TheTechGuide Forum
General Category => Tech Clinic => Topic started by: Mr Bell on January 31, 2007, 01:55:59 PM
-
I had nothing better to do today. So what the heck I down loaded that Spyhunter program you have on the website and it says I still have that Zlob trojon. Here's the log from it. I'll also post a hijackthis log after.
###########################Runnning Processes DATA###########################
processName = SMSS.EXE File Size = 50688 File Path = \SystemRoot\System32\smss.exe ModuleMD5 = bd7fb0957c716f1a60333aee04de2178
processName = WINLOGON.EXE File Size = 502272 File Path = \??\C:\WINDOWS\system32\winlogon.exe ModuleMD5 = 01c3346c241652f43aed8e2149881bfe
processName = SERVICES.EXE File Size = 108032 File Path = C:\WINDOWS\system32\services.exe ModuleMD5 = c6ce6eec82f187615d1002bb3bb50ed4
processName = LSASS.EXE File Size = 13312 File Path = C:\WINDOWS\system32\lsass.exe ModuleMD5 = 84885f9b82f4d55c6146ebf6065d75d2
processName = ATI2EVXX.EXE File Size = 430080 File Path = C:\WINDOWS\system32\Ati2evxx.exe ModuleMD5 = f57801f641e6df9f4fd4b29d6deb422c
processName = SVCHOST.EXE File Size = 14336 File Path = C:\WINDOWS\system32\svchost.exe ModuleMD5 = 8f078ae4ed187aaabc0a305146de6716
processName = MSMPENG.EXE File Size = 13592 File Path = C:\Program Files\Windows Defender\MsMpEng.exe ModuleMD5 = f45dd1e1365d857dd08bc23563370d0e
processName = SVCHOST.EXE File Size = 14336 File Path = C:\WINDOWS\System32\svchost.exe ModuleMD5 = 8f078ae4ed187aaabc0a305146de6716
processName = ATI2EVXX.EXE File Size = 430080 File Path = C:\WINDOWS\system32\Ati2evxx.exe ModuleMD5 = f57801f641e6df9f4fd4b29d6deb422c
processName = SPOOLSV.EXE File Size = 57856 File Path = C:\WINDOWS\system32\spoolsv.exe ModuleMD5 = da81ec57acd4cdc3d4c51cf3d409af9f
processName = AOLACSD.EXE File Size = 46640 File Path = C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe ModuleMD5 = 85180cf88c5ebad73b452a43a004ca51
processName = AVGAMSVR.EXE File Size = 343552 File Path = C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe ModuleMD5 = dd4db777d2ba1e475f75015b90557795
processName = AVGUPSVC.EXE File Size = 49664 File Path = C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe ModuleMD5 = 30a14f65db477dc00a64a5a24e96919c
processName = AVGEMC.EXE File Size = 323072 File Path = C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe ModuleMD5 = 4bb306ae21b59085d49cca16ea7dad18
processName = SVCHOST.EXE File Size = 14336 File Path = C:\WINDOWS\System32\svchost.exe ModuleMD5 = 8f078ae4ed187aaabc0a305146de6716
processName = WANMPSVC.EXE File Size = 65536 File Path = C:\WINDOWS\wanmpsvc.exe ModuleMD5 = eb9a99ab5d17b1727034ff191e6448d7
processName = EXPLORER.EXE File Size = 1032192 File Path = C:\WINDOWS\Explorer.EXE ModuleMD5 = a0732187050030ae399b241436565e64
processName = AVGCC.EXE File Size = 406016 File Path = C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe ModuleMD5 = ed0163acdb2834ac8f53b3265671fb1a
processName = AOLSOFTWARE.EXE File Size = 50736 File Path = C:\Program Files\Common Files\AOL\1126634133\ee\AOLSoftware.exe ModuleMD5 = c482c535cbfefe722ec1eb7f11f680a3
processName = LCDMON.EXE File Size = 188928 File Path = C:\Program Files\Logitech\G-series Software\LCDMon.exe ModuleMD5 = 4b7f52213675e4ddf9065ebcf3bf7e2e
processName = LOGITRAY.EXE File Size = 217088 File Path = C:\Program Files\Logitech\Video\LogiTray.exe ModuleMD5 = 2d3bcca5c7ca55fedd60e3336d3a92af
processName = CLI.EXE File Size = 45056 File Path = C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE ModuleMD5 = 64c4c17bf6a40ff1cd21205e6fd415b8
processName = LVCOMSX.EXE File Size = 221184 File Path = C:\WINDOWS\system32\LVCOMSX.EXE ModuleMD5 = 5ba8a7da5d0573f7923e02b260aad2f1
processName = LCDMEDIA.EXE File Size = 138752 File Path = C:\Program Files\Logitech\G-series Software\Applets\LCDMedia.exe ModuleMD5 = e96c33fb1318a96f7c687f4085238936
processName = LCDCLOCK.EXE File Size = 53248 File Path = C:\Program Files\Logitech\G-series Software\Applets\LCDClock.exe ModuleMD5 = 6efab5aa63aba6d446ea7309d7d25f1a
processName = MSASCUI.EXE File Size = 866584 File Path = C:\Program Files\Windows Defender\MSASCui.exe ModuleMD5 = 77c03bf23ae56b0a31ae4d5bb4b3d0ac
processName = JUSCHED.EXE File Size = 77824 File Path = C:\Program Files\Java\jre1.6.0\bin\jusched.exe ModuleMD5 = ab74aa8defc1ca82759788a55b673629
processName = CTFMON.EXE File Size = 15360 File Path = C:\WINDOWS\system32\ctfmon.exe ModuleMD5 = 24232996a38c0b0cf151c2140ae29fc8
processName = FXSVR2.EXE File Size = 192512 File Path = C:\Program Files\Logitech\Video\FxSvr2.exe ModuleMD5 = 1b11c113dc4383c6c07a45bffbdc7d63
processName = CLI.EXE File Size = 45056 File Path = C:\Program Files\ATI Technologies\ATI.ACE\cli.exe ModuleMD5 = 64c4c17bf6a40ff1cd21205e6fd415b8
processName = STEAM.EXE File Size = 1269760 File Path = C:\Program Files\Valve\Steam\Steam.exe ModuleMD5 = 63fddd536e2798ba840ff723d7e2a17b
processName = VENTRILO.EXE File Size = 983040 File Path = C:\Program Files\Ventrilo\Ventrilo.exe ModuleMD5 = 97ff7619c235c7d79ba2ba335c0be8ad
processName = MIRC.EXE File Size = 2109440 File Path = C:\Program Files\mIRC\mirc.exe ModuleMD5 = 222c98f9faf7a0b283fd0736f0ab6c1a
processName = WEmail RemovedEXE File Size = 37464 File Path = C:\Program Files\America Online 9.0\wEmail Removedexe ModuleMD5 = 7fab3c273c8214d517bdd0cbd2ba1815
processName = SHELLMON.EXE File Size = 54872 File Path = C:\Program Files\America Online 9.0\shellmon.exe ModuleMD5 = f093707c39b3b38653cdb94c85a80772
processName = SPYHUNTER.EXE File Size = 2482176 File Path = C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter.exe ModuleMD5 = 146e80454798088ce29eff0254637ceb
###########################REGISTRY MD5 DATA###########################
<HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN>
Name=AVG7_CC Data=C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP FileSize = 406016 MD5=ed0163acdb2834ac8f53b3265671fb1a
Name= Data= FileSize = MD5=
Name=Adobe Photo Downloader Data="C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" FileSize = 57344 MD5=617fa5be646b5e8d6670fd4710acd2d3
Name=AOL Spyware Protection Data="C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe" FileSize = MD5=********************************
Name=AOLDialer Data=C:\Program Files\Common Files\AOL\ACS\AOLDial.exe FileSize = 71216 MD5=b9b78f0d9aebca8f717680fbabbb5ff4
Name=ATICCC Data="C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe" FileSize = 90112 MD5=0dc2e1b6951bd2170bc47f0eebf629b3
Name=HostManager Data=C:\Program Files\Common Files\AOL\1126634133\ee\AOLSoftware.exe FileSize = 50736 MD5=c482c535cbfefe722ec1eb7f11f680a3
Name=Launch LCDMon Data="C:\Program Files\Logitech\G-series Software\LCDMon.exe" FileSize = 188928 MD5=4b7f52213675e4ddf9065ebcf3bf7e2e
Name=Launch LGDCore Data="C:\Program Files\Logitech\G-series Software\LGDCore.exe" /SHOWHIDE FileSize = 1110079 MD5=a1272b7be3a04dc6dc43cf2461ad7c0f
Name=Logitech Hardware Abstraction Layer Data="C:\Program Files\Common Files\Logitech\khalshared\KHALMNPR.EXE" FileSize = 94208 MD5=cacd213e5a959fdf4f8232a6b34fad43
Name=LogitechVideoRepair Data=C:\Program Files\Logitech\Video\ISStart.exe FileSize = 458752 MD5=3c0ee706ceb7e9a154bf8e7749ca5a91
Name=LogitechVideoTray Data=C:\Program Files\Logitech\Video\LogiTray.exe FileSize = 217088 MD5=2d3bcca5c7ca55fedd60e3336d3a92af
Name=LVCOMSX Data=C:\WINDOWS\system32\LVCOMSX.EXE FileSize = 221184 MD5=5ba8a7da5d0573f7923e02b260aad2f1
Name=NeroFilterCheck Data=C:\WINDOWS\system32\NeroCheck.exe FileSize = 155648 MD5=3e4c03cefad8de135263236b61a49c90
Name=SoundMan Data=SOUNDMAN.EXE FileSize = 77824 MD5=5077f7f5841a0cac7d468818c7596624
Name=Kernel and Hardware Abstraction Layer Data=KHALMNPR.EXE FileSize = 94208 MD5=cacd213e5a959fdf4f8232a6b34fad43
Name=Windows Defender Data="C:\Program Files\Windows Defender\MSASCui.exe" -hide FileSize = 866584 MD5=77c03bf23ae56b0a31ae4d5bb4b3d0ac
Name=SunJavaUpdateSched Data="C:\Program Files\Java\jre1.6.0\bin\jusched.exe" FileSize = 77824 MD5=ab74aa8defc1ca82759788a55b673629
Name=SpyHunter Data=C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter.exe
FileSize = 2482176 MD5=146e80454798088ce29eff0254637ceb
<HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNONCEEX>
<HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNONCE>
<HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN>
Name=Steam Data="c:\program files\valve\steam\steam.exe" -silent FileSize = 1269760 MD5=63fddd536e2798ba840ff723d7e2a17b
Name=ctfmon.exe Data=C:\WINDOWS\system32\ctfmon.exe FileSize = 15360 MD5=24232996a38c0b0cf151c2140ae29fc8
Name= Data=
FileSize = MD5=
<HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNONCE>
Name=FlashPlayerUpdate Data=C:\WINDOWS\system32\Macromed\Flash\GetFlash.exe
FileSize = 128648 MD5=a792b3e682e05f70ca1ee1d4fd635ec8
<HKEY_USERS\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN>
Name=AVG7_Run Data=C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE
FileSize = 146432 MD5=98f7c449d7c48666c367364655801a37
<HKEY_USERS\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNONCE>
<HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWSNT\CURRENTVERSION\WINDOWS\APPINIT_DLLS>
<HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER\RUN>
<HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWSNT\CURRENTVERSION\WINLOGON\SHELL>
Explorer.exe FileSize = 1032192 MD5=a0732187050030ae399b241436565e64
<HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWSNT\CURRENTVERSION\WINLOGON\USERINIT>
C:\WINDOWS\system32\userinit.exe, FileSize = 24576 MD5=39b1ffb03c2296323832acbae50d2aff
#############################FILE MD5 DATA#############################
<C:\Documents and Settings\Randy\Start Menu\Programs\Startup>
File Path = C:\Documents and Settings\Randy\Start Menu\Programs\Startup\desktop.ini File Size = 4096 md5=d6a6856702e3f0953e7246a9b4a9fe35
#############################SERVICES DATA#############################
Service Name = ALG Service Display Name = Application Layer Gateway Service Opened = YES Status = Running Query = SUCCESS Service Type = 16 Service Start Type = 3 Service Error Control = 1 Service Binary Path = C:\WINDOWS\System32\alg.exe Binary Size = 44544 Binary MD5 = f1958fbf86d5c004cf19a5951a9514b7
Service Name = AOL ACS Service Display Name = AOL Connectivity Service Opened = YES Status = Running Query = SUCCESS Service Type = 272 Service Start Type = 2 Service Error Control = 1 Service Binary Path = "C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe" Binary Size = 0 Binary MD5 =
Service Name = Ati HotKey Poller Service Display Name = Ati HotKey Poller Opened = YES Status = Running Query = SUCCESS Service Type = 272 Service Start Type = 2 Service Error Control = 1 Service Binary Path = C:\WINDOWS\system32\Ati2evxx.exe Binary Size = 430080 Binary MD5 = f57801f641e6df9f4fd4b29d6deb422c
Service Name = AudioSrv Service Display Name = Windows Audio Opened = YES Status = Running Query = SUCCESS Service Type = 32 Service Start Type = 2 Service Error Control = 1 Service Binary Path = C:\WINDOWS\System32\svchost.exe -k netsvcs Binary Size = 0 Binary MD5 =
Service Name = Avg7Alrt Service Display Name = AVG7 Alert Manager Server Opened = YES Status = Running Query = SUCCESS Service Type = 272 Service Start Type = 2 Service Error Control = 1 Service Binary Path = C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe Binary Size = 343552 Binary MD5 = dd4db777d2ba1e475f75015b90557795
Service Name = Avg7UpdSvc Service Display Name = AVG7 Update Service Opened = YES Status = Running Query = SUCCESS Service Type = 16 Service Start Type = 2 Service Error Control = 1 Service Binary Path = C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe Binary Size = 49664 Binary MD5 = 30a14f65db477dc00a64a5a24e96919c
Service Name = AVGEMS Service Display Name = AVG E-mail Scanner Opened = YES Status = Running Query = SUCCESS Service Type = 272 Service Start Type = 2 Service Error Control = 1 Service Binary Path = C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe Binary Size = 323072 Binary MD5 = 4bb306ae21b59085d49cca16ea7dad18
Service Name = BITS Service Display Name = Background Intelligent Transfer Service Opened = YES Status = Running Query = SUCCESS Service Type = 32 Service Start Type = 3 Service Error Control = 1 Service Binary Path = C:\WINDOWS\System32\svchost.exe -k netsvcs Binary Size = 0 Binary MD5 =
Service Name = CryptSvc Service Display Name = Cryptographic Services Opened = YES Status = Running Query = SUCCESS Service Type = 32 Service Start Type = 2 Service Error Control = 1 Service Binary Path = C:\WINDOWS\system32\svchost.exe -k netsvcs Binary Size = 0 Binary MD5 =
Service Name = DcomLaunch Service Display Name = DCOM Server Process Launcher Opened = YES Status = Running Query = SUCCESS Service Type = 32 Service Start Type = 2 Service Error Control = 1 Service Binary Path = C:\WINDOWS\system32\svchost -k DcomLaunch Binary Size = 0 Binary MD5 =
Service Name = Dhcp Service Display Name = DHCP Client Opened = YES Status = Running Query = SUCCESS Service Type = 32 Service Start Type = 2 Service Error Control = 1 Service Binary Path = C:\WINDOWS\System32\svchost.exe -k netsvcs Binary Size = 0 Binary MD5 =
Service Name = Dnscache Service Display Name = DNS Client Opened = YES Status = Running Query = SUCCESS Service Type = 32 Service Start Type = 2 Service Error Control = 1 Service Binary Path = C:\WINDOWS\System32\svchost.exe -k NetworkService Binary Size = 0 Binary MD5 =
Service Name = ERSvc Service Display Name = Error Reporting Service Opened = YES Status = Running Query = SUCCESS Service Type = 32 Service Start Type = 2 Service Error Control = 0 Service Binary Path = C:\WINDOWS\System32\svchost.exe -k netsvcs Binary Size = 0 Binary MD5 =
Service Name = Eventlog Service Display Name = Event Log Opened = YES Status = Running Query = SUCCESS Service Type = 32 Service Start Type = 2 Service Error Control = 1 Service Binary Path = C:\WINDOWS\system32\services.exe Binary Size = 108032 Binary MD5 = c6ce6eec82f187615d1002bb3bb50ed4
Service Name = EventSystem Service Display Name = COM+ Event System Opened = YES Status = Running Query = SUCCESS Service Type = 32 Service Start Type = 3 Service Error Control = 1 Service Binary Path = C:\WINDOWS\System32\svchost.exe -k netsvcs Binary Size = 0 Binary MD5 =
Service Name = FastUserSwitchingCompatibility Service Display Name = Fast User Switching Compatibility Opened = YES Status = Running Query = SUCCESS Service Type = 32 Service Start Type = 3 Service Error Control = 1 Service Binary Path = C:\WINDOWS\System32\svchost.exe -k netsvcs Binary Size = 0 Binary MD5 =
Service Name = helpsvc Service Display Name = Help and Support Opened = YES Status = Running Query = SUCCESS Service Type = 32 Service Start Type = 2 Service Error Control = 1 Service Binary Path = C:\WINDOWS\System32\svchost.exe -k netsvcs Binary Size = 0 Binary MD5 =
Service Name = HidServ Service Display Name = HID Input Service Opened = YES Status = Running Query = SUCCESS Service Type = 32 Service Start Type = 2 Service Error Control = 1 Service Binary Path = C:\WINDOWS\System32\svchost.exe -k netsvcs Binary Size = 0 Binary MD5 =
Service Name = LmHosts Service Display Name = TCP/IP NetBIOS Helper Opened = YES Status = Running Query = SUCCESS Service Type = 32 Service Start Type = 2 Service Error Control = 1 Service Binary Path = C:\WINDOWS\System32\svchost.exe -k LocalService Binary Size = 0 Binary MD5 =
Service Name = Netman Service Display Name = Network Connections Opened = YES Status = Running Query = SUCCESS Service Type = 288 Service Start Type = 3 Service Error Control = 1 Service Binary Path = C:\WINDOWS\System32\svchost.exe -k netsvcs Binary Size = 0 Binary MD5 =
Service Name = Nla Service Display Name = Network Location Awareness (NLA) Opened = YES Status = Running Query = SUCCESS Service Type = 32 Service Start Type = 3 Service Error Control = 1 Service Binary Path = C:\WINDOWS\System32\svchost.exe -k netsvcs Binary Size = 0 Binary MD5 =
Service Name = NwSapAgent Service Display Name = SAP Agent Opened = YES Status = Running Query = SUCCESS Service Type = 32 Service Start Type = 2 Service Error Control = 1 Service Binary Path = C:\WINDOWS\system32\svchost.exe -k netsvcs Binary Size = 0 Binary MD5 =
Service Name = PlugPlay Service Display Name = Plug and Play Opened = YES Status = Running Query = SUCCESS Service Type = 32 Service Start Type = 2 Service Error Control = 1 Service Binary Path = C:\WINDOWS\system32\services.exe Binary Size = 108032 Binary MD5 = c6ce6eec82f187615d1002bb3bb50ed4
Service Name = ProtectedStorage Service Display Name = Protected Storage Opened = YES Status = Running Query = SUCCESS Service Type = 288 Service Start Type = 2 Service Error Control = 1 Service Binary Path = C:\WINDOWS\system32\lsass.exe Binary Size = 13312 Binary MD5 = 84885f9b82f4d55c6146ebf6065d75d2
Service Name = RasMan Service Display Name = Remote Access Connection Manager Opened = YES Status = Running Query = SUCCESS Service Type = 32 Service Start Type = 3 Service Error Control = 1 Service Binary Path = C:\WINDOWS\System32\svchost.exe -k netsvcs Binary Size = 0 Binary MD5 =
Service Name = RpcSs Service Display Name = Remote Procedure Call (RPC) Opened = YES Status = Running Query = SUCCESS Service Type = 32 Service Start Type = 2 Service Error Control = 1 Service Binary Path = C:\WINDOWS\system32\svchost -k rpcss Binary Size = 0 Binary MD5 =
Service Name = SamSs Service Display Name = Security Accounts Manager Opened = YES Status = Running Query = SUCCESS Service Type = 32 Service Start Type = 2 Service Error Control = 1 Service Binary Path = C:\WINDOWS\system32\lsass.exe Binary Size = 13312 Binary MD5 = 84885f9b82f4d55c6146ebf6065d75d2
Service Name = Schedule Service Display Name = Task Scheduler Opened = YES Status = Running Query = SUCCESS Service Type = 288 Service Start Type = 2 Service Error Control = 1 Service Binary Path = C:\WINDOWS\System32\svchost.exe -k netsvcs Binary Size = 0 Binary MD5 =
Service Name = seclogon Service Display Name = Secondary Logon Opened = YES Status = Running Query = SUCCESS Service Type = 288 Service Start Type = 2 Service Error Control = 0 Service Binary Path = C:\WINDOWS\System32\svchost.exe -k netsvcs Binary Size = 0 Binary MD5 =
Service Name = SENS Service Display Name = System Event Notification Opened = YES Status = Running Query = SUCCESS Service Type = 32 Service Start Type = 2 Service Error Control = 1 Service Binary Path = C:\WINDOWS\system32\svchost.exe -k netsvcs Binary Size = 0 Binary MD5 =
Service Name = SharedAccess Service Display Name = Windows Firewall/Internet Connection Sharing (ICS) Opened = YES Status = Running Query = SUCCESS Service Type = 32 Service Start Type = 2 Service Error Control = 1 Service Binary Path = C:\WINDOWS\System32\svchost.exe -k netsvcs Binary Size = 0 Binary MD5 =
Service Name = ShellHWDetection Service Display Name = Shell Hardware Detection Opened = YES Status = Running Query = SUCCESS Service Type = 32 Service Start Type = 2 Service Error Control = 0 Service Binary Path = C:\WINDOWS\System32\svchost.exe -k netsvcs Binary Size = 0 Binary MD5 =
Service Name = Spooler Service Display Name = Print Spooler Opened = YES Status = Running Query = SUCCESS Service Type = 272 Service Start Type = 2 Service Error Control = 1 Service Binary Path = C:\WINDOWS\system32\spoolsv.exe Binary Size = 57856 Binary MD5 = da81ec57acd4cdc3d4c51cf3d409af9f
Service Name = srservice Service Display Name = System Restore Service Opened = YES Status = Running Query = SUCCESS Service Type = 32 Service Start Type = 2 Service Error Control = 1 Service Binary Path = C:\WINDOWS\System32\svchost.exe -k netsvcs Binary Size = 0 Binary MD5 =
Service Name = stisvc Service Display Name = Windows Image Acquisition (WIA) Opened = YES Status = Running Query = SUCCESS Service Type = 32 Service Start Type = 2 Service Error Control = 1 Service Binary Path = C:\WINDOWS\System32\svchost.exe -k imgsvc Binary Size = 0 Binary MD5 =
Service Name = TapiSrv Service Display Name = Telephony Opened = YES Status = Running Query = SUCCESS Service Type = 32 Service Start Type = 3 Service Error Control = 1 Service Binary Path = C:\WINDOWS\System32\svchost.exe -k netsvcs Binary Size = 0 Binary MD5 =
Service Name = TermService Service Display Name = Terminal Services Opened = YES Status = Running Query = SUCCESS Service Type = 32 Service Start Type = 3 Service Error Control = 1 Service Binary Path = C:\WINDOWS\System32\svchost -k DComLaunch Binary Size = 0 Binary MD5 =
Service Name = Themes Service Display Name = Themes Opened = YES Status = Running Query = SUCCESS Service Type = 32 Service Start Type = 2 Service Error Control = 1 Service Binary Path = C:\WINDOWS\System32\svchost.exe -k netsvcs Binary Size = 0 Binary MD5 =
Service Name = TrkWks Service Display Name = Distributed Link Tracking Client Opened = YES Status = Running Query = SUCCESS Service Type = 32 Service Start Type = 2 Service Error Control = 1 Service Binary Path = C:\WINDOWS\system32\svchost.exe -k netsvcs Binary Size = 0 Binary MD5 =
Service Name = W32Time Service Display Name = Windows Time Opened = YES Status = Running Query = SUCCESS Service Type = 32 Service Start Type = 2 Service Error Control = 1 Service Binary Path = C:\WINDOWS\System32\svchost.exe -k netsvcs Binary Size = 0 Binary MD5 =
Service Name = WANMiniportService Service Display Name = WAN Miniport (ATW) Service Opened = YES Status = Running Query = SUCCESS Service Type = 16 Service Start Type = 2 Service Error Control = 0 Service Binary Path = "C:\WINDOWS\wanmpsvc.exe" Binary Size = 0 Binary MD5 =
Service Name = WebClient Service Display Name = WebClient Opened = YES Status = Running Query = SUCCESS Service Type = 32 Service Start Type = 2 Service Error Control = 1 Service Binary Path = C:\WINDOWS\System32\svchost.exe -k LocalService Binary Size = 0 Binary MD5 =
Service Name = WinDefend Service Display Name = Windows Defender Opened = YES Status = Running Query = SUCCESS Service Type = 16 Service Start Type = 2 Service Error Control = 1 Service Binary Path = "C:\Program Files\Windows Defender\MsMpEng.exe" Binary Size = 0 Binary MD5 =
Service Name = winmgmt Service Display Name = Windows Management Instrumentation Opened = YES Status = Running Query = SUCCESS Service Type = 32 Service Start Type = 2 Service Error Control = 0 Service Binary Path = C:\WINDOWS\system32\svchost.exe -k netsvcs Binary Size = 0 Binary MD5 =
Service Name = wscsvc Service Display Name = Security Center Opened = YES Status = Running Query = SUCCESS Service Type = 32 Service Start Type = 2 Service Error Control = 1 Service Binary Path = C:\WINDOWS\System32\svchost.exe -k netsvcs Binary Size = 0 Binary MD5 =
Service Name = wuauserv Service Display Name = Automatic Updates Opened = YES Status = Running Query = SUCCESS Service Type = 32 Service Start Type = 2 Service Error Control = 1 Service Binary Path = C:\WINDOWS\system32\svchost.exe -k netsvcs Binary Size = 0 Binary MD5 =
Service Name = WZCSVC Service Display Name = Wireless Zero Configuration Opened = YES Status = Running Query = SUCCESS Service Type = 32 Service Start Type = 2 Service Error Control = 1 Service Binary Path = C:\WINDOWS\System32\svchost.exe -k netsvcs Binary Size = 0 Binary MD5 =
#############################WINLOGON DATA#############################
<HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWSNT\CURRENTVERSION\WINLOGON\NOTIFY>
Subkey Name = Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent Filepath = C:\WINDOWS\system32\Ati2evxx.dll File Size = 90112 File MD5 = 459333cbac9502cb1b85272b1b80e5dc
Subkey Name = Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain Filepath = C:\WINDOWS\system32\crypt32.dll File Size = 597504 File MD5 = efc958396a7a7ef7e6d4a52b97512e18
Subkey Name = Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet Filepath = C:\WINDOWS\system32\cryptnet.dll File Size = 63488 File MD5 = cad4aa32e7eca00c23cc39c0eb833f9d
Subkey Name = Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll Filepath = C:\WINDOWS\system32\cscdll.dll File Size = 101888 File MD5 = 587729679b4fe04ce06a5c61d6c56dcd
Subkey Name = Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp Filepath = C:\WINDOWS\system32\wlnotify.dll File Size = 92672 File MD5 = a599e5e366c1408e48aa5d37882d4e3e
Subkey Name = Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule Filepath = C:\WINDOWS\system32\wlnotify.dll File Size = 92672 File MD5 = a599e5e366c1408e48aa5d37882d4e3e
Subkey Name = Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy Filepath = C:\WINDOWS\system32\sclgntfy.dll File Size = 20992 File MD5 = d636fa41e50671160d838ea2dace3330
Subkey Name = Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn Filepath = C:\WINDOWS\system32\WlNotify.dll File Size = 92672 File MD5 = a599e5e366c1408e48aa5d37882d4e3e
Subkey Name = Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv Filepath = C:\WINDOWS\system32\wlnotify.dll File Size = 92672 File MD5 = a599e5e366c1408e48aa5d37882d4e3e
Subkey Name = Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon Filepath = C:\WINDOWS\system32\WgaLogon.dll File Size = 702768 File MD5 = 147429092c26d18af550790ac102f32a
Subkey Name = Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon Filepath = C:\WINDOWS\system32\wlnotify.dll File Size = 92672 File MD5 = a599e5e366c1408e48aa5d37882d4e3e
##########################BROWSER ADD-ON DATA##########################
<HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Explorer Bars>
CLSID = {4D5C8C25-D075-11d0-B416-00C04FB90376} FilePath = C:\WINDOWS\System32\shdocvw.dll File Size = 1497088 File MD5 = 559b2d22a1ee947a7eaed530c7ff9320
CLSID = {FE54FA40-D68C-11d2-98FA-00C0F0318AFE} FilePath = C:\WINDOWS\System32\Shdocvw.dll File Size = 1497088 File MD5 = 559b2d22a1ee947a7eaed530c7ff9320
<HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Explorer Bars>
CLSID = {21569614-B795-46B1-85F4-E737A8DC09AD} FilePath = C:\WINDOWS\system32\browseui.dll File Size = 1022976 File MD5 = b99ff349bf53bd91fbddcd6b1ede8980
CLSID = {30D02401-6A81-11D0-8274-00C04FD5AE38} FilePath = C:\WINDOWS\system32\ieframe.dll File Size = 6049280 File MD5 = 914f39ef1d068737012ff7f90025f848
CLSID = {32683183-48a0-441b-a342-7c2a440a9478} FilePath = File Size = 0 File MD5 =
CLSID = {C4EE31F3-4768-11D2-BE5C-00A0C9A83DA1} FilePath = C:\WINDOWS\system32\SHELL32.dll File Size = 8453632 File MD5 = f056b4771408966694de5d9bf79b48f8
CLSID = {EFA24E61-B078-11D0-89E4-00C04FC9E26E} FilePath = C:\WINDOWS\System32\shdocvw.dll File Size = 1497088 File MD5 = 559b2d22a1ee947a7eaed530c7ff9320
CLSID = {EFA24E62-B078-11D0-89E4-00C04FC9E26E} FilePath = C:\WINDOWS\System32\shdocvw.dll File Size = 1497088 File MD5 = 559b2d22a1ee947a7eaed530c7ff9320
CLSID = {EFA24E64-B078-11D0-89E4-00C04FC9E26E} FilePath = C:\WINDOWS\System32\shdocvw.dll File Size = 1497088 File MD5 = 559b2d22a1ee947a7eaed530c7ff9320
<HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects>
CLSID = {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} FilePath = C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll File Size = 63128 File MD5 = f17b2b264072b921fc66a0be16626bab
CLSID = {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} FilePath = C:\Program Files\Java\jre1.6.0\bin\ssv.dll File Size = 501384 File MD5 = 55a2f8ae42c4b347173f1aede5061be3
<HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Extensions>
CLSID = CmdMapping FilePath = File Size = 0 File MD5 =
CLSID = {08B0E5C0-4FCB-11CF-AAA5-00401C608501} FilePath = File Size = 0 File MD5 =
CLSID = {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} FilePath = File Size = 0 File MD5 =
CLSID = {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} FilePath = File Size = 0 File MD5 =
CLSID = {e2e2dd38-d088-4134-82b7-f2ba38496583} FilePath = File Size = 0 File MD5 =
CLSID = {FB5F1910-F110-11d2-BB9E-00C04F795683} FilePath = File Size = 0 File MD5 =
<HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions>
CLSID = CmdMapping FilePath = File Size = 0 File MD5 =
<HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks>
CLSID = {CFBFAE00-17A6-11D0-99CB-00C04FD64497} FilePath = C:\WINDOWS\system32\ieframe.dll File Size = 6049280 File MD5 = 914f39ef1d068737012ff7f90025f848 Description =
<HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler>
CLSID = {438755C2-A8BA-11D1-B96B-00A0C90312E1} FilePath = C:\WINDOWS\System32\browseui.dll File Size = 1022976 File MD5 = b99ff349bf53bd91fbddcd6b1ede8980 Description = Browseui preloader
CLSID = {8C7461EF-2B13-11d2-BE35-3078302C2030} FilePath = C:\WINDOWS\System32\browseui.dll File Size = 1022976 File MD5 = b99ff349bf53bd91fbddcd6b1ede8980 Description = Component Categories cache daemon
##########################LSP CHAIN DATA##########################
<HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WINSOCK2\PARAMETERS>
Sequence Num = SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries00000000001 Filepath = C:\WINDOWS\system32\mswsock.dll File Size = 245248 File MD5 = 4e74af063c3271fbea20dd940cfd1184
Sequence Num = SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries00000000002 Filepath = C:\WINDOWS\system32\mswsock.dll File Size = 245248 File MD5 = 4e74af063c3271fbea20dd940cfd1184
Sequence Num = SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries00000000003 Filepath = C:\WINDOWS\system32\mswsock.dll File Size = 245248 File MD5 = 4e74af063c3271fbea20dd940cfd1184
Sequence Num = SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries00000000004 Filepath = C:\WINDOWS\system32\rsvpsp.dll File Size = 90112 File MD5 = 90491683abd587c702b16f181ab0d99d
Sequence Num = SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries00000000005 Filepath = C:\WINDOWS\system32\rsvpsp.dll File Size = 90112 File MD5 = 90491683abd587c702b16f181ab0d99d
Sequence Num = SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries00000000006 Filepath = C:\WINDOWS\system32\mswsock.dll File Size = 245248 File MD5 = 4e74af063c3271fbea20dd940cfd1184
Sequence Num = SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries00000000007 Filepath = C:\WINDOWS\system32\mswsock.dll File Size = 245248 File MD5 = 4e74af063c3271fbea20dd940cfd1184
Sequence Num = SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries00000000008 Filepath = C:\WINDOWS\system32\mswsock.dll File Size = 245248 File MD5 = 4e74af063c3271fbea20dd940cfd1184
Sequence Num = SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries00000000009 Filepath = C:\WINDOWS\system32\mswsock.dll File Size = 245248 File MD5 = 4e74af063c3271fbea20dd940cfd1184
Sequence Num = SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries00000000010 Filepath = C:\WINDOWS\system32\mswsock.dll File Size = 245248 File MD5 = 4e74af063c3271fbea20dd940cfd1184
Sequence Num = SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries00000000011 Filepath = C:\WINDOWS\system32\mswsock.dll File Size = 245248 File MD5 = 4e74af063c3271fbea20dd940cfd1184
Sequence Num = SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries00000000012 Filepath = C:\WINDOWS\system32\mswsock.dll File Size = 245248 File MD5 = 4e74af063c3271fbea20dd940cfd1184
Sequence Num = SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries00000000013 Filepath = C:\WINDOWS\system32\mswsock.dll File Size = 245248 File MD5 = 4e74af063c3271fbea20dd940cfd1184
Sequence Num = SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries00000000014 Filepath = C:\WINDOWS\system32\mswsock.dll File Size = 245248 File MD5 = 4e74af063c3271fbea20dd940cfd1184
Sequence Num = SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries00000000015 Filepath = C:\WINDOWS\system32\mswsock.dll File Size = 245248 File MD5 = 4e74af063c3271fbea20dd940cfd1184
Sequence Num = SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries00000000016 Filepath = C:\WINDOWS\system32\mswsock.dll File Size = 245248 File MD5 = 4e74af063c3271fbea20dd940cfd1184
Sequence Num = SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries00000000017 Filepath = C:\WINDOWS\system32\mswsock.dll File Size = 245248 File MD5 = 4e74af063c3271fbea20dd940cfd1184
Sequence Num = SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries00000000018 Filepath = C:\WINDOWS\system32\mswsock.dll File Size = 245248 File MD5 = 4e74af063c3271fbea20dd940cfd1184
##########################UNINSTALL DATA##########################
<HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL>
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\Ad-Aware SE Personal DisplayName = Ad-Aware SE Personal
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\AdobeESD DisplayName = Adobe Download Manager 2.0 (Remove Only)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\All ATI Software DisplayName = ATI - Software Uninstall Utility InstallLocation = C:\Program Files\ATI Technologies\UninstallAll
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\AOL Explorer DisplayName = AOL Explorer
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\AOL Instant Messenger DisplayName = AOL Instant Messenger
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\AOL Uninstaller DisplayName = AOL Uninstaller (Choose which Products to Remove)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\AOL YGP Screensaver DisplayName = AOL You've Got Pictures Screensaver
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\AolCoach2_en DisplayName = AOL Coach Version 2.0(Build:20041026.5 en)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\ATI Display Driver DisplayName = ATI Display Driver
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\AVG7Uninstall DisplayName = AVG Free Edition
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\BackWeb-8876480 Uninstaller
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\Branding
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\CheckIt Diagnostics DisplayName = CheckIt Diagnostics
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\CleanUp! DisplayName = CleanUp!
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\Connection Manager
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\DirectDrawEx
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\DODC
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\FileZilla DisplayName = FileZilla (remove only)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\Fontcore
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\HijackThis DisplayName = HijackThis 1.99.1
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\HLSW_is1 DisplayName = HLSW v1.0.0.48 InstallLocation = C:\Program Files\HLSW\
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\IDNMitigationAPIs DisplayName = Microsoft Internationalized Domain Names Mitigation APIs
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\IE40
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\IE4Data
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\IE5BAKEX
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\ie7 DisplayName = Windows Internet Explorer 7
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\IEData
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield Uninstall Information
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{F5577101-33CC-4711-8235-3A95BCD49DB0} DisplayName = EA Link InstallLocation = C:\Program Files\Electronic Arts\EA Link\
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\InterActual Player DisplayName = InterActual Player
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB834707 DisplayName = Windows XP Hotfix - KB834707
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB867282 DisplayName = Windows XP Hotfix - KB867282
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB870669 DisplayName = Microsoft Data Access Components KB870669
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB873333 DisplayName = Windows XP Hotfix - KB873333
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB873339 DisplayName = Windows XP Hotfix - KB873339
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB883939 DisplayName = Security Update for Windows XP (KB883939)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB884016
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB884267
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB885250 DisplayName = Windows XP Hotfix - KB885250
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB885353
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB885835 DisplayName = Windows XP Hotfix - KB885835
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB885836 DisplayName = Windows XP Hotfix - KB885836
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB886185 DisplayName = Windows XP Hotfix - KB886185
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB886612
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB887078
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB887472 DisplayName = Windows XP Hotfix - KB887472
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB887626
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB887742 DisplayName = Windows XP Hotfix - KB887742
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB888113 DisplayName = Windows XP Hotfix - KB888113
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB888302 DisplayName = Windows XP Hotfix - KB888302
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB888656
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB889858
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB890046 DisplayName = Security Update for Windows XP (KB890046)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB890047 DisplayName = Windows XP Hotfix - KB890047
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB890175 DisplayName = Windows XP Hotfix - KB890175
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB890859 DisplayName = Windows XP Hotfix - KB890859
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB890923 DisplayName = Windows XP Hotfix - KB890923
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB891122
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB891781 DisplayName = Windows XP Hotfix - KB891781
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB892313
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB893066 DisplayName = Windows XP Hotfix - KB893066
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB893086 DisplayName = Windows XP Hotfix - KB893086
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB893240
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB893241
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB893756 DisplayName = Security Update for Windows XP (KB893756)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB893803 DisplayName = Windows Installer 3.1 (KB893803)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB893803v2 DisplayName = Windows Installer 3.1 (KB893803)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB894391 DisplayName = Update for Windows XP (KB894391)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB895181
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB895316
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB895572
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB896358 DisplayName = Security Update for Windows XP (KB896358)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB896422 DisplayName = Security Update for Windows XP (KB896422)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB896423 DisplayName = Security Update for Windows XP (KB896423)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB896424 DisplayName = Security Update for Windows XP (KB896424)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB896428 DisplayName = Security Update for Windows XP (KB896428)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB896688 DisplayName = Security Update for Windows XP (KB896688)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB896727 DisplayName = Update for Windows XP (KB896727)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB897586
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB898461 DisplayName = Update for Windows XP (KB898461)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB898549
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB899587 DisplayName = Security Update for Windows XP (KB899587)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB899588 DisplayName = Security Update for Windows XP (KB899588)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB899591 DisplayName = Security Update for Windows XP (KB899591)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB900399
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB900485 DisplayName = Update for Windows XP (KB900485)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB900725 DisplayName = Security Update for Windows XP (KB900725)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB901017 DisplayName = Security Update for Windows XP (KB901017)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB901214 DisplayName = Security Update for Windows XP (KB901214)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB902344
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB902400 DisplayName = Security Update for Windows XP (KB902400)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB903235 DisplayName = Security Update for Windows XP (KB903235)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB904706 DisplayName = Security Update for Windows XP (KB904706)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB904942 DisplayName = Update for Windows XP (KB904942)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB905414 DisplayName = Security Update for Windows XP (KB905414)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB905749 DisplayName = Security Update for Windows XP (KB905749)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB905915 DisplayName = Security Update for Windows XP (KB905915)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB907658
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB908519 DisplayName = Security Update for Windows XP (KB908519)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB908531 DisplayName = Security Update for Windows XP (KB908531)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB910437 DisplayName = Update for Windows XP (KB910437)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB911280 DisplayName = Security Update for Windows XP (KB911280)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB911562 DisplayName = Security Update for Windows XP (KB911562)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB911564 DisplayName = Security Update for Windows Media Player (KB911564)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB911565 DisplayName = Security Update for Windows Media Player 10 (KB911565)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB911567 DisplayName = Security Update for Windows XP (KB911567)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB911854
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB911927 DisplayName = Security Update for Windows XP (KB911927)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB912812 DisplayName = Security Update for Windows XP (KB912812)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB912919 DisplayName = Security Update for Windows XP (KB912919)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB913446 DisplayName = Security Update for Windows XP (KB913446)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB913580 DisplayName = Security Update for Windows XP (KB913580)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB914388 DisplayName = Security Update for Windows XP (KB914388)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB914389 DisplayName = Security Update for Windows XP (KB914389)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB914440 DisplayName = Hotfix for Windows XP (KB914440)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB915865 DisplayName = Hotfix for Windows XP (KB915865)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB916281 DisplayName = Security Update for Windows XP (KB916281)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB916595 DisplayName = Update for Windows XP (KB916595)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB917159 DisplayName = Security Update for Windows XP (KB917159)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB917283.T1_1ToU93_1 DisplayName = Security Update for Microsoft .NET Framework 2.0 (KB917283)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB917344 DisplayName = Security Update for Windows XP (KB917344)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB917422 DisplayName = Security Update for Windows XP (KB917422)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB917734_WMP10 DisplayName = Security Update for Windows Media Player 10 (KB917734)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB917953 DisplayName = Security Update for Windows XP (KB917953)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB918439 DisplayName = Security Update for Windows XP (KB918439)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB918899 DisplayName = Security Update for Windows XP (KB918899)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB919007 DisplayName = Security Update for Windows XP (KB919007)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB920213 DisplayName = Security Update for Windows XP (KB920213)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB920214 DisplayName = Security Update for Windows XP (KB920214)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB920670 DisplayName = Security Update for Windows XP (KB920670)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB920683 DisplayName = Security Update for Windows XP (KB920683)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB920685 DisplayName = Security Update for Windows XP (KB920685)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB920872 DisplayName = Update for Windows XP (KB920872)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB921398 DisplayName = Security Update for Windows XP (KB921398)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB921883 DisplayName = Security Update for Windows XP (KB921883)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB922582 DisplayName = Update for Windows XP (KB922582)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB922616 DisplayName = Security Update for Windows XP (KB922616)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB922770.T1_1ToU168_1 DisplayName = Security Update for Microsoft .NET Framework 2.0 (KB922770)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB922819 DisplayName = Security Update for Windows XP (KB922819)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB923191 DisplayName = Security Update for Windows XP (KB923191)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB923414 DisplayName = Security Update for Windows XP (KB923414)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB923689 DisplayName = Security Update for Windows XP (KB923689)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB923694 DisplayName = Security Update for Windows XP (KB923694)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB923980 DisplayName = Security Update for Windows XP (KB923980)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB924191 DisplayName = Security Update for Windows XP (KB924191)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB924270 DisplayName = Security Update for Windows XP (KB924270)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB924496 DisplayName = Security Update for Windows XP (KB924496)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB925398_WMP64 DisplayName = Security Update for Windows Media Player 6.4 (KB925398)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB925486 DisplayName = Security Update for Windows XP (KB925486)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB926239 DisplayName = Hotfix for Windows XP (KB926239)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB926255 DisplayName = Security Update for Windows XP (KB926255)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB929969 DisplayName = Security Update for Windows Internet Explorer 7 (KB929969)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\M886903 DisplayName = Microsoft .NET Framework 1.1 Hotfix (KB886903)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\Microsoft .NET Framework 1.1 (1033) DisplayName = Microsoft .NET Framework 1.1
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\Microsoft .NET Framework 2.0 DisplayName = Microsoft .NET Framework 2.0 InstallLocation = C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\mIRC DisplayName = mIRC
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\MobileOptionPack
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\MPlayer2
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\MSCompPackV1 DisplayName = Microsoft Compression Client Pack 1.0 for Windows XP
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\MSI30-Beta1
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\MSI30-Beta2
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\MSI30-KB884016
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\MSI30-RC1
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\MSI30-RC2
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\MSI30a-KB884016
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\MSI31-Beta
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\MSI31-RC1
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\MSTTS DisplayName = Microsoft Text-to-Speech Engine 4.0 (English)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\Nero - Burning Rom!UninstallKey DisplayName = Nero OEM
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\NLSDownlevelMapping DisplayName = Microsoft National Language Support Downlevel APIs
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\PCHealth
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\QcDrv DisplayName = Logitech® Camera Driver InstallLocation = C:\Program Files\Common Files\Logitech\QCDRV
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\QuickTime DisplayName = QuickTime
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\RealJukebox 1.0
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\RealPlayer 6.0 DisplayName = RealPlayer
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\SchedulingAgent
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\ShockwaveFlash DisplayName = Adobe Flash Player 9 ActiveX
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\Spybot - Search & Destroy_is1 DisplayName = Spybot - Search & Destroy 1.4 InstallLocation = C:\Program Files\Spybot - Search & Destroy\
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\SpywareBlaster_is1 DisplayName = SpywareBlaster v3.5.1 InstallLocation = C:\Program Files\SpywareBlaster\
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\Steam DisplayName = Steam
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\Teamspeak 2 RC2_is1 DisplayName = TeamSpeak 2 RC2
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\tv_enua DisplayName = Lernout & Hauspie TruVoice American English TTS Engine
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\VLC media player DisplayName = VideoLAN VLC media player 0.8.5
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\WGA DisplayName = Windows Genuine Advantage Validation Tool
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\WgaNotify DisplayName = Windows Genuine Advantage Notifications (KB905474)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\Windows Media Format Runtime DisplayName = Windows Media Format 11 runtime
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\Windows Media Player DisplayName = Windows Media Player 11
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\Windows XP Service Pack DisplayName = Windows XP Service Pack 2
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\WMCSetup
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\WMFDist11 DisplayName = Windows Media Format 11 runtime
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\wmp11 DisplayName = Windows Media Player 11
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\Wudf01000 DisplayName = Microsoft User-Mode Driver Framework Feature Pack 1.0
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\{00010409-78E1-11D2-B60F-006097C998E7} DisplayName = Microsoft Office 2000 SR-1 Professional InstallLocation =
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\{00040409-78E1-11D2-B60
-
Well I ran scans using all my other programs and it didn't pick anything up except tracking cookies.
That Spyhunter program said I had 15 items in my registry most of which where identified as Zlob. So I don't know what's up with all that.
-
So what the heck I down loaded that Spyhunter program you have on the website and it says I still have that Zlob trojon. Here's the log from it. I'll also post a hijackthis log after.
What SpyHunter program???
I have the ads neautralized, I DO NOT trust Spyhunter
Read more here, you decide
http://www.spywarewarrior.com/rogue_anti-spyware.htm (http://\"http://www.spywarewarrior.com/rogue_anti-spyware.htm\")
-
Its not neutralized:) And I had a feeling you were going to say that. I didn't trust it either.
Get your bells and whistles here for only 29.00. Classic:) Its a gauranteed peice of crap we promise:) And we have some great swamp land in Florida for you to:)
Anyway, I have work today so I'll be back this afternoon to finish up on that other computer.
Have a good day