« previous next »
Pages: [1]

Author Topic: Spyhunter scan  (Read 555 times)

Offline Mr Bell

  • Sr. Member
  • ****
  • Posts: 300
  • Karma: +0/-0
    • View Profile
Spyhunter scan
« on: January 31, 2007, 01:55:59 PM »
I had nothing better to do today. So what the heck I down loaded that Spyhunter program you have on the website and it says I still have that Zlob trojon. Here's the log from it. I'll also post a hijackthis log after.

 ###########################Runnning Processes DATA###########################
processName = SMSS.EXE   File Size = 50688   File Path = \SystemRoot\System32\smss.exe    ModuleMD5 = bd7fb0957c716f1a60333aee04de2178
processName = WINLOGON.EXE   File Size = 502272   File Path = \??\C:\WINDOWS\system32\winlogon.exe    ModuleMD5 = 01c3346c241652f43aed8e2149881bfe
processName = SERVICES.EXE   File Size = 108032   File Path = C:\WINDOWS\system32\services.exe    ModuleMD5 = c6ce6eec82f187615d1002bb3bb50ed4
processName = LSASS.EXE   File Size = 13312   File Path = C:\WINDOWS\system32\lsass.exe    ModuleMD5 = 84885f9b82f4d55c6146ebf6065d75d2
processName = ATI2EVXX.EXE   File Size = 430080   File Path = C:\WINDOWS\system32\Ati2evxx.exe    ModuleMD5 = f57801f641e6df9f4fd4b29d6deb422c
processName = SVCHOST.EXE   File Size = 14336   File Path = C:\WINDOWS\system32\svchost.exe    ModuleMD5 = 8f078ae4ed187aaabc0a305146de6716
processName = MSMPENG.EXE   File Size = 13592   File Path = C:\Program Files\Windows Defender\MsMpEng.exe    ModuleMD5 = f45dd1e1365d857dd08bc23563370d0e
processName = SVCHOST.EXE   File Size = 14336   File Path = C:\WINDOWS\System32\svchost.exe    ModuleMD5 = 8f078ae4ed187aaabc0a305146de6716
processName = ATI2EVXX.EXE   File Size = 430080   File Path = C:\WINDOWS\system32\Ati2evxx.exe    ModuleMD5 = f57801f641e6df9f4fd4b29d6deb422c
processName = SPOOLSV.EXE   File Size = 57856   File Path = C:\WINDOWS\system32\spoolsv.exe    ModuleMD5 = da81ec57acd4cdc3d4c51cf3d409af9f
processName = AOLACSD.EXE   File Size = 46640   File Path = C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe    ModuleMD5 = 85180cf88c5ebad73b452a43a004ca51
processName = AVGAMSVR.EXE   File Size = 343552   File Path = C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe    ModuleMD5 = dd4db777d2ba1e475f75015b90557795
processName = AVGUPSVC.EXE   File Size = 49664   File Path = C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe    ModuleMD5 = 30a14f65db477dc00a64a5a24e96919c
processName = AVGEMC.EXE   File Size = 323072   File Path = C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe    ModuleMD5 = 4bb306ae21b59085d49cca16ea7dad18
processName = SVCHOST.EXE   File Size = 14336   File Path = C:\WINDOWS\System32\svchost.exe    ModuleMD5 = 8f078ae4ed187aaabc0a305146de6716
processName = WANMPSVC.EXE   File Size = 65536   File Path = C:\WINDOWS\wanmpsvc.exe    ModuleMD5 = eb9a99ab5d17b1727034ff191e6448d7
processName = EXPLORER.EXE   File Size = 1032192   File Path = C:\WINDOWS\Explorer.EXE    ModuleMD5 = a0732187050030ae399b241436565e64
processName = AVGCC.EXE   File Size = 406016   File Path = C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe    ModuleMD5 = ed0163acdb2834ac8f53b3265671fb1a
processName = AOLSOFTWARE.EXE   File Size = 50736   File Path = C:\Program Files\Common Files\AOL\1126634133\ee\AOLSoftware.exe    ModuleMD5 = c482c535cbfefe722ec1eb7f11f680a3
processName = LCDMON.EXE   File Size = 188928   File Path = C:\Program Files\Logitech\G-series Software\LCDMon.exe    ModuleMD5 = 4b7f52213675e4ddf9065ebcf3bf7e2e
processName = LOGITRAY.EXE   File Size = 217088   File Path = C:\Program Files\Logitech\Video\LogiTray.exe    ModuleMD5 = 2d3bcca5c7ca55fedd60e3336d3a92af
processName = CLI.EXE   File Size = 45056   File Path = C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE    ModuleMD5 = 64c4c17bf6a40ff1cd21205e6fd415b8
processName = LVCOMSX.EXE   File Size = 221184   File Path = C:\WINDOWS\system32\LVCOMSX.EXE    ModuleMD5 = 5ba8a7da5d0573f7923e02b260aad2f1
processName = LCDMEDIA.EXE   File Size = 138752   File Path = C:\Program Files\Logitech\G-series Software\Applets\LCDMedia.exe    ModuleMD5 = e96c33fb1318a96f7c687f4085238936
processName = LCDCLOCK.EXE   File Size = 53248   File Path = C:\Program Files\Logitech\G-series Software\Applets\LCDClock.exe    ModuleMD5 = 6efab5aa63aba6d446ea7309d7d25f1a
processName = MSASCUI.EXE   File Size = 866584   File Path = C:\Program Files\Windows Defender\MSASCui.exe    ModuleMD5 = 77c03bf23ae56b0a31ae4d5bb4b3d0ac
processName = JUSCHED.EXE   File Size = 77824   File Path = C:\Program Files\Java\jre1.6.0\bin\jusched.exe    ModuleMD5 = ab74aa8defc1ca82759788a55b673629
processName = CTFMON.EXE   File Size = 15360   File Path = C:\WINDOWS\system32\ctfmon.exe    ModuleMD5 = 24232996a38c0b0cf151c2140ae29fc8
processName = FXSVR2.EXE   File Size = 192512   File Path = C:\Program Files\Logitech\Video\FxSvr2.exe    ModuleMD5 = 1b11c113dc4383c6c07a45bffbdc7d63
processName = CLI.EXE   File Size = 45056   File Path = C:\Program Files\ATI Technologies\ATI.ACE\cli.exe    ModuleMD5 = 64c4c17bf6a40ff1cd21205e6fd415b8
processName = STEAM.EXE   File Size = 1269760   File Path = C:\Program Files\Valve\Steam\Steam.exe    ModuleMD5 = 63fddd536e2798ba840ff723d7e2a17b
processName = VENTRILO.EXE   File Size = 983040   File Path = C:\Program Files\Ventrilo\Ventrilo.exe    ModuleMD5 = 97ff7619c235c7d79ba2ba335c0be8ad
processName = MIRC.EXE   File Size = 2109440   File Path = C:\Program Files\mIRC\mirc.exe    ModuleMD5 = 222c98f9faf7a0b283fd0736f0ab6c1a
processName = WEmail RemovedEXE   File Size = 37464   File Path = C:\Program Files\America Online 9.0\wEmail Removedexe    ModuleMD5 = 7fab3c273c8214d517bdd0cbd2ba1815
processName = SHELLMON.EXE   File Size = 54872   File Path = C:\Program Files\America Online 9.0\shellmon.exe    ModuleMD5 = f093707c39b3b38653cdb94c85a80772
processName = SPYHUNTER.EXE   File Size = 2482176   File Path = C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter.exe    ModuleMD5 = 146e80454798088ce29eff0254637ceb
###########################REGISTRY MD5 DATA###########################
<HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN>
Name=AVG7_CC   Data=C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP   FileSize = 406016   MD5=ed0163acdb2834ac8f53b3265671fb1a
Name=   Data=   FileSize =    MD5=
Name=Adobe Photo Downloader   Data="C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"   FileSize = 57344   MD5=617fa5be646b5e8d6670fd4710acd2d3
Name=AOL Spyware Protection   Data="C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe"   FileSize =    MD5=********************************
Name=AOLDialer   Data=C:\Program Files\Common Files\AOL\ACS\AOLDial.exe   FileSize = 71216   MD5=b9b78f0d9aebca8f717680fbabbb5ff4
Name=ATICCC   Data="C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"   FileSize = 90112   MD5=0dc2e1b6951bd2170bc47f0eebf629b3
Name=HostManager   Data=C:\Program Files\Common Files\AOL\1126634133\ee\AOLSoftware.exe   FileSize = 50736   MD5=c482c535cbfefe722ec1eb7f11f680a3
Name=Launch LCDMon   Data="C:\Program Files\Logitech\G-series Software\LCDMon.exe"   FileSize = 188928   MD5=4b7f52213675e4ddf9065ebcf3bf7e2e
Name=Launch LGDCore   Data="C:\Program Files\Logitech\G-series Software\LGDCore.exe" /SHOWHIDE   FileSize = 1110079   MD5=a1272b7be3a04dc6dc43cf2461ad7c0f
Name=Logitech Hardware Abstraction Layer   Data="C:\Program Files\Common Files\Logitech\khalshared\KHALMNPR.EXE"   FileSize = 94208   MD5=cacd213e5a959fdf4f8232a6b34fad43
Name=LogitechVideoRepair   Data=C:\Program Files\Logitech\Video\ISStart.exe    FileSize = 458752   MD5=3c0ee706ceb7e9a154bf8e7749ca5a91
Name=LogitechVideoTray   Data=C:\Program Files\Logitech\Video\LogiTray.exe   FileSize = 217088   MD5=2d3bcca5c7ca55fedd60e3336d3a92af
Name=LVCOMSX   Data=C:\WINDOWS\system32\LVCOMSX.EXE   FileSize = 221184   MD5=5ba8a7da5d0573f7923e02b260aad2f1
Name=NeroFilterCheck   Data=C:\WINDOWS\system32\NeroCheck.exe   FileSize = 155648   MD5=3e4c03cefad8de135263236b61a49c90
Name=SoundMan   Data=SOUNDMAN.EXE   FileSize = 77824   MD5=5077f7f5841a0cac7d468818c7596624
Name=Kernel and Hardware Abstraction Layer   Data=KHALMNPR.EXE   FileSize = 94208   MD5=cacd213e5a959fdf4f8232a6b34fad43
Name=Windows Defender   Data="C:\Program Files\Windows Defender\MSASCui.exe" -hide   FileSize = 866584   MD5=77c03bf23ae56b0a31ae4d5bb4b3d0ac
Name=SunJavaUpdateSched   Data="C:\Program Files\Java\jre1.6.0\bin\jusched.exe"   FileSize = 77824   MD5=ab74aa8defc1ca82759788a55b673629
Name=SpyHunter   Data=C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter.exe
   FileSize = 2482176   MD5=146e80454798088ce29eff0254637ceb
<HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNONCEEX>
<HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNONCE>
<HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN>
Name=Steam   Data="c:\program files\valve\steam\steam.exe" -silent   FileSize = 1269760   MD5=63fddd536e2798ba840ff723d7e2a17b
Name=ctfmon.exe   Data=C:\WINDOWS\system32\ctfmon.exe   FileSize = 15360   MD5=24232996a38c0b0cf151c2140ae29fc8
Name=   Data=
   FileSize =    MD5=
<HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNONCE>
Name=FlashPlayerUpdate   Data=C:\WINDOWS\system32\Macromed\Flash\GetFlash.exe
   FileSize = 128648   MD5=a792b3e682e05f70ca1ee1d4fd635ec8
<HKEY_USERS\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN>
Name=AVG7_Run   Data=C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE
   FileSize = 146432   MD5=98f7c449d7c48666c367364655801a37
<HKEY_USERS\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNONCE>
<HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWSNT\CURRENTVERSION\WINDOWS\APPINIT_DLLS>
<HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER\RUN>
<HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWSNT\CURRENTVERSION\WINLOGON\SHELL>
Explorer.exe   FileSize = 1032192   MD5=a0732187050030ae399b241436565e64
<HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWSNT\CURRENTVERSION\WINLOGON\USERINIT>
C:\WINDOWS\system32\userinit.exe,   FileSize = 24576   MD5=39b1ffb03c2296323832acbae50d2aff
#############################FILE MD5 DATA#############################
<C:\Documents and Settings\Randy\Start Menu\Programs\Startup>
File Path = C:\Documents and Settings\Randy\Start Menu\Programs\Startup\desktop.ini   File Size = 4096   md5=d6a6856702e3f0953e7246a9b4a9fe35
#############################SERVICES DATA#############################
Service Name = ALG   Service Display Name = Application Layer Gateway Service   Opened = YES   Status = Running   Query = SUCCESS   Service Type = 16   Service Start Type = 3   Service Error Control = 1   Service Binary Path = C:\WINDOWS\System32\alg.exe   Binary Size = 44544   Binary MD5 = f1958fbf86d5c004cf19a5951a9514b7   
Service Name = AOL ACS   Service Display Name = AOL Connectivity Service   Opened = YES   Status = Running   Query = SUCCESS   Service Type = 272   Service Start Type = 2   Service Error Control = 1   Service Binary Path = "C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe"   Binary Size = 0   Binary MD5 =    
Service Name = Ati HotKey Poller   Service Display Name = Ati HotKey Poller   Opened = YES   Status = Running   Query = SUCCESS   Service Type = 272   Service Start Type = 2   Service Error Control = 1   Service Binary Path = C:\WINDOWS\system32\Ati2evxx.exe   Binary Size = 430080   Binary MD5 = f57801f641e6df9f4fd4b29d6deb422c   
Service Name = AudioSrv   Service Display Name = Windows Audio   Opened = YES   Status = Running   Query = SUCCESS   Service Type = 32   Service Start Type = 2   Service Error Control = 1   Service Binary Path = C:\WINDOWS\System32\svchost.exe -k netsvcs   Binary Size = 0   Binary MD5 =    
Service Name = Avg7Alrt   Service Display Name = AVG7 Alert Manager Server   Opened = YES   Status = Running   Query = SUCCESS   Service Type = 272   Service Start Type = 2   Service Error Control = 1   Service Binary Path = C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe   Binary Size = 343552   Binary MD5 = dd4db777d2ba1e475f75015b90557795   
Service Name = Avg7UpdSvc   Service Display Name = AVG7 Update Service   Opened = YES   Status = Running   Query = SUCCESS   Service Type = 16   Service Start Type = 2   Service Error Control = 1   Service Binary Path = C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe   Binary Size = 49664   Binary MD5 = 30a14f65db477dc00a64a5a24e96919c   
Service Name = AVGEMS   Service Display Name = AVG E-mail Scanner   Opened = YES   Status = Running   Query = SUCCESS   Service Type = 272   Service Start Type = 2   Service Error Control = 1   Service Binary Path = C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe   Binary Size = 323072   Binary MD5 = 4bb306ae21b59085d49cca16ea7dad18   
Service Name = BITS   Service Display Name = Background Intelligent Transfer Service   Opened = YES   Status = Running   Query = SUCCESS   Service Type = 32   Service Start Type = 3   Service Error Control = 1   Service Binary Path = C:\WINDOWS\System32\svchost.exe -k netsvcs   Binary Size = 0   Binary MD5 =    
Service Name = CryptSvc   Service Display Name = Cryptographic Services   Opened = YES   Status = Running   Query = SUCCESS   Service Type = 32   Service Start Type = 2   Service Error Control = 1   Service Binary Path = C:\WINDOWS\system32\svchost.exe -k netsvcs   Binary Size = 0   Binary MD5 =    
Service Name = DcomLaunch   Service Display Name = DCOM Server Process Launcher   Opened = YES   Status = Running   Query = SUCCESS   Service Type = 32   Service Start Type = 2   Service Error Control = 1   Service Binary Path = C:\WINDOWS\system32\svchost -k DcomLaunch   Binary Size = 0   Binary MD5 =    
Service Name = Dhcp   Service Display Name = DHCP Client   Opened = YES   Status = Running   Query = SUCCESS   Service Type = 32   Service Start Type = 2   Service Error Control = 1   Service Binary Path = C:\WINDOWS\System32\svchost.exe -k netsvcs   Binary Size = 0   Binary MD5 =    
Service Name = Dnscache   Service Display Name = DNS Client   Opened = YES   Status = Running   Query = SUCCESS   Service Type = 32   Service Start Type = 2   Service Error Control = 1   Service Binary Path = C:\WINDOWS\System32\svchost.exe -k NetworkService   Binary Size = 0   Binary MD5 =    
Service Name = ERSvc   Service Display Name = Error Reporting Service   Opened = YES   Status = Running   Query = SUCCESS   Service Type = 32   Service Start Type = 2   Service Error Control = 0   Service Binary Path = C:\WINDOWS\System32\svchost.exe -k netsvcs   Binary Size = 0   Binary MD5 =    
Service Name = Eventlog   Service Display Name = Event Log   Opened = YES   Status = Running   Query = SUCCESS   Service Type = 32   Service Start Type = 2   Service Error Control = 1   Service Binary Path = C:\WINDOWS\system32\services.exe   Binary Size = 108032   Binary MD5 = c6ce6eec82f187615d1002bb3bb50ed4   
Service Name = EventSystem   Service Display Name = COM+ Event System   Opened = YES   Status = Running   Query = SUCCESS   Service Type = 32   Service Start Type = 3   Service Error Control = 1   Service Binary Path = C:\WINDOWS\System32\svchost.exe -k netsvcs   Binary Size = 0   Binary MD5 =    
Service Name = FastUserSwitchingCompatibility   Service Display Name = Fast User Switching Compatibility   Opened = YES   Status = Running   Query = SUCCESS   Service Type = 32   Service Start Type = 3   Service Error Control = 1   Service Binary Path = C:\WINDOWS\System32\svchost.exe -k netsvcs   Binary Size = 0   Binary MD5 =    
Service Name = helpsvc   Service Display Name = Help and Support   Opened = YES   Status = Running   Query = SUCCESS   Service Type = 32   Service Start Type = 2   Service Error Control = 1   Service Binary Path = C:\WINDOWS\System32\svchost.exe -k netsvcs   Binary Size = 0   Binary MD5 =    
Service Name = HidServ   Service Display Name = HID Input Service   Opened = YES   Status = Running   Query = SUCCESS   Service Type = 32   Service Start Type = 2   Service Error Control = 1   Service Binary Path = C:\WINDOWS\System32\svchost.exe -k netsvcs   Binary Size = 0   Binary MD5 =    
Service Name = LmHosts   Service Display Name = TCP/IP NetBIOS Helper   Opened = YES   Status = Running   Query = SUCCESS   Service Type = 32   Service Start Type = 2   Service Error Control = 1   Service Binary Path = C:\WINDOWS\System32\svchost.exe -k LocalService   Binary Size = 0   Binary MD5 =    
Service Name = Netman   Service Display Name = Network Connections   Opened = YES   Status = Running   Query = SUCCESS   Service Type = 288   Service Start Type = 3   Service Error Control = 1   Service Binary Path = C:\WINDOWS\System32\svchost.exe -k netsvcs   Binary Size = 0   Binary MD5 =    
Service Name = Nla   Service Display Name = Network Location Awareness (NLA)   Opened = YES   Status = Running   Query = SUCCESS   Service Type = 32   Service Start Type = 3   Service Error Control = 1   Service Binary Path = C:\WINDOWS\System32\svchost.exe -k netsvcs   Binary Size = 0   Binary MD5 =    
Service Name = NwSapAgent   Service Display Name = SAP Agent   Opened = YES   Status = Running   Query = SUCCESS   Service Type = 32   Service Start Type = 2   Service Error Control = 1   Service Binary Path = C:\WINDOWS\system32\svchost.exe -k netsvcs   Binary Size = 0   Binary MD5 =    
Service Name = PlugPlay   Service Display Name = Plug and Play   Opened = YES   Status = Running   Query = SUCCESS   Service Type = 32   Service Start Type = 2   Service Error Control = 1   Service Binary Path = C:\WINDOWS\system32\services.exe   Binary Size = 108032   Binary MD5 = c6ce6eec82f187615d1002bb3bb50ed4   
Service Name = ProtectedStorage   Service Display Name = Protected Storage   Opened = YES   Status = Running   Query = SUCCESS   Service Type = 288   Service Start Type = 2   Service Error Control = 1   Service Binary Path = C:\WINDOWS\system32\lsass.exe   Binary Size = 13312   Binary MD5 = 84885f9b82f4d55c6146ebf6065d75d2   
Service Name = RasMan   Service Display Name = Remote Access Connection Manager   Opened = YES   Status = Running   Query = SUCCESS   Service Type = 32   Service Start Type = 3   Service Error Control = 1   Service Binary Path = C:\WINDOWS\System32\svchost.exe -k netsvcs   Binary Size = 0   Binary MD5 =    
Service Name = RpcSs   Service Display Name = Remote Procedure Call (RPC)   Opened = YES   Status = Running   Query = SUCCESS   Service Type = 32   Service Start Type = 2   Service Error Control = 1   Service Binary Path = C:\WINDOWS\system32\svchost -k rpcss   Binary Size = 0   Binary MD5 =    
Service Name = SamSs   Service Display Name = Security Accounts Manager   Opened = YES   Status = Running   Query = SUCCESS   Service Type = 32   Service Start Type = 2   Service Error Control = 1   Service Binary Path = C:\WINDOWS\system32\lsass.exe   Binary Size = 13312   Binary MD5 = 84885f9b82f4d55c6146ebf6065d75d2   
Service Name = Schedule   Service Display Name = Task Scheduler   Opened = YES   Status = Running   Query = SUCCESS   Service Type = 288   Service Start Type = 2   Service Error Control = 1   Service Binary Path = C:\WINDOWS\System32\svchost.exe -k netsvcs   Binary Size = 0   Binary MD5 =    
Service Name = seclogon   Service Display Name = Secondary Logon   Opened = YES   Status = Running   Query = SUCCESS   Service Type = 288   Service Start Type = 2   Service Error Control = 0   Service Binary Path = C:\WINDOWS\System32\svchost.exe -k netsvcs   Binary Size = 0   Binary MD5 =    
Service Name = SENS   Service Display Name = System Event Notification   Opened = YES   Status = Running   Query = SUCCESS   Service Type = 32   Service Start Type = 2   Service Error Control = 1   Service Binary Path = C:\WINDOWS\system32\svchost.exe -k netsvcs   Binary Size = 0   Binary MD5 =    
Service Name = SharedAccess   Service Display Name = Windows Firewall/Internet Connection Sharing (ICS)   Opened = YES   Status = Running   Query = SUCCESS   Service Type = 32   Service Start Type = 2   Service Error Control = 1   Service Binary Path = C:\WINDOWS\System32\svchost.exe -k netsvcs   Binary Size = 0   Binary MD5 =    
Service Name = ShellHWDetection   Service Display Name = Shell Hardware Detection   Opened = YES   Status = Running   Query = SUCCESS   Service Type = 32   Service Start Type = 2   Service Error Control = 0   Service Binary Path = C:\WINDOWS\System32\svchost.exe -k netsvcs   Binary Size = 0   Binary MD5 =    
Service Name = Spooler   Service Display Name = Print Spooler   Opened = YES   Status = Running   Query = SUCCESS   Service Type = 272   Service Start Type = 2   Service Error Control = 1   Service Binary Path = C:\WINDOWS\system32\spoolsv.exe   Binary Size = 57856   Binary MD5 = da81ec57acd4cdc3d4c51cf3d409af9f   
Service Name = srservice   Service Display Name = System Restore Service   Opened = YES   Status = Running   Query = SUCCESS   Service Type = 32   Service Start Type = 2   Service Error Control = 1   Service Binary Path = C:\WINDOWS\System32\svchost.exe -k netsvcs   Binary Size = 0   Binary MD5 =    
Service Name = stisvc   Service Display Name = Windows Image Acquisition (WIA)   Opened = YES   Status = Running   Query = SUCCESS   Service Type = 32   Service Start Type = 2   Service Error Control = 1   Service Binary Path = C:\WINDOWS\System32\svchost.exe -k imgsvc   Binary Size = 0   Binary MD5 =    
Service Name = TapiSrv   Service Display Name = Telephony   Opened = YES   Status = Running   Query = SUCCESS   Service Type = 32   Service Start Type = 3   Service Error Control = 1   Service Binary Path = C:\WINDOWS\System32\svchost.exe -k netsvcs   Binary Size = 0   Binary MD5 =    
Service Name = TermService   Service Display Name = Terminal Services   Opened = YES   Status = Running   Query = SUCCESS   Service Type = 32   Service Start Type = 3   Service Error Control = 1   Service Binary Path = C:\WINDOWS\System32\svchost -k DComLaunch   Binary Size = 0   Binary MD5 =    
Service Name = Themes   Service Display Name = Themes   Opened = YES   Status = Running   Query = SUCCESS   Service Type = 32   Service Start Type = 2   Service Error Control = 1   Service Binary Path = C:\WINDOWS\System32\svchost.exe -k netsvcs   Binary Size = 0   Binary MD5 =    
Service Name = TrkWks   Service Display Name = Distributed Link Tracking Client   Opened = YES   Status = Running   Query = SUCCESS   Service Type = 32   Service Start Type = 2   Service Error Control = 1   Service Binary Path = C:\WINDOWS\system32\svchost.exe -k netsvcs   Binary Size = 0   Binary MD5 =    
Service Name = W32Time   Service Display Name = Windows Time   Opened = YES   Status = Running   Query = SUCCESS   Service Type = 32   Service Start Type = 2   Service Error Control = 1   Service Binary Path = C:\WINDOWS\System32\svchost.exe -k netsvcs   Binary Size = 0   Binary MD5 =    
Service Name = WANMiniportService   Service Display Name = WAN Miniport (ATW) Service   Opened = YES   Status = Running   Query = SUCCESS   Service Type = 16   Service Start Type = 2   Service Error Control = 0   Service Binary Path = "C:\WINDOWS\wanmpsvc.exe"   Binary Size = 0   Binary MD5 =    
Service Name = WebClient   Service Display Name = WebClient   Opened = YES   Status = Running   Query = SUCCESS   Service Type = 32   Service Start Type = 2   Service Error Control = 1   Service Binary Path = C:\WINDOWS\System32\svchost.exe -k LocalService   Binary Size = 0   Binary MD5 =    
Service Name = WinDefend   Service Display Name = Windows Defender   Opened = YES   Status = Running   Query = SUCCESS   Service Type = 16   Service Start Type = 2   Service Error Control = 1   Service Binary Path = "C:\Program Files\Windows Defender\MsMpEng.exe"   Binary Size = 0   Binary MD5 =    
Service Name = winmgmt   Service Display Name = Windows Management Instrumentation   Opened = YES   Status = Running   Query = SUCCESS   Service Type = 32   Service Start Type = 2   Service Error Control = 0   Service Binary Path = C:\WINDOWS\system32\svchost.exe -k netsvcs   Binary Size = 0   Binary MD5 =    
Service Name = wscsvc   Service Display Name = Security Center   Opened = YES   Status = Running   Query = SUCCESS   Service Type = 32   Service Start Type = 2   Service Error Control = 1   Service Binary Path = C:\WINDOWS\System32\svchost.exe -k netsvcs   Binary Size = 0   Binary MD5 =    
Service Name = wuauserv   Service Display Name = Automatic Updates   Opened = YES   Status = Running   Query = SUCCESS   Service Type = 32   Service Start Type = 2   Service Error Control = 1   Service Binary Path = C:\WINDOWS\system32\svchost.exe -k netsvcs   Binary Size = 0   Binary MD5 =    
Service Name = WZCSVC   Service Display Name = Wireless Zero Configuration   Opened = YES   Status = Running   Query = SUCCESS   Service Type = 32   Service Start Type = 2   Service Error Control = 1   Service Binary Path = C:\WINDOWS\System32\svchost.exe -k netsvcs   Binary Size = 0   Binary MD5 =    
#############################WINLOGON DATA#############################
<HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWSNT\CURRENTVERSION\WINLOGON\NOTIFY>
Subkey Name = Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent    Filepath = C:\WINDOWS\system32\Ati2evxx.dll    File Size = 90112    File MD5 = 459333cbac9502cb1b85272b1b80e5dc   
Subkey Name = Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain    Filepath = C:\WINDOWS\system32\crypt32.dll    File Size = 597504    File MD5 = efc958396a7a7ef7e6d4a52b97512e18   
Subkey Name = Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet    Filepath = C:\WINDOWS\system32\cryptnet.dll    File Size = 63488    File MD5 = cad4aa32e7eca00c23cc39c0eb833f9d   
Subkey Name = Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll    Filepath = C:\WINDOWS\system32\cscdll.dll    File Size = 101888    File MD5 = 587729679b4fe04ce06a5c61d6c56dcd   
Subkey Name = Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp    Filepath = C:\WINDOWS\system32\wlnotify.dll    File Size = 92672    File MD5 = a599e5e366c1408e48aa5d37882d4e3e   
Subkey Name = Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule    Filepath = C:\WINDOWS\system32\wlnotify.dll    File Size = 92672    File MD5 = a599e5e366c1408e48aa5d37882d4e3e   
Subkey Name = Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy    Filepath = C:\WINDOWS\system32\sclgntfy.dll    File Size = 20992    File MD5 = d636fa41e50671160d838ea2dace3330   
Subkey Name = Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn    Filepath = C:\WINDOWS\system32\WlNotify.dll    File Size = 92672    File MD5 = a599e5e366c1408e48aa5d37882d4e3e   
Subkey Name = Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv    Filepath = C:\WINDOWS\system32\wlnotify.dll    File Size = 92672    File MD5 = a599e5e366c1408e48aa5d37882d4e3e   
Subkey Name = Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon    Filepath = C:\WINDOWS\system32\WgaLogon.dll    File Size = 702768    File MD5 = 147429092c26d18af550790ac102f32a   
Subkey Name = Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon    Filepath = C:\WINDOWS\system32\wlnotify.dll    File Size = 92672    File MD5 = a599e5e366c1408e48aa5d37882d4e3e   
##########################BROWSER ADD-ON DATA##########################
<HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Explorer Bars>
CLSID = {4D5C8C25-D075-11d0-B416-00C04FB90376}   FilePath = C:\WINDOWS\System32\shdocvw.dll   File Size = 1497088   File MD5 = 559b2d22a1ee947a7eaed530c7ff9320   
CLSID = {FE54FA40-D68C-11d2-98FA-00C0F0318AFE}   FilePath = C:\WINDOWS\System32\Shdocvw.dll   File Size = 1497088   File MD5 = 559b2d22a1ee947a7eaed530c7ff9320   
<HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Explorer Bars>
CLSID = {21569614-B795-46B1-85F4-E737A8DC09AD}   FilePath = C:\WINDOWS\system32\browseui.dll   File Size = 1022976   File MD5 = b99ff349bf53bd91fbddcd6b1ede8980   
CLSID = {30D02401-6A81-11D0-8274-00C04FD5AE38}   FilePath = C:\WINDOWS\system32\ieframe.dll   File Size = 6049280   File MD5 = 914f39ef1d068737012ff7f90025f848   
CLSID = {32683183-48a0-441b-a342-7c2a440a9478}   FilePath =    File Size = 0   File MD5 =    
CLSID = {C4EE31F3-4768-11D2-BE5C-00A0C9A83DA1}   FilePath = C:\WINDOWS\system32\SHELL32.dll   File Size = 8453632   File MD5 = f056b4771408966694de5d9bf79b48f8   
CLSID = {EFA24E61-B078-11D0-89E4-00C04FC9E26E}   FilePath = C:\WINDOWS\System32\shdocvw.dll   File Size = 1497088   File MD5 = 559b2d22a1ee947a7eaed530c7ff9320   
CLSID = {EFA24E62-B078-11D0-89E4-00C04FC9E26E}   FilePath = C:\WINDOWS\System32\shdocvw.dll   File Size = 1497088   File MD5 = 559b2d22a1ee947a7eaed530c7ff9320   
CLSID = {EFA24E64-B078-11D0-89E4-00C04FC9E26E}   FilePath = C:\WINDOWS\System32\shdocvw.dll   File Size = 1497088   File MD5 = 559b2d22a1ee947a7eaed530c7ff9320   
<HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects>
CLSID = {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}   FilePath = C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll   File Size = 63128   File MD5 = f17b2b264072b921fc66a0be16626bab   
CLSID = {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}   FilePath = C:\Program Files\Java\jre1.6.0\bin\ssv.dll   File Size = 501384   File MD5 = 55a2f8ae42c4b347173f1aede5061be3   
<HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Extensions>
CLSID = CmdMapping   FilePath =    File Size = 0   File MD5 =    
CLSID = {08B0E5C0-4FCB-11CF-AAA5-00401C608501}   FilePath =    File Size = 0   File MD5 =    
CLSID = {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45}   FilePath =    File Size = 0   File MD5 =    
CLSID = {CD67F990-D8E9-11d2-98FE-00C0F0318AFE}   FilePath =    File Size = 0   File MD5 =    
CLSID = {e2e2dd38-d088-4134-82b7-f2ba38496583}   FilePath =    File Size = 0   File MD5 =    
CLSID = {FB5F1910-F110-11d2-BB9E-00C04F795683}   FilePath =    File Size = 0   File MD5 =    
<HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions>
CLSID = CmdMapping   FilePath =    File Size = 0   File MD5 =    
<HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks>
CLSID = {CFBFAE00-17A6-11D0-99CB-00C04FD64497}   FilePath = C:\WINDOWS\system32\ieframe.dll   File Size = 6049280   File MD5 = 914f39ef1d068737012ff7f90025f848   Description =
<HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler>
CLSID = {438755C2-A8BA-11D1-B96B-00A0C90312E1}   FilePath = C:\WINDOWS\System32\browseui.dll   File Size = 1022976   File MD5 = b99ff349bf53bd91fbddcd6b1ede8980   Description = Browseui preloader
CLSID = {8C7461EF-2B13-11d2-BE35-3078302C2030}   FilePath = C:\WINDOWS\System32\browseui.dll   File Size = 1022976   File MD5 = b99ff349bf53bd91fbddcd6b1ede8980   Description = Component Categories cache daemon
##########################LSP CHAIN DATA##########################
<HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WINSOCK2\PARAMETERS>
Sequence Num = SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries00000000001    Filepath = C:\WINDOWS\system32\mswsock.dll    File Size = 245248    File MD5 = 4e74af063c3271fbea20dd940cfd1184   
Sequence Num = SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries00000000002    Filepath = C:\WINDOWS\system32\mswsock.dll    File Size = 245248    File MD5 = 4e74af063c3271fbea20dd940cfd1184   
Sequence Num = SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries00000000003    Filepath = C:\WINDOWS\system32\mswsock.dll    File Size = 245248    File MD5 = 4e74af063c3271fbea20dd940cfd1184   
Sequence Num = SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries00000000004    Filepath = C:\WINDOWS\system32\rsvpsp.dll    File Size = 90112    File MD5 = 90491683abd587c702b16f181ab0d99d   
Sequence Num = SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries00000000005    Filepath = C:\WINDOWS\system32\rsvpsp.dll    File Size = 90112    File MD5 = 90491683abd587c702b16f181ab0d99d   
Sequence Num = SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries00000000006    Filepath = C:\WINDOWS\system32\mswsock.dll    File Size = 245248    File MD5 = 4e74af063c3271fbea20dd940cfd1184   
Sequence Num = SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries00000000007    Filepath = C:\WINDOWS\system32\mswsock.dll    File Size = 245248    File MD5 = 4e74af063c3271fbea20dd940cfd1184   
Sequence Num = SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries00000000008    Filepath = C:\WINDOWS\system32\mswsock.dll    File Size = 245248    File MD5 = 4e74af063c3271fbea20dd940cfd1184   
Sequence Num = SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries00000000009    Filepath = C:\WINDOWS\system32\mswsock.dll    File Size = 245248    File MD5 = 4e74af063c3271fbea20dd940cfd1184   
Sequence Num = SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries00000000010    Filepath = C:\WINDOWS\system32\mswsock.dll    File Size = 245248    File MD5 = 4e74af063c3271fbea20dd940cfd1184   
Sequence Num = SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries00000000011    Filepath = C:\WINDOWS\system32\mswsock.dll    File Size = 245248    File MD5 = 4e74af063c3271fbea20dd940cfd1184   
Sequence Num = SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries00000000012    Filepath = C:\WINDOWS\system32\mswsock.dll    File Size = 245248    File MD5 = 4e74af063c3271fbea20dd940cfd1184   
Sequence Num = SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries00000000013    Filepath = C:\WINDOWS\system32\mswsock.dll    File Size = 245248    File MD5 = 4e74af063c3271fbea20dd940cfd1184   
Sequence Num = SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries00000000014    Filepath = C:\WINDOWS\system32\mswsock.dll    File Size = 245248    File MD5 = 4e74af063c3271fbea20dd940cfd1184   
Sequence Num = SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries00000000015    Filepath = C:\WINDOWS\system32\mswsock.dll    File Size = 245248    File MD5 = 4e74af063c3271fbea20dd940cfd1184   
Sequence Num = SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries00000000016    Filepath = C:\WINDOWS\system32\mswsock.dll    File Size = 245248    File MD5 = 4e74af063c3271fbea20dd940cfd1184   
Sequence Num = SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries00000000017    Filepath = C:\WINDOWS\system32\mswsock.dll    File Size = 245248    File MD5 = 4e74af063c3271fbea20dd940cfd1184   
Sequence Num = SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries00000000018    Filepath = C:\WINDOWS\system32\mswsock.dll    File Size = 245248    File MD5 = 4e74af063c3271fbea20dd940cfd1184   
##########################UNINSTALL DATA##########################
<HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL>
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\Ad-Aware SE Personal    DisplayName = Ad-Aware SE Personal   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\AdobeESD    DisplayName = Adobe Download Manager 2.0 (Remove Only)   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\All ATI Software    DisplayName = ATI - Software Uninstall Utility    InstallLocation = C:\Program Files\ATI Technologies\UninstallAll   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\AOL Explorer    DisplayName = AOL Explorer   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\AOL Instant Messenger    DisplayName = AOL Instant Messenger   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\AOL Uninstaller    DisplayName = AOL Uninstaller (Choose which Products to Remove)   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\AOL YGP Screensaver    DisplayName = AOL You've Got Pictures Screensaver   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\AolCoach2_en    DisplayName = AOL Coach Version 2.0(Build:20041026.5 en)   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\ATI Display Driver    DisplayName = ATI Display Driver   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\AVG7Uninstall    DisplayName = AVG Free Edition   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\BackWeb-8876480 Uninstaller   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\Branding   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\CheckIt Diagnostics    DisplayName = CheckIt Diagnostics   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\CleanUp!    DisplayName = CleanUp!   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\Connection Manager   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\DirectDrawEx   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\DODC   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\FileZilla    DisplayName = FileZilla (remove only)   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\Fontcore   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\HijackThis    DisplayName = HijackThis 1.99.1   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\HLSW_is1    DisplayName = HLSW v1.0.0.48    InstallLocation = C:\Program Files\HLSW\   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\IDNMitigationAPIs    DisplayName = Microsoft Internationalized Domain Names Mitigation APIs   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\IE40   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\IE4Data   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\IE5BAKEX   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\ie7    DisplayName = Windows Internet Explorer 7   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\IEData   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield Uninstall Information   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{F5577101-33CC-4711-8235-3A95BCD49DB0}    DisplayName = EA Link    InstallLocation = C:\Program Files\Electronic Arts\EA Link\   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\InterActual Player    DisplayName = InterActual Player   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB834707    DisplayName = Windows XP Hotfix - KB834707   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB867282    DisplayName = Windows XP Hotfix - KB867282   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB870669    DisplayName = Microsoft Data Access Components KB870669   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB873333    DisplayName = Windows XP Hotfix - KB873333   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB873339    DisplayName = Windows XP Hotfix - KB873339   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB883939    DisplayName = Security Update for Windows XP (KB883939)   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB884016   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB884267   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB885250    DisplayName = Windows XP Hotfix - KB885250   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB885353   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB885835    DisplayName = Windows XP Hotfix - KB885835   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB885836    DisplayName = Windows XP Hotfix - KB885836   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB886185    DisplayName = Windows XP Hotfix - KB886185   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB886612   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB887078   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB887472    DisplayName = Windows XP Hotfix - KB887472   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB887626   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB887742    DisplayName = Windows XP Hotfix - KB887742   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB888113    DisplayName = Windows XP Hotfix - KB888113   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB888302    DisplayName = Windows XP Hotfix - KB888302   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB888656   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB889858   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB890046    DisplayName = Security Update for Windows XP (KB890046)   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB890047    DisplayName = Windows XP Hotfix - KB890047   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB890175    DisplayName = Windows XP Hotfix - KB890175   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB890859    DisplayName = Windows XP Hotfix - KB890859   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB890923    DisplayName = Windows XP Hotfix - KB890923   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB891122   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB891781    DisplayName = Windows XP Hotfix - KB891781   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB892313   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB893066    DisplayName = Windows XP Hotfix - KB893066   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB893086    DisplayName = Windows XP Hotfix - KB893086   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB893240   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB893241   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB893756    DisplayName = Security Update for Windows XP (KB893756)   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB893803    DisplayName = Windows Installer 3.1 (KB893803)   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB893803v2    DisplayName = Windows Installer 3.1 (KB893803)   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB894391    DisplayName = Update for Windows XP (KB894391)   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB895181   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB895316   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB895572   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB896358    DisplayName = Security Update for Windows XP (KB896358)   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB896422    DisplayName = Security Update for Windows XP (KB896422)   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB896423    DisplayName = Security Update for Windows XP (KB896423)   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB896424    DisplayName = Security Update for Windows XP (KB896424)   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB896428    DisplayName = Security Update for Windows XP (KB896428)   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB896688    DisplayName = Security Update for Windows XP (KB896688)   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB896727    DisplayName = Update for Windows XP (KB896727)   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB897586   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB898461    DisplayName = Update for Windows XP (KB898461)   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB898549   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB899587    DisplayName = Security Update for Windows XP (KB899587)   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB899588    DisplayName = Security Update for Windows XP (KB899588)   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB899591    DisplayName = Security Update for Windows XP (KB899591)   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB900399   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB900485    DisplayName = Update for Windows XP (KB900485)   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB900725    DisplayName = Security Update for Windows XP (KB900725)   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB901017    DisplayName = Security Update for Windows XP (KB901017)   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB901214    DisplayName = Security Update for Windows XP (KB901214)   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB902344   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB902400    DisplayName = Security Update for Windows XP (KB902400)   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB903235    DisplayName = Security Update for Windows XP (KB903235)   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB904706    DisplayName = Security Update for Windows XP (KB904706)   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB904942    DisplayName = Update for Windows XP (KB904942)   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB905414    DisplayName = Security Update for Windows XP (KB905414)   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB905749    DisplayName = Security Update for Windows XP (KB905749)   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB905915    DisplayName = Security Update for Windows XP (KB905915)   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB907658   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB908519    DisplayName = Security Update for Windows XP (KB908519)   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB908531    DisplayName = Security Update for Windows XP (KB908531)   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB910437    DisplayName = Update for Windows XP (KB910437)   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB911280    DisplayName = Security Update for Windows XP (KB911280)   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB911562    DisplayName = Security Update for Windows XP (KB911562)   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB911564    DisplayName = Security Update for Windows Media Player (KB911564)   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB911565    DisplayName = Security Update for Windows Media Player 10 (KB911565)   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB911567    DisplayName = Security Update for Windows XP (KB911567)   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB911854   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB911927    DisplayName = Security Update for Windows XP (KB911927)   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB912812    DisplayName = Security Update for Windows XP (KB912812)   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB912919    DisplayName = Security Update for Windows XP (KB912919)   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB913446    DisplayName = Security Update for Windows XP (KB913446)   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB913580    DisplayName = Security Update for Windows XP (KB913580)   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB914388    DisplayName = Security Update for Windows XP (KB914388)   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB914389    DisplayName = Security Update for Windows XP (KB914389)   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB914440    DisplayName = Hotfix for Windows XP (KB914440)   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB915865    DisplayName = Hotfix for Windows XP (KB915865)   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB916281    DisplayName = Security Update for Windows XP (KB916281)   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB916595    DisplayName = Update for Windows XP (KB916595)   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB917159    DisplayName = Security Update for Windows XP (KB917159)   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB917283.T1_1ToU93_1    DisplayName = Security Update for Microsoft .NET Framework 2.0 (KB917283)   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB917344    DisplayName = Security Update for Windows XP (KB917344)   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB917422    DisplayName = Security Update for Windows XP (KB917422)   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB917734_WMP10    DisplayName = Security Update for Windows Media Player 10 (KB917734)   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB917953    DisplayName = Security Update for Windows XP (KB917953)   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB918439    DisplayName = Security Update for Windows XP (KB918439)   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB918899    DisplayName = Security Update for Windows XP (KB918899)   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB919007    DisplayName = Security Update for Windows XP (KB919007)   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB920213    DisplayName = Security Update for Windows XP (KB920213)   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB920214    DisplayName = Security Update for Windows XP (KB920214)   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB920670    DisplayName = Security Update for Windows XP (KB920670)   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB920683    DisplayName = Security Update for Windows XP (KB920683)   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB920685    DisplayName = Security Update for Windows XP (KB920685)   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB920872    DisplayName = Update for Windows XP (KB920872)   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB921398    DisplayName = Security Update for Windows XP (KB921398)   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB921883    DisplayName = Security Update for Windows XP (KB921883)   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB922582    DisplayName = Update for Windows XP (KB922582)   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB922616    DisplayName = Security Update for Windows XP (KB922616)   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB922770.T1_1ToU168_1    DisplayName = Security Update for Microsoft .NET Framework 2.0 (KB922770)   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB922819    DisplayName = Security Update for Windows XP (KB922819)   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB923191    DisplayName = Security Update for Windows XP (KB923191)   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB923414    DisplayName = Security Update for Windows XP (KB923414)   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB923689    DisplayName = Security Update for Windows XP (KB923689)   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB923694    DisplayName = Security Update for Windows XP (KB923694)   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB923980    DisplayName = Security Update for Windows XP (KB923980)   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB924191    DisplayName = Security Update for Windows XP (KB924191)   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB924270    DisplayName = Security Update for Windows XP (KB924270)   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB924496    DisplayName = Security Update for Windows XP (KB924496)   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB925398_WMP64    DisplayName = Security Update for Windows Media Player 6.4 (KB925398)   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB925486    DisplayName = Security Update for Windows XP (KB925486)   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB926239    DisplayName = Hotfix for Windows XP (KB926239)   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB926255    DisplayName = Security Update for Windows XP (KB926255)   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB929969    DisplayName = Security Update for Windows Internet Explorer 7 (KB929969)   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\M886903    DisplayName = Microsoft .NET Framework 1.1 Hotfix (KB886903)   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\Microsoft .NET Framework 1.1  (1033)    DisplayName = Microsoft .NET Framework 1.1   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\Microsoft .NET Framework 2.0    DisplayName = Microsoft .NET Framework 2.0    InstallLocation = C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\mIRC    DisplayName = mIRC   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\MobileOptionPack   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\MPlayer2   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\MSCompPackV1    DisplayName = Microsoft Compression Client Pack 1.0 for Windows XP   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\MSI30-Beta1   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\MSI30-Beta2   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\MSI30-KB884016   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\MSI30-RC1   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\MSI30-RC2   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\MSI30a-KB884016   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\MSI31-Beta   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\MSI31-RC1   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\MSTTS    DisplayName = Microsoft Text-to-Speech Engine 4.0 (English)   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\Nero - Burning Rom!UninstallKey    DisplayName = Nero OEM   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\NLSDownlevelMapping    DisplayName = Microsoft National Language Support Downlevel APIs   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\PCHealth   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\QcDrv    DisplayName = Logitech® Camera Driver    InstallLocation = C:\Program Files\Common Files\Logitech\QCDRV   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\QuickTime    DisplayName = QuickTime   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\RealJukebox 1.0   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\RealPlayer 6.0    DisplayName = RealPlayer   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\SchedulingAgent   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\ShockwaveFlash    DisplayName = Adobe Flash Player 9 ActiveX   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\Spybot - Search & Destroy_is1    DisplayName = Spybot - Search & Destroy 1.4    InstallLocation = C:\Program Files\Spybot - Search & Destroy\   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\SpywareBlaster_is1    DisplayName = SpywareBlaster v3.5.1    InstallLocation = C:\Program Files\SpywareBlaster\   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\Steam    DisplayName = Steam   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\Teamspeak 2 RC2_is1    DisplayName = TeamSpeak 2 RC2   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\tv_enua    DisplayName = Lernout & Hauspie TruVoice American English TTS Engine   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\VLC media player    DisplayName = VideoLAN VLC media player 0.8.5   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\WGA    DisplayName = Windows Genuine Advantage Validation Tool   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\WgaNotify    DisplayName = Windows Genuine Advantage Notifications (KB905474)   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\Windows Media Format Runtime    DisplayName = Windows Media Format 11 runtime   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\Windows Media Player    DisplayName = Windows Media Player 11   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\Windows XP Service Pack    DisplayName = Windows XP Service Pack 2   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\WMCSetup   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\WMFDist11    DisplayName = Windows Media Format 11 runtime   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\wmp11    DisplayName = Windows Media Player 11   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\Wudf01000    DisplayName = Microsoft User-Mode Driver Framework Feature Pack 1.0   
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\{00010409-78E1-11D2-B60F-006097C998E7}    DisplayName = Microsoft Office 2000 SR-1 Professional    InstallLocation =    
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\{00040409-78E1-11D2-B60
Logged

Offline Mr Bell

  • Sr. Member
  • ****
  • Posts: 300
  • Karma: +0/-0
    • View Profile
Spyhunter scan
« Reply #1 on: January 31, 2007, 04:05:41 PM »
Well I ran scans using all my other programs and it didn't pick anything up except tracking cookies.

That Spyhunter program said I had 15 items in my registry most of which where identified as Zlob. So I don't know what's up with all that.
Logged

Offline guestolo

  • Site Donator
  • Administrator
  • Hero Member
  • *****
  • Posts: 16034
  • Karma: +1/-0
    • View Profile
    • http://
Spyhunter scan
« Reply #2 on: January 31, 2007, 10:53:18 PM »
Quote
So what the heck I down loaded that Spyhunter program you have on the website and it says I still have that Zlob trojon. Here's the log from it. I'll also post a hijackthis log after.

What SpyHunter program???
I have the ads neautralized, I DO NOT trust Spyhunter
Read more here, you decide
http://www.spywarewarrior.com/rogue_anti-spyware.htm
« Last Edit: January 31, 2007, 11:29:38 PM by guestolo »
Logged

Do you want to post your own logs from FRST?

Follow the instructions posted http://www.thetechguide.com/forum/index.php/topic/22942-please-read-how-to-post-logs-from-frst/\'>Click Here

Offline Mr Bell

  • Sr. Member
  • ****
  • Posts: 300
  • Karma: +0/-0
    • View Profile
Spyhunter scan
« Reply #3 on: February 01, 2007, 05:57:34 AM »
Its not neutralized:) And I had a feeling you were going to say that. I didn't trust it either.

Get your bells and whistles here for only 29.00. Classic:) Its a gauranteed peice of crap we promise:) And we have some great swamp land in Florida for you to:)

Anyway, I have work today so I'll be back this afternoon to finish up on that other computer.

Have a good day
Logged
Pages: [1]
« previous next »