Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

please help


  • Please log in to reply

#1
happybunny

happybunny

    Member

  • Member
  • PipPip
  • 13 posts
###########################Runnning Processes DATA###########################
processName = SMSS.EXE File Size = 50688 File Path = \SystemRoot\System32\smss.exe ModuleMD5 = bd7fb0957c716f1a60333aee04de2178
processName = WINLOGON.EXE File Size = 502272 File Path = \??\C:\WINDOWS\system32\winlogon.exe ModuleMD5 = 01c3346c241652f43aed8e2149881bfe
processName = SERVICES.EXE File Size = 108032 File Path = C:\WINDOWS\system32\services.exe ModuleMD5 = c6ce6eec82f187615d1002bb3bb50ed4
processName = LSASS.EXE File Size = 13312 File Path = C:\WINDOWS\system32\lsass.exe ModuleMD5 = 84885f9b82f4d55c6146ebf6065d75d2
processName = SVCHOST.EXE File Size = 14336 File Path = C:\WINDOWS\system32\svchost.exe ModuleMD5 = 8f078ae4ed187aaabc0a305146de6716
processName = SVCHOST.EXE File Size = 14336 File Path = C:\WINDOWS\System32\svchost.exe ModuleMD5 = 8f078ae4ed187aaabc0a305146de6716
processName = CCPROXY.EXE File Size = 235120 File Path = C:\Program Files\Common Files\Symantec Shared\ccProxy.exe ModuleMD5 = 71af96e742972836b3fd4ea4b3c96206
processName = CCSETMGR.EXE File Size = 181872 File Path = C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe ModuleMD5 = 67dd2cf35cdb1864e06f10f1334c0c17
processName = ISSVC.EXE File Size = 83584 File Path = C:\Program Files\Norton Internet Security\ISSVC.exe ModuleMD5 = 64bc5239264896c8d8fce558cfba029b
processName = SNDSRVC.EXE File Size = 206552 File Path = C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe ModuleMD5 = 443e397643965e08c5ab6a6caa732b97
processName = SPBBCSVC.EXE File Size = 173160 File Path = C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe ModuleMD5 = 08fa56b7c13b4cbf0e5d351aecad92b1
processName = CCEVTMGR.EXE File Size = 198256 File Path = C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe ModuleMD5 = beee55546518f7010779a43f3adfc3b3
processName = EXPLORER.EXE File Size = 1032192 File Path = C:\WINDOWS\Explorer.EXE ModuleMD5 = a0732187050030ae399b241436565e64
processName = SPOOLSV.EXE File Size = 57856 File Path = C:\WINDOWS\system32\spoolsv.exe ModuleMD5 = da81ec57acd4cdc3d4c51cf3d409af9f
processName = CISVC.EXE File Size = 5632 File Path = C:\WINDOWS\system32\cisvc.exe ModuleMD5 = 3192bd04d032a9c4a85a3278c268a13a
processName = LSSRVC.EXE File Size = 53248 File Path = c:\Program Files\Common Files\LightScribe\LSSrvc.exe ModuleMD5 = 00944d59948596721d17510c94cd3e4f
processName = MDM.EXE File Size = 322120 File Path = C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE ModuleMD5 = 11f714f85530a2bd134074dc30e99fca
processName = NAVAPSVC.EXE File Size = 177264 File Path = C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe ModuleMD5 = ead98778afde3f53137a498e0d425b08
processName = SVCHOST.EXE File Size = 14336 File Path = C:\WINDOWS\system32\svchost.exe ModuleMD5 = 8f078ae4ed187aaabc0a305146de6716
processName = SYMLCSVC.EXE File Size = 819352 File Path = C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe ModuleMD5 = f11341cd0d1dc5eff5feffcc7424984e
processName = REALSCHED.EXE File Size = 180269 File Path = C:\Program Files\Common Files\Real\Update_OB\realsched.exe ModuleMD5 = 006220ee86eb71c5884f415eaa9e8058
processName = JUSCHED.EXE File Size = 36975 File Path = C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe ModuleMD5 = d3e445a99a1142c35d8d3100b5564591
processName = SOUNDMAN.EXE File Size = 77824 File Path = C:\WINDOWS\SOUNDMAN.EXE ModuleMD5 = 469690b9702f02af087ea52b3b843202
processName = QTTASK.EXE File Size = 98304 File Path = C:\Program Files\QuickTime\qttask.exe ModuleMD5 = 76a3a30b58405c2c6d833895253a51a9
processName = LSBURNWATCHER.EXE File Size = 253952 File Path = C:\hp\drivers\hplsbwatcher\lsburnwatcher.exe ModuleMD5 = 9819c4f68686e9fe1d62dd0d4767ddd5
processName = KBD.EXE File Size = 61440 File Path = C:\HP\KBD\KBD.EXE ModuleMD5 = 4a95f15b706b8fd9ec8715b6401eab7b
processName = ITUNESHELPER.EXE File Size = 286720 File Path = C:\Program Files\iTunes\iTunesHelper.exe ModuleMD5 = 82558e875613be9e94458f32a03d0ab3
processName = ISSCH.EXE File Size = 81920 File Path = C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe ModuleMD5 = 7139a13dd292272e12ffaf2499ca7beb
processName = HPSYSDRV.EXE File Size = 52736 File Path = C:\windows\system\hpsysdrv.exe ModuleMD5 = 06a1ecb63df139ec639e084d4ab3c9d7
processName = IPODSERVICE.EXE File Size = 401408 File Path = C:\Program Files\iPod\bin\iPodService.exe ModuleMD5 = 5098d9c342cba50ce16006086e919040
processName = HPHMON06.EXE File Size = 659456 File Path = C:\WINDOWS\system32\hphmon06.exe ModuleMD5 = 6aacd391693c7f1c691b2ce37627291b
processName = HPWUSCHD2.EXE File Size = 49152 File Path = C:\Program Files\HP\HP Software Update\HPWuSchd2.exe ModuleMD5 = 821f73b833c4daebc33c1a9a4b16bb5a
processName = HKCMD.EXE File Size = 118784 File Path = C:\WINDOWS\system32\hkcmd.exe ModuleMD5 = ea5dd164296f66241bead39e12fa69f2
processName = GCASSERV.EXE File Size = 473928 File Path = C:\Program Files\Microsoft AntiSpyware\gcasServ.exe ModuleMD5 = 263740ede788a60a6c0a47249fc410bf
processName = CCAPP.EXE File Size = 58992 File Path = C:\Program Files\Common Files\Symantec Shared\ccApp.exe ModuleMD5 = 35e1f41f9cea284f8484172180dc1012
processName = ALCWZRD.EXE File Size = 2551808 File Path = C:\WINDOWS\ALCWZRD.EXE ModuleMD5 = 897c26d149f4750faf8666727dd5dd0a
processName = ALCMTR.EXE File Size = 57344 File Path = C:\WINDOWS\ALCMTR.EXE ModuleMD5 = ea438d679fd55612b195539971f90a1c
processName = AGRSMMSG.EXE File Size = 88363 File Path = C:\WINDOWS\AGRSMMSG.exe ModuleMD5 = e7be65bf79906aebc698e077d53f6a1c
processName = MSMSGS.EXE File Size = 1694208 File Path = C:\Program Files\Messenger\msmsgs.exe ModuleMD5 = 74e6e96c6f0e2eca4edbb7f7a468f259
processName = CTFMON.EXE File Size = 15360 File Path = C:\WINDOWS\system32\ctfmon.exe ModuleMD5 = 24232996a38c0b0cf151c2140ae29fc8
processName = GCASDTSERV.EXE File Size = 756552 File Path = C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe ModuleMD5 = 21bd4696317a4a6383f86cdc5e026bfd
processName = SPYHUNTER.EXE File Size = 2469888 File Path = C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter.exe ModuleMD5 = b0966fa7fbc70d83e6bdbf7257247bff
processName = CIDAEMON.EXE File Size = 8192 File Path = C:\WINDOWS\system32\cidaemon.exe ModuleMD5 = 582304f6f1946fa5068cf143d729d7ed
###########################REGISTRY MD5 DATA###########################
<HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN>
Name=VTTimer Data=VTTimer.exe FileSize = MD5=
Name=UpdateManager Data="C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r FileSize = 110592 MD5=22fd4e58d69969a9165721c797d54931
Name=TkBellExe Data="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot FileSize = 180269 MD5=006220ee86eb71c5884f415eaa9e8058
Name=Symantec NetDriver Monitor Data=C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer FileSize = 100056 MD5=f9418981ee4d7e995d359833adab59d5
Name=SunJavaUpdateSched Data=C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe FileSize = 36975 MD5=d3e445a99a1142c35d8d3100b5564591
Name=SoundMan Data=SOUNDMAN.EXE FileSize = 77824 MD5=
Name=Reminder Data="C:\Windows\Creator\Remind_XP.exe" FileSize = 118784 MD5=04a33bbc0f0330def69b4870e50d0a09
Name=Recguard Data=C:\WINDOWS\SMINST\RECGUARD.EXE FileSize = 233472 MD5=310f1e8a0781887ba1c217448c0e4d48
Name=QuickTime Task Data="C:\Program Files\QuickTime\qttask.exe" -atboottime FileSize = 98304 MD5=76a3a30b58405c2c6d833895253a51a9
Name=PS2 Data=C:\WINDOWS\system32\ps2.exe FileSize = 81920 MD5=c4c523e78774e05d06efe3e10017cf6d
Name=LSBWatcher Data=c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe FileSize = 253952 MD5=9819c4f68686e9fe1d62dd0d4767ddd5
Name=KernelFaultCheck Data=%systemroot%\system32\dumprep 0 -k FileSize = MD5=
Name=KBD Data=C:\HP\KBD\KBD.EXE FileSize = 61440 MD5=4a95f15b706b8fd9ec8715b6401eab7b
Name=iTunesHelper Data=C:\Program Files\iTunes\iTunesHelper.exe FileSize = 286720 MD5=82558e875613be9e94458f32a03d0ab3
Name=ISUSScheduler Data="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start FileSize = 81920 MD5=7139a13dd292272e12ffaf2499ca7beb
Name=ISUSPM Startup Data=C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup FileSize = 196608 MD5=81061e94950a18093e0ffd0841896f22
Name=hpsysdrv Data=c:\windows\system\hpsysdrv.exe FileSize = 52736 MD5=06a1ecb63df139ec639e084d4ab3c9d7
Name=HPHUPD06 Data=c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe FileSize = 49152 MD5=fe08c1ff4466ad41f6aa113678f5020d
Name=HPHmon06 Data=C:\WINDOWS\system32\hphmon06.exe FileSize = 659456 MD5=6aacd391693c7f1c691b2ce37627291b
Name=HP Software Update Data=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe FileSize = 49152 MD5=821f73b833c4daebc33c1a9a4b16bb5a
Name=HotKeysCmds Data=C:\WINDOWS\system32\hkcmd.exe FileSize = 118784 MD5=ea5dd164296f66241bead39e12fa69f2
Name=gcasServ Data="C:\Program Files\Microsoft AntiSpyware\gcasServ.exe" FileSize = 473928 MD5=263740ede788a60a6c0a47249fc410bf
Name=EarthLink Installer Data=" /C FileSize = MD5=
Name=ccApp Data="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" FileSize = 58992 MD5=35e1f41f9cea284f8484172180dc1012
Name=AlcxMonitor Data=ALCXMNTR.EXE FileSize = 57344 MD5=
Name=AlcWzrd Data=ALCWZRD.EXE FileSize = 2551808 MD5=
Name=Alcmtr Data=ALCMTR.EXE FileSize = 57344 MD5=
Name=AGRSMMSG Data=AGRSMMSG.exe FileSize = 88363 MD5=
Name=SpyHunter Data=C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter.exe
FileSize = 2469888 MD5=b0966fa7fbc70d83e6bdbf7257247bff
<HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNONCEEX>
<HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNONCE>
<HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN>
Name=MSMSGS Data="C:\Program Files\Messenger\msmsgs.exe" /background FileSize = 1694208 MD5=74e6e96c6f0e2eca4edbb7f7a468f259
Name=ctfmon.exe Data=C:\WINDOWS\system32\ctfmon.exe
FileSize = 15360 MD5=24232996a38c0b0cf151c2140ae29fc8
<HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNONCE>
<HKEY_USERS\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN>
<HKEY_USERS\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNONCE>
#############################FILE MD5 DATA#############################
<C:\Documents and Settings\HP_Owner\Start Menu\Programs\Startup>
File Path = C:\Documents and Settings\HP_Owner\Start Menu\Programs\Startup\desktop.ini File Size = 4096 md5=d6a6856702e3f0953e7246a9b4a9fe35
#############################SERVICES DATA#############################
Service Name = ALG Service Display Name = Application Layer Gateway Service Opened = YES Status = Running Query = SUCCESS Service Type = 16 Service Start Type = 3 Service Error Control = 1 Service Binary Path = C:\WINDOWS\System32\alg.exe Binary Size = 44544 Binary MD5 = f1958fbf86d5c004cf19a5951a9514b7
Service Name = AudioSrv Service Display Name = Windows Audio Opened = YES Status = Running Query = SUCCESS Service Type = 32 Service Start Type = 2 Service Error Control = 1 Service Binary Path = C:\WINDOWS\System32\svchost.exe -k netsvcs Binary Size = 0 Binary MD5 =
Service Name = Browser Service Display Name = Computer Browser Opened = YES Status = Running Query = SUCCESS Service Type = 32 Service Start Type = 2 Service Error Control = 1 Service Binary Path = C:\WINDOWS\system32\svchost.exe -k netsvcs Binary Size = 0 Binary MD5 =
Service Name = ccEvtMgr Service Display Name = Symantec Event Manager Opened = YES Status = Running Query = SUCCESS Service Type = 16 Service Start Type = 2 Service Error Control = 0 Service Binary Path = "C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe" Binary Size = 0 Binary MD5 =
Service Name = ccProxy Service Display Name = Symantec Network Proxy Opened = YES Status = Running Query = SUCCESS Service Type = 272 Service Start Type = 2 Service Error Control = 0 Service Binary Path = "C:\Program Files\Common Files\Symantec Shared\ccProxy.exe" Binary Size = 0 Binary MD5 =
Service Name = ccSetMgr Service Display Name = Symantec Settings Manager Opened = YES Status = Running Query = SUCCESS Service Type = 16 Service Start Type = 2 Service Error Control = 0 Service Binary Path = "C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe" Binary Size = 0 Binary MD5 =
Service Name = CiSvc Service Display Name = Indexing Service Opened = YES Status = Running Query = SUCCESS Service Type = 288 Service Start Type = 2 Service Error Control = 1 Service Binary Path = C:\WINDOWS\system32\cisvc.exe Binary Size = 5632 Binary MD5 = 3192bd04d032a9c4a85a3278c268a13a
Service Name = CryptSvc Service Display Name = Cryptographic Services Opened = YES Status = Running Query = SUCCESS Service Type = 32 Service Start Type = 2 Service Error Control = 1 Service Binary Path = C:\WINDOWS\system32\svchost.exe -k netsvcs Binary Size = 0 Binary MD5 =
Service Name = DcomLaunch Service Display Name = DCOM Server Process Launcher Opened = YES Status = Running Query = SUCCESS Service Type = 32 Service Start Type = 2 Service Error Control = 1 Service Binary Path = C:\WINDOWS\system32\svchost -k DcomLaunch Binary Size = 0 Binary MD5 =
Service Name = Dhcp Service Display Name = DHCP Client Opened = YES Status = Running Query = SUCCESS Service Type = 32 Service Start Type = 2 Service Error Control = 1 Service Binary Path = C:\WINDOWS\system32\svchost.exe -k netsvcs Binary Size = 0 Binary MD5 =
Service Name = Dnscache Service Display Name = DNS Client Opened = YES Status = Running Query = SUCCESS Service Type = 32 Service Start Type = 2 Service Error Control = 1 Service Binary Path = C:\WINDOWS\system32\svchost.exe -k NetworkService Binary Size = 0 Binary MD5 =
Service Name = ERSvc Service Display Name = Error Reporting Service Opened = YES Status = Running Query = SUCCESS Service Type = 32 Service Start Type = 2 Service Error Control = 0 Service Binary Path = C:\WINDOWS\System32\svchost.exe -k netsvcs Binary Size = 0 Binary MD5 =
Service Name = Eventlog Service Display Name = Event Log Opened = YES Status = Running Query = SUCCESS Service Type = 32 Service Start Type = 2 Service Error Control = 1 Service Binary Path = C:\WINDOWS\system32\services.exe Binary Size = 108032 Binary MD5 = c6ce6eec82f187615d1002bb3bb50ed4
Service Name = EventSystem Service Display Name = COM+ Event System Opened = YES Status = Running Query = SUCCESS Service Type = 32 Service Start Type = 3 Service Error Control = 1 Service Binary Path = C:\WINDOWS\system32\svchost.exe -k netsvcs Binary Size = 0 Binary MD5 =
Service Name = FastUserSwitchingCompatibility Service Display Name = Fast User Switching Compatibility Opened = YES Status = Running Query = SUCCESS Service Type = 32 Service Start Type = 3 Service Error Control = 1 Service Binary Path = C:\WINDOWS\System32\svchost.exe -k netsvcs Binary Size = 0 Binary MD5 =
Service Name = helpsvc Service Display Name = Help and Support Opened = YES Status = Running Query = SUCCESS Service Type = 32 Service Start Type = 2 Service Error Control = 1 Service Binary Path = C:\WINDOWS\System32\svchost.exe -k netsvcs Binary Size = 0 Binary MD5 =
Service Name = iPodService Service Display Name = iPod Service Opened = YES Status = Running Query = SUCCESS Service Type = 16 Service Start Type = 3 Service Error Control = 0 Service Binary Path = "C:\Program Files\iPod\bin\iPodService.exe" Binary Size = 0 Binary MD5 =
Service Name = ISSVC Service Display Name = ISSVC Opened = YES Status = Running Query = SUCCESS Service Type = 16 Service Start Type = 2 Service Error Control = 0 Service Binary Path = "C:\Program Files\Norton Internet Security\ISSVC.exe" Binary Size = 0 Binary MD5 =
Service Name = lanmanserver Service Display Name = Server Opened = YES Status = Running Query = SUCCESS Service Type = 32 Service Start Type = 2 Service Error Control = 1 Service Binary Path = C:\WINDOWS\system32\svchost.exe -k netsvcs Binary Size = 0 Binary MD5 =
Service Name = lanmanworkstation Service Display Name = Workstation Opened = YES Status = Running Query = SUCCESS Service Type = 32 Service Start Type = 2 Service Error Control = 1 Service Binary Path = C:\WINDOWS\system32\svchost.exe -k netsvcs Binary Size = 0 Binary MD5 =
Service Name = LightScribeService Service Display Name = LightScribeService Direct Disc Labeling Service Opened = YES Status = Running Query = SUCCESS Service Type = 16 Service Start Type = 2 Service Error Control = 0 Service Binary Path = "c:\Program Files\Common Files\LightScribe\LSSrvc.exe" Binary Size = 0 Binary MD5 =
Service Name = LmHosts Service Display Name = TCP/IP NetBIOS Helper Opened = YES Status = Running Query = SUCCESS Service Type = 32 Service Start Type = 2 Service Error Control = 1 Service Binary Path = C:\WINDOWS\system32\svchost.exe -k LocalService Binary Size = 0 Binary MD5 =
Service Name = MDM Service Display Name = Machine Debug Manager Opened = YES Status = Running Query = SUCCESS Service Type = 272 Service Start Type = 2 Service Error Control = 1 Service Binary Path = "C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE" Binary Size = 0 Binary MD5 =
Service Name = navapsvc Service Display Name = Norton AntiVirus Auto-Protect Service Opened = YES Status = Running Query = SUCCESS Service Type = 16 Service Start Type = 2 Service Error Control = 1 Service Binary Path = "C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe" Binary Size = 0 Binary MD5 =
Service Name = Netman Service Display Name = Network Connections Opened = YES Status = Running Query = SUCCESS Service Type = 288 Service Start Type = 3 Service Error Control = 1 Service Binary Path = C:\WINDOWS\System32\svchost.exe -k netsvcs Binary Size = 0 Binary MD5 =
Service Name = Nla Service Display Name = Network Location Awareness (NLA) Opened = YES Status = Running Query = SUCCESS Service Type = 32 Service Start Type = 3 Service Error Control = 1 Service Binary Path = C:\WINDOWS\system32\svchost.exe -k netsvcs Binary Size = 0 Binary MD5 =
Service Name = PlugPlay Service Display Name = Plug and Play Opened = YES Status = Running Query = SUCCESS Service Type = 32 Service Start Type = 2 Service Error Control = 1 Service Binary Path = C:\WINDOWS\system32\services.exe Binary Size = 108032 Binary MD5 = c6ce6eec82f187615d1002bb3bb50ed4
Service Name = PolicyAgent Service Display Name = IPSEC Services Opened = YES Status = Running Query = SUCCESS Service Type = 32 Service Start Type = 2 Service Error Control = 1 Service Binary Path = C:\WINDOWS\system32\lsass.exe Binary Size = 13312 Binary MD5 = 84885f9b82f4d55c6146ebf6065d75d2
Service Name = ProtectedStorage Service Display Name = Protected Storage Opened = YES Status = Running Query = SUCCESS Service Type = 288 Service Start Type = 2 Service Error Control = 1 Service Binary Path = C:\WINDOWS\system32\lsass.exe Binary Size = 13312 Binary MD5 = 84885f9b82f4d55c6146ebf6065d75d2
Service Name = RasMan Service Display Name = Remote Access Connection Manager Opened = YES Status = Running Query = SUCCESS Service Type = 32 Service Start Type = 3 Service Error Control = 1 Service Binary Path = C:\WINDOWS\system32\svchost.exe -k netsvcs Binary Size = 0 Binary MD5 =
Service Name = RpcSs Service Display Name = Remote Procedure Call (RPC) Opened = YES Status = Running Query = SUCCESS Service Type = 32 Service Start Type = 2 Service Error Control = 1 Service Binary Path = C:\WINDOWS\system32\svchost -k rpcss Binary Size = 0 Binary MD5 =
Service Name = SamSs Service Display Name = Security Accounts Manager Opened = YES Status = Running Query = SUCCESS Service Type = 32 Service Start Type = 2 Service Error Control = 1 Service Binary Path = C:\WINDOWS\system32\lsass.exe Binary Size = 13312 Binary MD5 = 84885f9b82f4d55c6146ebf6065d75d2
Service Name = Schedule Service Display Name = Task Scheduler Opened = YES Status = Running Query = SUCCESS Service Type = 32 Service Start Type = 2 Service Error Control = 1 Service Binary Path = C:\WINDOWS\System32\svchost.exe -k netsvcs Binary Size = 0 Binary MD5 =
Service Name = seclogon Service Display Name = Secondary Logon Opened = YES Status = Running Query = SUCCESS Service Type = 288 Service Start Type = 2 Service Error Control = 0 Service Binary Path = C:\WINDOWS\System32\svchost.exe -k netsvcs Binary Size = 0 Binary MD5 =
Service Name = SENS Service Display Name = System Event Notification Opened = YES Status = Running Query = SUCCESS Service Type = 32 Service Start Type = 2 Service Error Control = 1 Service Binary Path = C:\WINDOWS\system32\svchost.exe -k netsvcs Binary Size = 0 Binary MD5 =
Service Name = SharedAccess Service Display Name = Windows Firewall/Internet Connection Sharing (ICS) Opened = YES Status = Running Query = SUCCESS Service Type = 32 Service Start Type = 2 Service Error Control = 1 Service Binary Path = C:\WINDOWS\system32\svchost.exe -k netsvcs Binary Size = 0 Binary MD5 =
Service Name = ShellHWDetection Service Display Name = Shell Hardware Detection Opened = YES Status = Running Query = SUCCESS Service Type = 32 Service Start Type = 2 Service Error Control = 0 Service Binary Path = C:\WINDOWS\System32\svchost.exe -k netsvcs Binary Size = 0 Binary MD5 =
Service Name = SNDSrvc Service Display Name = Symantec Network Drivers Service Opened = YES Status = Running Query = SUCCESS Service Type = 16 Service Start Type = 2 Service Error Control = 0 Service Binary Path = "C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe" Binary Size = 0 Binary MD5 =
Service Name = SPBBCSvc Service Display Name = Symantec SPBBCSvc Opened = YES Status = Running Query = SUCCESS Service Type = 16 Service Start Type = 2 Service Error Control = 1 Service Binary Path = "C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe" Binary Size = 0 Binary MD5 =
Service Name = Spooler Service Display Name = Print Spooler Opened = YES Status = Running Query = SUCCESS Service Type = 272 Service Start Type = 2 Service Error Control = 1 Service Binary Path = C:\WINDOWS\system32\spoolsv.exe Binary Size = 57856 Binary MD5 = da81ec57acd4cdc3d4c51cf3d409af9f
Service Name = srservice Service Display Name = System Restore Service Opened = YES Status = Running Query = SUCCESS Service Type = 32 Service Start Type = 2 Service Error Control = 1 Service Binary Path = C:\WINDOWS\system32\svchost.exe -k netsvcs Binary Size = 0 Binary MD5 =
Service Name = SSDPSRV Service Display Name = SSDP Discovery Service Opened = YES Status = Running Query = SUCCESS Service Type = 32 Service Start Type = 3 Service Error Control = 1 Service Binary Path = C:\WINDOWS\system32\svchost.exe -k LocalService Binary Size = 0 Binary MD5 =
Service Name = stisvc Service Display Name = Windows Image Acquisition (WIA) Opened = YES Status = Running Query = SUCCESS Service Type = 32 Service Start Type = 2 Service Error Control = 1 Service Binary Path = C:\WINDOWS\system32\svchost.exe -k imgsvc Binary Size = 0 Binary MD5 =
Service Name = Symantec Core LC Service Display Name = Symantec Core LC Opened = YES Status = Running Query = SUCCESS Service Type = 272 Service Start Type = 2 Service Error Control = 1 Service Binary Path = C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe Binary Size = 819352 Binary MD5 = f11341cd0d1dc5eff5feffcc7424984e
Service Name = TapiSrv Service Display Name = Telephony Opened = YES Status = Running Query = SUCCESS Service Type = 32 Service Start Type = 3 Service Error Control = 1 Service Binary Path = C:\WINDOWS\System32\svchost.exe -k netsvcs Binary Size = 0 Binary MD5 =
Service Name = TermService Service Display Name = Terminal Services Opened = YES Status = Running Query = SUCCESS Service Type = 32 Service Start Type = 3 Service Error Control = 1 Service Binary Path = C:\WINDOWS\System32\svchost -k DComLaunch Binary Size = 0 Binary MD5 =
Service Name = Themes Service Display Name = Themes Opened = YES Status = Running Query = SUCCESS Service Type = 32 Service Start Type = 2 Service Error Control = 1 Service Binary Path = C:\WINDOWS\System32\svchost.exe -k netsvcs Binary Size = 0 Binary MD5 =
Service Name = TrkWks Service Display Name = Distributed Link Tracking Client Opened = YES Status = Running Query = SUCCESS Service Type = 32 Service Start Type = 2 Service Error Control = 1 Service Binary Path = C:\WINDOWS\system32\svchost.exe -k netsvcs Binary Size = 0 Binary MD5 =
Service Name = UMWdf Service Display Name = Windows User Mode Driver Framework Opened = YES Status = Running Query = SUCCESS Service Type = 16 Service Start Type = 2 Service Error Control = 1 Service Binary Path = C:\WINDOWS\system32\wdfmgr.exe Binary Size = 38912 Binary MD5 = c81b8635dee0d3ef5f64b3dd643023a5
Service Name = W32Time Service Display Name = Windows Time Opened = YES Status = Running Query = SUCCESS Service Type = 32 Service Start Type = 2 Service Error Control = 1 Service Binary Path = C:\WINDOWS\System32\svchost.exe -k netsvcs Binary Size = 0 Binary MD5 =
Service Name = WebClient Service Display Name = WebClient Opened = YES Status = Running Query = SUCCESS Service Type = 32 Service Start Type = 2 Service Error Control = 1 Service Binary Path = C:\WINDOWS\system32\svchost.exe -k LocalService Binary Size = 0 Binary MD5 =
Service Name = winmgmt Service Display Name = Windows Management Instrumentation Opened = YES Status = Running Query = SUCCESS Service Type = 32 Service Start Type = 2 Service Error Control = 0 Service Binary Path = C:\WINDOWS\system32\svchost.exe -k netsvcs Binary Size = 0 Binary MD5 =
Service Name = wscsvc Service Display Name = Security Center Opened = YES Status = Running Query = SUCCESS Service Type = 32 Service Start Type = 2 Service Error Control = 1 Service Binary Path = C:\WINDOWS\System32\svchost.exe -k netsvcs Binary Size = 0 Binary MD5 =
Service Name = wuauserv Service Display Name = Automatic Updates Opened = YES Status = Running Query = SUCCESS Service Type = 32 Service Start Type = 2 Service Error Control = 1 Service Binary Path = C:\WINDOWS\system32\svchost.exe -k netsvcs Binary Size = 0 Binary MD5 =
Service Name = WZCSVC Service Display Name = Wireless Zero Configuration Opened = YES Status = Running Query = SUCCESS Service Type = 32 Service Start Type = 2 Service Error Control = 1 Service Binary Path = C:\WINDOWS\System32\svchost.exe -k netsvcs Binary Size = 0 Binary MD5 =
#############################WINLOGON DATA#############################
<HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWSNT\CURRENTVERSION\WINLOGON\NOTIFY>
Subkey Name = Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain Filepath = C:\WINDOWS\system32\crypt32.dll File Size = 597504 File MD5 = efc958396a7a7ef7e6d4a52b97512e18
Subkey Name = Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet Filepath = C:\WINDOWS\system32\cryptnet.dll File Size = 63488 File MD5 = cad4aa32e7eca00c23cc39c0eb833f9d
Subkey Name = Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll Filepath = C:\WINDOWS\system32\cscdll.dll File Size = 101888 File MD5 = 587729679b4fe04ce06a5c61d6c56dcd
Subkey Name = Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui Filepath = C:\WINDOWS\system32\igfxsrvc.dll File Size = 344064 File MD5 = 461f66f25460703b0f9a766a54da7836
Subkey Name = Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp Filepath = C:\WINDOWS\system32\wlnotify.dll File Size = 92672 File MD5 = a599e5e366c1408e48aa5d37882d4e3e
Subkey Name = Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule Filepath = C:\WINDOWS\system32\wlnotify.dll File Size = 92672 File MD5 = a599e5e366c1408e48aa5d37882d4e3e
Subkey Name = Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy Filepath = C:\WINDOWS\system32\sclgntfy.dll File Size = 20992 File MD5 = d636fa41e50671160d838ea2dace3330
Subkey Name = Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn Filepath = C:\WINDOWS\system32\WlNotify.dll File Size = 92672 File MD5 = a599e5e366c1408e48aa5d37882d4e3e
Subkey Name = Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv Filepath = C:\WINDOWS\system32\wlnotify.dll File Size = 92672 File MD5 = a599e5e366c1408e48aa5d37882d4e3e
Subkey Name = Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon Filepath = C:\WINDOWS\system32\wlnotify.dll File Size = 92672 File MD5 = a599e5e366c1408e48aa5d37882d4e3e
##########################BROWSER ADD-ON DATA##########################
<HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar>
CLSID = {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} FilePath = c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll File Size = 98304 File MD5 = 3117f57bfd69c3637340c47d9fee2e7c Description =
CLSID = {EF99BD32-C1FB-11D2-892F-0090271D4F88} FilePath = C:\Program Files\Yahoo!\Companion\Installs\cpn5\yt.dll File Size = 343112 File MD5 = 5e2f2db01f934243b74440f534880d19 Description = 0
CLSID = {2318C2B1-4965-11d4-9B18-009027A5CD4F} FilePath = c:\program files\google\googletoolbar2.dll File Size = 1157120 File MD5 = 356f49acb4a92470f9968b1e7e211410 Description = 0
CLSID = {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} FilePath = C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll File Size = 103568 File MD5 = c022e044c7693f7581ffa624bc61ba16 Description = Norton Internet Security
CLSID = {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} FilePath = C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll File Size = 218736 File MD5 = 46ce9ae4f88ed616a149924f40eb10d7 Description = Norton AntiVirus
<HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Explorer Bars>
CLSID = {4528BBE0-4E08-11D5-AD55-00010333D0AD} FilePath = File Size = 0 File MD5 =
CLSID = {4D5C8C25-D075-11d0-B416-00C04FB90376} FilePath = C:\WINDOWS\system32\shdocvw.dll File Size = 1483776 File MD5 = a9120115895389d60bdf421281c3cb9a
<HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Explorer Bars>
CLSID = {30D02401-6A81-11D0-8274-00C04FD5AE38} FilePath = C:\WINDOWS\system32\browseui.dll File Size = 1019904 File MD5 = 730356a3f507b3d643b7a27dc4e36e57
CLSID = {4528BBE0-4E08-11D5-AD55-00010333D0AD} FilePath = File Size = 0 File MD5 =
CLSID = {C4EE31F3-4768-11D2-BE5C-00A0C9A83DA1} FilePath = C:\WINDOWS\system32\SHELL32.dll File Size = 8450560 File MD5 = c1bcfec67e712b6a00ad00adfcbfd02e
CLSID = {EFA24E61-B078-11D0-89E4-00C04FC9E26E} FilePath = C:\WINDOWS\system32\shdocvw.dll File Size = 1483776 File MD5 = a9120115895389d60bdf421281c3cb9a
CLSID = {EFA24E62-B078-11D0-89E4-00C04FC9E26E} FilePath = C:\WINDOWS\system32\shdocvw.dll File Size = 1483776 File MD5 = a9120115895389d60bdf421281c3cb9a
CLSID = {EFA24E64-B078-11D0-89E4-00C04FC9E26E} FilePath = C:\WINDOWS\system32\shdocvw.dll File Size = 1483776 File MD5 = a9120115895389d60bdf421281c3cb9a
<HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects>
CLSID = {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} FilePath = C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll File Size = 54248 File MD5 = fc7850324464e4d19a24a03d882b5cc4
CLSID = {53707962-6F74-2D53-2644-206D7942484F} FilePath = C:\PROGRA~1\SPYBOT~1\SDHelper.dll File Size = 853672 File MD5 = 250d787a5712d7768ddc133b3e477759
CLSID = {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} FilePath = File Size = 0 File MD5 =
CLSID = {9ECB9560-04F9-4bbc-943D-298DDF1699E1} FilePath = C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll File Size = 103568 File MD5 = c022e044c7693f7581ffa624bc61ba16
CLSID = {AA58ED58-01DD-4d91-8333-CF10577473F7} FilePath = c:\program files\google\googletoolbar2.dll File Size = 1157120 File MD5 = 356f49acb4a92470f9968b1e7e211410
CLSID = {BDF3E430-B101-42AD-A544-FADC6B084872} FilePath = C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll File Size = 218736 File MD5 = 46ce9ae4f88ed616a149924f40eb10d7
<HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Extensions>
CLSID = {08B0E5C0-4FCB-11CF-AAA5-00401C608501} FilePath = File Size = 0 File MD5 =
CLSID = {92780B25-18CC-41C8-B9BE-3C9C571A8263} FilePath = File Size = 0 File MD5 =
CLSID = {FB5F1910-F110-11d2-BB9E-00C04F795683} FilePath = File Size = 0 File MD5 =
<HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions>
CLSID = CmdMapping FilePath = File Size = 0 File MD5 =
<HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks>
CLSID = {CFBFAE00-17A6-11D0-99CB-00C04FD64497} FilePath = C:\WINDOWS\system32\shdocvw.dll File Size = 1483776 File MD5 = a9120115895389d60bdf421281c3cb9a Description =
##########################LSP CHAIN DATA##########################
<HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WINSOCK2\PARAMETERS>
Sequence Num = SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000001 Filepath = C:\WINDOWS\system32\mswsock.dll File Size = 245248 File MD5 = 4e74af063c3271fbea20dd940cfd1184
Sequence Num = SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000002 Filepath = C:\WINDOWS\system32\mswsock.dll File Size = 245248 File MD5 = 4e74af063c3271fbea20dd940cfd1184
Sequence Num = SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000003 Filepath = C:\WINDOWS\system32\mswsock.dll File Size = 245248 File MD5 = 4e74af063c3271fbea20dd940cfd1184
Sequence Num = SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000004 Filepath = C:\WINDOWS\system32\rsvpsp.dll File Size = 90112 File MD5 = 90491683abd587c702b16f181ab0d99d
Sequence Num = SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000005 Filepath = C:\WINDOWS\system32\rsvpsp.dll File Size = 90112 File MD5 = 90491683abd587c702b16f181ab0d99d
Sequence Num = SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000006 Filepath = C:\WINDOWS\system32\mswsock.dll File Size = 245248 File MD5 = 4e74af063c3271fbea20dd940cfd1184
Sequence Num = SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000007 Filepath = C:\WINDOWS\system32\mswsock.dll File Size = 245248 File MD5 = 4e74af063c3271fbea20dd940cfd1184
Sequence Num = SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000008 Filepath = C:\WINDOWS\system32\mswsock.dll File Size = 245248 File MD5 = 4e74af063c3271fbea20dd940cfd1184
Sequence Num = SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000009 Filepath = C:\WINDOWS\system32\mswsock.dll File Size = 245248 File MD5 = 4e74af063c3271fbea20dd940cfd1184
Sequence Num = SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000010 Filepath = C:\WINDOWS\system32\mswsock.dll File Size = 245248 File MD5 = 4e74af063c3271fbea20dd940cfd1184
Sequence Num = SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000011 Filepath = C:\WINDOWS\system32\mswsock.dll File Size = 245248 File MD5 = 4e74af063c3271fbea20dd940cfd1184
Sequence Num = SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000012 Filepath = C:\WINDOWS\system32\mswsock.dll File Size = 245248 File MD5 = 4e74af063c3271fbea20dd940cfd1184
Sequence Num = SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000013 Filepath = C:\WINDOWS\system32\mswsock.dll File Size = 245248 File MD5 = 4e74af063c3271fbea20dd940cfd1184
##########################UNINSTALL DATA##########################
<HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL>
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\AddressBook
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\Adobe Photoshop Elements 1.0 DisplayName = Adobe Photoshop Elements InstallLocation = C:\Program Files\Adobe\Photoshop Elements
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\Adobe SVG Viewer DisplayName = Adobe SVG Viewer InstallLocation = C:\WINDOWS\system32\Adobe\SVG Viewer
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\Agere Systems Soft Modem DisplayName = Agere Systems PCI Soft Modem
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\AVS Audio Tools 3.3_is1 DisplayName = AVS Audio Tools version 3.3 InstallLocation = C:\Program Files\AVSMedia\AudioTools\
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\Best of Slots II DisplayName = Best of Slots II
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\Connection Manager
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\DirectAnimation
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\DirectDrawEx
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\Fontcore
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\Help and Support Additions DisplayName = Help and Support Additions
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\HijackThis DisplayName = HijackThis 1.99.1
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\Hijackthis_is1 DisplayName = Hijackthis 1.99.1 InstallLocation = C:\Program Files\Hijackthis\
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\HP Photo & Imaging DisplayName = HP Image Zone 4.2.3
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\ICW
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\IE40
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\IE4Data
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\IE5BAKEX
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\IEData
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield Uninstall Information
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{00FC6799-866E-44A1-A60C-DCF394CF56FD} DisplayName = iTunes InstallLocation = C:\Program Files\iTunes\
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{DB518BA6-CB74-4EB6-9ABD-880B6D6E1F38}
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\jv16 PowerTools_is1 DisplayName = jv16 PowerTools 2005
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB835221WXP DisplayName = High Definition Audio Driver Package - KB835221
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB873333 DisplayName = Windows XP Hotfix - KB873333
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB873339 DisplayName = Windows XP Hotfix - KB873339
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB883667 DisplayName = Windows XP Hotfix - KB883667
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB883939 DisplayName = Security Update for Windows XP (KB883939)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB884016
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB885250 DisplayName = Windows XP Hotfix - KB885250
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB885835 DisplayName = Windows XP Hotfix - KB885835
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB885836 DisplayName = Windows XP Hotfix - KB885836
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB886185 DisplayName = Windows XP Hotfix - KB886185
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB887472 DisplayName = Windows XP Hotfix - KB887472
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB887742 DisplayName = Windows XP Hotfix - KB887742
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB888113 DisplayName = Windows XP Hotfix - KB888113
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB888240 DisplayName = Windows XP Hotfix - KB888240
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB888302 DisplayName = Windows XP Hotfix - KB888302
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB890046 DisplayName = Security Update for Windows XP (KB890046)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB890859 DisplayName = Windows XP Hotfix - KB890859
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB891781 DisplayName = Windows XP Hotfix - KB891781
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB893066 DisplayName = Security Update for Windows XP (KB893066)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB893086 DisplayName = Windows XP Hotfix - KB893086
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB893756 DisplayName = Security Update for Windows XP (KB893756)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB893803
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB893803v2 DisplayName = Windows Installer 3.1 (KB893803)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB894391 DisplayName = Update for Windows XP (KB894391)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB896344 DisplayName = Hotfix for Windows XP (KB896344)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB896358 DisplayName = Security Update for Windows XP (KB896358)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB896422 DisplayName = Security Update for Windows XP (KB896422)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB896423 DisplayName = Security Update for Windows XP (KB896423)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB896428 DisplayName = Security Update for Windows XP (KB896428)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB896688 DisplayName = Security Update for Windows XP (KB896688)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB896727 DisplayName = Update for Windows XP (KB896727)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB898458 DisplayName = Security Update for Step By Step Interactive Training (KB898458)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB898461 DisplayName = Update for Windows XP (KB898461)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB899587 DisplayName = Security Update for Windows XP (KB899587)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB899588 DisplayName = Security Update for Windows XP (KB899588)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB899591 DisplayName = Security Update for Windows XP (KB899591)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB900725 DisplayName = Security Update for Windows XP (KB900725)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB900930 DisplayName = Update for Windows XP (KB900930)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB901017 DisplayName = Security Update for Windows XP (KB901017)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB901214 DisplayName = Security Update for Windows XP (KB901214)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB902400 DisplayName = Security Update for Windows XP (KB902400)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB904706 DisplayName = Security Update for Windows XP (KB904706)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB905414 DisplayName = Security Update for Windows XP (KB905414)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KB905749 DisplayName = Security Update for Windows XP (KB905749)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\KBD DisplayName = KBD
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\LimeWire DisplayName = LimeWire 4.9.30
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\LiveReg DisplayName = LiveReg (Symantec Corporation) InstallLocation = C:\Program Files\Common Files\Symantec Shared\LiveReg
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\LiveUpdate DisplayName = LiveUpdate 2.6 (Symantec Corporation) InstallLocation = C:\Program Files\Symantec\LiveUpdate
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\Masque Casino Games DisplayName = Masque Casino Games
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\Masque Slots DisplayName = Masque Slots
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\Microsoft Interactive Training
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\MobileOptionPack
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\Morpheus DisplayName = Morpheus 5.0 (remove only)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\MSI30-Beta1
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\MSI30-Beta2
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\MSI30-KB884016
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\MSI30-RC1
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\MSI30-RC2
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\MSI30a-KB884016
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\MSI31-Beta
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\MSI31-RC1
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\NetMeeting
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\OutlookExpress
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\PCHealth
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\procreate Painter Classic DisplayName = procreate™ Painter Classic™
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\PS2 DisplayName = PS2
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\Python 2.2 combined Win32 extensions DisplayName = Python 2.2 combined Win32 extensions
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\Python 2.2.1 DisplayName = Python 2.2.1
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\QuickTime DisplayName = QuickTime
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\RealJukebox 1.0
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\RealPlayer 6.0 DisplayName = RealPlayer
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\RecordNow.exe
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\SchedulingAgent
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\Sevinst
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\SGTRAY.EXE
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\ShockwaveFlash DisplayName = Macromedia Flash Player 8
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\Spybot - Search & Destroy_is1 DisplayName = Spybot - Search & Destroy 1.4 InstallLocation = C:\Program Files\Spybot - Search & Destroy\
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\SymSetup.{A93C9E60-29B6-49da-BA21-F70AC6AADE20} DisplayName = Norton Internet Security 2005 (Symantec Corporation) InstallLocation = C:\Program Files\Norton Internet Security
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\Windows Media Format Runtime DisplayName = Windows Media Format Runtime
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\Windows Media Player DisplayName = Windows Media Player 10
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Companion DisplayName = Yahoo! Toolbar
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Internet Mail DisplayName = Yahoo! Internet Mail
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Photos Drag-Drop Uploader 1v6 DisplayName = Yahoo! Photos Easy Upload Tool 1v6
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Toolbar DisplayName = Yahoo! Toolbar
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\ymb DisplayName = Yahoo! Mail Quick Select Tool (PhotoMail)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\{00FC6799-866E-44A1-A60C-DCF394CF56FD} DisplayName = iTunes InstallLocation = C:\Program Files\iTunes\
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\{044146E4-A924-458A-9948-4B9C7C7D9321} DisplayName = LightScribe 1.4.31.1 InstallLocation = C:\Program Files\Common Files\LightScribe\
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\{06DE445B-B2E1-4087-BE75-DB1DBFE655A4} DisplayName = 7300Trb InstallLocation =
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\{09DA4F91-2A09-4232-AB8C-6BC740096DE3} DisplayName = Sonic Update Manager InstallLocation =
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\{0D182A5E-AEE0-42ca-BD1D-4EEB2FFA256D} DisplayName = HP Image Zone Plus 4.2.3
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\{10CE1EA2-12E9-11D3-825E-00C04F6843FE} DisplayName = Microsoft Office Sounds InstallLocation =
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\{12E2B9E9-05B1-407d-B0FD-B5F350535125} DisplayName = Norton Internet Security InstallLocation =
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\{14589F05-C658-4594-9429-D437BA688686} DisplayName = IntelliMover Data Transfer Demo
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\{15EE79F4-4ED1-4267-9B0F-351009325D7D} DisplayName = HP Software Update InstallLocation =
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\{184EB198-1DBA-46DB-B728-7A5FC13D5C2B}_is1 DisplayName = Yahoo! Photos Print-at-Home Tool InstallLocation =
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\{1F63ED0B-EDD2-4037-B6AB-1358C624AF48} DisplayName = Scan InstallLocation =
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\{21E75254-410E-49C4-8981-2E1A2A2221F2} DisplayName = HP Diagnostic Assistant InstallLocation =
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\{2318C2B1-4965-11d4-9B18-009027A5CD4F} DisplayName = Google Toolbar for Internet Explorer
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\{267868CE-6DFF-40F7-9C58-C01119B7B117} DisplayName = Fax InstallLocation =
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\{2BBC9458-07CA-4843-848B-5C8146E5EFA8} DisplayName = CreativeProjects InstallLocation =
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\{2DA85B02-13C0-4E6D-9A76-22E6B3DD0CB2} DisplayName = SymNet InstallLocation =
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\{2DB4AC4A-7C2B-4137-B892-314504B053F9} DisplayName = 7300_Help InstallLocation =
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0150040} DisplayName = J2SE Runtime Environment 5.0 Update 4 InstallLocation =
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\{34A59AC3-6C5C-4A09-A7F5-369A37176C8A} DisplayName = AiOSoftware InstallLocation =
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227} DisplayName = WebFldrs XP InstallLocation =
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\{3AE681E0-4E8D-453F-950A-48534D3C0724} DisplayName = Copy InstallLocation =
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\{3AEF2F6C-F1D3-47CD-BF3B-A327F1FABE58} DisplayName = PSPrinters06 InstallLocation =
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\{3B29A786-5803-4e9e-9B58-3014A5B4E519} DisplayName = Norton AntiSpam InstallLocation =
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\{41254D7B-EADF-4078-AE4A-BD73B300EE86} DisplayName = Unload InstallLocation =
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\{416D80BA-6F6D-4672-B7CF-F54DA2F80B44} DisplayName = Microsoft Works InstallLocation =
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\{457791C5-D702-4143-A7B2-2744BE9573F2} DisplayName = HP Software Update InstallLocation =
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\{48185814-A224-447a-81DA-71BD20580E1B} DisplayName = Norton Internet Security InstallLocation =
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\{526AD5DC-CFC4-4f2a-8442-C84CC91D6C7F} DisplayName = Norton Internet Security InstallLocation =
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\{536F7C74-844B-4683-B0C5-EA39E19A6FE3} DisplayName = Microsoft AntiSpyware
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\{561A9B4E-2E48-4149-B977-59C7AFF62B52} DisplayName = HPIZ423 InstallLocation =
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\{5677563D-0CB1-485f-9E18-C5025306BB3F} DisplayName = Norton AntiSpam InstallLocation =
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\{590D4F8F-98FE-47FA-AC2B-3F22FDCF7C09} DisplayName = ShareIns InstallLocation =
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\{595D0DE8-C38A-4432-B851-47DECC1A99BD} DisplayName = HP Unload DLL Patch InstallLocation = C:\Program Files\HP\
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\{597D73A8-5FDB-4bc1-9893-40B54459F1BC} DisplayName = ProductContext InstallLocation =
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\{5B2BD022-4391-479E-8517-008844869179} DisplayName = MyInvoices & Estimates Deluxe InstallLocation = C:\Program Files\MySoftware\MyInvoices
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA} DisplayName = Sonic Express Labeler InstallLocation =
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\{6E45BA47-383C-4C1E-8ED0-0D4845C293D7} DisplayName = Microsoft Plus! Digital Media Edition Installer InstallLocation =
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\{7148F0A8-6813-11D6-A77B-00B0D0142030} DisplayName = Java 2 Runtime Environment, SE v1.4.2_03 InstallLocation =
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\{725249C3-B94C-4141-8799-0D3BA43D0812} DisplayName = CameraDrivers InstallLocation =
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\{75292511-8089-40EA-BFAF-008E572BEA54} DisplayName = HP Photosmart Cameras 4.0
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\{766273C1-A39B-47EB-ACE8-DEBDD8094BCC} DisplayName = overland InstallLocation =
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\{77772678-817F-4401-9301-ED1D01A8DA56} DisplayName = SPBBC InstallLocation = C:\Program Files\Norton Internet Security\Norton AntiVirus\
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\{84B1561B-4DE3-4FA8-8A08-805E5531
  • 0

Advertisements


#2
Retired Tech

Retired Tech

    Retired Staff

  • Retired Staff
  • 20,563 posts
The Malware Team will deal with this

Please go here:Malware Removal Guide

Run all the programmes as advised then post a current Hijack This Log in a new topic in the Malware Forum

If you are unable to run any of the programmes, please ask for advice in the Malware Forum
  • 0

#3
happybunny

happybunny

    Member

  • Topic Starter
  • Member
  • PipPip
  • 13 posts
thank you will do now
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP