Here's the log from Xoftspy:
<?xml version = "1.0"?>
<Session START = "02 Sep 05 19:56:32" END = "02 Sep 05 19:58:58">
<Information Version = "4.15" DatabaseVersion = "111" DataBaseDate = "31 Aug 2005"/>
<Information OS = "Win XP"/>
<Information ServicePack = "Service Pack 2"/>
<Information WorkingDirectory = "C:\Program Files\XoftSpy\"/>
<Information Option = "AdvSpyware Scan" State = "ON"/>
<Information Option = "Scan IE Favorites" State = "ON"/>
<Information Option = "Scan Host Files" State = "ON"/>
<Information Option = "Scan Drives" State = "ON"/>
<Information Option = "Do Not Scan Executables" State = "OFF"/>
<Information Option = "Scan Registry" State = "ON"/>
<Information Option = "Scan Active Processes" State = "ON"/>
<Information Option = "Automatic Database Update" State = "ON"/>
<Information Option = "Automatic Program Update" State = "ON"/>
<Information Option = "Automatic Removal" State = "OFF"/>
<Information Option = "Exit When Finished" State = "OFF"/>
<Information RootKey = "HKEY_CURRENT_USER" KeyPath = "Software\Microsoft\Windows\CurrentVersion\Run"/>
<Information Value = "TOSCDSPD" Data = "C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe" MD5 = "383b71dcb691ccaeea445acb9150ddd3" Path = ""/>
<Information Value = "ctfmon.exe" Data = "C:\WINDOWS\system32\ctfmon.exe" MD5 = "24232996a38c0b0cf151c2140ae29fc8" Path = ""/>
<Information Value = "MSMSGS" Data = "C:\Program Files\Messenger\msmsgs.exe /background" MD5 = "74e6e96c6f0e2eca4edbb7f7a468f259" Path = ""/>
<Information RootKey = "HKEY_LOCAL_MACHINE" KeyPath = "Software\Microsoft\Windows\CurrentVersion\Run"/>
<Information Value = "CeEKEY" Data = "C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe" MD5 = "a7f0ed12494a00ec5e2ef94b82ab5d6f" Path = ""/>
<Information Value = "" Data = ""/>
<Information Value = "CeEPOWER" Data = "C:\Program Files\TOSHIBA\Power Management\CePMTray.exe" MD5 = "8f7e3434b0b6aec36e4dd9d42be66d43" Path = ""/>
<Information Value = "TPNF" Data = "C:\Program Files\TOSHIBA\TouchPad\TPTray.exe" MD5 = "98046adfa5ef9c3fa746bf6090154e78" Path = ""/>
<Information Value = "dla" Data = "C:\WINDOWS\system32\dla\tfswctrl.exe" MD5 = "0df3275fd096bacec54e01657d8745d8" Path = ""/>
<Information Value = "ATIPTA" Data = "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" MD5 = "024f4f23ccee31a9994109d7a41ab78f" Path = ""/>
<Information Value = "LtMoh" Data = "C:\Program Files\ltmoh\Ltmoh.exe" MD5 = "cae4adee7be5c6ad35c84d10a866977e" Path = ""/>
<Information Value = "AGRSMMSG" Data = "AGRSMMSG.exe"/>
<Information Value = "Apoint" Data = "C:\Program Files\Apoint2K\Apoint.exe" MD5 = "e6899986d6fe0c793b3df5bae7d18b40" Path = ""/>
<Information Value = "EzButton" Data = "C:\Program Files\EzButton\EzButton.EXE" MD5 = "0787e45175a5b7138bbab94ce8561d19" Path = ""/>
<Information Value = "PadTouch" Data = "C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe" MD5 = "062d0e5bbf64d78d90502f7d0bdc3d6f" Path = ""/>
<Information Value = "NDSTray.exe" Data = "NDSTray.exe"/>
<Information Value = "Pinger" Data = "c:\toshiba\ivp\ism\pinger.exe /run" MD5 = "eb3c8c07a1c1286baa3a676e1d16394d" Path = ""/>
<Information Value = "Symantec NetDriver Monitor" Data = "C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer" MD5 = "f9418981ee4d7e995d359833adab59d5" Path = ""/>
<Information Value = "Notebook Maximizer" Data = "C:\Program Files\Notebook Maximizer\maximizer_startup.exe" MD5 = "b65a88b9e9fed451e0da650abc634daa" Path = ""/>
<Information Value = "ccApp" Data = "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" MD5 = "e5f9b0314442ea5816518c64b02f10a2" Path = ""/>
<Information Value = "WinPatrol" Data = "C:\PROGRA~1\BILLPS~1\WINPAT~1\winpatrol.exe" MD5 = "383f2efcc0b732bb6ab9e075361e13b1" Path = ""/>
<Information Value = "XoftSpy" Data = "C:\Program Files\XoftSpy\XoftSpy.exe -s"/>
<Information RootKey = "HKEY_LOCAL_MACHINE" KeyPath = "Software\Microsoft\Windows NT\CurrentVersion\Winlogon"/>
<Information Value = "Userinit" Data = "C:\WINDOWS\system32\userinit.exe,"/>
<Information RootKey = "HKEY_CURRENT_USER" KeyPath = "Software\Microsoft\Windows NT\CurrentVersion\Windows"/>
<Information Value = "load" Data = ""/>
<Information RootKey = "HKEY_LOCAL_MACHINE" KeyPath = "Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad"/>
<Information Value = "PostBootReminder" Data = "{7849596a-48ea-486e-8937-a2a3009f31a9}"/>
<Information Value = "CDBurn" Data = "{fbeb8a05-beee-4442-804e-409d6c4515e9}"/>
<Information Value = "WebCheck" Data = "{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"/>
<Information Value = "SysTray" Data = "{35CEC8A3-2BE6-11D2-8773-92E220524153}"/>
<Information RootKey = "HKEY_LOCAL_MACHINE" KeyPath = "Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler"/>
<Information Value = "{438755C2-A8BA-11D1-B96B-00A0C90312E1}" Data = "Browseui preloader"/>
<Information Value = "{8C7461EF-2B13-11d2-BE35-3078302C2030}" Data = "Component Categories cache daemon"/>
<Information RootKey = "HKEY_LOCAL_MACHINE" KeyPath = "Software\Microsoft\OLE"/>
<Information Value = "DefaultLaunchPermission" Data = ""/>
<Information Value = "MachineLaunchRestriction" Data = ""/>
<Information Value = "MachineAccessRestriction" Data = ""/>
<Information Value = "EnableDCOM" Data = "Y"/>
<Information RootKey = "HKEY_CURRENT_USER" KeyPath = "Software\Microsoft\Internet Explorer\Main"/>
<Information Value = "NoUpdateCheck" Data = "(DWORD) 0x1 0 0 0"/>
<Information Value = "NoJITSetup" Data = "(DWORD) 0x1 0 0 0"/>
<Information Value = "Start Page" Data = "
http://www.google.com"/>
<Information Value = "Search Bar" Data = "
http://www.toshiba.c...a.com/search"/>
<Information Value = "Use Custom Search URL" Data = "(DWORD) 0 0 0 0"/>
<Information Value = "Cache_Update_Frequency" Data = "Once_Per_Session"/>
<Information Value = "Do404Search" Data = ""/>
<Information Value = "Local Page" Data = "C:\WINDOWS\system32\blank.htm"/>
<Information Value = "Search Page" Data = "
http://www.google.com"/>
<Information Value = "Window_Placement" Data = ""/>
<Information Value = "AddToFavoritesExpanded" Data = "(DWORD) 0 0 0 0"/>
<Information Value = "Save Directory" Data = "C:\Documents and Settings\Professor Abney\Desktop\"/>
<Information Value = "AutoSearch" Data = "(DWORD) 0x5 0 0 0"/>
<Information RootKey = "HKEY_LOCAL_MACHINE" KeyPath = "Software\Microsoft\Internet Explorer\Main"/>
<Information Value = "Default_Page_URL" Data = "
http://toshibadirect.com/"/>
<Information Value = "Default_Search_URL" Data = "
http://www.microsoft...&ar=iesearch"/>
<Information Value = "Search Page" Data = "
http://www.google.com"/>
<Information Value = "Cache_Percent_of_Disk" Data = ""/>
<Information Value = "Local Page" Data = ""/>
<Information Value = "Anchor_Visitation_Horizon" Data = ""/>
<Information Value = "Placeholder_Width" Data = ""/>
<Information Value = "Placeholder_Height" Data = ""/>
<Information Value = "Start Page" Data = "
http://www.google.com"/>
<Information Value = "CompanyName" Data = "Microsoft Corporation"/>
<Information Value = "Custom_Key" Data = "MICROSO"/>
<Information Value = "Wizard_Version" Data = "5.50.4134.100"/>
<Information RootKey = "HKEY_LOCAL_MACHINE" KeyPath = "Software\Microsoft\Internet Explorer\Search"/>
<Information Value = "SearchAssistant" Data = "
http://ie.search.msn...srchasst.htm"/>
<Information Value = "CustomizeSearch" Data = "
http://ie.search.msn...srchcust.htm"/>
<Information RootKey = "HKEY_CURRENT_USER" KeyPath = "Software\Microsoft\Internet Explorer\SearchURL"/>
<Information Value = "provider" Data = ""/>
<Information RootKey = "HKEY_CURRENT_USER" KeyPath = "Software\Microsoft\Internet Explorer\URLSearchHooks"/>
<Information Value = "{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" Data = ""/>
<Information RootKey = "HKEY_LOCAL_MACHINE" KeyPath = "Software\Microsoft\Internet Explorer\Toolbar"/>
<Information Value = "{0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7}" Data = "Norton Internet Security"/>
<Information Value = "{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}" Data = "Norton AntiVirus"/>
<Information RootKey = "HKEY_CURRENT_USER" KeyPath = "Software\Microsoft\Internet Explorer\Toolbar"/>
<Information Value = "LinksFolderName" Data = "Links"/>
<Information Value = "Locked" Data = "(DWORD) 0x1 0 0 0"/>
<Information Value = "Theater" Data = ""/>
<Scanning TIME = "02 Sep 05 19:56:32">
<PROCESS NAME = "C:\WINDOWS\system32\services.exe" MD5 = "c6ce6eec82f187615d1002bb3bb50ed4"/>
<PROCESS NAME = "C:\WINDOWS\system32\lsass.exe" MD5 = "84885f9b82f4d55c6146ebf6065d75d2"/>
<PROCESS NAME = "C:\WINDOWS\system32\Ati2evxx.exe" MD5 = "174c7ee63011017ca12e31ced195581d"/>
<PROCESS NAME = "C:\WINDOWS\system32\svchost.exe" MD5 = "8f078ae4ed187aaabc0a305146de6716"/>
<PROCESS NAME = "C:\WINDOWS\system32\svchost.exe" MD5 = "8f078ae4ed187aaabc0a305146de6716"/>
<PROCESS NAME = "C:\WINDOWS\System32\svchost.exe" MD5 = "8f078ae4ed187aaabc0a305146de6716"/>
<PROCESS NAME = "C:\WINDOWS\system32\ACS.exe" MD5 = "84f21f6572d0afe02074291f6ceabbdb"/>
<PROCESS NAME = "C:\WINDOWS\system32\svchost.exe" MD5 = "8f078ae4ed187aaabc0a305146de6716"/>
<PROCESS NAME = "C:\WINDOWS\system32\svchost.exe" MD5 = "8f078ae4ed187aaabc0a305146de6716"/>
<PROCESS NAME = "C:\Program Files\Common Files\Symantec Shared\ccProxy.exe" MD5 = "71af96e742972836b3fd4ea4b3c96206"/>
<PROCESS NAME = "C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe" MD5 = "495e5183d372754fe2c27398dffa025d"/>
<PROCESS NAME = "C:\Program Files\Norton Internet Security\ISSVC.exe" MD5 = "64bc5239264896c8d8fce558cfba029b"/>
<PROCESS NAME = "C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe" MD5 = "443e397643965e08c5ab6a6caa732b97"/>
<PROCESS NAME = "C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe" MD5 = "08fa56b7c13b4cbf0e5d351aecad92b1"/>
<PROCESS NAME = "C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe" MD5 = "74fbf2598f1dabc8647b7dfe1197c64a"/>
<PROCESS NAME = "C:\WINDOWS\system32\spoolsv.exe" MD5 = "da81ec57acd4cdc3d4c51cf3d409af9f"/>
<PROCESS NAME = "C:\Program Files\Toshiba\Power Management\CeEPwrSvc.exe" MD5 = "003f755c884b6c61fafd371e01609976"/>
<PROCESS NAME = "C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe" MD5 = "527235c8109bf5d4dbda7d1948648c46"/>
<PROCESS NAME = "C:\WINDOWS\system32\DVDRAMSV.exe" MD5 = "77c4901986fc7a83e853b300e80d234b"/>
<PROCESS NAME = "C:\Program Files\ewido\security suite\ewidoctrl.exe" MD5 = "867d9d1fa818f8629bb7a4a26e94b06a"/>
<PROCESS NAME = "C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe" MD5 = "ead98778afde3f53137a498e0d425b08"/>
<PROCESS NAME = "C:\WINDOWS\system32\svchost.exe" MD5 = "8f078ae4ed187aaabc0a305146de6716"/>
<PROCESS NAME = "c:\Toshiba\Ivp\Swupdate\swupdtmr.exe" MD5 = "74e8543a4647a53a26788d5ed3c2172f"/>
<PROCESS NAME = "C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe" MD5 = "f11341cd0d1dc5eff5feffcc7424984e"/>
<PROCESS NAME = "C:\WINDOWS\System32\alg.exe" MD5 = "f1958fbf86d5c004cf19a5951a9514b7"/>
<PROCESS NAME = "C:\WINDOWS\Explorer.EXE" MD5 = "a0732187050030ae399b241436565e64"/>
<PROCESS NAME = "C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe" MD5 = "a7f0ed12494a00ec5e2ef94b82ab5d6f"/>
<PROCESS NAME = "C:\Program Files\TOSHIBA\Power Management\CePMTray.exe" MD5 = "8f7e3434b0b6aec36e4dd9d42be66d43"/>
<PROCESS NAME = "C:\Program Files\TOSHIBA\TouchPad\TPTray.exe" MD5 = "98046adfa5ef9c3fa746bf6090154e78"/>
<PROCESS NAME = "C:\WINDOWS\system32\dla\tfswctrl.exe" MD5 = "0df3275fd096bacec54e01657d8745d8"/>
<PROCESS NAME = "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" MD5 = "024f4f23ccee31a9994109d7a41ab78f"/>
<PROCESS NAME = "C:\Program Files\ltmoh\Ltmoh.exe" MD5 = "cae4adee7be5c6ad35c84d10a866977e"/>
<PROCESS NAME = "C:\WINDOWS\AGRSMMSG.exe" MD5 = "32f801e868bd2006911d49128cdd6312"/>
<PROCESS NAME = "C:\Program Files\Apoint2K\Apoint.exe" MD5 = "e6899986d6fe0c793b3df5bae7d18b40"/>
<PROCESS NAME = "C:\Program Files\EzButton\EzButton.EXE" MD5 = "0787e45175a5b7138bbab94ce8561d19"/>
<PROCESS NAME = "C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe" MD5 = "062d0e5bbf64d78d90502f7d0bdc3d6f"/>
<PROCESS NAME = "C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe" MD5 = "65e0d99f87f0b5963019bc91083e75ce"/>
<PROCESS NAME = "C:\toshiba\ivp\ism\pinger.exe" MD5 = "eb3c8c07a1c1286baa3a676e1d16394d"/>
<PROCESS NAME = "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" MD5 = "e5f9b0314442ea5816518c64b02f10a2"/>
<PROCESS NAME = "C:\PROGRA~1\BILLPS~1\WINPAT~1\winpatrol.exe" MD5 = "383f2efcc0b732bb6ab9e075361e13b1"/>
<PROCESS NAME = "C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe" MD5 = "383b71dcb691ccaeea445acb9150ddd3"/>
<PROCESS NAME = "C:\WINDOWS\system32\ctfmon.exe" MD5 = "24232996a38c0b0cf151c2140ae29fc8"/>
<PROCESS NAME = "C:\Program Files\Messenger\msmsgs.exe" MD5 = "74e6e96c6f0e2eca4edbb7f7a468f259"/>
<PROCESS NAME = "C:\WINDOWS\system32\RAMASST.exe" MD5 = "7c86a098d2a2e5d0cc8ec60f90637e9e"/>
<PROCESS NAME = "C:\Program Files\Trend Micro\Tmas\Tmas.exe" MD5 = "1465bb6eaff960638c3b958fba001636"/>
<PROCESS NAME = "C:\Program Files\Apoint2K\Apntex.exe" MD5 = "cca1b81492b40890e44b2b20a780ee1f"/>
<PROCESS NAME = "C:\WINDOWS\system32\wbem\wmiapsrv.exe" MD5 = "ba8cecc3e813e1f7c441b20393d4f86c"/>
<PROCESS NAME = "C:\Program Files\Internet Explorer\IEXPLORE.EXE" MD5 = "e7484514c0464642be7b4dc2689354c8"/>
<PROCESS NAME = "C:\Program Files\Common Files\Symantec Shared\AdBlocking\NSMdtr.exe" MD5 = "3927925df9f3542dd016d3e65ccc71b1"/>
<PROCESS NAME = "C:\Program Files\XoftSpy\XoftSpy.exe" MD5 = "88d3950e0efda1cfb807af8eb5ab740f"/>
<Information Message = "Scan Aborted by User"/>
<ScanningRegKeys>
</ScanningRegKeys>
<ScanningRegValues>
</ScanningRegValues>
<ScanningRegValuesChanged>
</ScanningRegValuesChanged>
</Scanning>
<Scanning TIME = "02 Sep 05 19:56:37">
<PROCESS NAME = "C:\WINDOWS\system32\services.exe" MD5 = "c6ce6eec82f187615d1002bb3bb50ed4"/>
<PROCESS NAME = "C:\WINDOWS\system32\lsass.exe" MD5 = "84885f9b82f4d55c6146ebf6065d75d2"/>
<PROCESS NAME = "C:\WINDOWS\system32\Ati2evxx.exe" MD5 = "174c7ee63011017ca12e31ced195581d"/>
<PROCESS NAME = "C:\WINDOWS\system32\svchost.exe" MD5 = "8f078ae4ed187aaabc0a305146de6716"/>
<PROCESS NAME = "C:\WINDOWS\system32\svchost.exe" MD5 = "8f078ae4ed187aaabc0a305146de6716"/>
<PROCESS NAME = "C:\WINDOWS\System32\svchost.exe" MD5 = "8f078ae4ed187aaabc0a305146de6716"/>
<PROCESS NAME = "C:\WINDOWS\system32\ACS.exe" MD5 = "84f21f6572d0afe02074291f6ceabbdb"/>
<PROCESS NAME = "C:\WINDOWS\system32\svchost.exe" MD5 = "8f078ae4ed187aaabc0a305146de6716"/>
<PROCESS NAME = "C:\WINDOWS\system32\svchost.exe" MD5 = "8f078ae4ed187aaabc0a305146de6716"/>
<PROCESS NAME = "C:\Program Files\Common Files\Symantec Shared\ccProxy.exe" MD5 = "71af96e742972836b3fd4ea4b3c96206"/>
<PROCESS NAME = "C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe" MD5 = "495e5183d372754fe2c27398dffa025d"/>
<PROCESS NAME = "C:\Program Files\Norton Internet Security\ISSVC.exe" MD5 = "64bc5239264896c8d8fce558cfba029b"/>
<PROCESS NAME = "C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe" MD5 = "443e397643965e08c5ab6a6caa732b97"/>
<PROCESS NAME = "C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe" MD5 = "08fa56b7c13b4cbf0e5d351aecad92b1"/>
<PROCESS NAME = "C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe" MD5 = "74fbf2598f1dabc8647b7dfe1197c64a"/>
<PROCESS NAME = "C:\WINDOWS\system32\spoolsv.exe" MD5 = "da81ec57acd4cdc3d4c51cf3d409af9f"/>
<PROCESS NAME = "C:\Program Files\Toshiba\Power Management\CeEPwrSvc.exe" MD5 = "003f755c884b6c61fafd371e01609976"/>
<PROCESS NAME = "C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe" MD5 = "527235c8109bf5d4dbda7d1948648c46"/>
<PROCESS NAME = "C:\WINDOWS\system32\DVDRAMSV.exe" MD5 = "77c4901986fc7a83e853b300e80d234b"/>
<PROCESS NAME = "C:\Program Files\ewido\security suite\ewidoctrl.exe" MD5 = "867d9d1fa818f8629bb7a4a26e94b06a"/>
<PROCESS NAME = "C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe" MD5 = "ead98778afde3f53137a498e0d425b08"/>
<PROCESS NAME = "C:\WINDOWS\system32\svchost.exe" MD5 = "8f078ae4ed187aaabc0a305146de6716"/>
<PROCESS NAME = "c:\Toshiba\Ivp\Swupdate\swupdtmr.exe" MD5 = "74e8543a4647a53a26788d5ed3c2172f"/>
<PROCESS NAME = "C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe" MD5 = "f11341cd0d1dc5eff5feffcc7424984e"/>
<PROCESS NAME = "C:\WINDOWS\System32\alg.exe" MD5 = "f1958fbf86d5c004cf19a5951a9514b7"/>
<PROCESS NAME = "C:\WINDOWS\Explorer.EXE" MD5 = "a0732187050030ae399b241436565e64"/>
<PROCESS NAME = "C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe" MD5 = "a7f0ed12494a00ec5e2ef94b82ab5d6f"/>
<PROCESS NAME = "C:\Program Files\TOSHIBA\Power Management\CePMTray.exe" MD5 = "8f7e3434b0b6aec36e4dd9d42be66d43"/>
<PROCESS NAME = "C:\Program Files\TOSHIBA\TouchPad\TPTray.exe" MD5 = "98046adfa5ef9c3fa746bf6090154e78"/>
<PROCESS NAME = "C:\WINDOWS\system32\dla\tfswctrl.exe" MD5 = "0df3275fd096bacec54e01657d8745d8"/>
<PROCESS NAME = "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" MD5 = "024f4f23ccee31a9994109d7a41ab78f"/>
<PROCESS NAME = "C:\Program Files\ltmoh\Ltmoh.exe" MD5 = "cae4adee7be5c6ad35c84d10a866977e"/>
<PROCESS NAME = "C:\WINDOWS\AGRSMMSG.exe" MD5 = "32f801e868bd2006911d49128cdd6312"/>
<PROCESS NAME = "C:\Program Files\Apoint2K\Apoint.exe" MD5 = "e6899986d6fe0c793b3df5bae7d18b40"/>
<PROCESS NAME = "C:\Program Files\EzButton\EzButton.EXE" MD5 = "0787e45175a5b7138bbab94ce8561d19"/>
<PROCESS NAME = "C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe" MD5 = "062d0e5bbf64d78d90502f7d0bdc3d6f"/>
<PROCESS NAME = "C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe" MD5 = "65e0d99f87f0b5963019bc91083e75ce"/>
<PROCESS NAME = "C:\toshiba\ivp\ism\pinger.exe" MD5 = "eb3c8c07a1c1286baa3a676e1d16394d"/>
<PROCESS NAME = "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" MD5 = "e5f9b0314442ea5816518c64b02f10a2"/>
<PROCESS NAME = "C:\PROGRA~1\BILLPS~1\WINPAT~1\winpatrol.exe" MD5 = "383f2efcc0b732bb6ab9e075361e13b1"/>
<PROCESS NAME = "C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe" MD5 = "383b71dcb691ccaeea445acb9150ddd3"/>
<PROCESS NAME = "C:\WINDOWS\system32\ctfmon.exe" MD5 = "24232996a38c0b0cf151c2140ae29fc8"/>
<PROCESS NAME = "C:\Program Files\Messenger\msmsgs.exe" MD5 = "74e6e96c6f0e2eca4edbb7f7a468f259"/>
<PROCESS NAME = "C:\WINDOWS\system32\RAMASST.exe" MD5 = "7c86a098d2a2e5d0cc8ec60f90637e9e"/>
<PROCESS NAME = "C:\Program Files\Trend Micro\Tmas\Tmas.exe" MD5 = "1465bb6eaff960638c3b958fba001636"/>
<PROCESS NAME = "C:\Program Files\Apoint2K\Apntex.exe" MD5 = "cca1b81492b40890e44b2b20a780ee1f"/>
<PROCESS NAME = "C:\WINDOWS\system32\wbem\wmiapsrv.exe" MD5 = "ba8cecc3e813e1f7c441b20393d4f86c"/>
<PROCESS NAME = "C:\Program Files\Internet Explorer\IEXPLORE.EXE" MD5 = "e7484514c0464642be7b4dc2689354c8"/>
<PROCESS NAME = "C:\Program Files\Common Files\Symantec Shared\AdBlocking\NSMdtr.exe" MD5 = "3927925df9f3542dd016d3e65ccc71b1"/>
<PROCESS NAME = "C:\Program Files\XoftSpy\XoftSpy.exe" MD5 = "88d3950e0efda1cfb807af8eb5ab740f"/>
<ScanningRegKeys>
</SW>
<SW NAME = "Troj/Agent-DJ">
<REGKEYFOUND NAME = "msevents.msevents"/>
<REGKEY NAME = "Troj/Agent-DJ msevents.msevents"/>
</SW>
<SW NAME = "Troj/Agent-DJ">
<REGKEYFOUND NAME = "msevents.msevents.1"/>
<REGKEY NAME = "Troj/Agent-DJ msevents.msevents.1"/>
</ScanningRegKeys>
<ScanningRegValues>
</ScanningRegValues>
<ScanningRegValuesChanged>
</ScanningRegValuesChanged>
</Scanning>
<Information Message = "Starting to Quarantine 2 Items"/>
<Quarantines>
<QTFILE PATH = "C:\Program Files\XoftSpy\Quarantine\Quarantine02-09-2005-19-58-56.xpy" />
<INFO ACTION = "Added"/>
<INFO TIME = "02-09-2005-19-58-56"/>
<REGKEY RES = "Exporting - msevents.msevents"/>
<REGKEY RES = "Exporting - msevents.msevents.1"/>
</Quarantines>
<QInformation Message = "Quarantining File REG BACKUP - C:\DOCUME~1\PROFES~1\LOCALS~1\Temp\regbackup.reg"/>
<Removal>
<SW NAME = "Troj/Agent-DJ">
<REGKEY NAME = "msevents.msevents"/>
<REGKEY RES = "Successfully ReMoved"/>
<REGKEY NAME = "msevents.msevents.1"/>
<REGKEY RES = "Successfully ReMoved"/>
</SW>
</Removal>
</Session>