint Experience Technology\mtsAxInstaller.exe /u
Windows Media Format 11 runtime--> "C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime--> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe "
Windows Media Player 11--> "C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Windows Media Player 11--> "C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe "
Windows XP Media Center Edition 2005 KB888316-->C:\WINDOWS\$NtUninstallKB888316$\spuninst\spuninst.exe
Windows XP Media Center Edition 2005 KB925766--> "C:\WINDOWS\$NtUninstallKB925766$\spuninst\spuninst.exe "
Windows XP Service Pack 3--> "C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe "
WOT for Internet Explorer-->MsiExec.exe /X{5AC2D321-11E2-47E7-A1CA-61A34C2057AB}

======Hosts File======

127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com

======Security center information======

AV: avast! antivirus 4.8.1229 [VPS 081107-0]

======Environment variables======

"ComSpec "=%SystemRoot%\system32\cmd.exe
"Path "=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem
"windir "=%SystemRoot%
"FP_NO_HOST_CHECK "=NO
"OS "=Windows_NT
"PROCESSOR_ARCHITECTURE "=x86
"PROCESSOR_LEVEL "=6
"PROCESSOR_IDENTIFIER "=x86 Family 6 Model 14 Stepping 8, GenuineIntel
"PROCESSOR_REVISION "=0e08
"NUMBER_OF_PROCESSORS "=2
"PATHEXT "=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP "=%SystemRoot%\TEMP
"TMP "=%SystemRoot%\TEMP

-----------------EOF-----------------

 

log

Logfile of random's system information tool 1.04 (written by random/random)
Run by Jordan at 2008-11-08 02:08:46
Microsoft Windows XP Professional Service Pack 3
System drive C: has 99 GB (86%) free of 114 GB
Total RAM: 1014 MB (56% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:09:48 AM, on 11/8/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\WINDOWS\system32\DVDRAMSV.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
c:\Toshiba\IVP\swupdate\swupdtmr.exe
C:\Program Files\UPHClean\uphclean.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\ltmoh\Ltmoh.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Toshiba\Tvs\TvsTray.exe
C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe
C:\WINDOWS\system32\TPSMain.exe
C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
C:\WINDOWS\system32\ZoomingHook.exe
C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
C:\Program Files\TOSHIBA\TouchPad\TPTray.exe
C:\WINDOWS\system32\TCtrlIOHook.exe
C:\WINDOWS\system32\TDispVol.exe
C:\toshiba\ivp\ism\pinger.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Protector Suite QL\psqltray.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft Student\Microsoft Student with Encarta Premium 2008 DVD\EDICT.EXE
C:\WINDOWS\system32\TPSBattM.exe
C:\WINDOWS\system32\RAMASST.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Jordan\Desktop\RSIT.exe
C:\Program Files\trend micro\Jordan.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.toshibadirect.com/dpdstart
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll (file missing)
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O2 - BHO: (no name) - {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
O3 - Toolbar: (no name) - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - (no file)
O3 - Toolbar: (no name) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - (no file)
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [HWSetup] C:\Program Files\TOSHIBA\TOSHIBA Applet\HWSetup.exe hwSetUP
O4 - HKLM\..\Run: [SVPWUTIL] C:\Program Files\Toshiba\Windows Utilities\SVPWUTIL.exe SVPwUTIL
O4 - HKLM\..\Run: [Tvs] C:\Program Files\Toshiba\Tvs\TvsTray.exe
O4 - HKLM\..\Run: [PSQLLauncher] "C:\Program Files\Protector Suite QL\launcher.exe" /startup
O4 - HKLM\..\Run: [CeEKEY] C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe
O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
O4 - HKLM\..\Run: [PadTouch] C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
O4 - HKLM\..\Run: [ZoomingHook] ZoomingHook.exe
O4 - HKLM\..\Run: [SmoothView] C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
O4 - HKLM\..\Run: [TPNF] C:\Program Files\TOSHIBA\TouchPad\TPTray.exe
O4 - HKLM\..\Run: [TCtryIOHook] TCtrlIOHook.exe
O4 - HKLM\..\Run: [TDispVol] TDispVol.exe
O4 - HKLM\..\Run: [Pinger] c:\toshiba\ivp\ism\pinger.exe /run
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe "
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe "
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe "
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe "
O4 - HKLM\..\RunOnce: [SpybotDeletingA300] command /c del "C:\WINDOWS\SchedLgU.Txt "
O4 - HKLM\..\RunOnce: [SpybotDeletingC1328] cmd /c del "C:\WINDOWS\SchedLgU.Txt "
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6_Cloned\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - HKCU\..\Run: [L08AXLRD_7153437] "C:\Program Files\Microsoft Student\Microsoft Student with Encarta Premium 2008 DVD\EDICT.EXE" -m
O4 - Global Startup: InterVideo WinCinema Manager.lnk.disabled
O4 - Global Startup: Metamail Trust Manager.lnk.disabled
O4 - Global Startup: RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe
O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Encarta Search Bar - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Common Files\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.toshibadirect.com/dpdstart
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/win...ls/en/x86/client/wuweb_site.cab?1223706525312
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/mic...ls/en/x86/client/muweb_site.cab?1223706606421
O18 - Protocol: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - (no file)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\system32\DVDRAMSV.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Unknown owner - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (file missing)
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: Swupdtmr - Unknown owner - c:\Toshiba\IVP\swupdate\swupdtmr.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

--
End of file - 11761 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Registration reminder 2.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2008-09-15 1562960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2008-10-27 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2008-11-07 251504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2007-05-10 321120]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll [2008-11-07 522224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C920E44A-7F78-4E64-BDD7-A57026E7FEB7}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-10-27 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2008-10-27 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BA52B914-B692-46c4-B683-905236F6F655}
{71576546-354D-41c9-AAE8-31F2EC22BF0D}
{DE9C389F-3316-41A7-809B-AA305ED9D922}
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2007-05-10 321120]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2008-11-07 251504]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"igfxtray "=C:\WINDOWS\system32\igfxtray.exe [2005-11-28 98304]
"igfxhkcmd "=C:\WINDOWS\system32\hkcmd.exe [2005-11-28 77824]
"igfxpers "=C:\WINDOWS\system32\igfxpers.exe [2005-11-28 118784]
"RTHDCPL "=C:\WINDOWS\RTHDCPL.EXE [2005-12-09 15691264]
"Alcmtr "=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"Apoint "=C:\Program Files\Apoint2K\Apoint.exe [2004-03-24 196608]
"LtMoh "=C:\Program Files\ltmoh\Ltmoh.exe [2004-08-18 184320]
"AGRSMMSG "=C:\WINDOWS\AGRSMMSG.exe [2005-10-15 88203]
"HWSetup "=C:\Program Files\TOSHIBA\TOSHIBA Applet\HWSetup.exe [2004-05-01 28672]
"SVPWUTIL "=C:\Program Files\Toshiba\Windows Utilities\SVPWUTIL.exe [2004-05-01 65536]
"Tvs "=C:\Program Files\Toshiba\Tvs\TvsTray.exe [2005-11-30 73728]
"PSQLLauncher "=C:\Program Files\Protector Suite QL\launcher.exe [2006-01-13 30208]
"CeEKEY "=C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe [2005-12-01 671744]
"TPSMain "=C:\WINDOWS\system32\TPSMain.exe [2005-05-31 282624]
"PadTouch "=C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe [2005-07-15 1077322]
"ZoomingHook "=C:\WINDOWS\system32\ZoomingHook.exe [2005-06-06 24576]
"SmoothView "=C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe [2005-04-26 122880]
"TPNF "=C:\Program Files\TOSHIBA\TouchPad\TPTray.exe [2005-12-13 53248]
"TCtryIOHook "=C:\WINDOWS\system32\TCtrlIOHook.exe [2006-01-03 28672]
"TDispVol "=C:\WINDOWS\system32\TDispVol.exe [2005-12-27 73728]
"Pinger "=c:\toshiba\ivp\ism\pinger.exe [2005-03-17 151552]
"IntelZeroConfig "=C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe [2005-12-05 667718]
"IntelWireless "=C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe [2005-11-28 602182]
"avast! "=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2008-07-19 78008]
"SunJavaUpdateSched "=C:\Program Files\Java\jre6\bin\jusched.exe [2008-10-27 136600]
"SpywareTerminator "=C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe [2008-10-27 1783808]
"Acrobat Assistant 8.0 "=C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe [2008-10-14 623992]
" "= []

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SpybotDeletingA300 "=command /c del C:\WINDOWS\SchedLgU.Txt []
"SpybotDeletingC1328 "=cmd /c del C:\WINDOWS\SchedLgU.Txt []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"TOSCDSPD "=C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe [2004-12-30 65536]
"ctfmon.exe "=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"Aim6 "=C:\Program Files\AIM6_Cloned\aim6.exe [2008-10-21 50472]
"L08AXLRD_7153437 "=C:\Program Files\Microsoft Student\Microsoft Student with Encarta Premium 2008 DVD\EDICT.EXE [2007-05-21 351000]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
[]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
InterVideo WinCinema Manager.lnk.disabled - C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
Metamail Trust Manager.lnk.disabled - C:\Program Files\Metamail Inc\Metamail Tray\Metamail Trust Manager.exe
RAMASST.lnk - C:\WINDOWS\system32\RAMASST.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2005-11-28 135168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\psfus]
C:\WINDOWS\system32\psqlpwd.dll [2006-01-13 40448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages "=scecli
psqlpwd

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername "=0
"legalnoticecaption "=
"legalnoticetext "=
"shutdownwithoutlogon "=1
"undockwithoutlogon "=1
"InstallVisualStyle "=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme "=C:\WINDOWS\Resources\Themes\Royale.theme

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun "=145
"NoActiveDesktop "=00000000

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe "= "%windir%\system32\sessmgr.exe:*:enabledxpsp2res.dll,-22019 "
"C:\TOSHIBA\ivp\NetInt\Netint.exe "= "C:\TOSHIBA\ivp\NetInt\Netint.exe:*:Enabled:NIE - Toshiba Software Upgrade Engine "
"C:\TOSHIBA\Ivp\ISM\pinger.exe "= "C:\TOSHIBA\IVP\ISM\pinger.exe:*:Enabled:Toshiba Software Upgrades Pinger "
"%windir%\Network Diagnostic\xpnetdiag.exe "= "%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabledxpsp3res.dll,-20000 "
"C:\Program Files\AIM6\aim6.exe "= "C:\Program Files\AIM6\aim6.exe:*:Enabled:AIM "
"C:\Program Files\AIM6_Cloned\aim6.exe "= "C:\Program Files\AIM6_Cloned\aim6.exe:*:Enabled:AIM "

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe "= "%windir%\system32\sessmgr.exe:*:enabledxpsp2res.dll,-22019 "
"%windir%\Network Diagnostic\xpnetdiag.exe "= "%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabledxpsp3res.dll,-20000 "

======List of files/folders created in the last 3 months======

2008-11-08 02:08:46 ----D---- C:\rsit
2008-11-08 02:08:46 ----D---- C:\Program Files\trend micro
2008-11-07 18:14:03 ----D---- C:\Program Files\Google
2008-11-07 17:53:13 ----D---- C:\Program Files\ViStart
2008-11-07 17:53:13 ----D---- C:\Documents and Settings\Jordan\Application Data\ViStart
2008-11-02 23:01:57 ----D---- C:\Program Files\Common Files\Macrovision Shared
2008-11-02 21:54:11 ----HDC---- C:\WINDOWS\$NtUninstallKB943729$
2008-11-02 21:35:23 ----D---- C:\Program Files\Microsoft Student
2008-11-02 21:30:28 ----D---- C:\Program Files\Learning Essentials
2008-11-02 21:29:34 ----A---- C:\WINDOWS\system32\xinput1_1.dll
2008-11-02 21:29:18 ----A---- C:\WINDOWS\system32\d3dx9_30.dll
2008-11-02 21:29:17 ----A---- C:\WINDOWS\system32\d3dx9_29.dll
2008-11-02 21:29:17 ----A---- C:\WINDOWS\system32\d3dx9_28.dll
2008-11-02 21:29:16 ----A---- C:\WINDOWS\system32\xinput9_1_0.dll
2008-11-02 21:29:15 ----A---- C:\WINDOWS\system32\d3dx9_27.dll
2008-11-02 21:29:14 ----A---- C:\WINDOWS\system32\d3dx9_26.dll
2008-11-02 21:29:14 ----A---- C:\WINDOWS\system32\d3dx9_25.dll
2008-11-02 21:29:11 ----A---- C:\WINDOWS\system32\d3dx9_24.dll
2008-11-02 20:52:05 ----D---- C:\Program Files\AIM6_Cloned
2008-11-02 20:49:27 ----D---- C:\Program Files\AIM6
2008-11-02 20:14:40 ----D---- C:\Documents and Settings\All Users\Application Data\FLEXnet
2008-10-31 21:21:15 ----D---- C:\ie-spyad_zo
2008-10-31 21:02:12 ----D---- C:\Program Files\WOT
2008-10-28 16:55:54 ----D---- C:\Program Files\Unlocker
2008-10-27 18:34:53 ----D---- C:\Documents and Settings\Jordan\Application Data\Spyware Terminator
2008-10-27 18:34:53 ----D---- C:\Documents and Settings\All Users\Application Data\Spyware Terminator
2008-10-27 18:34:50 ----D---- C:\Program Files\Spyware Terminator
2008-10-27 15:31:11 ----A---- C:\WINDOWS\system32\javaws.exe
2008-10-27 15:31:11 ----A---- C:\WINDOWS\system32\javaw.exe
2008-10-27 15:31:11 ----A---- C:\WINDOWS\system32\java.exe
2008-10-27 15:31:11 ----A---- C:\WINDOWS\system32\deploytk.dll
2008-10-27 15:28:38 ----D---- C:\Program Files\filehippo.com
2008-10-23 15:32:36 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2008-10-19 20:45:57 ----D---- C:\Documents and Settings\Jordan\Application Data\Template
2008-10-19 20:45:24 ----D---- C:\Documents and Settings\Jordan\Application Data\Thinstall
2008-10-19 20:40:13 ----D---- C:\Program Files\Microsoft Works 9.0
2008-10-19 16:37:22 ----D---- C:\Documents and Settings\Jordan\Application Data\Sonic
2008-10-18 22:29:48 ----D---- C:\Documents and Settings\Jordan\Application Data\Malwarebytes
2008-10-18 22:29:43 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-10-18 22:29:42 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2008-10-18 22:21:24 ----D---- C:\Program Files\Common Files\DESIGNER
2008-10-18 22:21:00 ----D---- C:\Program Files\Microsoft.NET
2008-10-18 22:18:54 ----D---- C:\WINDOWS\SHELLNEW
2008-10-18 22:18:25 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2008-10-18 22:18:02 ----RHD---- C:\MSOCache
2008-10-18 21:48:59 ----D---- C:\Program Files\Combined Community Codec Pack
2008-10-18 20:25:45 ----D---- C:\Documents and Settings\Jordan\Application Data\Media Player Classic
2008-10-18 20:24:04 ----A---- C:\WINDOWS\NeroDigital.ini
2008-10-18 20:23:52 ----A---- C:\DVDPATH.TXT
2008-10-18 20:15:27 ----D---- C:\Documents and Settings\Jordan\Application Data\acccore
2008-10-17 20:34:05 ----N---- C:\WINDOWS\system32\TwnLib4.dll
2008-10-17 20:34:04 ----N---- C:\WINDOWS\system32\ImagXRA7.dll
2008-10-17 20:34:04 ----N---- C:\WINDOWS\system32\ImagXR7.dll
2008-10-17 20:34:04 ----N---- C:\WINDOWS\system32\ImagXpr7.dll
2008-10-17 20:34:04 ----A---- C:\WINDOWS\system32\TwnLib20.dll
2008-10-17 20:34:03 ----N---- C:\WINDOWS\system32\ImagX7.dll
2008-10-17 20:34:03 ----A---- C:\WINDOWS\system32\NeroCheck.exe
2008-10-17 20:34:02 ----D---- C:\Program Files\Common Files\Ahead
2008-10-17 20:34:01 ----D---- C:\Program Files\Ahead
2008-10-16 21:12:16 ----D---- C:\Program Files\RegSeeker
2008-10-16 20:53:42 ----D---- C:\Program Files\ExtractNow
2008-10-16 20:44:31 ----D---- C:\Program Files\UPHClean
2008-10-16 20:18:02 ----D---- C:\Documents and Settings\Jordan\Application Data\Cloudmark
2008-10-16 20:17:59 ----D---- C:\Documents and Settings\All Users\Application Data\Cloudmark
2008-10-16 20:17:51 ----D---- C:\Documents and Settings\All Users\Application Data\acccore
2008-10-16 20:17:43 ----D---- C:\Program Files\Common Files\Cloudmark
2008-10-16 20:17:43 ----D---- C:\Program Files\Cloudmark
2008-10-16 20:17:32 ----D---- C:\Documents and Settings\All Users\Application Data\AOL OCP
2008-10-16 20:17:21 ----D---- C:\WINDOWS\Downloaded Installations
2008-10-16 20:04:16 ----D---- C:\Documents and Settings\Jordan\Application Data\Talkback
2008-10-16 20:04:02 ----D---- C:\Documents and Settings\Jordan\Application Data\Thunderbird
2008-10-16 20:04:02 ----D---- C:\Documents and Settings\Jordan\Application Data\Mozilla
2008-10-16 20:03:54 ----D---- C:\Program Files\Mozilla Thunderbird
2008-10-16 20:00:26 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2008-10-16 20:00:21 ----HDC---- C:\WINDOWS\$NtUninstallKB956391$
2008-10-16 20:00:15 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$
2008-10-16 20:00:10 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$
2008-10-16 19:59:58 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$
2008-10-16 19:58:49 ----D---- C:\Documents and Settings\Jordan\Application Data\Auslogics
2008-10-16 19:58:41 ----D---- C:\Program Files\Auslogics
2008-10-16 19:58:40 ----HDC---- C:\WINDOWS\$NtUninstallKB956390$
2008-10-13 20:34:35 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2008-10-13 20:34:31 ----D---- C:\Program Files\SpywareBlaster
2008-10-13 20:27:33 ----D---- C:\Program Files\Spybot - Search & Destroy
2008-10-13 20:27:33 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-10-11 01:41:42 ----A---- C:\WINDOWS\msoffice.ini
2008-10-11 01:38:55 ----D---- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2008-10-11 01:38:02 ----D---- C:\WINDOWS\system32\PreInstall
2008-10-11 01:38:01 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$
2008-10-11 01:34:29 ----A---- C:\WINDOWS\system32\mucltui.dll.mui
2008-10-11 01:34:29 ----A---- C:\WINDOWS\system32\mucltui.dll
2008-10-11 01:32:17 ----D---- C:\Documents and Settings\Jordan\Application Data\Macromedia
2008-10-11 01:29:22 ----A---- C:\WINDOWS\system32\wups2.dll
2008-10-11 01:29:22 ----A---- C:\WINDOWS\system32\wucltui.dll.mui
2008-10-11 01:29:22 ----A---- C:\WINDOWS\system32\wuaueng.dll.mui
2008-10-11 01:29:21 ----D---- C:\WINDOWS\system32\SoftwareDistribution
2008-10-11 01:29:21 ----A---- C:\WINDOWS\system32\wuapi.dll.mui
2008-10-11 01:25:50 ----D---- C:\WINDOWS\Prefetch
2008-10-11 01:20:18 ----N---- C:\WINDOWS\system32\msxml6r.dll
2008-10-11 01:20:18 ----N---- C:\WINDOWS\system32\msxml6.dll
2008-10-11 01:20:08 ----N---- C:\WINDOWS\system32\comsdupd.exe
2008-10-11 01:20:05 ----N---- C:\WINDOWS\system32\bitsprx4.dll
2008-10-11 01:20:05 ----N---- C:\WINDOWS\system32\azroles.dll
2008-10-11 01:20:05 ----N---- C:\WINDOWS\system32\ativvaxx.dll
2008-10-11 01:20:05 ----N---- C:\WINDOWS\system32\ativtmxx.dll
2008-10-11 01:20:05 ----N---- C:\WINDOWS\system32\ati3duag.dll
2008-10-11 01:20:05 ----N---- C:\WINDOWS\system32\ati3d1ag.dll
2008-10-11 01:20:05 ----N---- C:\WINDOWS\system32\ati2dvag.dll
2008-10-11 01:20:05 ----N---- C:\WINDOWS\system32\ati2dvaa.dll
2008-10-11 01:20:05 ----N---- C:\WINDOWS\system32\ati2cqag.dll
2008-10-11 01:20:05 ----N---- C:\WINDOWS\system32\aaclient.dll
2008-10-11 01:20:04 ----N---- C:\WINDOWS\system32\eapolqec.dll
2008-10-11 01:20:04 ----N---- C:\WINDOWS\system32\dot3ui.dll
2008-10-11 01:20:04 ----N---- C:\WINDOWS\system32\dot3svc.dll
2008-10-11 01:20:04 ----N---- C:\WINDOWS\system32\dot3msm.dll
2008-10-11 01:20:04 ----N---- C:\WINDOWS\system32\dot3gpclnt.dll
2008-10-11 01:20:04 ----N---- C:\WINDOWS\system32\dot3dlg.dll
2008-10-11 01:20:04 ----N---- C:\WINDOWS\system32\dot3cfg.dll
2008-10-11 01:20:04 ----N---- C:\WINDOWS\system32\dot3api.dll
2008-10-11 01:20:04 ----N---- C:\WINDOWS\system32\dimsroam.dll
2008-10-11 01:20:04 ----N---- C:\WINDOWS\system32\dimsntfy.dll
2008-10-11 01:20:04 ----N---- C:\WINDOWS\system32\dhcpqec.dll
2008-10-11 01:20:04 ----N---- C:\WINDOWS\system32\credssp.dll
2008-10-11 01:20:03 ----N---- C:\WINDOWS\system32\hsfcisp2.dll
2008-10-11 01:20:03 ----N---- C:\WINDOWS\system32\eapsvc.dll
2008-10-11 01:20:03 ----N---- C:\WINDOWS\system32\eapqec.dll
2008-10-11 01:20:03 ----N---- C:\WINDOWS\system32\eappprxy.dll
2008-10-11 01:20:03 ----N---- C:\WINDOWS\system32\eapphost.dll
2008-10-11 01:20:03 ----N---- C:\WINDOWS\system32\eappgnui.dll
2008-10-11 01:20:03 ----N---- C:\WINDOWS\system32\eappcfg.dll
2008-10-11 01:20:03 ----N---- C:\WINDOWS\system32\eapp3hst.dll
2008-10-11 01:20:02 ----N---- C:\WINDOWS\system32\kmsvc.dll
2008-10-11 01:20:02 ----N---- C:\WINDOWS\system32\kbdpash.dll
2008-10-11 01:20:02 ----N---- C:\WINDOWS\system32\kbdnepr.dll
2008-10-11 01:20:02 ----N---- C:\WINDOWS\system32\kbdiultn.dll
2008-10-11 01:20:02 ----N---- C:\WINDOWS\system32\kbdbhc.dll
2008-10-11 01:20:01 ----N---- C:\WINDOWS\system32\napstat.exe
2008-10-11 01:20:01 ----N---- C:\WINDOWS\system32\napmontr.dll
2008-10-11 01:20:01 ----N---- C:\WINDOWS\system32\napipsec.dll
2008-10-11 01:20:01 ----N---- C:\WINDOWS\system32\mtxparhd.dll
2008-10-11 01:20:01 ----N---- C:\WINDOWS\system32\msshavmsg.dll
2008-10-11 01:20:01 ----N---- C:\WINDOWS\system32\mssha.dll
2008-10-11 01:20:01 ----N---- C:\WINDOWS\system32\mmcperf.exe
2008-10-11 01:20:01 ----N---- C:\WINDOWS\system32\mmcfxcommon.dll
2008-10-11 01:20:01 ----N---- C:\WINDOWS\system32\mmcex.dll
2008-10-11 01:20:01 ----N---- C:\WINDOWS\system32\microsoft.managementconsole.dll
2008-10-11 01:20:01 ----N---- C:\WINDOWS\system32\mdmxsdk.dll
2008-10-11 01:20:01 ----N---- C:\WINDOWS\system32\l2gpstore.dll
2008-10-11 01:20:00 ----N---- C:\WINDOWS\system32\s3gnb.dll
2008-10-11 01:20:00 ----N---- C:\WINDOWS\system32\rhttpaa.dll
2008-10-11 01:20:00 ----N---- C:\WINDOWS\system32\rasqec.dll
2008-10-11 01:20:00 ----N---- C:\WINDOWS\system32\qutil.dll
2008-10-11 01:20:00 ----N---- C:\WINDOWS\system32\qcliprov.dll
2008-10-11 01:20:00 ----N---- C:\WINDOWS\system32\qagentrt.dll
2008-10-11 01:20:00 ----N---- C:\WINDOWS\system32\qagent.dll
2008-10-11 01:20:00 ----N---- C:\WINDOWS\system32\photometadatahandler.dll
2008-10-11 01:20:00 ----N---- C:\WINDOWS\system32\onex.dll
2008-10-11 01:20:00 ----N---- C:\WINDOWS\system32\nv4_disp.dll
2008-10-11 01:19:59 ----N---- C:\WINDOWS\system32\windowscodecsext.dll
2008-10-11 01:19:59 ----N---- C:\WINDOWS\system32\windowscodecs.dll
2008-10-11 01:19:59 ----N---- C:\WINDOWS\system32\verclsid.exe
2008-10-11 01:19:59 ----N---- C:\WINDOWS\system32\tzchange.exe
2008-10-11 01:19:59 ----N---- C:\WINDOWS\system32\tspkg.dll
2008-10-11 01:19:59 ----N---- C:\WINDOWS\system32\tsgqec.dll
2008-10-11 01:19:59 ----N---- C:\WINDOWS\system32\slserv.exe
2008-10-11 01:19:59 ----N---- C:\WINDOWS\system32\slrundll.exe
2008-10-11 01:19:59 ----N---- C:\WINDOWS\system32\slgen.dll
2008-10-11 01:19:59 ----N---- C:\WINDOWS\system32\slextspk.dll
2008-10-11 01:19:59 ----N---- C:\WINDOWS\system32\slcoinst.dll
2008-10-11 01:19:59 ----N---- C:\WINDOWS\system32\setupn.exe
2008-10-11 01:19:58 ----N---- C:\WINDOWS\system32\wmphoto.dll
2008-10-11 01:19:58 ----N---- C:\WINDOWS\system32\wlanapi.dll
2008-10-11 01:19:57 ----N---- C:\WINDOWS\system32\xmllite.dll
2008-10-11 01:19:56 ----N---- C:\WINDOWS\slrundll.exe
2008-10-11 01:19:56 ----D---- C:\WINDOWS\system32\scripting
2008-10-11 01:19:56 ----D---- C:\WINDOWS\system32\en-us
2008-10-11 01:19:55 ----D---- C:\WINDOWS\system32\en
2008-10-11 01:19:55 ----D---- C:\WINDOWS\system32\bits
2008-10-11 01:19:55 ----D---- C:\WINDOWS\l2schemas
2008-10-11 01:17:41 ----D---- C:\WINDOWS\ServicePackFiles
2008-10-11 01:15:32 ----D---- C:\WINDOWS\network diagnostic
2008-10-11 01:14:30 ----A---- C:\WINDOWS\002862_.tmp
2008-10-11 01:11:05 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2008-10-11 01:02:49 ----ASH---- C:\Documents and Settings\Jordan\Application Data\desktop.ini
2008-10-11 01:02:47 ----D---- C:\Documents and Settings\Jordan\Application Data\InterVideo
2008-10-11 01:02:47 ----D---- C:\Documents and Settings\Jordan\Application Data\Intel
2008-10-11 01:02:47 ----D---- C:\Documents and Settings\Jordan\Application Data\Identities
2008-10-11 01:02:47 ----D---- C:\Documents and Settings\Jordan\Application Data\AOL
2008-10-11 01:02:46 ----SD---- C:\Documents and Settings\Jordan\Application Data\Microsoft
2008-10-11 01:02:46 ----D---- C:\Documents and Settings\Jordan\Application Data\You've Got Pictures Screensaver
2008-10-11 01:02:46 ----D---- C:\Documents and Settings\Jordan\Application Data\toshiba
2008-10-11 01:02:46 ----D---- C:\Documents and Settings\Jordan\Application Data\Protector Suite
2008-10-11 01:01:32 ----HDC---- C:\WINDOWS\$NtUninstallKB912945$
2008-10-11 01:01:03 ----A---- C:\WINDOWS\system32\results.txt
2008-10-11 01:00:47 ----D---- C:\Documents and Settings\All Users\Application Data\Intel
2008-10-11 01:00:25 ----DC---- C:\WINDOWS\system32\DRVSTORE
2008-10-11 00:50:35 ----SHD---- C:\System Volume Information
2008-10-10 23:45:42 ----SHD---- C:\WINDOWS\CSC
2008-10-10 23:29:48 ----HDC---- C:\WINDOWS\$NtUninstallKB954154_WM11$
2008-10-10 23:29:44 ----HDC---- C:\WINDOWS\$NtUninstallKB929399$
2008-10-10 23:29:27 ----HDC---- C:\WINDOWS\$NtUninstallKB936782_WMP11$
2008-10-10 23:29:12 ----HDC---- C:\WINDOWS\$NtUninstallKB939683$
2008-10-10 23:28:52 ----HDC---- C:\WINDOWS\$NtUninstallKB925766$
2008-10-10 23:16:05 ----D---- C:\Program Files\CCleaner
2008-10-10 23:01:01 ----D---- C:\Documents and Settings\Jordan\Application Data\OpenOffice.org2
2008-10-10 22:55:13 ----D---- C:\Documents and Settings\Jordan\Application Data\Sun
2008-10-10 22:52:13 ----A---- C:\WINDOWS\swupdate.INI
2008-10-10 22:46:05 ----D---- C:\WINDOWS\pss
2008-10-10 22:45:21 ----D---- C:\Documents and Settings\Jordan\Application Data\Google
2008-10-10 22:45:19 ----D---- C:\Documents and Settings\All Users\Application Data\Google
2008-10-10 22:39:09 ----N---- C:\WINDOWS\system32\spmsg.dll
2008-10-10 22:39:07 ----HDC---- C:\WINDOWS\$NtUninstallMSCompPackV1$
2008-10-10 22:38:53 ----D---- C:\Program Files\Windows Media Connect 2
2008-10-10 22:38:37 ----HDC---- C:\WINDOWS\$NtUninstallwmp11$
2008-10-10 22:37:29 ----HDC---- C:\WINDOWS\$NtUninstallWMFDist11$
2008-10-10 22:36:48 ----D---- C:\WINDOWS\system32\LogFiles
2008-10-10 22:36:43 ----HDC---- C:\WINDOWS\$NtUninstallWudf01000$
2008-10-10 22:16:58 ----D---- C:\Program Files\MSXML 4.0
2008-10-10 22:16:32 ----D---- C:\Documents and Settings\Jordan\Application Data\Adobe
2008-10-10 22:15:52 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2008-10-10 22:15:24 ----D---- C:\Program Files\Common Files\Adobe
2008-10-10 22:11:29 ----D---- C:\Documents and Settings\Jordan\Application Data\Opera
2008-10-10 22:11:17 ----D---- C:\Program Files\Opera
2008-10-10 22:08:00 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2008-10-10 22:07:56 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2008-10-10 22:07:52 ----HDC---- C:\WINDOWS\$NtUninstallKB953839$
2008-10-10 22:07:05 ----A---- C:\WINDOWS\system32\MRT.exe
2008-10-10 22:06:58 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2008-10-10 22:06:53 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2008-10-10 22:06:27 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2008-10-10 22:06:23 ----HDC---- C:\WINDOWS\$NtUninstallKB951072-v2$
2008-10-10 22:06:18 ----HDC---- C:\WINDOWS\$NtUninstallKB923689$
2008-10-10 22:05:53 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2008-10-10 22:05:38 ----HDC---- C:\WINDOWS\$NtUninstallKB953838$
2008-10-10 22:05:26 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2008-10-10 22:01:35 ----D---- C:\WINDOWS\system32\appmgmt
2008-10-10 21:54:20 ----A---- C:\WINDOWS\system32\MFC71.dll
2008-10-10 21:54:20 ----A---- C:\WINDOWS\system32\aswBoot.exe
2008-10-10 21:54:17 ----D---- C:\Program Files\Alwil Software
2008-10-10 21:47:12 ----SHD---- C:\RECYCLER
2008-10-10 21:43:07 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2008-10-10 21:43:03 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$
2008-10-10 21:42:59 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
2008-10-10 21:42:45 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2008-10-10 21:42:42 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$

======List of files/folders modified in the last 3 months======

2008-11-08 02:08:46 ----D---- C:\Program Files
2008-11-08 02:03:12 ----D---- C:\WINDOWS\Temp
2008-11-08 02:03:07 ----D---- C:\WINDOWS\system32\Lang
2008-11-08 01:57:34 ----A---- C:\WINDOWS\wininit.ini
2008-11-08 01:21:07 ----D---- C:\WINDOWS\system32\drivers
2008-11-08 01:20:57 ----N---- C:\WINDOWS\SchedLgU.Txt
2008-11-08 01:20:57 ----D---- C:\WINDOWS
2008-11-07 18:14:18 ----SHD---- C:\WINDOWS\Installer
2008-11-07 17:43:03 ----D---- C:\WINDOWS\system32\CatRoot2
2008-11-06 16:45:27 ----D---- C:\WINDOWS\system32
2008-11-02 23:37:42 ----D---- C:\Program Files\Adobe
2008-11-02 23:01:57 ----D---- C:\Program Files\Common Files
2008-11-02 22:54:07 ----D---- C:\WINDOWS\WinSxS
2008-11-02 22:51:10 ----RSD---- C:\WINDOWS\Fonts
2008-11-02 22:24:32 ----D---- C:\WINDOWS\system32\config
2008-11-02 21:57:08 ----HD---- C:\WINDOWS\inf
2008-11-02 21:57:07 ----D---- C:\WINDOWS\system32\ReinstallBackups
2008-11-02 21:54:13 ----D---- C:\WINDOWS\system32\wbem
2008-11-02 21:39:57 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2008-11-02 21:39:57 ----D---- C:\Program Files\Common Files\Microsoft Shared
2008-11-02 21:31:02 ----RSD---- C:\WINDOWS\assembly
2008-11-02 21:29:35 ----D---- C:\WINDOWS\system32\DirectX
2008-11-02 21:29:21 ----D---- C:\WINDOWS\Microsoft.NET
2008-11-02 20:05:17 ----SD---- C:\WINDOWS\Downloaded Program Files
2008-11-02 20:04:57 ----D---- C:\Program Files\Common Files\Nullsoft
2008-11-02 20:01:09 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2008-10-27 15:30:44 ----D---- C:\Program Files\Java
2008-10-27 15:25:09 ----D---- C:\WINDOWS\Registration
2008-10-23 15:32:38 ----RSHDC---- C:\WINDOWS\system32\dllcache
2008-10-23 15:32:26 ----HD---- C:\WINDOWS\$hf_mig$
2008-10-23 15:32:26 ----D---- C:\WINDOWS\system32\CatRoot
2008-10-18 22:21:29 ----D---- C:\Program Files\Microsoft Office
2008-10-18 21:57:24 ----D---- C:\Program Files\Common Files\System
2008-10-18 21:57:06 ----A---- C:\WINDOWS\win.ini
2008-10-18 20:30:48 ----D---- C:\WINDOWS\system32\Restore
2008-10-18 20:20:28 ----HD---- C:\Program Files\InstallShield Installation Information
2008-10-17 20:35:07 ----SD---- C:\WINDOWS\Tasks
2008-10-16 20:22:51 ----D---- C:\Program Files\Common Files\AOL
2008-10-16 20:17:56 ----D---- C:\Program Files\Viewpoint
2008-10-16 20:17:53 ----D---- C:\Documents and Settings\All Users\Application Data\Viewpoint
2008-10-16 20:17:32 ----D---- C:\Documents and Settings\All Users\Application Data\AOL
2008-10-16 20:00:48 ----D---- C:\WINDOWS\Debug
2008-10-15 11:34:24 ----A---- C:\WINDOWS\system32\netapi32.dll
2008-10-13 20:50:53 ----RASH---- C:\boot.ini
2008-10-13 20:50:53 ----A---- C:\WINDOWS\system.ini
2008-10-13 20:05:26 ----D---- C:\Program Files\Messenger
2008-10-13 16:35:59 ----D---- C:\Program Files\Online Services
2008-10-13 16:35:53 ----D---- C:\WINDOWS\system32\inetsrv
2008-10-13 16:35:53 ----D---- C:\WINDOWS\addins
2008-10-13 15:10:23 ----A---- C:\WINDOWS\ModemLog_TOSHIBA Software Modem.txt
2008-10-11 01:33:46 ----SD---- C:\WINDOWS\system32\Microsoft
2008-10-11 01:30:10 ----D---- C:\WINDOWS\SoftwareDistribution
2008-10-11 01:25:27 ----D---- C:\WINDOWS\system32\Setup
2008-10-11 01:25:27 ----D---- C:\WINDOWS\AppPatch
2008-10-11 01:24:51 ----D---- C:\WINDOWS\security
2008-10-11 01:20:08 ----D---- C:\WINDOWS\ime
2008-10-11 01:19:56 ----D---- C:\WINDOWS\system32\usmt
2008-10-11 01:19:55 ----D---- C:\WINDOWS\PeerNet
2008-10-11 01:19:54 ----D---- C:\Program Files\Movie Maker
2008-10-11 01:17:31 ----D---- C:\WINDOWS\system32\npp
2008-10-11 01:17:31 ----D---- C:\WINDOWS\mui
2008-10-11 01:17:30 ----D---- C:\WINDOWS\msagent
2008-10-11 01:17:28 ----D---- C:\WINDOWS\srchasst
2008-10-11 01:17:28 ----D---- C:\Program Files\NetMeeting
2008-10-11 01:17:27 ----D---- C:\WINDOWS\system32\Com
2008-10-11 01:17:24 ----D---- C:\Program Files\Windows NT
2008-10-11 01:17:24 ----D---- C:\Program Files\Outlook Express
2008-10-11 01:17:07 ----D---- C:\WINDOWS\system32\oobe
2008-10-11 01:04:15 ----AD---- C:\WINDOWS\I386
2008-10-11 01:02:43 ----D---- C:\Documents and Settings
2008-10-11 01:00:47 ----D---- C:\Program Files\Intel
2008-10-11 00:50:48 ----D---- C:\WINDOWS\Driver Cache
2008-10-10 23:43:37 ----D---- C:\WINDOWS\Help
2008-10-10 23:34:33 ----D---- C:\WINDOWS\ehome
2008-10-10 23:31:18 ----D---- C:\Program Files\Internet Explorer
2008-10-10 22:42:29 ----A---- C:\WINDOWS\ODBC.INI
2008-10-10 22:41:05 ----D---- C:\WINDOWS\pchealth
2008-10-10 22:40:31 ----D---- C:\WINDOWS\system
2008-10-10 22:38:53 ----D---- C:\Program Files\Windows Media Player
2008-10-10 22:01:35 ----D---- C:\Program Files\TOSHIBA
2008-10-10 21:46:43 ----D---- C:\Program Files\Pure Networks
2008-10-10 21:44:24 ----D---- C:\Program Files\Common Files\Real
2008-10-10 21:44:12 ----D---- C:\Program Files\QuickTime
2008-08-20 00:30:53 ----A---- C:\WINDOWS\system32\mshtml.dll
2008-08-20 00:30:52 ----A---- C:\WINDOWS\system32\urlmon.dll
2008-08-20 00:30:51 ----A---- C:\WINDOWS\system32\wininet.dll
2008-08-20 00:30:51 ----A---- C:\WINDOWS\system32\shdocvw.dll
2008-08-14 05:09:26 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2008-08-14 04:33:16 ----A---- C:\WINDOWS\system32\ntkrnlpa.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2008-07-19 26944]
R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2008-07-19 78416]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2008-07-19 42912]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 36352]
R1 meiudf;meiudf; C:\WINDOWS\System32\Drivers\meiudf.sys [2005-06-02 102384]
R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys []
R1 TPwSav;Common Driver; C:\WINDOWS\System32\Drivers\TPwSav.sys [2005-12-01 11264]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.9.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2008-10-11 21275]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-07-19 20560]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2008-07-19 94416]
R2 FdRedir;FdRedir; \??\C:\Program Files\Common Files\Protector Suite QL\Drivers\FdRedir.sys []
R2 FileDisk2;FileDisk Protector Kernel Driver; \??\C:\Program Files\Common Files\Protector Suite QL\Drivers\filedisk.sys []
R2 Netdevio;TOSHIBA Network Device Usermode I/O Protocol; C:\WINDOWS\system32\DRIVERS\netdevio.sys [2003-01-29 12032]
R2 s24trans;WLAN Transport; C:\WINDOWS\system32\DRIVERS\s24trans.sys [2005-11-28 13568]
R2 smihlp;SMI helper driver; \??\C:\Program Files\Protector Suite QL\smihlp.sys []
R3 AgereSoftModem;TOSHIBA V92 Software Modem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2005-11-15 1122656]
R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\WINDOWS\system32\DRIVERS\Apfiltr.sys [2004-11-15 101874]
R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2008-07-19 23152]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-14 13952]
R3 e1express;Intel(R) PRO/1000 PCI Express Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e1e5132.sys [2008-09-26 238736]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2005-11-28 1353820]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2005-12-09 4123136]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-14 79232]
R3 tbiosdrv;Toshiba Logical Tbios Device; C:\WINDOWS\system32\DRIVERS\tbiosdrv.sys [2005-08-24 9472]
R3 TcUsb;TC USB Kernel Driver; C:\WINDOWS\System32\Drivers\tcusb.sys [2006-01-13 28800]
R3 tifm21;tifm21; C:\WINDOWS\system32\drivers\tifm21.sys [2005-11-30 162560]
R3 Tvs;TOSHIBA Virtual Sound with SRS technologies; C:\WINDOWS\system32\DRIVERS\Tvs.sys [2005-11-30 43392]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-14 30208]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-14 59520]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 w39n51;Intel(R) PRO/Wireless 3945ABG Adapter Driver; C:\WINDOWS\system32\DRIVERS\w39n51.sys [2005-12-05 1428096]
S3 MHNDRV;MHN driver; C:\WINDOWS\system32\DRIVERS\mhndrv.sys [2004-08-10 11008]
S3 sffdisk;SFF Storage Class Driver; C:\WINDOWS\system32\DRIVERS\sffdisk.sys [2008-04-14 11904]
S3 sffp_sd;SFF Storage Protocol Driver for SDBus; C:\WINDOWS\system32\DRIVERS\sffp_sd.sys [2008-04-14 11008]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 wanatw;WAN Miniport (ATW); C:\WINDOWS\system32\DRIVERS\wanatw4.sys [2003-01-10 33588]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2008-07-19 16056]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2008-07-19 147640]
R2 CFSvcs;ConfigFree Service; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [2005-01-17 40960]
R2 DVD-RAM_Service;DVD-RAM_Service; C:\WINDOWS\system32\DVDRAMSV.exe [2004-08-28 110592]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [2005-11-28 114753]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2008-10-27 152984]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [2005-11-28 217164]
R2 S24EventMonitor;Intel(R) PROSet/Wireless Service; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [2005-11-28 540745]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files\Spyware Terminator\sp_rsser.exe [2008-10-27 570880]
R2 Swupdtmr;Swupdtmr; c:\Toshiba\IVP\swupdate\swupdtmr.exe [2005-07-12 40960]
R2 UPHClean;User Profile Hive Cleanup; C:\Program Files\UPHClean\uphclean.exe [2005-04-27 241725]
R2 Viewpoint Manager Service;Viewpoint Manager Service; C:\Program Files\Viewpoint\Common\ViewpointService.exe [2007-01-04 24652]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2008-07-23 348344]
R3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2008-11-02 654848]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe []
S3 MHN;MHN; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 ehRecvr;Media Center Receiver Service; C:\WINDOWS\eHome\ehRecvr.exe [2006-10-09 237568]
S4 ehSched;Media Center Scheduler Service; C:\WINDOWS\eHome\ehSched.exe [2005-08-05 102912]
S4 McrdSvc;Media Center Extender Service; C:\WINDOWS\ehome\mcrdsvc.exe [2005-08-05 99328]

-----------------EOF-----------------

 

First you need to report the false positive detection of psqlpwd.dll to the Spybot team. Include a copy of the scan log and the file too. Then, add it to the exclusions list so it is not detected in future scans.

It's great to hear you've ceased using P2P apps ... it shows too!
Fix these orphaned entries using HijackThis.

O2 - BHO: (no name) - {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - (no file)
O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
O3 - Toolbar: (no name) - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - (no file)
O3 - Toolbar: (no name) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - (no file)


Please provide details of the WT detections.

 

Thanks

Where would I find the spybot logs? I have searched but did not find a location. How do I undisclude an item as I already discluded it last night?

Thanks for checking my log this quick as I usually am paranoid for someone to look at it lol. Usually I would end up sending a PM to noahdfear after 3 days, but this time, I do not.

I will get all of the results back later tonight or tomorrow, as I am very busy with college and stuff. Thanks anyways for responding quickly.

I am suprised, yeah this thread is not that urgent, my computer is still operational. If it was not starting up right away, I probably would need the help this instant and experts would be able to tell that. Fast responses, amazing. lol

 

You first need to be in Spybot's Advanced mode.
Open Spybot and click Mode>Advanced mode from the menu.
In the left pane, select Tools, then View Report
Here you can select View Report, View Previous Report, etc.

To remove an item from the exclusions list;
Under the Settings header, you have options for Ignored items.
When you find something you have set to exclude, first select the entry, then right click the entry and select Remove from exclude list

 

Interesting Results

I deselected psqlpwd.dll as Virtumonde from the exclusion list.
It did not come up again. Wild Tangent constantly reappears. I removed the entries you asked. Maybe if I scan again the next couple days, Virtumonde would reappear, I do not know.

I ran the WT Remover.exe - no logs = just says (removal of WT components is complete)

 

info

info.txt logfile of random's system information tool 1.04 2008-11-09 00:51:42

======Uninstall list======

-->MsiExec.exe /I{0F122737-72B2-4095-8B3E-7AAE753DFD3D}
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {FAD8A83E-9BAC-4179-9268-A35948034D85}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-00A1-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0115-0409-0000-0000000FF1CE} /uninstall {FAD8A83E-9BAC-4179-9268-A35948034D85}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}
Adobe Acrobat 8.1.3 Professional-->msiexec /I {AC76BA86-1033-F400-7760-000000000003}
Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)-->MsiExec.exe /X{6846389C-BAC0-4374-808E-B120F86AF5D7}
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
AIM 6 Cloned--> "C:\Program Files\AIM6_Cloned\unins000.exe "
AIM 6-->C:\Program Files\AIM6\uninst.exe
ALPS Touch Pad Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}\setup.exe" UNINSTALL
AusLogics Disk Defrag--> "C:\Program Files\Auslogics\AusLogics Disk Defrag\unins000.exe "
AusLogics Registry Defrag--> "C:\Program Files\Auslogics\AusLogics Registry Defrag\unins000.exe "
avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll ",RunSetup
CCleaner (remove only)--> "C:\Program Files\CCleaner\uninst.exe "
CD/DVD Drive Acoustic Silencer-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}\Setup.exe" -l0x9
Cloudmark Desktop for Mozilla Thunderbird-->MsiExec.exe /X{527B9B7E-5249-4681-9259-018F7DDB351C}
Combined Community Codec Pack 2008-09-21 16:18--> "C:\Program Files\Combined Community Codec Pack\unins000.exe "
DVD-RAM Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9D765FA6-F2BC-40AF-8145-50808F9BDF4E}\setup.exe" -l0x9 DVD-RAM Driver
ExtractNow--> "C:\Program Files\ExtractNow\unins000.exe "
filehippo.com Update Checker--> "C:\Program Files\filehippo.com\uninstall.exe "
Google Toolbar for Internet Explorer--> "C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_0C68A50B7874478D.exe" /uninstall
Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}
High Definition Audio Driver Package - KB888111--> "C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe "
HijackThis 2.0.2--> "C:\Program Files\trend micro\HijackThis.exe" /uninstall
Hotfix for Windows Media Format 11 SDK (KB929399)--> "C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe "
Hotfix for Windows Media Player 10 (KB903157)--> "C:\WINDOWS\$NtUninstallKB903157$\spuninst\spuninst.exe "
Hotfix for Windows Media Player 11 (KB939683)--> "C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe "
Hotfix for Windows XP (KB952287)--> "C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe "
Intel(R) Graphics Media Accelerator Driver-->RUNDLL32.EXE C:\WINDOWS\system32\ialmrem.dll,UninstallW2KIGfx2ID PCI\VEN_8086&DEV_27A6 PCI\VEN_8086&DEV_27A2
Intel(R) Network Connections Drivers-->Prounstl.exe
Intel(R) PROSet/Wireless Software-->C:\WINDOWS\Installer\iProInst.exe
J2SE Runtime Environment 5.0 Update 4-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150040}
Java(TM) 6 Update 10-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216010FF}
Java(TM) 6 Update 4-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160040}
Learning Essentials for Microsoft Office-->MsiExec.exe /X{75F3A4B2-F6E8-434D-A2EF-DBBC016C6CB2}
Macromedia Flash Player 8-->MsiExec.exe /X{6815FCDD-401D-481E-BA88-31B4754C2B46}
Malwarebytes' Anti-Malware--> "C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe "
mCore-->MsiExec.exe /I{E81667C6-2856-46D6-ABEA-6A2F42166779}
mDrWiFi-->MsiExec.exe /I{F6090A17-0967-4A8A-B3C3-422A1B514D49}
Metamail (Toshiba Registration Utility)-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BE3F89C0-42D5-11D5-A40A-00105AC8331A}\setup.exe" -l0x9
mHelp-->MsiExec.exe /I{8C6BB412-D3A8-4AAE-A01B-35B681789D68}
Microsoft .NET Framework 1.1 Hotfix (KB928366)--> "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp "
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
Microsoft Compression Client Pack 1.0 for Windows XP--> "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe "
Microsoft Office Excel MUI (English) 2007-->MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE}
Microsoft Office Home and Student 2007--> "C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall HOMESTUDENTR /dll OSETUP.DLL
Microsoft Office Home and Student 2007-->MsiExec.exe /X{91120000-002F-0000-0000-0000000FF1CE}
Microsoft Office OneNote MUI (English) 2007-->MsiExec.exe /X{90120000-00A1-0409-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (English) 2007-->MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (English) 2007-->MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}
Microsoft Office Shared MUI (English) 2007-->MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}
Microsoft Office Shared Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}
Microsoft Office Word MUI (English) 2007-->MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE}
Microsoft Student 2007 for Learning Essentials-->RunDll32.exe advpack.dll, LaunchINFSectionEx C:\Program Files\Learning Essentials\1.0\en\US\Microsoft Student 2007\Uninstall\Uninstall.inf,Uninstall,,,N
Microsoft Student with Encarta Premium 2008-->MsiExec.exe /I{08041881-FCA5-44A7-B863-D66037A16AAF}
Microsoft User-Mode Driver Framework Feature Pack 1.0--> "C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe "
mIWA-->MsiExec.exe /I{3E9D596A-61D4-4239-BD19-2DB984D2A16F}
mLogView-->MsiExec.exe /I{0E2B0B41-7E08-4F9F-B21F-41C4133F43B7}
mMHouse-->MsiExec.exe /I{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}
Mozilla Thunderbird (2.0.0.17)-->C:\Program Files\Mozilla Thunderbird\uninstall\helper.exe
mPfMgr-->MsiExec.exe /I{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}
mPfWiz-->MsiExec.exe /I{90B0D222-8C21-4B35-9262-53B042F18AF9}
mProSafe-->MsiExec.exe /I{23FB368F-1399-4EAC-817C-4B83ECBE3D83}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 6.0 Parser-->MsiExec.exe /I{AEB9948B-4FF2-47C9-990E-47014492A0FE}
mWlsSafe-->MsiExec.exe /I{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}
mXML-->MsiExec.exe /I{9CC89556-3578-48DD-8408-04E66EBEF401}
mZConfig-->MsiExec.exe /I{94658027-9F16-4509-BBD7-A59FE57C3023}
Nero OEM-->C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
Office 2003 Trial Assistant-->MsiExec.exe /I{47D2103B-FD51-4017-9C20-DD408B17D726}
Opera 9.62-->MsiExec.exe /X{8318FEFD-F467-44D6-82B8-129374BFE9B1}
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -l0x9 -removeonly
Royale Remixed Theme-->MsiExec.exe /I{993A94A9-DCE3-4774-B35D-D8C74FC1E0BE}
SD Secure Module-->MsiExec.exe /X{C45F4811-31D5-4786-801D-F79CD06EDD85}
Security Update for 2007 Microsoft Office System (KB951944)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {797AE457-BA17-4BBC-B501-25FB3A0103C7}
Security Update for 2007 Microsoft Office System (KB955936)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {1D94099C-2BBA-440E-BD5E-093BBDF8F028}
Security Update for Microsoft Office Excel 2007 (KB955470)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {6E8637D8-10D6-4568-AA06-E2706F31685E}
Security Update for Microsoft Office PowerPoint 2007 (KB951338)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {558B709B-821B-4FC5-90FC-9A8890641E77}
Security Update for Microsoft Office system 2007 (KB951808)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {8F375E11-4FD6-4B89-9E2B-A76D48B51E00}
Security Update for Microsoft Office system 2007 (KB954326)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {5F7F6FFF-395D-480E-8450-64F385D82C5F}
Security Update for Microsoft Office Word 2007 (KB950113)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {AD72BABE-C733-4FCF-9674-4314466191B9}
Security Update for Windows Media Player 11 (KB936782)--> "C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe "
Security Update for Windows Media Player 11 (KB954154)--> "C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe "
Security Update for Windows XP (KB923689)--> "C:\WINDOWS\$NtUninstallKB923689$\spuninst\spuninst.exe "
Security Update for Windows XP (KB938464)--> "C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe "
Security Update for Windows XP (KB941569)--> "C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe "
Security Update for Windows XP (KB946648)--> "C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe "
Security Update for Windows XP (KB950762)--> "C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe "
Security Update for Windows XP (KB950974)--> "C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe "
Security Update for Windows XP (KB951066)--> "C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe "
Security Update for Windows XP (KB951376-v2)--> "C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe "
Security Update for Windows XP (KB951698)--> "C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe "
Security Update for Windows XP (KB951748)--> "C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe "
Security Update for Windows XP (KB952954)--> "C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe "
Security Update for Windows XP (KB953838)--> "C:\WINDOWS\$NtUninstallKB953838$\spuninst\spuninst.exe "
Security Update for Windows XP (KB953839)--> "C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe "
Security Update for Windows XP (KB954211)--> "C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe "
Security Update for Windows XP (KB956390)--> "C:\WINDOWS\$NtUninstallKB956390$\spuninst\spuninst.exe "
Security Update for Windows XP (KB956391)--> "C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe "
Security Update for Windows XP (KB956803)--> "C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe "
Security Update for Windows XP (KB956841)--> "C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe "
Security Update for Windows XP (KB957095)--> "C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe "
Security Update for Windows XP (KB958644)--> "C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe "
SMSC IrCC V5.1.3600.5 SP2-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0700\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F1B8DB67-D30E-4FF9-A85F-3CEE51825AA2}\setup.exe" -l0x9 UNINSTALL
Sonic Encoders-->MsiExec.exe /I{9941F0AA-B903-4AF4-A055-83A9815CC011}
Spybot - Search & Destroy--> "C:\Program Files\Spybot - Search & Destroy\unins000.exe "
Spyware Terminator--> "C:\Program Files\Spyware Terminator\unins000.exe "
SpywareBlaster 4.1--> "C:\Program Files\SpywareBlaster\unins000.exe "
TOSHIBA Accessibility-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{3A57482F-BEBC-47E4-ADA1-6302403C7E50} /l1033
TOSHIBA Assist-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{12B3A009-A080-4619-9A2A-C6DB151D8D67}\Setup.exe" -l0x9
TOSHIBA ConfigFree-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BDD83DC9-BEE9-4654-A5DA-CC46C250088D}\setup.exe" -l0x9 UNINSTALL
TOSHIBA Controls-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{5BCA8D15-BCB6-421E-9654-238B43456A4F} /l1033
TOSHIBA Fn-esse-->C:\WINDOWS\UnInst32.exe Fn-esse.UNI
TOSHIBA Hardware Setup-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{5279374D-87FE-4879-9385-F17278EBB9D3} /l1033
TOSHIBA Hotkey Utility-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{7900D3A6-A9E8-4954-ACCB-AB15867978BF} /l1033
TOSHIBA PC Diagnostic Tool-->C:\WINDOWS\IsUninst.exe -f "C:\Program Files\TOSHIBA\PCDiag\Uninst.isu "
TOSHIBA Power Saver-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{A38D57D1-5F29-4691-B3DD-FE4B3A7B3AFE} /l1033
TOSHIBA SD Memory Card Format-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{48CF9A66-5F03-4025-ABD0-B3A3FA095A59}\Setup.exe"
TOSHIBA Software Modem-->Tosmreg -U
TOSHIBA Software Upgrades-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{425A2BC2-AA64-4107-9C29-484245BBEA05}\setup.exe"
TOSHIBA Speech System Applications-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EE033C1F-443E-41EC-A0E2-559B539A4E4D}\Setup.exe" -l0x9
TOSHIBA Speech System SR Engine(U.S.) Version1.0-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{008D69EB-70FF-46AB-9C75-924620DF191A}\Setup.exe" -l0x9 UNINSTALL
TOSHIBA Speech System TTS Engine(U.S.) Version1.0-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3FBF6F99-8EC6-41B4-8527-0A32241B5496}\Setup.exe" -l0x9
TOSHIBA Supervisor Password-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE} /l1033
TOSHIBA Virtual Sound-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8B12BA86-ADAC-4BA6-B441-FFC591087252}\Setup.exe" /uninstall
TOSHIBA Zooming Utility-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{02EED746-8C5A-43C8-BB3D-D29C8B363A4D} /l1033
Touch and Launch-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5D96E2B1-D9AC-46E0-9073-425C5F63E338}\Setup.exe"
TouchPad On/Off Utility-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{80977342-27E8-4FF7-8B6A-D8D89461DA7F} /l1033
Unlocker 1.8.7-->C:\Program Files\Unlocker\uninst.exe
Update for Office 2007 (KB946691)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278}
Update for Windows XP (KB898461)--> "C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe "
Update for Windows XP (KB943729)--> "C:\WINDOWS\$NtUninstallKB943729$\spuninst\spuninst.exe "
Update for Windows XP (KB951072-v2)--> "C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe "
Update for Windows XP (KB951978)--> "C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe "
Update Rollup 2 for Windows XP Media Center Edition 2005-->C:\WINDOWS\$NtUninstallKB900325$\spuninst\spuninst.exe
User Profile Hive Cleanup Service-->MsiExec.exe /I{FF77941A-2BFA-4A18-BE2E-69B9498E4D55}
Viewpoint Media Player-->C:\Program Files\Viewpoint\Viewpoint Experience Technology\mtsAxInstaller.exe /u
Windows Media Format 11 runtime--> "C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime--> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe "
Windows Media Player 11--> "C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Windows Media Player 11--> "C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe "
Windows XP Media Center Edition 2005 KB888316-->C:\WINDOWS\$NtUninstallKB888316$\spuninst\spuninst.exe
Windows XP Media Center Edition 2005 KB925766--> "C:\WINDOWS\$NtUninstallKB925766$\spuninst\spuninst.exe "
Windows XP Service Pack 3--> "C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe "
WOT for Internet Explorer-->MsiExec.exe /X{5AC2D321-11E2-47E7-A1CA-61A34C2057AB}

=====HijackThis Backups=====

O3 - Toolbar: (no name) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - (no file)
O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
O2 - BHO: (no name) - {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - (no file)
O3 - Toolbar: (no name) - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - (no file)

======Hosts File======

127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com

======Security center information======

AV: avast! antivirus 4.8.1229 [VPS 081108-0]

======Environment variables======

"ComSpec "=%SystemRoot%\system32\cmd.exe
"Path "=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem
"windir "=%SystemRoot%
"FP_NO_HOST_CHECK "=NO
"OS "=Windows_NT
"PROCESSOR_ARCHITECTURE "=x86
"PROCESSOR_LEVEL "=6
"PROCESSOR_IDENTIFIER "=x86 Family 6 Model 14 Stepping 8, GenuineIntel
"PROCESSOR_REVISION "=0e08
"NUMBER_OF_PROCESSORS "=2
"PATHEXT "=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP "=%SystemRoot%\TEMP
"TMP "=%SystemRoot%\TEMP

-----------------EOF-----------------

 

log

Logfile of random's system information tool 1.04 (written by random/random)
Run by Jordan at 2008-11-09 00:50:40
Microsoft Windows XP Professional Service Pack 3
System drive C: has 99 GB (86%) free of 114 GB
Total RAM: 1014 MB (56% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:51:39 AM, on 11/9/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\WINDOWS\system32\DVDRAMSV.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
c:\Toshiba\IVP\swupdate\swupdtmr.exe
C:\Program Files\UPHClean\uphclean.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\ltmoh\Ltmoh.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Toshiba\Tvs\TvsTray.exe
C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe
C:\WINDOWS\system32\TPSMain.exe
C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
C:\WINDOWS\system32\ZoomingHook.exe
C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
C:\Program Files\TOSHIBA\TouchPad\TPTray.exe
C:\WINDOWS\system32\TCtrlIOHook.exe
C:\WINDOWS\system32\TDispVol.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\toshiba\ivp\ism\pinger.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Protector Suite QL\psqltray.exe
C:\WINDOWS\system32\TPSBattM.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft Student\Microsoft Student with Encarta Premium 2008 DVD\EDICT.EXE
C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe
C:\WINDOWS\system32\RAMASST.exe
C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Jordan\Desktop\RSIT.exe
C:\Program Files\trend micro\HijackThis\Jordan.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.toshibadirect.com/dpdstart
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll (file missing)
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [HWSetup] C:\Program Files\TOSHIBA\TOSHIBA Applet\HWSetup.exe hwSetUP
O4 - HKLM\..\Run: [SVPWUTIL] C:\Program Files\Toshiba\Windows Utilities\SVPWUTIL.exe SVPwUTIL
O4 - HKLM\..\Run: [Tvs] C:\Program Files\Toshiba\Tvs\TvsTray.exe
O4 - HKLM\..\Run: [PSQLLauncher] "C:\Program Files\Protector Suite QL\launcher.exe" /startup
O4 - HKLM\..\Run: [CeEKEY] C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe
O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
O4 - HKLM\..\Run: [PadTouch] C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
O4 - HKLM\..\Run: [ZoomingHook] ZoomingHook.exe
O4 - HKLM\..\Run: [SmoothView] C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
O4 - HKLM\..\Run: [TPNF] C:\Program Files\TOSHIBA\TouchPad\TPTray.exe
O4 - HKLM\..\Run: [TCtryIOHook] TCtrlIOHook.exe
O4 - HKLM\..\Run: [TDispVol] TDispVol.exe
O4 - HKLM\..\Run: [Pinger] c:\toshiba\ivp\ism\pinger.exe /run
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe "
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe "
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe "
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe "
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6_Cloned\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - HKCU\..\Run: [L08AXLRD_7153437] "C:\Program Files\Microsoft Student\Microsoft Student with Encarta Premium 2008 DVD\EDICT.EXE" -m
O4 - Global Startup: InterVideo WinCinema Manager.lnk.disabled
O4 - Global Startup: Metamail Trust Manager.lnk.disabled
O4 - Global Startup: RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe
O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Encarta Search Bar - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Common Files\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.toshibadirect.com/dpdstart
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/win...ls/en/x86/client/wuweb_site.cab?1223706525312
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/mic...ls/en/x86/client/muweb_site.cab?1223706606421
O18 - Protocol: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - (no file)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\system32\DVDRAMSV.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Unknown owner - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (file missing)
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: Swupdtmr - Unknown owner - c:\Toshiba\IVP\swupdate\swupdtmr.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

--
End of file - 11298 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Registration reminder 2.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2008-09-15 1562960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2008-10-27 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2008-11-07 251504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2007-05-10 321120]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll [2008-11-07 522224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-10-27 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2008-10-27 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2007-05-10 321120]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2008-11-07 251504]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"igfxtray "=C:\WINDOWS\system32\igfxtray.exe [2005-11-28 98304]
"igfxhkcmd "=C:\WINDOWS\system32\hkcmd.exe [2005-11-28 77824]
"igfxpers "=C:\WINDOWS\system32\igfxpers.exe [2005-11-28 118784]
"RTHDCPL "=C:\WINDOWS\RTHDCPL.EXE [2005-12-09 15691264]
"Alcmtr "=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"Apoint "=C:\Program Files\Apoint2K\Apoint.exe [2004-03-24 196608]
"LtMoh "=C:\Program Files\ltmoh\Ltmoh.exe [2004-08-18 184320]
"AGRSMMSG "=C:\WINDOWS\AGRSMMSG.exe [2005-10-15 88203]
"HWSetup "=C:\Program Files\TOSHIBA\TOSHIBA Applet\HWSetup.exe [2004-05-01 28672]
"SVPWUTIL "=C:\Program Files\Toshiba\Windows Utilities\SVPWUTIL.exe [2004-05-01 65536]
"Tvs "=C:\Program Files\Toshiba\Tvs\TvsTray.exe [2005-11-30 73728]
"PSQLLauncher "=C:\Program Files\Protector Suite QL\launcher.exe [2006-01-13 30208]
"CeEKEY "=C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe [2005-12-01 671744]
"TPSMain "=C:\WINDOWS\system32\TPSMain.exe [2005-05-31 282624]
"PadTouch "=C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe [2005-07-15 1077322]
"ZoomingHook "=C:\WINDOWS\system32\ZoomingHook.exe [2005-06-06 24576]
"SmoothView "=C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe [2005-04-26 122880]
"TPNF "=C:\Program Files\TOSHIBA\TouchPad\TPTray.exe [2005-12-13 53248]
"TCtryIOHook "=C:\WINDOWS\system32\TCtrlIOHook.exe [2006-01-03 28672]
"TDispVol "=C:\WINDOWS\system32\TDispVol.exe [2005-12-27 73728]
"Pinger "=c:\toshiba\ivp\ism\pinger.exe [2005-03-17 151552]
"IntelZeroConfig "=C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe [2005-12-05 667718]
"IntelWireless "=C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe [2005-11-28 602182]
"avast! "=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2008-07-19 78008]
"SunJavaUpdateSched "=C:\Program Files\Java\jre6\bin\jusched.exe [2008-10-27 136600]
"SpywareTerminator "=C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe [2008-10-27 1783808]
"Acrobat Assistant 8.0 "=C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe [2008-10-14 623992]
" "= []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"TOSCDSPD "=C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe [2004-12-30 65536]
"ctfmon.exe "=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"Aim6 "=C:\Program Files\AIM6_Cloned\aim6.exe [2008-10-21 50472]
"L08AXLRD_7153437 "=C:\Program Files\Microsoft Student\Microsoft Student with Encarta Premium 2008 DVD\EDICT.EXE [2007-05-21 351000]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
[]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
InterVideo WinCinema Manager.lnk.disabled - C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
Metamail Trust Manager.lnk.disabled - C:\Program Files\Metamail Inc\Metamail Tray\Metamail Trust Manager.exe
RAMASST.lnk - C:\WINDOWS\system32\RAMASST.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2005-11-28 135168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\psfus]
C:\WINDOWS\system32\psqlpwd.dll [2006-01-13 40448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages "=scecli
psqlpwd

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername "=0
"legalnoticecaption "=
"legalnoticetext "=
"shutdownwithoutlogon "=1
"undockwithoutlogon "=1
"InstallVisualStyle "=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme "=C:\WINDOWS\Resources\Themes\Royale.theme

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun "=145
"NoActiveDesktop "=00000000

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe "= "%windir%\system32\sessmgr.exe:*:enabledxpsp2res.dll,-22019 "
"C:\TOSHIBA\ivp\NetInt\Netint.exe "= "C:\TOSHIBA\ivp\NetInt\Netint.exe:*:Enabled:NIE - Toshiba Software Upgrade Engine "
"C:\TOSHIBA\Ivp\ISM\pinger.exe "= "C:\TOSHIBA\IVP\ISM\pinger.exe:*:Enabled:Toshiba Software Upgrades Pinger "
"%windir%\Network Diagnostic\xpnetdiag.exe "= "%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabledxpsp3res.dll,-20000 "
"C:\Program Files\AIM6\aim6.exe "= "C:\Program Files\AIM6\aim6.exe:*:Enabled:AIM "
"C:\Program Files\AIM6_Cloned\aim6.exe "= "C:\Program Files\AIM6_Cloned\aim6.exe:*:Enabled:AIM "

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe "= "%windir%\system32\sessmgr.exe:*:enabledxpsp2res.dll,-22019 "
"%windir%\Network Diagnostic\xpnetdiag.exe "= "%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabledxpsp3res.dll,-20000 "

======List of files/folders created in the last 3 months======

2008-11-08 02:08:46 ----D---- C:\rsit
2008-11-08 02:08:46 ----D---- C:\Program Files\trend micro
2008-11-07 18:14:03 ----D---- C:\Program Files\Google
2008-11-07 17:53:13 ----D---- C:\Program Files\ViStart
2008-11-07 17:53:13 ----D---- C:\Documents and Settings\Jordan\Application Data\ViStart
2008-11-02 23:01:57 ----D---- C:\Program Files\Common Files\Macrovision Shared
2008-11-02 21:54:11 ----HDC---- C:\WINDOWS\$NtUninstallKB943729$
2008-11-02 21:35:23 ----D---- C:\Program Files\Microsoft Student
2008-11-02 21:30:28 ----D---- C:\Program Files\Learning Essentials
2008-11-02 21:29:34 ----A---- C:\WINDOWS\system32\xinput1_1.dll
2008-11-02 21:29:18 ----A---- C:\WINDOWS\system32\d3dx9_30.dll
2008-11-02 21:29:17 ----A---- C:\WINDOWS\system32\d3dx9_29.dll
2008-11-02 21:29:17 ----A---- C:\WINDOWS\system32\d3dx9_28.dll
2008-11-02 21:29:16 ----A---- C:\WINDOWS\system32\xinput9_1_0.dll
2008-11-02 21:29:15 ----A---- C:\WINDOWS\system32\d3dx9_27.dll
2008-11-02 21:29:14 ----A---- C:\WINDOWS\system32\d3dx9_26.dll
2008-11-02 21:29:14 ----A---- C:\WINDOWS\system32\d3dx9_25.dll
2008-11-02 21:29:11 ----A---- C:\WINDOWS\system32\d3dx9_24.dll
2008-11-02 20:52:05 ----D---- C:\Program Files\AIM6_Cloned
2008-11-02 20:49:27 ----D---- C:\Program Files\AIM6
2008-11-02 20:14:40 ----D---- C:\Documents and Settings\All Users\Application Data\FLEXnet
2008-10-31 21:21:15 ----D---- C:\ie-spyad_zo
2008-10-31 21:02:12 ----D---- C:\Program Files\WOT
2008-10-28 16:55:54 ----D---- C:\Program Files\Unlocker
2008-10-27 18:34:53 ----D---- C:\Documents and Settings\Jordan\Application Data\Spyware Terminator
2008-10-27 18:34:53 ----D---- C:\Documents and Settings\All Users\Application Data\Spyware Terminator
2008-10-27 18:34:50 ----D---- C:\Program Files\Spyware Terminator
2008-10-27 15:31:11 ----A---- C:\WINDOWS\system32\javaws.exe
2008-10-27 15:31:11 ----A---- C:\WINDOWS\system32\javaw.exe
2008-10-27 15:31:11 ----A---- C:\WINDOWS\system32\java.exe
2008-10-27 15:31:11 ----A---- C:\WINDOWS\system32\deploytk.dll
2008-10-27 15:28:38 ----D---- C:\Program Files\filehippo.com
2008-10-23 15:32:36 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2008-10-19 20:45:57 ----D---- C:\Documents and Settings\Jordan\Application Data\Template
2008-10-19 20:45:24 ----D---- C:\Documents and Settings\Jordan\Application Data\Thinstall
2008-10-19 20:40:13 ----D---- C:\Program Files\Microsoft Works 9.0
2008-10-19 16:37:22 ----D---- C:\Documents and Settings\Jordan\Application Data\Sonic
2008-10-18 22:29:48 ----D---- C:\Documents and Settings\Jordan\Application Data\Malwarebytes
2008-10-18 22:29:43 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-10-18 22:29:42 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2008-10-18 22:21:24 ----D---- C:\Program Files\Common Files\DESIGNER
2008-10-18 22:21:00 ----D---- C:\Program Files\Microsoft.NET
2008-10-18 22:18:54 ----D---- C:\WINDOWS\SHELLNEW
2008-10-18 22:18:25 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2008-10-18 22:18:02 ----RHD---- C:\MSOCache
2008-10-18 21:48:59 ----D---- C:\Program Files\Combined Community Codec Pack
2008-10-18 20:25:45 ----D---- C:\Documents and Settings\Jordan\Application Data\Media Player Classic
2008-10-18 20:24:04 ----A---- C:\WINDOWS\NeroDigital.ini
2008-10-18 20:23:52 ----A---- C:\DVDPATH.TXT
2008-10-18 20:15:27 ----D---- C:\Documents and Settings\Jordan\Application Data\acccore
2008-10-17 20:34:05 ----N---- C:\WINDOWS\system32\TwnLib4.dll
2008-10-17 20:34:04 ----N---- C:\WINDOWS\system32\ImagXRA7.dll
2008-10-17 20:34:04 ----N---- C:\WINDOWS\system32\ImagXR7.dll
2008-10-17 20:34:04 ----N---- C:\WINDOWS\system32\ImagXpr7.dll
2008-10-17 20:34:04 ----A---- C:\WINDOWS\system32\TwnLib20.dll
2008-10-17 20:34:03 ----N---- C:\WINDOWS\system32\ImagX7.dll
2008-10-17 20:34:03 ----A---- C:\WINDOWS\system32\NeroCheck.exe
2008-10-17 20:34:02 ----D---- C:\Program Files\Common Files\Ahead
2008-10-17 20:34:01 ----D---- C:\Program Files\Ahead
2008-10-16 21:12:16 ----D---- C:\Program Files\RegSeeker
2008-10-16 20:53:42 ----D---- C:\Program Files\ExtractNow
2008-10-16 20:44:31 ----D---- C:\Program Files\UPHClean
2008-10-16 20:18:02 ----D---- C:\Documents and Settings\Jordan\Application Data\Cloudmark
2008-10-16 20:17:59 ----D---- C:\Documents and Settings\All Users\Application Data\Cloudmark
2008-10-16 20:17:51 ----D---- C:\Documents and Settings\All Users\Application Data\acccore
2008-10-16 20:17:43 ----D---- C:\Program Files\Common Files\Cloudmark
2008-10-16 20:17:43 ----D---- C:\Program Files\Cloudmark
2008-10-16 20:17:32 ----D---- C:\Documents and Settings\All Users\Application Data\AOL OCP
2008-10-16 20:17:21 ----D---- C:\WINDOWS\Downloaded Installations
2008-10-16 20:04:16 ----D---- C:\Documents and Settings\Jordan\Application Data\Talkback
2008-10-16 20:04:02 ----D---- C:\Documents and Settings\Jordan\Application Data\Thunderbird
2008-10-16 20:04:02 ----D---- C:\Documents and Settings\Jordan\Application Data\Mozilla
2008-10-16 20:03:54 ----D---- C:\Program Files\Mozilla Thunderbird
2008-10-16 20:00:26 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2008-10-16 20:00:21 ----HDC---- C:\WINDOWS\$NtUninstallKB956391$
2008-10-16 20:00:15 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$
2008-10-16 20:00:10 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$
2008-10-16 19:59:58 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$
2008-10-16 19:58:49 ----D---- C:\Documents and Settings\Jordan\Application Data\Auslogics
2008-10-16 19:58:41 ----D---- C:\Program Files\Auslogics
2008-10-16 19:58:40 ----HDC---- C:\WINDOWS\$NtUninstallKB956390$
2008-10-13 20:34:35 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2008-10-13 20:34:31 ----D---- C:\Program Files\SpywareBlaster
2008-10-13 20:27:33 ----D---- C:\Program Files\Spybot - Search & Destroy
2008-10-13 20:27:33 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-10-11 01:41:42 ----A---- C:\WINDOWS\msoffice.ini
2008-10-11 01:38:55 ----D---- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2008-10-11 01:38:02 ----D---- C:\WINDOWS\system32\PreInstall
2008-10-11 01:38:01 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$
2008-10-11 01:34:29 ----A---- C:\WINDOWS\system32\mucltui.dll.mui
2008-10-11 01:34:29 ----A---- C:\WINDOWS\system32\mucltui.dll
2008-10-11 01:32:17 ----D---- C:\Documents and Settings\Jordan\Application Data\Macromedia
2008-10-11 01:29:22 ----A---- C:\WINDOWS\system32\wups2.dll
2008-10-11 01:29:22 ----A---- C:\WINDOWS\system32\wucltui.dll.mui
2008-10-11 01:29:22 ----A---- C:\WINDOWS\system32\wuaueng.dll.mui
2008-10-11 01:29:21 ----D---- C:\WINDOWS\system32\SoftwareDistribution
2008-10-11 01:29:21 ----A---- C:\WINDOWS\system32\wuapi.dll.mui
2008-10-11 01:25:50 ----D---- C:\WINDOWS\Prefetch
2008-10-11 01:20:18 ----N---- C:\WINDOWS\system32\msxml6r.dll
2008-10-11 01:20:18 ----N---- C:\WINDOWS\system32\msxml6.dll
2008-10-11 01:20:08 ----N---- C:\WINDOWS\system32\comsdupd.exe
2008-10-11 01:20:05 ----N---- C:\WINDOWS\system32\bitsprx4.dll
2008-10-11 01:20:05 ----N---- C:\WINDOWS\system32\azroles.dll
2008-10-11 01:20:05 ----N---- C:\WINDOWS\system32\ativvaxx.dll
2008-10-11 01:20:05 ----N---- C:\WINDOWS\system32\ativtmxx.dll
2008-10-11 01:20:05 ----N---- C:\WINDOWS\system32\ati3duag.dll
2008-10-11 01:20:05 ----N---- C:\WINDOWS\system32\ati3d1ag.dll
2008-10-11 01:20:05 ----N---- C:\WINDOWS\system32\ati2dvag.dll
2008-10-11 01:20:05 ----N---- C:\WINDOWS\system32\ati2dvaa.dll
2008-10-11 01:20:05 ----N---- C:\WINDOWS\system32\ati2cqag.dll
2008-10-11 01:20:05 ----N---- C:\WINDOWS\system32\aaclient.dll
2008-10-11 01:20:04 ----N---- C:\WINDOWS\system32\eapolqec.dll
2008-10-11 01:20:04 ----N---- C:\WINDOWS\system32\dot3ui.dll
2008-10-11 01:20:04 ----N---- C:\WINDOWS\system32\dot3svc.dll
2008-10-11 01:20:04 ----N---- C:\WINDOWS\system32\dot3msm.dll
2008-10-11 01:20:04 ----N---- C:\WINDOWS\system32\dot3gpclnt.dll
2008-10-11 01:20:04 ----N---- C:\WINDOWS\system32\dot3dlg.dll
2008-10-11 01:20:04 ----N---- C:\WINDOWS\system32\dot3cfg.dll
2008-10-11 01:20:04 ----N---- C:\WINDOWS\system32\dot3api.dll
2008-10-11 01:20:04 ----N---- C:\WINDOWS\system32\dimsroam.dll
2008-10-11 01:20:04 ----N---- C:\WINDOWS\system32\dimsntfy.dll
2008-10-11 01:20:04 ----N---- C:\WINDOWS\system32\dhcpqec.dll
2008-10-11 01:20:04 ----N---- C:\WINDOWS\system32\credssp.dll
2008-10-11 01:20:03 ----N---- C:\WINDOWS\system32\hsfcisp2.dll
2008-10-11 01:20:03 ----N---- C:\WINDOWS\system32\eapsvc.dll
2008-10-11 01:20:03 ----N---- C:\WINDOWS\system32\eapqec.dll
2008-10-11 01:20:03 ----N---- C:\WINDOWS\system32\eappprxy.dll
2008-10-11 01:20:03 ----N---- C:\WINDOWS\system32\eapphost.dll
2008-10-11 01:20:03 ----N---- C:\WINDOWS\system32\eappgnui.dll
2008-10-11 01:20:03 ----N---- C:\WINDOWS\system32\eappcfg.dll
2008-10-11 01:20:03 ----N---- C:\WINDOWS\system32\eapp3hst.dll
2008-10-11 01:20:02 ----N---- C:\WINDOWS\system32\kmsvc.dll
2008-10-11 01:20:02 ----N---- C:\WINDOWS\system32\kbdpash.dll
2008-10-11 01:20:02 ----N---- C:\WINDOWS\system32\kbdnepr.dll
2008-10-11 01:20:02 ----N---- C:\WINDOWS\system32\kbdiultn.dll
2008-10-11 01:20:02 ----N---- C:\WINDOWS\system32\kbdbhc.dll
2008-10-11 01:20:01 ----N---- C:\WINDOWS\system32\napstat.exe
2008-10-11 01:20:01 ----N---- C:\WINDOWS\system32\napmontr.dll
2008-10-11 01:20:01 ----N---- C:\WINDOWS\system32\napipsec.dll
2008-10-11 01:20:01 ----N---- C:\WINDOWS\system32\mtxparhd.dll
2008-10-11 01:20:01 ----N---- C:\WINDOWS\system32\msshavmsg.dll
2008-10-11 01:20:01 ----N---- C:\WINDOWS\system32\mssha.dll
2008-10-11 01:20:01 ----N---- C:\WINDOWS\system32\mmcperf.exe
2008-10-11 01:20:01 ----N---- C:\WINDOWS\system32\mmcfxcommon.dll
2008-10-11 01:20:01 ----N---- C:\WINDOWS\system32\mmcex.dll
2008-10-11 01:20:01 ----N---- C:\WINDOWS\system32\microsoft.managementconsole.dll
2008-10-11 01:20:01 ----N---- C:\WINDOWS\system32\mdmxsdk.dll
2008-10-11 01:20:01 ----N---- C:\WINDOWS\system32\l2gpstore.dll
2008-10-11 01:20:00 ----N---- C:\WINDOWS\system32\s3gnb.dll
2008-10-11 01:20:00 ----N---- C:\WINDOWS\system32\rhttpaa.dll
2008-10-11 01:20:00 ----N---- C:\WINDOWS\system32\rasqec.dll
2008-10-11 01:20:00 ----N---- C:\WINDOWS\system32\qutil.dll
2008-10-11 01:20:00 ----N---- C:\WINDOWS\system32\qcliprov.dll
2008-10-11 01:20:00 ----N---- C:\WINDOWS\system32\qagentrt.dll
2008-10-11 01:20:00 ----N---- C:\WINDOWS\system32\qagent.dll
2008-10-11 01:20:00 ----N---- C:\WINDOWS\system32\photometadatahandler.dll
2008-10-11 01:20:00 ----N---- C:\WINDOWS\system32\onex.dll
2008-10-11 01:20:00 ----N---- C:\WINDOWS\system32\nv4_disp.dll
2008-10-11 01:19:59 ----N---- C:\WINDOWS\system32\windowscodecsext.dll
2008-10-11 01:19:59 ----N---- C:\WINDOWS\system32\windowscodecs.dll
2008-10-11 01:19:59 ----N---- C:\WINDOWS\system32\verclsid.exe
2008-10-11 01:19:59 ----N---- C:\WINDOWS\system32\tzchange.exe
2008-10-11 01:19:59 ----N---- C:\WINDOWS\system32\tspkg.dll
2008-10-11 01:19:59 ----N---- C:\WINDOWS\system32\tsgqec.dll
2008-10-11 01:19:59 ----N---- C:\WINDOWS\system32\slserv.exe
2008-10-11 01:19:59 ----N---- C:\WINDOWS\system32\slrundll.exe
2008-10-11 01:19:59 ----N---- C:\WINDOWS\system32\slgen.dll
2008-10-11 01:19:59 ----N---- C:\WINDOWS\system32\slextspk.dll
2008-10-11 01:19:59 ----N---- C:\WINDOWS\system32\slcoinst.dll
2008-10-11 01:19:59 ----N---- C:\WINDOWS\system32\setupn.exe
2008-10-11 01:19:58 ----N---- C:\WINDOWS\system32\wmphoto.dll
2008-10-11 01:19:58 ----N---- C:\WINDOWS\system32\wlanapi.dll
2008-10-11 01:19:57 ----N---- C:\WINDOWS\system32\xmllite.dll
2008-10-11 01:19:56 ----N---- C:\WINDOWS\slrundll.exe
2008-10-11 01:19:56 ----D---- C:\WINDOWS\system32\scripting
2008-10-11 01:19:56 ----D---- C:\WINDOWS\system32\en-us
2008-10-11 01:19:55 ----D---- C:\WINDOWS\system32\en
2008-10-11 01:19:55 ----D---- C:\WINDOWS\system32\bits
2008-10-11 01:19:55 ----D---- C:\WINDOWS\l2schemas
2008-10-11 01:17:41 ----D---- C:\WINDOWS\ServicePackFiles
2008-10-11 01:15:32 ----D---- C:\WINDOWS\network diagnostic
2008-10-11 01:14:30 ----A---- C:\WINDOWS\002862_.tmp
2008-10-11 01:11:05 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2008-10-11 01:02:49 ----ASH---- C:\Documents and Settings\Jordan\Application Data\desktop.ini
2008-10-11 01:02:47 ----D---- C:\Documents and Settings\Jordan\Application Data\InterVideo
2008-10-11 01:02:47 ----D---- C:\Documents and Settings\Jordan\Application Data\Intel
2008-10-11 01:02:47 ----D---- C:\Documents and Settings\Jordan\Application Data\Identities
2008-10-11 01:02:47 ----D---- C:\Documents and Settings\Jordan\Application Data\AOL
2008-10-11 01:02:46 ----SD---- C:\Documents and Settings\Jordan\Application Data\Microsoft
2008-10-11 01:02:46 ----D---- C:\Documents and Settings\Jordan\Application Data\You've Got Pictures Screensaver
2008-10-11 01:02:46 ----D---- C:\Documents and Settings\Jordan\Application Data\toshiba
2008-10-11 01:02:46 ----D---- C:\Documents and Settings\Jordan\Application Data\Protector Suite
2008-10-11 01:01:32 ----HDC---- C:\WINDOWS\$NtUninstallKB912945$
2008-10-11 01:01:03 ----A---- C:\WINDOWS\system32\results.txt
2008-10-11 01:00:47 ----D---- C:\Documents and Settings\All Users\Application Data\Intel
2008-10-11 01:00:25 ----DC---- C:\WINDOWS\system32\DRVSTORE
2008-10-11 00:50:35 ----SHD---- C:\System Volume Information
2008-10-10 23:45:42 ----SHD---- C:\WINDOWS\CSC
2008-10-10 23:29:48 ----HDC---- C:\WINDOWS\$NtUninstallKB954154_WM11$
2008-10-10 23:29:44 ----HDC---- C:\WINDOWS\$NtUninstallKB929399$
2008-10-10 23:29:27 ----HDC---- C:\WINDOWS\$NtUninstallKB936782_WMP11$
2008-10-10 23:29:12 ----HDC---- C:\WINDOWS\$NtUninstallKB939683$
2008-10-10 23:28:52 ----HDC---- C:\WINDOWS\$NtUninstallKB925766$
2008-10-10 23:16:05 ----D---- C:\Program Files\CCleaner
2008-10-10 23:01:01 ----D---- C:\Documents and Settings\Jordan\Application Data\OpenOffice.org2
2008-10-10 22:55:13 ----D---- C:\Documents and Settings\Jordan\Application Data\Sun
2008-10-10 22:52:13 ----A---- C:\WINDOWS\swupdate.INI
2008-10-10 22:46:05 ----D---- C:\WINDOWS\pss
2008-10-10 22:45:21 ----D---- C:\Documents and Settings\Jordan\Application Data\Google
2008-10-10 22:45:19 ----D---- C:\Documents and Settings\All Users\Application Data\Google
2008-10-10 22:39:09 ----N---- C:\WINDOWS\system32\spmsg.dll
2008-10-10 22:39:07 ----HDC---- C:\WINDOWS\$NtUninstallMSCompPackV1$
2008-10-10 22:38:53 ----D---- C:\Program Files\Windows Media Connect 2
2008-10-10 22:38:37 ----HDC---- C:\WINDOWS\$NtUninstallwmp11$
2008-10-10 22:37:29 ----HDC---- C:\WINDOWS\$NtUninstallWMFDist11$
2008-10-10 22:36:48 ----D---- C:\WINDOWS\system32\LogFiles
2008-10-10 22:36:43 ----HDC---- C:\WINDOWS\$NtUninstallWudf01000$
2008-10-10 22:16:58 ----D---- C:\Program Files\MSXML 4.0
2008-10-10 22:16:32 ----D---- C:\Documents and Settings\Jordan\Application Data\Adobe
2008-10-10 22:15:52 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2008-10-10 22:15:24 ----D---- C:\Program Files\Common Files\Adobe
2008-10-10 22:11:29 ----D---- C:\Documents and Settings\Jordan\Application Data\Opera
2008-10-10 22:11:17 ----D---- C:\Program Files\Opera
2008-10-10 22:08:00 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2008-10-10 22:07:56 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2008-10-10 22:07:52 ----HDC---- C:\WINDOWS\$NtUninstallKB953839$
2008-10-10 22:07:05 ----A---- C:\WINDOWS\system32\MRT.exe
2008-10-10 22:06:58 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2008-10-10 22:06:53 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2008-10-10 22:06:27 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2008-10-10 22:06:23 ----HDC---- C:\WINDOWS\$NtUninstallKB951072-v2$
2008-10-10 22:06:18 ----HDC---- C:\WINDOWS\$NtUninstallKB923689$
2008-10-10 22:05:53 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2008-10-10 22:05:38 ----HDC---- C:\WINDOWS\$NtUninstallKB953838$
2008-10-10 22:05:26 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2008-10-10 22:01:35 ----D---- C:\WINDOWS\system32\appmgmt
2008-10-10 21:54:20 ----A---- C:\WINDOWS\system32\MFC71.dll
2008-10-10 21:54:20 ----A---- C:\WINDOWS\system32\aswBoot.exe
2008-10-10 21:54:17 ----D---- C:\Program Files\Alwil Software
2008-10-10 21:47:12 ----SHD---- C:\RECYCLER
2008-10-10 21:43:07 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2008-10-10 21:43:03 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$
2008-10-10 21:42:59 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
2008-10-10 21:42:45 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2008-10-10 21:42:42 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$

======List of files/folders modified in the last 3 months======

2008-11-09 00:47:14 ----D---- C:\WINDOWS\Temp
2008-11-09 00:47:12 ----D---- C:\WINDOWS\system32\Lang
2008-11-09 00:46:31 ----D---- C:\WINDOWS\system32\drivers
2008-11-09 00:45:21 ----D---- C:\WINDOWS
2008-11-09 00:45:21 ----A---- C:\WINDOWS\SchedLgU.Txt
2008-11-08 22:55:18 ----A---- C:\WINDOWS\wininit.ini
2008-11-08 02:08:46 ----D---- C:\Program Files
2008-11-07 18:14:18 ----SHD---- C:\WINDOWS\Installer
2008-11-07 17:43:03 ----D---- C:\WINDOWS\system32\CatRoot2
2008-11-06 16:45:27 ----D---- C:\WINDOWS\system32
2008-11-02 23:37:42 ----D---- C:\Program Files\Adobe
2008-11-02 23:01:57 ----D---- C:\Program Files\Common Files
2008-11-02 22:54:07 ----D---- C:\WINDOWS\WinSxS
2008-11-02 22:51:10 ----RSD---- C:\WINDOWS\Fonts
2008-11-02 22:24:32 ----D---- C:\WINDOWS\system32\config
2008-11-02 21:57:08 ----HD---- C:\WINDOWS\inf
2008-11-02 21:57:07 ----D---- C:\WINDOWS\system32\ReinstallBackups
2008-11-02 21:54:13 ----D---- C:\WINDOWS\system32\wbem
2008-11-02 21:39:57 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2008-11-02 21:39:57 ----D---- C:\Program Files\Common Files\Microsoft Shared
2008-11-02 21:31:02 ----RSD---- C:\WINDOWS\assembly
2008-11-02 21:29:35 ----D---- C:\WINDOWS\system32\DirectX
2008-11-02 21:29:21 ----D---- C:\WINDOWS\Microsoft.NET
2008-11-02 20:05:17 ----SD---- C:\WINDOWS\Downloaded Program Files
2008-11-02 20:04:57 ----D---- C:\Program Files\Common Files\Nullsoft
2008-11-02 20:01:09 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2008-10-27 15:30:44 ----D---- C:\Program Files\Java
2008-10-27 15:25:09 ----D---- C:\WINDOWS\Registration
2008-10-23 15:32:38 ----RSHDC---- C:\WINDOWS\system32\dllcache
2008-10-23 15:32:26 ----HD---- C:\WINDOWS\$hf_mig$
2008-10-23 15:32:26 ----D---- C:\WINDOWS\system32\CatRoot
2008-10-18 22:21:29 ----D---- C:\Program Files\Microsoft Office
2008-10-18 21:57:24 ----D---- C:\Program Files\Common Files\System
2008-10-18 21:57:06 ----A---- C:\WINDOWS\win.ini
2008-10-18 20:30:48 ----D---- C:\WINDOWS\system32\Restore
2008-10-18 20:20:28 ----HD---- C:\Program Files\InstallShield Installation Information
2008-10-17 20:35:07 ----SD---- C:\WINDOWS\Tasks
2008-10-16 20:22:51 ----D---- C:\Program Files\Common Files\AOL
2008-10-16 20:17:56 ----D---- C:\Program Files\Viewpoint
2008-10-16 20:17:53 ----D---- C:\Documents and Settings\All Users\Application Data\Viewpoint
2008-10-16 20:17:32 ----D---- C:\Documents and Settings\All Users\Application Data\AOL
2008-10-16 20:00:48 ----D---- C:\WINDOWS\Debug
2008-10-15 11:34:24 ----A---- C:\WINDOWS\system32\netapi32.dll
2008-10-13 20:50:53 ----RASH---- C:\boot.ini
2008-10-13 20:50:53 ----A---- C:\WINDOWS\system.ini
2008-10-13 20:05:26 ----D---- C:\Program Files\Messenger
2008-10-13 16:35:59 ----D---- C:\Program Files\Online Services
2008-10-13 16:35:53 ----D---- C:\WINDOWS\system32\inetsrv
2008-10-13 16:35:53 ----D---- C:\WINDOWS\addins
2008-10-13 15:10:23 ----A---- C:\WINDOWS\ModemLog_TOSHIBA Software Modem.txt
2008-10-11 01:33:46 ----SD---- C:\WINDOWS\system32\Microsoft
2008-10-11 01:30:10 ----D---- C:\WINDOWS\SoftwareDistribution
2008-10-11 01:25:27 ----D---- C:\WINDOWS\system32\Setup
2008-10-11 01:25:27 ----D---- C:\WINDOWS\AppPatch
2008-10-11 01:24:51 ----D---- C:\WINDOWS\security
2008-10-11 01:20:08 ----D---- C:\WINDOWS\ime
2008-10-11 01:19:56 ----D---- C:\WINDOWS\system32\usmt
2008-10-11 01:19:55 ----D---- C:\WINDOWS\PeerNet
2008-10-11 01:19:54 ----D---- C:\Program Files\Movie Maker
2008-10-11 01:17:31 ----D---- C:\WINDOWS\system32\npp
2008-10-11 01:17:31 ----D---- C:\WINDOWS\mui
2008-10-11 01:17:30 ----D---- C:\WINDOWS\msagent
2008-10-11 01:17:28 ----D---- C:\WINDOWS\srchasst
2008-10-11 01:17:28 ----D---- C:\Program Files\NetMeeting
2008-10-11 01:17:27 ----D---- C:\WINDOWS\system32\Com
2008-10-11 01:17:24 ----D---- C:\Program Files\Windows NT
2008-10-11 01:17:24 ----D---- C:\Program Files\Outlook Express
2008-10-11 01:17:07 ----D---- C:\WINDOWS\system32\oobe
2008-10-11 01:04:15 ----AD---- C:\WINDOWS\I386
2008-10-11 01:02:43 ----D---- C:\Documents and Settings
2008-10-11 01:00:47 ----D---- C:\Program Files\Intel
2008-10-11 00:50:48 ----D---- C:\WINDOWS\Driver Cache
2008-10-10 23:43:37 ----D---- C:\WINDOWS\Help
2008-10-10 23:34:33 ----D---- C:\WINDOWS\ehome
2008-10-10 23:31:18 ----D---- C:\Program Files\Internet Explorer
2008-10-10 22:42:29 ----A---- C:\WINDOWS\ODBC.INI
2008-10-10 22:41:05 ----D---- C:\WINDOWS\pchealth
2008-10-10 22:40:31 ----D---- C:\WINDOWS\system
2008-10-10 22:38:53 ----D---- C:\Program Files\Windows Media Player
2008-10-10 22:01:35 ----D---- C:\Program Files\TOSHIBA
2008-10-10 21:46:43 ----D---- C:\Program Files\Pure Networks
2008-10-10 21:44:24 ----D---- C:\Program Files\Common Files\Real
2008-10-10 21:44:12 ----D---- C:\Program Files\QuickTime
2008-08-20 00:30:53 ----A---- C:\WINDOWS\system32\mshtml.dll
2008-08-20 00:30:52 ----A---- C:\WINDOWS\system32\urlmon.dll
2008-08-20 00:30:51 ----A---- C:\WINDOWS\system32\wininet.dll
2008-08-20 00:30:51 ----A---- C:\WINDOWS\system32\shdocvw.dll
2008-08-14 05:09:26 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2008-08-14 04:33:16 ----A---- C:\WINDOWS\system32\ntkrnlpa.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2008-07-19 26944]
R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2008-07-19 78416]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2008-07-19 42912]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 36352]
R1 meiudf;meiudf; C:\WINDOWS\System32\Drivers\meiudf.sys [2005-06-02 102384]
R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys []
R1 TPwSav;Common Driver; C:\WINDOWS\System32\Drivers\TPwSav.sys [2005-12-01 11264]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.9.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2008-10-11 21275]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-07-19 20560]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2008-07-19 94416]
R2 FdRedir;FdRedir; \??\C:\Program Files\Common Files\Protector Suite QL\Drivers\FdRedir.sys []
R2 FileDisk2;FileDisk Protector Kernel Driver; \??\C:\Program Files\Common Files\Protector Suite QL\Drivers\filedisk.sys []
R2 Netdevio;TOSHIBA Network Device Usermode I/O Protocol; C:\WINDOWS\system32\DRIVERS\netdevio.sys [2003-01-29 12032]
R2 s24trans;WLAN Transport; C:\WINDOWS\system32\DRIVERS\s24trans.sys [2005-11-28 13568]
R2 smihlp;SMI helper driver; \??\C:\Program Files\Protector Suite QL\smihlp.sys []
R3 AgereSoftModem;TOSHIBA V92 Software Modem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2005-11-15 1122656]
R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\WINDOWS\system32\DRIVERS\Apfiltr.sys [2004-11-15 101874]
R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2008-07-19 23152]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-14 13952]
R3 e1express;Intel(R) PRO/1000 PCI Express Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e1e5132.sys [2008-09-26 238736]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2005-11-28 1353820]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2005-12-09 4123136]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-14 79232]
R3 tbiosdrv;Toshiba Logical Tbios Device; C:\WINDOWS\system32\DRIVERS\tbiosdrv.sys [2005-08-24 9472]
R3 TcUsb;TC USB Kernel Driver; C:\WINDOWS\System32\Drivers\tcusb.sys [2006-01-13 28800]
R3 tifm21;tifm21; C:\WINDOWS\system32\drivers\tifm21.sys [2005-11-30 162560]
R3 Tvs;TOSHIBA Virtual Sound with SRS technologies; C:\WINDOWS\system32\DRIVERS\Tvs.sys [2005-11-30 43392]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-14 30208]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-14 59520]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 w39n51;Intel(R) PRO/Wireless 3945ABG Adapter Driver; C:\WINDOWS\system32\DRIVERS\w39n51.sys [2005-12-05 1428096]
S3 MHNDRV;MHN driver; C:\WINDOWS\system32\DRIVERS\mhndrv.sys [2004-08-10 11008]
S3 sffdisk;SFF Storage Class Driver; C:\WINDOWS\system32\DRIVERS\sffdisk.sys [2008-04-14 11904]
S3 sffp_sd;SFF Storage Protocol Driver for SDBus; C:\WINDOWS\system32\DRIVERS\sffp_sd.sys [2008-04-14 11008]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 wanatw;WAN Miniport (ATW); C:\WINDOWS\system32\DRIVERS\wanatw4.sys [2003-01-10 33588]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2008-07-19 16056]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2008-07-19 147640]
R2 CFSvcs;ConfigFree Service; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [2005-01-17 40960]
R2 DVD-RAM_Service;DVD-RAM_Service; C:\WINDOWS\system32\DVDRAMSV.exe [2004-08-28 110592]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [2005-11-28 114753]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2008-10-27 152984]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [2005-11-28 217164]
R2 S24EventMonitor;Intel(R) PROSet/Wireless Service; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [2005-11-28 540745]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files\Spyware Terminator\sp_rsser.exe [2008-10-27 570880]
R2 Swupdtmr;Swupdtmr; c:\Toshiba\IVP\swupdate\swupdtmr.exe [2005-07-12 40960]
R2 UPHClean;User Profile Hive Cleanup; C:\Program Files\UPHClean\uphclean.exe [2005-04-27 241725]
R2 Viewpoint Manager Service;Viewpoint Manager Service; C:\Program Files\Viewpoint\Common\ViewpointService.exe [2007-01-04 24652]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2008-07-23 348344]
R3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2008-11-02 654848]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe []
S3 MHN;MHN; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 ehRecvr;Media Center Receiver Service; C:\WINDOWS\eHome\ehRecvr.exe [2006-10-09 237568]
S4 ehSched;Media Center Scheduler Service; C:\WINDOWS\eHome\ehSched.exe [2005-08-05 102912]
S4 McrdSvc;Media Center Extender Service; C:\WINDOWS\ehome\mcrdsvc.exe [2005-08-05 99328]

-----------------EOF-----------------

 

Checks.081108-2216.log

08.11.2008 22:16:13 - ##### check started #####
08.11.2008 22:16:13 - ### Version: 1.6.0
08.11.2008 22:16:13 - ### Date: 11/8/2008 10:16:13 PM
08.11.2008 22:16:15 - ##### checking bots #####
08.11.2008 22:20:08 - found: WildTangent Type library
08.11.2008 22:52:27 - ##### checking usage tracking #####
08.11.2008 22:52:27 - found: Common Dialogs History 14 files
08.11.2008 22:52:27 - found: Log Activity: SchedLgU.Txt SchedLgU.Txt
08.11.2008 22:52:27 - found: Log Shutdown: System32\wbem\logs\wbemcore.log System32\wbem\logs\wbemcore.log
08.11.2008 22:52:27 - found: Log Shutdown: System32\wbem\logs\wbemess.log System32\wbem\logs\wbemess.log
08.11.2008 22:52:27 - found: Log Shutdown: System32\wbem\logs\wmiprov.log System32\wbem\logs\wmiprov.log
08.11.2008 22:52:29 - found: MS DirectDraw Most recent application
08.11.2008 22:52:30 - found: MS Office 12.0 (Word) Recent Document List 7 files
08.11.2008 22:52:30 - found: MS Search Assistant Typed search terms history
08.11.2008 22:52:31 - found: Windows Drivers installation paths
08.11.2008 22:52:31 - found: Windows Explorer Run history 2 files
08.11.2008 22:52:31 - found: Windows Explorer Stream history 2 files
08.11.2008 22:52:31 - found: Windows Explorer User Assistant history IE 4 files
08.11.2008 22:52:31 - found: Windows Explorer User Assistant history files 33 files
08.11.2008 22:52:31 - found: Windows Explorer Last visited history 4 files
08.11.2008 22:52:31 - found: Windows Explorer Recent file global history
08.11.2008 22:52:32 - found: Cookie Cookie (3)
08.11.2008 22:52:32 - found: Cache Cache (110)
08.11.2008 22:52:32 - found: History History (24)
08.11.2008 22:52:32 - found: Cookie Cookie (8)
08.11.2008 22:52:32 - found: History History (4)
08.11.2008 22:52:32 - ##### check finished #####

 

Checks.081108-2252.txt

--- Report generated: 2008-11-08 22:52 ---

Hint of the Day: Click the bar at the right of this to see more information! ()


WildTangent: [SBI $6D7AAFCA] Type library (Registry key, nothing done)
HKEY_CLASSES_ROOT\TypeLib\{7946205B-FEF7-494F-A64B-3E992A780866}

Common Dialogs: History (14 files) (Registry key, nothing done)
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU

Log: Activity: SchedLgU.Txt (Backup file, nothing done)
C:\WINDOWS\SchedLgU.Txt

Log: Shutdown: System32\wbem\logs\wbemcore.log (Backup file, nothing done)
C:\WINDOWS\System32\wbem\logs\wbemcore.log

Log: Shutdown: System32\wbem\logs\wbemess.log (Backup file, nothing done)
C:\WINDOWS\System32\wbem\logs\wbemess.log

Log: Shutdown: System32\wbem\logs\wmiprov.log (Backup file, nothing done)
C:\WINDOWS\System32\wbem\logs\wmiprov.log

MS DirectDraw: [SBI $EB49D5AF] Most recent application (Registry change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication\Name

MS Office 12.0 (Word): [SBI $E357B233] Recent Document List (7 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-3428664862-248942962-4200852510-1005\Software\Microsoft\Office\12.0\Word\File MRU

MS Search Assistant: [SBI $AE0C4647] Typed search terms history (Registry key, nothing done)
HKEY_USERS\S-1-5-21-3428664862-248942962-4200852510-1005\Software\Microsoft\Search Assistant\ACMru

Windows: [SBI $1E4E2003] Drivers installation paths (Registry change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\Installation Sources

Windows Explorer: [SBI $7308A845] Run history (2 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-3428664862-248942962-4200852510-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\RunMRU

Windows Explorer: [SBI $AA0766B5] Stream history (2 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-3428664862-248942962-4200852510-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\StreamMRU

Windows Explorer: [SBI $2026AFB6] User Assistant history IE (4 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-3428664862-248942962-4200852510-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{5E6AB780-7743-11CF-A12B-00AA004AE837}\Count

Windows Explorer: [SBI $6107D172] User Assistant history files (33 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-3428664862-248942962-4200852510-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count

Windows Explorer: [SBI $B7EBA926] Last visited history (4 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-3428664862-248942962-4200852510-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\LastVisitedMRU

Windows Explorer: [SBI $D20DA0AD] Recent file global history (Registry key, nothing done)
HKEY_USERS\S-1-5-21-3428664862-248942962-4200852510-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs

Cookie: [SBI $49804B54] Cookie (3) (Cookie, nothing done)


Cache: [SBI $49804B54] Cache (110) (Cache, nothing done)


History: [SBI $49804B54] History (24) (History, nothing done)


Cookie: [SBI $49804B54] Cookie (8) (Cookie, nothing done)


History: [SBI $49804B54] History (4) (History, nothing done)



--- Spybot - Search & Destroy version: 1.6.0 (build: 20080707) ---

2008-07-07 blindman.exe (1.0.0.8)
2008-07-07 SDFiles.exe (1.6.0.4)
2008-07-07 SDMain.exe (1.0.0.6)
2008-07-07 SDShred.exe (1.0.2.3)
2008-07-07 SDUpdate.exe (1.6.0.8)
2008-07-07 SDWinSec.exe (1.0.0.12)
2008-07-07 SpybotSD.exe (1.6.0.30)
2008-09-16 TeaTimer.exe (1.6.3.25)
2008-10-13 unins000.exe (51.49.0.0)
2008-07-07 Update.exe (1.6.0.7)
2008-10-22 advcheck.dll (1.6.2.13)
2007-04-02 aports.dll (2.1.0.0)
2008-06-14 DelZip179.dll (1.79.11.1)
2008-09-15 SDHelper.dll (1.6.2.14)
2008-06-19 sqlite3.dll
2008-10-22 Tools.dll (2.1.6.8)
2008-11-04 Includes\Adware.sbi (*)
2008-11-05 Includes\AdwareC.sbi (*)
2008-06-03 Includes\Cookies.sbi (*)
2008-09-02 Includes\Dialer.sbi (*)
2008-09-09 Includes\DialerC.sbi (*)
2008-07-23 Includes\HeavyDuty.sbi (*)
2008-09-02 Includes\Hijackers.sbi (*)
2008-10-28 Includes\HijackersC.sbi (*)
2008-09-09 Includes\Keyloggers.sbi (*)
2008-11-04 Includes\KeyloggersC.sbi (*)
2004-11-29 Includes\LSP.sbi (*)
2008-11-04 Includes\Malware.sbi (*)
2008-11-04 Includes\MalwareC.sbi (*)
2008-11-03 Includes\PUPS.sbi (*)
2008-11-04 Includes\PUPSC.sbi (*)
2007-11-07 Includes\Revision.sbi (*)
2008-06-18 Includes\Security.sbi (*)
2008-10-23 Includes\SecurityC.sbi (*)
2008-06-03 Includes\Spybots.sbi (*)
2008-06-03 Includes\SpybotsC.sbi (*)
2008-11-04 Includes\Spyware.sbi (*)
2008-11-04 Includes\SpywareC.sbi (*)
2008-06-03 Includes\Tracks.uti (*)
2008-11-04 Includes\Trojans.sbi (*)
2008-11-04 Includes\TrojansC.sbi (*)
2008-03-04 Plugins\Chai.dll
2008-03-05 Plugins\Fennel.dll
2008-02-26 Plugins\Mate.dll
2007-12-24 Plugins\TCPIPAddress.dll

 

Fixes.081108-2255.txt

--- Report generated: 2008-11-08 22:55 ---

Hint of the Day: Click the bar at the right of this to see more information! ()


WildTangent: [SBI $6D7AAFCA] Type library (Registry key, fixing failed)
HKEY_CLASSES_ROOT\TypeLib\{7946205B-FEF7-494F-A64B-3E992A780866}

Common Dialogs: History (14 files) (Registry key, fixed)
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU

Log: Activity: SchedLgU.Txt (Backup file, fixed)
C:\WINDOWS\SchedLgU.Txt

Log: Shutdown: System32\wbem\logs\wbemcore.log (Backup file, fixed)
C:\WINDOWS\System32\wbem\logs\wbemcore.log

Log: Shutdown: System32\wbem\logs\wbemess.log (Backup file, fixed)
C:\WINDOWS\System32\wbem\logs\wbemess.log

Log: Shutdown: System32\wbem\logs\wmiprov.log (Backup file, fixed)
C:\WINDOWS\System32\wbem\logs\wmiprov.log

MS DirectDraw: [SBI $EB49D5AF] Most recent application (Registry change, fixed)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication\Name

MS Office 12.0 (Word): [SBI $E357B233] Recent Document List (7 files) (Registry key, fixed)
HKEY_USERS\S-1-5-21-3428664862-248942962-4200852510-1005\Software\Microsoft\Office\12.0\Word\File MRU

MS Search Assistant: [SBI $AE0C4647] Typed search terms history (Registry key, fixed)
HKEY_USERS\S-1-5-21-3428664862-248942962-4200852510-1005\Software\Microsoft\Search Assistant\ACMru

Windows: [SBI $1E4E2003] Drivers installation paths (Registry change, fixed)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\Installation Sources

Windows Explorer: [SBI $7308A845] Run history (2 files) (Registry key, fixed)
HKEY_USERS\S-1-5-21-3428664862-248942962-4200852510-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\RunMRU

Windows Explorer: [SBI $AA0766B5] Stream history (2 files) (Registry key, fixed)
HKEY_USERS\S-1-5-21-3428664862-248942962-4200852510-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\StreamMRU

Windows Explorer: [SBI $2026AFB6] User Assistant history IE (4 files) (Registry key, fixed)
HKEY_USERS\S-1-5-21-3428664862-248942962-4200852510-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{5E6AB780-7743-11CF-A12B-00AA004AE837}\Count

Windows Explorer: [SBI $6107D172] User Assistant history files (33 files) (Registry key, fixed)
HKEY_USERS\S-1-5-21-3428664862-248942962-4200852510-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count

Windows Explorer: [SBI $B7EBA926] Last visited history (4 files) (Registry key, fixed)
HKEY_USERS\S-1-5-21-3428664862-248942962-4200852510-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\LastVisitedMRU

Windows Explorer: [SBI $D20DA0AD] Recent file global history (Registry key, fixed)
HKEY_USERS\S-1-5-21-3428664862-248942962-4200852510-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs

Cookie: [SBI $49804B54] Cookie (3) (Cookie, fixed)


Cache: [SBI $49804B54] Cache (110) (Cache, fixed)


History: [SBI $49804B54] History (24) (History, fixed)


Cookie: [SBI $49804B54] Cookie (8) (Cookie, fixed)


History: [SBI $49804B54] History (4) (History, fixed)



--- Spybot - Search & Destroy version: 1.6.0 (build: 20080707) ---

2008-07-07 blindman.exe (1.0.0.8)
2008-07-07 SDFiles.exe (1.6.0.4)
2008-07-07 SDMain.exe (1.0.0.6)
2008-07-07 SDShred.exe (1.0.2.3)
2008-07-07 SDUpdate.exe (1.6.0.8)
2008-07-07 SDWinSec.exe (1.0.0.12)
2008-07-07 SpybotSD.exe (1.6.0.30)
2008-09-16 TeaTimer.exe (1.6.3.25)
2008-10-13 unins000.exe (51.49.0.0)
2008-07-07 Update.exe (1.6.0.7)
2008-10-22 advcheck.dll (1.6.2.13)
2007-04-02 aports.dll (2.1.0.0)
2008-06-14 DelZip179.dll (1.79.11.1)
2008-09-15 SDHelper.dll (1.6.2.14)
2008-06-19 sqlite3.dll
2008-10-22 Tools.dll (2.1.6.8)
2008-11-04 Includes\Adware.sbi (*)
2008-11-05 Includes\AdwareC.sbi (*)
2008-06-03 Includes\Cookies.sbi (*)
2008-09-02 Includes\Dialer.sbi (*)
2008-09-09 Includes\DialerC.sbi (*)
2008-07-23 Includes\HeavyDuty.sbi (*)
2008-09-02 Includes\Hijackers.sbi (*)
2008-10-28 Includes\HijackersC.sbi (*)
2008-09-09 Includes\Keyloggers.sbi (*)
2008-11-04 Includes\KeyloggersC.sbi (*)
2004-11-29 Includes\LSP.sbi (*)
2008-11-04 Includes\Malware.sbi (*)
2008-11-04 Includes\MalwareC.sbi (*)
2008-11-03 Includes\PUPS.sbi (*)
2008-11-04 Includes\PUPSC.sbi (*)
2007-11-07 Includes\Revision.sbi (*)
2008-06-18 Includes\Security.sbi (*)
2008-10-23 Includes\SecurityC.sbi (*)
2008-06-03 Includes\Spybots.sbi (*)
2008-06-03 Includes\SpybotsC.sbi (*)
2008-11-04 Includes\Spyware.sbi (*)
2008-11-04 Includes\SpywareC.sbi (*)
2008-06-03 Includes\Tracks.uti (*)
2008-11-04 Includes\Trojans.sbi (*)
2008-11-04 Includes\TrojansC.sbi (*)
2008-03-04 Plugins\Chai.dll
2008-03-05 Plugins\Fennel.dll
2008-02-26 Plugins\Mate.dll
2007-12-24 Plugins\TCPIPAddress.dll

 

There's what I was looking for.

WildTangent: [SBI $6D7AAFCA] Type library (Registry key, fixing failed)
HKEY_CLASSES_ROOT\TypeLib\{7946205B-FEF7-494F-A64B-3E992A780866}

Sit tight for a few and I'll post a fix.

 

Click Start>Run and type cmd then hit Enter to open a command window.
Highlight and copy the contents of the code box below.

Code:

@echo off
reg add  "HKEY_CLASSES_ROOT\TypeLib\{7946205B-FEF7-494F-A64B-3E992A780866}dummy" /f
reg save  "HKEY_CLASSES_ROOT\TypeLib\{7946205B-FEF7-494F-A64B-3E992A780866}dummy" dummy.hiv
reg restore  "HKEY_CLASSES_ROOT\TypeLib\{7946205B-FEF7-494F-A64B-3E992A780866}" dummy.hiv
reg delete  "HKEY_CLASSES_ROOT\TypeLib\{7946205B-FEF7-494F-A64B-3E992A780866}" /f
reg delete  "HKEY_CLASSES_ROOT\TypeLib\{7946205B-FEF7-494F-A64B-3E992A780866}dummy" /f
del /q dummy.hiv
exit
cls

Right click in the command window and select paste.
The commands will process quickly and the window will close.
Reboot then run another Spybot scan to see if WT is still detected.

 

Not Done Yet

I am not finished scanning yet.
Bad News. The monster Wildtangent came back to get me again.

Now, an idea I have. I installed AIM 6 which comes with all of that bull**** wild tangent. I ran aim ad hack directly after installing that and that was last week I believe. Aim runs on startup. Aim ad hack is supposed to remove all of the **** including wildtangent, but I do not know if that is a factor.

Excuse my language, too much rap.
Anyway, after I post these results, I will probably have go to sleep and have another dream of windowsbbs, so I will get back to this later in the day.

Thanks for the quick response and help. Its kind of difficult living without p2p software, but I will manage. lol

 

Checks.081109-0142.log

09.11.2008 01:42:52 - ##### check started #####
09.11.2008 01:42:52 - ### Version: 1.6.0
09.11.2008 01:42:52 - ### Date: 11/9/2008 1:42:52 AM
09.11.2008 01:42:54 - ##### checking bots #####
09.11.2008 01:47:06 - found: WildTangent Type library
09.11.2008 01:59:45 - ##### checking usage tracking #####
09.11.2008 01:59:45 - found: Log Activity: SchedLgU.Txt SchedLgU.Txt
09.11.2008 01:59:45 - found: Log Shutdown: System32\wbem\logs\wbemcore.log System32\wbem\logs\wbemcore.log
09.11.2008 01:59:45 - found: Log Shutdown: System32\wbem\logs\wbemess.log System32\wbem\logs\wbemess.log
09.11.2008 01:59:45 - found: Log Shutdown: System32\wbem\logs\wmiprov.log System32\wbem\logs\wmiprov.log
09.11.2008 01:59:46 - found: MS DirectDraw Most recent application
09.11.2008 01:59:47 - found: MS Search Assistant Typed search terms history
09.11.2008 01:59:48 - found: Windows Drivers installation paths
09.11.2008 01:59:49 - found: Windows Explorer Run history 2 files
09.11.2008 01:59:49 - found: Windows Explorer User Assistant history IE 4 files
09.11.2008 01:59:49 - found: Windows Explorer User Assistant history files 20 files
09.11.2008 01:59:49 - found: Windows Explorer Recent file global history
09.11.2008 01:59:49 - found: Cookie Cookie (1)
09.11.2008 01:59:49 - found: Cache Cache (85)
09.11.2008 01:59:49 - found: History History (14)
09.11.2008 01:59:49 - found: Cookie Cookie (4)
09.11.2008 01:59:49 - found: History History (20)
09.11.2008 01:59:49 - ##### check finished #####

 

Checks.081109-0159.txt

--- Report generated: 2008-11-09 01:59 ---

Hint of the Day: Click the bar at the right of this to see more information! ()


WildTangent: [SBI $6D7AAFCA] Type library (Registry key, nothing done)
HKEY_CLASSES_ROOT\TypeLib\{7946205B-FEF7-494F-A64B-3E992A780866}

Log: Activity: SchedLgU.Txt (Backup file, nothing done)
C:\WINDOWS\SchedLgU.Txt

Log: Shutdown: System32\wbem\logs\wbemcore.log (Backup file, nothing done)
C:\WINDOWS\System32\wbem\logs\wbemcore.log

Log: Shutdown: System32\wbem\logs\wbemess.log (Backup file, nothing done)
C:\WINDOWS\System32\wbem\logs\wbemess.log

Log: Shutdown: System32\wbem\logs\wmiprov.log (Backup file, nothing done)
C:\WINDOWS\System32\wbem\logs\wmiprov.log

MS DirectDraw: [SBI $EB49D5AF] Most recent application (Registry change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication\Name

MS Search Assistant: [SBI $AE0C4647] Typed search terms history (Registry key, nothing done)
HKEY_USERS\S-1-5-21-3428664862-248942962-4200852510-1005\Software\Microsoft\Search Assistant\ACMru

Windows: [SBI $1E4E2003] Drivers installation paths (Registry change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\Installation Sources

Windows Explorer: [SBI $7308A845] Run history (2 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-3428664862-248942962-4200852510-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\RunMRU

Windows Explorer: [SBI $2026AFB6] User Assistant history IE (4 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-3428664862-248942962-4200852510-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{5E6AB780-7743-11CF-A12B-00AA004AE837}\Count

Windows Explorer: [SBI $6107D172] User Assistant history files (20 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-3428664862-248942962-4200852510-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count

Windows Explorer: [SBI $D20DA0AD] Recent file global history (Registry key, nothing done)
HKEY_USERS\S-1-5-21-3428664862-248942962-4200852510-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs

Cookie: [SBI $49804B54] Cookie (1) (Cookie, nothing done)


Cache: [SBI $49804B54] Cache (85) (Cache, nothing done)


History: [SBI $49804B54] History (14) (History, nothing done)


Cookie: [SBI $49804B54] Cookie (4) (Cookie, nothing done)


History: [SBI $49804B54] History (20) (History, nothing done)



--- Spybot - Search & Destroy version: 1.6.0 (build: 20080707) ---

2008-07-07 blindman.exe (1.0.0.8)
2008-07-07 SDFiles.exe (1.6.0.4)
2008-07-07 SDMain.exe (1.0.0.6)
2008-07-07 SDShred.exe (1.0.2.3)
2008-07-07 SDUpdate.exe (1.6.0.8)
2008-07-07 SDWinSec.exe (1.0.0.12)
2008-07-07 SpybotSD.exe (1.6.0.30)
2008-09-16 TeaTimer.exe (1.6.3.25)
2008-10-13 unins000.exe (51.49.0.0)
2008-07-07 Update.exe (1.6.0.7)
2008-10-22 advcheck.dll (1.6.2.13)
2007-04-02 aports.dll (2.1.0.0)
2008-06-14 DelZip179.dll (1.79.11.1)
2008-09-15 SDHelper.dll (1.6.2.14)
2008-06-19 sqlite3.dll
2008-10-22 Tools.dll (2.1.6.8)
2008-11-04 Includes\Adware.sbi (*)
2008-11-05 Includes\AdwareC.sbi (*)
2008-06-03 Includes\Cookies.sbi (*)
2008-09-02 Includes\Dialer.sbi (*)
2008-09-09 Includes\DialerC.sbi (*)
2008-07-23 Includes\HeavyDuty.sbi (*)
2008-09-02 Includes\Hijackers.sbi (*)
2008-10-28 Includes\HijackersC.sbi (*)
2008-09-09 Includes\Keyloggers.sbi (*)
2008-11-04 Includes\KeyloggersC.sbi (*)
2004-11-29 Includes\LSP.sbi (*)
2008-11-04 Includes\Malware.sbi (*)
2008-11-04 Includes\MalwareC.sbi (*)
2008-11-03 Includes\PUPS.sbi (*)
2008-11-04 Includes\PUPSC.sbi (*)
2007-11-07 Includes\Revision.sbi (*)
2008-06-18 Includes\Security.sbi (*)
2008-10-23 Includes\SecurityC.sbi (*)
2008-06-03 Includes\Spybots.sbi (*)
2008-06-03 Includes\SpybotsC.sbi (*)
2008-11-04 Includes\Spyware.sbi (*)
2008-11-04 Includes\SpywareC.sbi (*)
2008-06-03 Includes\Tracks.uti (*)
2008-11-04 Includes\Trojans.sbi (*)
2008-11-04 Includes\TrojansC.sbi (*)
2008-03-04 Plugins\Chai.dll
2008-03-05 Plugins\Fennel.dll
2008-02-26 Plugins\Mate.dll
2007-12-24 Plugins\TCPIPAddress.dll

 

Fixes.081109-0201.txt

--- Report generated: 2008-11-09 02:01 ---

Hint of the Day: Click the bar at the right of this to see more information! ()


WildTangent: [SBI $6D7AAFCA] Type library (Registry key, fixing failed)
HKEY_CLASSES_ROOT\TypeLib\{7946205B-FEF7-494F-A64B-3E992A780866}

Log: Activity: SchedLgU.Txt (Backup file, fixed)
C:\WINDOWS\SchedLgU.Txt

Log: Shutdown: System32\wbem\logs\wbemcore.log (Backup file, fixed)
C:\WINDOWS\System32\wbem\logs\wbemcore.log

Log: Shutdown: System32\wbem\logs\wbemess.log (Backup file, fixed)
C:\WINDOWS\System32\wbem\logs\wbemess.log

Log: Shutdown: System32\wbem\logs\wmiprov.log (Backup file, fixed)
C:\WINDOWS\System32\wbem\logs\wmiprov.log

MS DirectDraw: [SBI $EB49D5AF] Most recent application (Registry change, fixed)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication\Name

MS Search Assistant: [SBI $AE0C4647] Typed search terms history (Registry key, fixed)
HKEY_USERS\S-1-5-21-3428664862-248942962-4200852510-1005\Software\Microsoft\Search Assistant\ACMru

Windows: [SBI $1E4E2003] Drivers installation paths (Registry change, fixed)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\Installation Sources

Windows Explorer: [SBI $7308A845] Run history (2 files) (Registry key, fixed)
HKEY_USERS\S-1-5-21-3428664862-248942962-4200852510-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\RunMRU

Windows Explorer: [SBI $2026AFB6] User Assistant history IE (4 files) (Registry key, fixed)
HKEY_USERS\S-1-5-21-3428664862-248942962-4200852510-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{5E6AB780-7743-11CF-A12B-00AA004AE837}\Count

Windows Explorer: [SBI $6107D172] User Assistant history files (20 files) (Registry key, fixed)
HKEY_USERS\S-1-5-21-3428664862-248942962-4200852510-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count

Windows Explorer: [SBI $D20DA0AD] Recent file global history (Registry key, fixed)
HKEY_USERS\S-1-5-21-3428664862-248942962-4200852510-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs

Cookie: [SBI $49804B54] Cookie (1) (Cookie, fixed)


Cache: [SBI $49804B54] Cache (85) (Cache, fixed)


History: [SBI $49804B54] History (14) (History, fixed)


Cookie: [SBI $49804B54] Cookie (4) (Cookie, fixed)


History: [SBI $49804B54] History (20) (History, fixed)



--- Spybot - Search & Destroy version: 1.6.0 (build: 20080707) ---

2008-07-07 blindman.exe (1.0.0.8)
2008-07-07 SDFiles.exe (1.6.0.4)
2008-07-07 SDMain.exe (1.0.0.6)
2008-07-07 SDShred.exe (1.0.2.3)
2008-07-07 SDUpdate.exe (1.6.0.8)
2008-07-07 SDWinSec.exe (1.0.0.12)
2008-07-07 SpybotSD.exe (1.6.0.30)
2008-09-16 TeaTimer.exe (1.6.3.25)
2008-10-13 unins000.exe (51.49.0.0)
2008-07-07 Update.exe (1.6.0.7)
2008-10-22 advcheck.dll (1.6.2.13)
2007-04-02 aports.dll (2.1.0.0)
2008-06-14 DelZip179.dll (1.79.11.1)
2008-09-15 SDHelper.dll (1.6.2.14)
2008-06-19 sqlite3.dll
2008-10-22 Tools.dll (2.1.6.8)
2008-11-04 Includes\Adware.sbi (*)
2008-11-05 Includes\AdwareC.sbi (*)
2008-06-03 Includes\Cookies.sbi (*)
2008-09-02 Includes\Dialer.sbi (*)
2008-09-09 Includes\DialerC.sbi (*)
2008-07-23 Includes\HeavyDuty.sbi (*)
2008-09-02 Includes\Hijackers.sbi (*)
2008-10-28 Includes\HijackersC.sbi (*)
2008-09-09 Includes\Keyloggers.sbi (*)
2008-11-04 Includes\KeyloggersC.sbi (*)
2004-11-29 Includes\LSP.sbi (*)
2008-11-04 Includes\Malware.sbi (*)
2008-11-04 Includes\MalwareC.sbi (*)
2008-11-03 Includes\PUPS.sbi (*)
2008-11-04 Includes\PUPSC.sbi (*)
2007-11-07 Includes\Revision.sbi (*)
2008-06-18 Includes\Security.sbi (*)
2008-10-23 Includes\SecurityC.sbi (*)
2008-06-03 Includes\Spybots.sbi (*)
2008-06-03 Includes\SpybotsC.sbi (*)
2008-11-04 Includes\Spyware.sbi (*)
2008-11-04 Includes\SpywareC.sbi (*)
2008-06-03 Includes\Tracks.uti (*)
2008-11-04 Includes\Trojans.sbi (*)
2008-11-04 Includes\TrojansC.sbi (*)
2008-03-04 Plugins\Chai.dll
2008-03-05 Plugins\Fennel.dll
2008-02-26 Plugins\Mate.dll
2007-12-24 Plugins\TCPIPAddress.dll

 

Get some sleep. We'll tackle a manual fix tomorrow (later today) when we're both rested.

 

Lets do this again, with a slight twist this time.

Click Start>Run and type cmd then hit Enter to open a command window.
Highlight and copy the contents of the code box below.

Code:

@echo off
reg add  "HKEY_CLASSES_ROOT\TypeLib\{7946205B-FEF7-494F-A64B-3E992A780866}dummy" /f
reg save  "HKEY_CLASSES_ROOT\TypeLib\{7946205B-FEF7-494F-A64B-3E992A780866}dummy" dummy.hiv
reg restore  "HKEY_CLASSES_ROOT\TypeLib\{7946205B-FEF7-494F-A64B-3E992A780866}" dummy.hiv
reg delete  "HKEY_CLASSES_ROOT\TypeLib\{7946205B-FEF7-494F-A64B-3E992A780866}" /f
reg delete  "HKEY_CLASSES_ROOT\TypeLib\{7946205B-FEF7-494F-A64B-3E992A780866}dummy" /f
del /q dummy.hiv
reg query  "HKEY_CLASSES_ROOT\TypeLib\{7946205B-FEF7-494F-A64B-3E992A780866}" /s >log.txt
start notepad log.txt
exit
cls

Right click in the command window and select paste.
The commands will process quickly and the window will close, then a log will open.
Post the contents of that log here.
If the log is empty, reboot then run another Spybot scan to see if WT is still detected.