Ran multiple scans of S&D with Virtumonde popping up, and tried disconnecting from the internet, fixing the problem, and restarting the computer multiple times but scanning only to find the problem still there again. S&D says the problem has been fixied, but it still persists after I boot the computer again. I right clicked and saved the log, I'm very computer illerterate so please bare with me, and thankyou!
(The log would not fit so I broke it up)
--- Search result list ---
Virtumonde: [SBI $42352499] User settings (Registry key, nothing done)
HKEY_USERS\S-1-5-21-2571424821-612024356-2499971906-1011\Software\Microsoft\rdfa


--- Spybot - Search & Destroy version: 1.5 (build: 20070830) ---

2007-08-31 blindman.exe (1.0.0.6)
2007-08-31 SDMain.exe (1.0.0.4)
2007-08-31 SDUpdate.exe (1.0.6.4)
2007-08-31 SDWinSec.exe (1.0.0.8)
2007-08-31 SpybotSD.exe (1.5.1.15)
2007-08-31 TeaTimer.exe (1.5.0.9)
2008-01-05 unins000.exe (51.46.0.0)
2007-08-31 Update.exe (1.4.0.5)
2007-08-31 advcheck.dll (1.5.3.0)
2007-04-02 aports.dll (2.1.0.0)
2007-04-02 DelZip179.dll (1.79.5.3)
2007-08-31 SDHelper.dll (1.5.0.8)
2007-08-31 Tools.dll (2.1.2.0)
2008-01-23 Includes\Cookies.sbi (*)
2007-12-26 Includes\Dialer.sbi (*)
2008-01-23 Includes\DialerC.sbi (*)
2008-01-23 Includes\HeavyDuty.sbi (*)
2007-12-26 Includes\Hijackers.sbi (*)
2008-01-23 Includes\HijackersC.sbi (*)
2007-10-04 Includes\Keyloggers.sbi (*)
2008-01-23 Includes\KeyloggersC.sbi (*)
2004-11-29 Includes\LSP.sbi (*)
2008-01-16 Includes\Malware.sbi (*)
2008-01-23 Includes\MalwareC.sbi (*)
2007-10-24 Includes\PUPS.sbi (*)
2008-01-23 Includes\PUPSC.sbi (*)
2008-01-23 Includes\Revision.sbi (*)
2008-01-09 Includes\Security.sbi (*)
2008-01-23 Includes\SecurityC.sbi (*)
2008-01-23 Includes\Spybots.sbi (*)
2008-01-23 Includes\SpybotsC.sbi (*)
2007-11-06 Includes\Tracks.uti
2008-01-16 Includes\Trojans.sbi (*)
2008-01-23 Includes\TrojansC.sbi (*)
2008-12-24 Plugins\TCPIPAddress.dll



--- System information ---
Windows Vista (Build: 6000) (6.0.6000)


--- Startup entries list ---
Located: HK_LM:Run, Adobe Reader Speed Launcher
command: "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
file: C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
size: 39792
MD5: 8B9145D229D4E89D15ACB820D4A3A90F

Located: HK_LM:Run, ClamWin
command: "C:\Program Files\ClamWin\bin\ClamTray.exe" --logon
file: C:\Program Files\ClamWin\bin\ClamTray.exe
size: 77824
MD5: EAC29839FC599867196241B41C2B43D1

Located: HK_LM:Run, HotKeysCmds
command: C:\Windows\system32\hkcmd.exe
file: C:\Windows\system32\hkcmd.exe
size: 166424
MD5: E0913BFFE047972BAA72AC3AE608E24D

Located: HK_LM:Run, HP Health Check Scheduler
command: C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
file: C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
size: 50696
MD5: 06B28C3CFD5C995B82F5EF1E5A0A576C

Located: HK_LM:Run, HP Software Update
command: C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
file: C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
size: 54840
MD5: 21293443961A4E2597453EE7A9347F22

Located: HK_LM:Run, hpqSRMon
command: C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqSRMon.exe
file: C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqSRMon.exe
size: 80896
MD5: 941A08CBDEEDF16B6C986B6BA7C9A5D0

Located: HK_LM:Run, hpsysdrv
command: c:\hp\support\hpsysdrv.exe
file: c:\hp\support\hpsysdrv.exe
size: 65536
MD5: 85B8925F1A477DF7AEC93CABBEB04F1F

Located: HK_LM:Run, IAAnotif
command: "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
file: C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
size: 151552
MD5: 3DBDCC91664F9975355F8612FAA309F3

Located: HK_LM:Run, IgfxTray
command: C:\Windows\system32\igfxtray.exe
file: C:\Windows\system32\igfxtray.exe
size: 141848
MD5: EF4FF93786AE65DD307FCADABCD087CA

Located: HK_LM:Run, ISUSPM
command: "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
file: C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
size: 218032
MD5: 43D083268A0919F3527A2837390BAF63

Located: HK_LM:Run, iTunesHelper
command: "C:\Program Files\iTunes\iTunesHelper.exe"
file: C:\Program Files\iTunes\iTunesHelper.exe
size: 267048
MD5: 04A9F0C58B170F30445BCC0683EF9FFC

Located: HK_LM:Run, KBD
command: C:\HP\KBD\KbdStub.EXE
file: C:\HP\KBD\KbdStub.EXE
size: 65536
MD5: 7088B136BB58A5F95CF0DE8386CA6C0F

Located: HK_LM:Run, LogMeIn GUI
command: "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe"
file: C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
size: 63048
MD5: 234051C0D242A6F4A79AE5212C1323D4

Located: HK_LM:Run, McAfeeUpdaterUI
command: "C:\Program Files\McAfee\Common Framework\UdaterUI.exe" /StartedFromRunKey
file: C:\Program Files\McAfee\Common Framework\UdaterUI.exe
size: 136768
MD5: 12AA9837BF1479FAF703A7B7A2617498

Located: HK_LM:Run, Media Codec Update Service
command: C:\Program Files\Essentials Codec Pack\update.exe -silent
file: C:\Program Files\Essentials Codec Pack\update.exe
size: 303104
MD5: 441C75BC99638C9CB7A47EE79B17D2CF

Located: HK_LM:Run, OsdMaestro
command: "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
file: C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
size: 155648
MD5: BA2152949AEE6549D60F8497C011E22A

Located: HK_LM:Run, Persistence
command: C:\Windows\system32\igfxpers.exe
file: C:\Windows\system32\igfxpers.exe
size: 133656
MD5: 83591BC9E3328F5BACCF487CD12414EB

Located: HK_LM:Run, QuickTime Task
command: "C:\Program Files\QuickTime\QTTask.exe" -atboottime
file: C:\Program Files\QuickTime\QTTask.exe
size: 413696
MD5: 6DF76965A0FB8237E9C3B3CAB9815EC2

Located: HK_LM:Run, RtHDVCpl
command: RtHDVCpl.exe
file: C:\Windows\RtHDVCpl.exe
size: 4874240
MD5: 361CD47DC5BD83EE24407903233B0D9A

Located: HK_LM:Run, ShStatEXE
command: "C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE" /STANDALONE
file: C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE
size: 112216
MD5: A3EA189BE290F6CF1A9F4C2630554E74

Located: HK_LM:Run, Windows Defender
command: %ProgramFiles%\Windows Defender\MSASCui.exe -hide
file: C:\Program Files\Windows Defender\MSASCui.exe
size: 1006264
MD5: 9AD9E2FB2811123DA13DE84CC154AB77

Located: HK_LM:Run, WPCUMI
command: C:\Windows\system32\WpcUmi.exe
file: C:\Windows\system32\WpcUmi.exe
size: 176128
MD5: C456658AF90F42BE3CDF1048F9CDB5CA

Located: HK_LM:RunOnce, Launcher
command: %WINDIR%\SMINST\launcher.exe
file: C:\Windows\SMINST\launcher.exe
size: 44168
MD5: 31539595F006DAE39F719735F30C3570

Located: HK_LM:RunOnce, WinSat
command: winsat dwm -xml results.xml
file:
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: HK_CU:Run, 2ed7e1ef
where: S-1-5-21-2571424821-612024356-2499971906-1011...
command: rundll32.exe "C:\Users\ZACHAR~1\AppData\Local\Temp\jtaqsaaq.dll",b
file: C:\Users\ZACHAR~1\AppData\Local\Temp\jtaqsaaq.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: HK_CU:Run, AdobeUpdater
where: S-1-5-21-2571424821-612024356-2499971906-1011...
command: C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe
file: C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe
size: 2321600
MD5: CEBB4703FE0A875947E5F0A3A95FE577

Located: HK_CU:Run, cmds
where: S-1-5-21-2571424821-612024356-2499971906-1011...
command: rundll32.exe C:\Users\ZACHAR~1\AppData\Local\Temp\hGVomNEW.dll,c
file:
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: HK_CU:Run, ehTray.exe
where: S-1-5-21-2571424821-612024356-2499971906-1011...
command: C:\Windows\ehome\ehTray.exe
file: C:\Windows\ehome\ehTray.exe
size: 125440
MD5: 2E0953919779A44BF9DFB7B07C58535A

Located: HK_CU:Run, Google Update
where: S-1-5-21-2571424821-612024356-2499971906-1011...
command: "C:\Users\Zachary Sanjiv\AppData\Local\Google\Update\1.1.25.0\GoogleUpdate.exe" /lang en
file: C:\Users\Zachary Sanjiv\AppData\Local\Google\Update\1.1.25.0\GoogleUpdate.exe
size: 51184
MD5: 5F2FDDA4A829AE4838C3049C18B39A1B

Located: HK_CU:Run, HPADVISOR
where: S-1-5-21-2571424821-612024356-2499971906-1011...
command: C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe
file: C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe
size: 1480296
MD5: 69A41A417D8311934BCB5D1E3864E8C9

Located: HK_CU:Run, ISUSPM
where: S-1-5-21-2571424821-612024356-2499971906-1011...
command: "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
file: C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
size: 218032
MD5: 43D083268A0919F3527A2837390BAF63

Located: HK_CU:Run, MS Juan
where: S-1-5-21-2571424821-612024356-2499971906-1011...
command: rundll32 "C:\Users\ZACHAR~1\AppData\Local\Temp\atgsnepr.dll",run
file: C:\Users\ZACHAR~1\AppData\Local\Temp\atgsnepr.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: HK_CU:Run, MSServer
where: S-1-5-21-2571424821-612024356-2499971906-1011...
command: rundll32.exe C:\Users\ZACHAR~1\AppData\Local\Temp\ljJBqOEU.dll,#1
file:
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: HK_CU:Run, Sidebar
where: S-1-5-21-2571424821-612024356-2499971906-1011...
command: C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
file: C:\Program Files\Windows Sidebar\sidebar.exe
size: 1232896
MD5: 582F3A0BA61D8F0D50C66B592808B6D6

Located: HK_CU:Run, WindowsWelcomeCenter
where: S-1-5-21-2571424821-612024356-2499971906-1011...
command: rundll32.exe oobefldr.dll,ShowWelcomeCenter
file:
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: Startup (common), Adobe Gamma Loader.lnk
where: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup...
command: C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
file: C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
size: 113664
MD5: C2FF17734176CD15221C10044EF0BA1A

Located: Startup (common), HP Connections.lnk
where: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup...
command: C:\Program Files\HP Connections\6811507\Program\HP Connections.exe
file: C:\Program Files\HP Connections\6811507\Program\HP Connections.exe
size: 34520
MD5: 3754F4C688BFD04BC886112BD6566A9B

Located: Startup (common), HP Digital Imaging Monitor.lnk
where: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup...
command: C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
file: C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
size: 210520
MD5: 1BA45CDEF852381DA4A95D056DDB4B48

Located: Startup (common), InterVideo WinCinema Manager.lnk
where: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup...
command: C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
file: C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
size: 303104
MD5: E57B48DE00694BFB5155719F3DFCE127

Located: Startup (common), WFPUser.lnk
where: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup...
command: C:\Program Files\Microsoft Windows Feedback Panel\wfpuser.exe
file:
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: Startup (user), Kuma_Tray.lnk
where: C:\Users\Zachary Sanjiv\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup...
command: C:\Program Files\Kuma Games\kgsystray\Kuma_tray.exe
file: C:\Program Files\Kuma Games\kgsystray\Kuma_tray.exe
size: 33992
MD5: 87DED620C66C7338ADBC68ADE8721828

Located: Startup (user), YouTube Uploader.lnk
where: C:\Users\Zachary Sanjiv\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup...
command: C:\Users\Zachary Sanjiv\AppData\Local\YouTube\Uploader\youtubeuploader.exe
file: C:\Users\Zachary Sanjiv\AppData\Local\YouTube\Uploader\youtubeuploader.exe
size: 71152
MD5: E1E2BBF850825BAE7C692FC8CE0DD5C1

Located: WinLogon, igfxcui
command: igfxdev.dll
file: igfxdev.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

--- Browser helper object list ---
{7DB2D5A0-7241-4E79-B68D-6309F01C5231} (scriptproxy)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name: scriptproxy
CLSID name: scriptproxy
Path: C:\Program Files\McAfee\VirusScan Enterprise\
Long name: ScriptCl.dll
Short name:
Date (created): 11/30/2006 9:50:00 AM
Date (last access): 1/5/2008 6:12:16 PM
Date (last write): 11/30/2006 9:50:00 AM
Filesize: 67136
Attributes: archive
MD5: 3B15913A9F57A041A3924275DB53BD1F
CRC32: 7132ED0A
Version: 13.3.1.100

{7E853D72-626A-48EC-A868-BA8D5E23E045} ()
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name:

{9030D464-4C02-4ABF-8ECC-5164760863C6} (Windows Live Sign-in Helper)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name: Windows Live Sign-in Helper
Path: C:\Program Files\Common Files\Microsoft Shared\Windows Live\
Long name: WindowsLiveLogin.dll
Short name: WINDOW~1.DLL
Date (created): 8/31/2006 8:33:06 PM
Date (last access): 4/22/2007 4:04:54 PM
Date (last write): 8/31/2006 8:33:06 PM
Filesize: 322368
Attributes: archive
MD5: E43F7CFDEE2B00A22C96C168147B20D3
CRC32: 2AEACC43
Version: 4.100.313.1

{AA58ED58-01DD-4d91-8333-CF10577473F7} (Google Toolbar Helper)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name: Google Toolbar Helper
description: Google toolbar
classification: Open for discussion
known filename: googletoolbar.dll<br>googletoolbar*.dll<br>(* = number)<br>googletoolbar_en_*.**-big.dll<br>Googletoolbar_en_*.*.**-deleon.dll
info link: http://toolbar.google.com/
info source: TonyKlein
Path: c:\program files\google\
Long name: GoogleToolbar1.dll
Short name: GOOGLE~1.DLL
Date (created): 11/18/2007 4:21:06 PM
Date (last access): 11/18/2007 4:21:06 PM
Date (last write): 11/18/2007 4:21:06 PM
Filesize: 2403392
Attributes: readonly archive
MD5: 6319F2D4708DBCAE37CFA03DA10782C0
CRC32: D51D8296
Version: 4.0.1601.4978



--- ActiveX list ---
{00000014-9593-4264-8B29-930B3E4EDCCD} (HPVirtualRooms14 Class)
DPF name:
CLSID name: HPVirtualRooms14 Class
Installer: C:\WINDOWS\Downloaded Program Files\WebInstall.inf
Codebase: https://www.rooms.hp.com/vRoom_Cab/WebHPVCInstall14.cab
Path: C:\WINDOWS\Downloaded Program Files\
Long name: HPVirtualRooms14.dll
Short name: HPVIRT~1.DLL
Date (created): 11/17/2006 12:02:24 PM
Date (last access): 11/17/2006 12:02:24 PM
Date (last write): 11/17/2006 12:02:24 PM
Filesize: 405504
Attributes: archive
MD5: 3B78D241B69BE9F028958E59EC841263
CRC32: 7B37CB8C
Version: 1.0.0.100

{166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control)
DPF name:
CLSID name: Shockwave ActiveX Control
Installer: C:\WINDOWS\Downloaded Program Files\setup.inf
Codebase: http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
description: Macromedia ShockWave Flash Player 7
classification: Legitimate
known filename: SWDIR.DLL
info link:
info source: Patrick M. Kolla
Path: C:\Windows\system32\Adobe\Director\
Long name: SwDir.dll
Short name:
Date (created): 4/16/2008 11:59:50 PM
Date (last access): 4/16/2008 11:59:50 PM
Date (last write): 3/19/2008 7:36:22 PM
Filesize: 202168
Attributes: archive
MD5: 284259B6EB9901B8978B78AFC5514627
CRC32: 6C37B749
Version: 11.0.0.429

{254AA86E-5655-4518-AA87-185D7CC41801} (LogMeIn Rescue Technician Console)
DPF name:
CLSID name: LogMeIn Rescue Technician Console
Installer: C:\WINDOWS\Downloaded Program Files\RescueControl.inf
Codebase: https://secure.logmeinrescue.com/TechConsole/x86/RescueControl.cab
Path: C:\WINDOWS\Downloaded Program Files\
Long name: RescueControl.dll
Short name: RESCUE~1.DLL
Date (created): 12/10/2007 6:12:42 PM
Date (last access): 12/10/2007 6:12:42 PM
Date (last write): 12/10/2007 6:12:42 PM
Filesize: 7198024
Attributes: archive
MD5: CC296AB29BA9619DC9C8F5DB5AB56F1B
CRC32: 564C9E59
Version: 5.0.0.321

{3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} (CTVUAxCtrl Object)
DPF name:
CLSID name: CTVUAxCtrl Object
Installer: C:\WINDOWS\Downloaded Program Files\TVUAx.inf
Codebase: http://dl.tvunetworks.com/TVUAx.cab
description:
classification: Legitimate
known filename: TVUAx.dll
info link:
info source: Safer Networking Ltd.
Path: C:\WINDOWS\Downloaded Program Files\
Long name: TVUAx.dll
Short name:
Date (created): 12/21/2007 2:26:18 PM
Date (last access): 12/21/2007 2:26:18 PM
Date (last write): 12/21/2007 2:26:18 PM
Filesize: 361776
Attributes: archive
MD5: 2F928007FE74A66AF771506AB4F62F13
CRC32: 0CCE80BB
Version: 2.3.4.1

{406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia)
DPF name:
CLSID name: Snapfish Activia
Installer: C:\WINDOWS\Downloaded Program Files\SnapfishActivia1000.inf
Codebase: http://www.costcophotocenter.com/CostcoActivia.cab
description:
classification: Legitimate
known filename: SnapfishActivia1000.ocx
info link:
info source: Safer Networking Ltd.
Path: C:\WINDOWS\Downloaded Program Files\
Long name: SnapfishActivia1000.ocx
Short name: SNAPFI~1.OCX
Date (created): 6/3/2005 12:24:32 PM
Date (last access): 6/3/2005 12:24:32 PM
Date (last write): 6/3/2005 12:24:32 PM
Filesize: 286720
Attributes: archive
MD5: F5C79C45F1ADF877DC3AFDFF3565AE7B
CRC32: F118547A
Version: 1.0.0.10

{459E93B6-150E-45D5-8D4B-45C66FC035FE} (get_atlcom Class)
DPF name:
CLSID name: get_atlcom Class
Installer:
Codebase: http://apps.corel.com/nos_dl_manager_dev/plugin/IEGetPlugin.ocx
Path: C:\WINDOWS\Downloaded Program Files\
Long name: IEGetPlugin.ocx
Short name: IEGETP~1.OCX
Date (created): 9/1/2007 6:38:18 AM
Date (last access): 9/1/2007 6:38:18 AM
Date (last write): 9/1/2007 6:38:12 AM
Filesize: 91256
Attributes: archive
MD5: 26B81790C8EDF4D4DAE174E37C8BF1A4
CRC32: 2B0C93E5
Version: 1.2.0.24

{67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab)
DPF name: System Requirements Lab
CLSID name: System Requirements Lab Class
Installer:
Codebase: http://www.systemrequirementslab.com/sysreqlab2.cab
Path: C:\WINDOWS\Downloaded Program Files\
Long name: sysreqlab2.dll
Short name: SYSREQ~1.DLL
Date (created): 3/29/2007 11:07:12 AM
Date (last access): 3/29/2007 11:07:12 AM
Date (last write): 3/29/2007 11:07:12 AM
Filesize: 206384
Attributes: archive
MD5: ED3B0F1BA60554B9D2E5AE1B02AD9306
CRC32: E2F1D780
Version: 2.30.0.0

{6B75345B-AA36-438A-BBE6-4078B4C6984D} (HpProductDetection Class)
DPF name:
CLSID name: HpProductDetection Class
Installer: C:\WINDOWS\Downloaded Program Files\setup.inf
Codebase: http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection.cab
description:
classification: Legitimate
known filename: HPDeviceDetection.dll
info link:
info source: Safer Networking Ltd.
Path: C:\Program Files\Hp\Common\
Long name: HPDeviceDetection.dll
Short name: HPDEVI~1.DLL
Date (created): 3/12/2008 2:35:46 PM
Date (last access): 4/16/2008 11:50:08 PM
Date (last write): 3/12/2008 2:35:46 PM
Filesize: 531312
Attributes: archive
MD5: A6B7E4F747F0723CE06D9D6C2B4A9A14
CRC32: D2355593
Version: 4.0.8.0

{6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager)
DPF name:
CLSID name: HP Download Manager
Installer: C:\WINDOWS\Downloaded Program Files\HPDEXAXO.inf
Codebase: https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab
Path: C:\WINDOWS\Downloaded Program Files\
Long name: HPDEXAXO.dll
Short name:
Date (created): 10/18/2007 10:04:16 AM
Date (last access): 10/18/2007 10:04:16 AM
Date (last write): 10/18/2007 10:04:16 AM
Filesize: 341296
Attributes: archive
MD5: CDE357CD3FC047F5C7D8B8345B6A42BF
CRC32: 7ABDC22F
Version: 1.0.5.1

{80AEEC0E-A2BE-4B8D-985F-350FE869DC40} (HPDDClientExec Class)
DPF name:
CLSID name: HPDDClientExec Class
Installer: C:\WINDOWS\Downloaded Program Files\setup.inf
Codebase: http://h20264.www2.hp.com/ediags/dd/install/HPDriverDiagnosticsVista.cab
Path: C:\Program Files\Hp\Common\
Long name: HPDDAXO.dll
Short name:
Date (created): 2/13/2007 2:39:36 PM
Date (last access): 1/5/2008 5:28:30 PM
Date (last write): 2/13/2007 2:39:36 PM
Filesize: 145024
Attributes: archive
MD5: 861A5EC64AFD263850B2C9E6BF615244
CRC32: D1675018
Version: 1.0.1.0

{8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.5.0)
DPF name: Java Runtime Environment 1.5.0
CLSID name: Java Plug-in 1.5.0_06
Installer:
Codebase: http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
description: Sun Java
classification: Legitimate
known filename: %PROGRAM FILES%\JabaSoft\JRE\*\Bin\npjava131.dll
info link:
info source: Patrick M. Kolla
Path: C:\Program Files\Java\jre1.5.0_06\bin\
Long name: NPJPI150_06.dll
Short name: NPJPI1~1.DLL
Date (created): 3/2/2006 1:52:58 PM
Date (last access): 3/2/2006 1:52:58 PM
Date (last write): 11/10/2005 1:22:12 PM
Filesize: 69746
Attributes: archive
MD5: D2CF6BB5E9020E6707B62575F8083954
CRC32: 7F39DC54
Version: 5.0.60.5

{8FFBE65D-2C9C-4669-84BD-5829DC0B603C} ()
DPF name:
CLSID name:
Installer: C:\WINDOWS\Downloaded Program Files\erma.inf
Codebase: http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
description:
classification: Open for discussion
known filename:
info link:
info source: Safer Networking Ltd.

{AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control)
DPF name:
CLSID name: Get_ActiveX Control
Installer:
Codebase: https://h17000.www1.hp.com/ewfrf-JAVA/Secure/HPGetDownloadManager.ocx
description:
classification: Legitimate
known filename: HPGetDownloadManager.ocx
info link:
info source: Safer Networking Ltd.
Path: C:\WINDOWS\DOWNLO~1\
Long name: HPGetDownloadManager.ocx
Short name: HPGETD~1.OCX
Date (created): 6/11/2007 9:49:52 PM
Date (last access): 6/11/2007 9:49:52 PM
Date (last write): 6/11/2007 9:49:48 PM
Filesize: 88136
Attributes: archive
MD5: 200E3189656F9A29FB5BC7F71AB3F283
CRC32: 8C85B2F9
Version: 3.3.0.0

{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} (Java Runtime Environment 1.5.0)
DPF name: Java Runtime Environment 1.5.0
CLSID name: Java Plug-in 1.5.0_06
Installer:
Codebase: http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
description:
classification: Legitimate
known filename: npjpi150_06.dll
info link:
info source: Safer Networking Ltd.
Path: C:\Program Files\Java\jre1.5.0_06\bin\
Long name: NPJPI150_06.dll
Short name: NPJPI1~1.DLL
Date (created): 3/2/2006 1:52:58 PM
Date (last access): 3/2/2006 1:52:58 PM
Date (last write): 11/10/2005 1:22:12 PM
Filesize: 69746
Attributes: archive
MD5: D2CF6BB5E9020E6707B62575F8083954
CRC32: 7F39DC54
Version: 5.0.60.5

{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} (Java Runtime Environment 1.5.0)
DPF name: Java Runtime Environment 1.5.0
CLSID name: Java Plug-in 1.5.0_06
Installer:
Codebase: http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
description:
classification: Legitimate
known filename: npjpi150_06.dll
info link:
info source: Safer Networking Ltd.
Path: C:\Program Files\Java\jre1.5.0_06\bin\
Long name: NPJPI150_06.dll
Short name: NPJPI1~1.DLL
Date (created): 3/2/2006 1:52:58 PM
Date (last access): 3/2/2006 1:52:58 PM
Date (last write): 11/10/2005 1:22:12 PM
Filesize: 69746
Attributes: archive
MD5: D2CF6BB5E9020E6707B62575F8083954
CRC32: 7F39DC54
Version: 5.0.60.5

{E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (GpcContainer Class)
DPF name:
CLSID name: GpcContainer Class
Installer: C:\WINDOWS\Downloaded Program Files\ieatgpc.inf
Codebase: https://targetsite.webex.com/client/T25L/webex/ieatgpc1.cab
description:
classification: Legitimate
known filename: ieatgpc.dll
info link:
info source: Safer Networking Ltd.
Path: C:\WINDOWS\Downloaded Program Files\
Long name: ieatgpc.dll
Short name:
Date (created): 4/28/2007 5:42:26 AM
Date (last access): 4/28/2007 5:42:26 AM
Date (last write): 4/28/2007 5:42:26 AM
Filesize: 93848
Attributes: archive
MD5: 07D8B0E0B94FB580280A24E9A5DFCC50
CRC32: 95483538
Version: 2.1.0.2

{FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control)
DPF name:
CLSID name: Performance Viewer Activex Control
Installer: C:\WINDOWS\Downloaded Program Files\CONFLICT.1\RACtrl.inf
Codebase: https://secure.logmein.com/activex/ractrl.cab?lmi=100
description:
classification: Legitimate
known filename: RACtrl.dll
info link:
info source: Safer Networking Ltd.
Path: C:\WINDOWS\Downloaded Program Files\CONFLICT.1\
Long name: RACtrl.dll
Short name:
Date (created): 1/17/2008 2:18:26 PM
Date (last access): 1/17/2008 2:18:26 PM
Date (last write): 1/17/2008 2:18:26 PM
Filesize: 2745672
Attributes: archive
MD5: 7E66721241EE1A09D03D49CBA349050A
CRC32: 5CF92D5A
Version: 1.0.0.356

{FFBB3F3B-0A5A-4106-BE53-DFE1E2340CB1} (DownloadManager Control)
DPF name:
CLSID name: DownloadManager Control
Installer: C:\WINDOWS\Downloaded Program Files\DownloadManagerV2.inf
Codebase: http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.2.1.cab
description:
classification: Open for discussion
known filename: DOWNLO~1.OCX
info link:
info source: Safer Networking Ltd.
Path: C:\WINDOWS\DOWNLO~1\
Long name: DownloadManagerV2.ocx
Short name: DOWNLO~1.OCX
Date (created): 8/24/2007 5:24:28 AM
Date (last access): 8/24/2007 5:24:28 AM
Date (last write): 8/24/2007 5:24:28 AM
Filesize: 606208
Attributes: archive
MD5: A913C60BCE845B534E5EECED0CC02E9A
CRC32: DE194954
Version: 2.2.2.1



--- Process list ---
PID: 3196 ( 0) C:\Windows\system32\taskeng.exe
size: 166400
MD5: 1226E9FAE5B8508801EC974E3C9D9C14
PID: 3756 ( 0) C:\Windows\system32\Dwm.exe
size: 83456
MD5: E87B968F3D49117445893EB0503FE34F
PID: 1912 ( 0) C:\Windows\Explorer.EXE
size: 2923520
MD5: 6D06CD98D954FE87FB2DB8108793B399
PID: 780 ( 0) C:\Windows\system32\WTablet\TabUserW.exe
size: 132656
MD5: D26E69DB0FA85A58ABDFC0575291267D
PID: 1532 ( 0) C:\Program Files\Windows Defender\MSASCui.exe
size: 1006264
MD5: 9AD9E2FB2811123DA13DE84CC154AB77
PID: 3060 ( 0) C:\hp\support\hpsysdrv.exe
size: 65536
MD5: 85B8925F1A477DF7AEC93CABBEB04F1F
PID: 2756 ( 0) C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
size: 155648
MD5: BA2152949AEE6549D60F8497C011E22A
PID: 3724 ( 0) C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
size: 54840
MD5: 21293443961A4E2597453EE7A9347F22
PID: 4128 ( 0) C:\Program Files\ClamWin\bin\ClamTray.exe
size: 77824
MD5: EAC29839FC599867196241B41C2B43D1
PID: 4148 ( 0) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
size: 151552
MD5: 3DBDCC91664F9975355F8612FAA309F3
PID: 4168 ( 0) C:\Program Files\McAfee\VirusScan Enterprise\shstat.exe
size: 112216
MD5: A3EA189BE290F6CF1A9F4C2630554E74
PID: 4176 ( 0) C:\Program Files\McAfee\Common Framework\UdaterUI.exe
size: 136768
MD5: 12AA9837BF1479FAF703A7B7A2617498
PID: 4192 ( 0) C:\Program Files\McAfee\Common Framework\McTray.exe
size: 86016
MD5: F01DE4E2D6DF141628BAB697B7B43057
PID: 4208 ( 0) C:\Windows\RtHDVCpl.exe
size: 4874240
MD5: 361CD47DC5BD83EE24407903233B0D9A
PID: 4272 ( 0) C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
size: 63048
MD5: 234051C0D242A6F4A79AE5212C1323D4
PID: 4332 ( 0) C:\Windows\System32\hkcmd.exe
size: 166424
MD5: E0913BFFE047972BAA72AC3AE608E24D
PID: 4352 ( 0) C:\Windows\System32\igfxpers.exe
size: 133656
MD5: 83591BC9E3328F5BACCF487CD12414EB
PID: 4392 ( 0) C:\Program Files\iTunes\iTunesHelper.exe
size: 267048
MD5: 04A9F0C58B170F30445BCC0683EF9FFC
PID: 4408 ( 0) C:\Program Files\Windows Sidebar\sidebar.exe
size: 1232896
MD5: 582F3A0BA61D8F0D50C66B592808B6D6
PID: 4476 ( 0) C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe
size: 1480296
MD5: 69A41A417D8311934BCB5D1E3864E8C9
PID: 4516 ( 0) C:\Windows\ehome\ehtray.exe
size: 125440
MD5: 2E0953919779A44BF9DFB7B07C58535A
PID: 4564 ( 0) C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
size: 218032
MD5: 43D083268A0919F3527A2837390BAF63
PID: 4604 ( 0) C:\Users\Zachary Sanjiv\AppData\Local\Google\Update\1.1.25.0\GoogleUpdate.exe
size: 51184
MD5: 5F2FDDA4A829AE4838C3049C18B39A1B
PID: 4656 ( 0) C:\Windows\system32\igfxsrvc.exe
size: 256536
MD5: E604D80346076DDD1B9F214678A35A38
PID: 4760 ( 0) C:\Windows\System32\rundll32.exe
size: 44544
MD5: 4B555106290BD117334E9A08761C035A
PID: 4776 ( 0) C:\Windows\System32\rundll32.exe
size: 44544
MD5: 4B555106290BD117334E9A08761C035A
PID: 4784 ( 0) C:\Windows\System32\rundll32.exe
size: 44544
MD5: 4B555106290BD117334E9A08761C035A
PID: 4844 ( 0) C:\Program Files\HP Connections\6811507\Program\HP Connections.exe
size: 34520
MD5: 3754F4C688BFD04BC886112BD6566A9B
PID: 4852 ( 0) C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
size: 210520
MD5: 1BA45CDEF852381DA4A95D056DDB4B48
PID: 4864 ( 0) C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
size: 303104
MD5: E57B48DE00694BFB5155719F3DFCE127
PID: 4880 ( 0) C:\Program Files\Kuma Games\kgsystray\Kuma_tray.exe
size: 33992
MD5: 87DED620C66C7338ADBC68ADE8721828
PID: 4888 ( 0) C:\Users\Zachary Sanjiv\AppData\Local\YouTube\Uploader\youtubeuploader.exe
size: 71152
MD5: E1E2BBF850825BAE7C692FC8CE0DD5C1
PID: 4976 ( 0) C:\Windows\ehome\ehmsas.exe
size: 37376
MD5: 693E4C15CEE5D6487D7913A2701B5E40
PID: 5048 ( 0) C:\Windows\system32\wbem\unsecapp.exe
size: 37376
MD5: E19C7BCE081B85F86F03AE9D82FFA77B
PID: 5428 ( 0) C:\Program Files\Windows Sidebar\sidebar.exe
size: 1232896
MD5: 582F3A0BA61D8F0D50C66B592808B6D6
PID: 1768 ( 0) C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqSTE08.exe
size: 271960
MD5: 85E7BB8A103644085C5C665481022E56
PID: 4036 ( 0) C:\Program Files\Hewlett-Packard\HP Advisor\SSDK04.exe
size: 505520
MD5: 42BB5676661C1A9D301C0E3E473F1000
PID: 5936 ( 0) C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
size: 4943184
MD5: C92780F50B8BB7A89E919585916494A9
PID: 5440 ( 0) C:\hp\kbd\kbd.exe
size: 61440
MD5: C81BE1B951C36E97D3DA90DA745DA5F7
PID: 1584 ( 0) C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
size: 197632
MD5: A07086619414899F99D7C91B43E8DF59
PID: 5304 ( 0) C:\Windows\system32\sdclt.exe
size: 1192960
MD5: FDA72FF6093B5488B93967281EB52FE6
PID: 4416 ( 0) C:\Program Files\Internet Explorer\IEUser.exe
size: 301568
MD5: C7E9042E06D75A70DEA2AA86C39907CB


--- Browser start & search pages list ---
Spybot - Search & Destroy browser pages report, 5/1/2008 5:52:19 PM

HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Local Page
C:\Windows\system32\blank.htm
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Page
http://go.microsoft.com/fwlink/?LinkId=54896
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Bar
http://www.google.com/ie
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Start Page
http://www.gamespot.com/
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search\SearchAssistant
http://www.google.com/ie
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl\@
http://www.google.com/search?q=%s
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Local Page
%SystemRoot%\system32\blank.htm
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Search Page
http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Start Page
http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Page_URL
http://www.tsatoday.org
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Search_URL
http://www.google.com/ie
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\CustomizeSearch
http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm


--- Winsock Layered Service Provider list ---
Protocol 0: Parental Controls LSP over [MSAFD Tcpip [TCP/IP]]
GUID: {FCB93F8F-186B-4E75-AF5E-DE1EB6771972}
Filename: C:\Windows\system32\wpclsp.dll

Protocol 1: Parental Controls LSP over [MSAFD Tcpip [UDP/IP]]
GUID: {44188227-725C-42C8-9F7C-56BD3AF4E056}
Filename: C:\Windows\system32\wpclsp.dll

Protocol 2: Parental Controls LSP over [MSAFD Tcpip [TCP/IPv6]]
GUID: {B5997BBB-B4C1-4DB3-8688-3CFF6F42E007}
Filename: C:\Windows\system32\wpclsp.dll

Protocol 3: Parental Controls LSP over [MSAFD Tcpip [UDP/IPv6]]
GUID: {1D548667-5ABF-40B1-836A-CF07617AA552}
Filename: C:\Windows\system32\wpclsp.dll

Protocol 4: Parental Controls LSP over [RSVP TCPv6 Service Provider]
GUID: {CAFCDE03-F9DC-4C44-B0D9-FB32CA9D640C}
Filename: C:\Windows\system32\wpclsp.dll

Protocol 5: Parental Controls LSP over [RSVP TCP Service Provider]
GUID: {AAE20567-B0A2-403D-B005-06AE4FEED9F1}
Filename: C:\Windows\system32\wpclsp.dll

Protocol 6: Parental Controls LSP over [RSVP UDPv6 Service Provider]
GUID: {4F05741E-8D4C-4DF9-8683-21513A8E7B57}
Filename: C:\Windows\system32\wpclsp.dll

Protocol 7: Parental Controls LSP over [RSVP UDP Service Provider]
GUID: {44804655-41FC-40FF-A81F-C4586590686D}
Filename: C:\Windows\system32\wpclsp.dll

Protocol 22: Parental Controls LSP
GUID: {572F18CF-62F6-4456-BE0E-AF2D8FDBCE0B}
Filename: C:\Windows\system32\wpclsp.dll

Namespace Provider 3: E-mail Naming Shim Provider
GUID: {964ACBA2-B2BC-40EB-8C6A-A6DB40161CAE}
Filename:

Namespace Provider 4: PNRP Cloud Namespace Provider
GUID: {03FE89CE-766D-4976-B9C1-BB9BC42C7B4D}
Filename:

Namespace Provider 5: PNRP Name Namespace Provider
GUID: {03FE89CD-766D-4976-B9C1-BB9BC42C7B4D}
Filename:

Ok, for some reason, I am having immense trouble getting the entire log to fit here, is there any easier way to do this?

Hi

Please follow up instructions in Before you post (http://forums.spybot.info/showthread.php?t=288) topic and post a fresh hjt log. :)