Tech Support Forum - View Single Post

julzy · 07-14-2005, 10:04 PM

###########################Runnning Processes DATA###########################
processName = C:\WINDOWS\SYSTEM\KERNEL32.DLL File Size = 548624 File Path = C:\WINDOWS\SYSTEM\COMCTL32.DLL ModuleMD5 = df6d458f396751ceae590e042cb10811
processName = C:\WINDOWS\SYSTEM\MSGSRV32.EXE File Size = 45056 File Path = C:\WINDOWS\SYSTEM\CFGMGR32.DLL ModuleMD5 = cb51fcec5eafc1ca1b55bd66414ac64f
processName = C:\WINDOWS\SYSTEM\MPREXE.EXE File Size = 548624 File Path = C:\WINDOWS\SYSTEM\COMCTL32.DLL ModuleMD5 = df6d458f396751ceae590e042cb10811
processName = C:\WINDOWS\SYSTEM\MMTASK.TSK File Size = 471040 File Path = C:\WINDOWS\SYSTEM\KERNEL32.DLL ModuleMD5 = df25456bbb343e913e7eb54550f36267
processName = C:\WINDOWS\SYSTEM\MSTASK.EXE File Size = 786432 File Path = C:\WINDOWS\SYSTEM\OLE32.DLL ModuleMD5 = 2b580ec0af8b3104284ce3a6a8a71890
processName = C:\WINDOWS\SYSTEM\KB891711\KB891711.EXE File Size = 471040 File Path = C:\WINDOWS\SYSTEM\KERNEL32.DLL ModuleMD5 = df25456bbb343e913e7eb54550f36267
processName = C:\WINDOWS\EXPLORER.EXE File Size = 98816 File Path = C:\WINDOWS\SYSTEM\ACTXPRXY.DLL ModuleMD5 = f967fb3a8b05f93c3d736a8afb5d4e86processName = C:\WINDOWS\SYSTEM\SYSTRAY.EXE File Size = 786432 File Path = C:\WINDOWS\SYSTEM\OLE32.DLL ModuleMD5 = 2b580ec0af8b3104284ce3a6a8a71890
processName = C:\WINDOWS\LOADQM.EXE File Size = 57344 File Path = C:\WINDOWS\SYSTEM\RNR20.DLL ModuleMD5 = 40b13c04193acc6bf035f38eb5a4586e
processName = C:\PROGRAM FILES\MSN APPS\UPDATER\01.03.0000.1005\EN-US\MSNAPPAU.EXE File Size = 45056 File Path = C:\WINDOWS\SYSTEM\MSAFD.DLL ModuleMD5 = 143535c49ae413498f2a015aabb8be95
processName = C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGCC.EXE File Size = 10806 File Path = C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGEMCPS.DLL ModuleMD5 = 4c4ce2cf97ed9c612aedece11466e8f3
processName = C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGEMC.EXE File Size = 10806 File Path = C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGEMCPS.DLL ModuleMD5 = 4c4ce2cf97ed9c612aedece11466e8f3
processName = C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGAMSVR.EXE File Size = 548624 File Path = C:\WINDOWS\SYSTEM\COMCTL32.DLL ModuleMD5 = df6d458f396751ceae590e042cb10811
processName = C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE
processName = C:\WINDOWS\SYSTEM\DDHELP.EXE File Size = 407552 File Path = C:\WINDOWS\SYSTEM\TRID_D3D.DLL ModuleMD5 = 038865beb12f9cd1afe1e2b9475c3f37
processName = C:\WINDOWS\SYSTEM\RNAAPP.EXE File Size = 135168 File Path = C:\WINDOWS\SYSTEM\RNAUI.DLL ModuleMD5 = ff81e6d412e5b6a2eaf4a40f4c666d95
processName = C:\WINDOWS\SYSTEM\TAPISRV.EXE File Size = 24576 File Path = C:\WINDOWS\SYSTEM\UMDM32.DLL ModuleMD5 = 010eef2ad514cd779e38a95078d9426c
processName = C:\PROGRAM FILES\ENIGMA SOFTWARE GROUP\SPYHUNTER\SPYHUNTER.EXE File Size = 49152 File Path = C:\PROGRAM FILES\ENIGMA SOFTWARE GROUP\SPYHUNTER\ESGI_MD5H.DLL ModuleMD5 = 825ef6e7a427885e9d0f1e994c92dc4f
processName = C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE File Size = 160016 File Path = C:\WINDOWS\SYSTEM\MSLS31.DLL ModuleMD5 = fbd9b6e6a07fab5e83fb8b41c8468ad8
processName = C:\WINDOWS\NOTEPAD.EXE File Size = 53248 File Path = C:\WINDOWS\NOTEPAD.EXE ModuleMD5 = 0d2b84d0ee7955ac3bbe44e936723f9a
###########################REGISTRY MD5 DATA###########################
<HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN>
Name=SystemTray Data=SysTray.Exe FileSize = 36864 MD5=
Name=LoadPowerProfile Data=Rundll32.exe powrprof.dll,LoadCurrentPwrScheme FileSize = MD5=
Name=LoadQM Data=loadqm.exe FileSize = 7536 MD5=
Name=msnappau Data="c:\program files\MSN Apps\Updater\01.03.0000.1005\en-us\msnappau.exe" FileSize = 86016 MD5=e377c992dfbb5837826ea311e436c66d
Name=Mirabilis ICQ Data=C:\PROGRA~1\ICQ\ICQNet.exe FileSize = 38984 MD5=4e34897ac56fe596d9d445a82e392d57
Name=AVG7_CC Data=C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGCC.EXE /STARTUP FileSize = 352768 MD5=82f0d9baf07f7a63d6ca044251dd5598
Name=AVG7_EMC Data=C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGEMC.EXE FileSize = 272896 MD5=f4c4aabcca4ea3a675e5bbc3e821e7e1
Name=AVG7_AMSVR Data=C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGAMSVR.EXE FileSize = 330240 MD5=9dbd26d7d7967d918c507b1e2a93a37e
Name=SpyHunter Data=C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter.exe
FileSize = 2469888 MD5=b0966fa7fbc70d83e6bdbf7257247bff
<HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNONCEEX>
<HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNONCE>
<HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN>
Name=msnmsgr Data="C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE" /background
FileSize = 6856704 MD5=79ac63592f9b6750f2026a2520c11bee
<HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNONCE>
<HKEY_USERS\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN>
Name=msnmsgr Data="C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE" /background
FileSize = 6856704 MD5=79ac63592f9b6750f2026a2520c11bee
<HKEY_USERS\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNONCE>#############################FILE MD5 DATA#############################
<C:\WINDOWS\Start Menu\Programs\StartUp>
##########################BROWSER ADD-ON DATA##########################
<HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar>
CLSID = {BA52B914-B692-46c4-B683-905236F6F655} FilePath = File Size = 0 File MD5 = Description = McAfee VirusScan
CLSID = {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} FilePath = File Size = 0 File MD5 = Description = 0
CLSID = {8E718888-423F-11D2-876E-00A0C9082467} FilePath = C:\WINDOWS\SYSTEM\MSDXM.OCX File Size = 1676800 File MD5 = d3d8b0684ed7a88ffce4956880907827 Description = 0
<HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Explorer Bars>
CLSID = {4D5C8C25-D075-11d0-B416-00C04FB90376} FilePath = C:\WINDOWS\SYSTEM\SHDOCVW.DLL File Size = 1338368 File MD5 = 94f6961f9d85f00b4e160331f1e257d8
CLSID = {4528BBE0-4E08-11D5-AD55-00010333D0AD} FilePath = C:\PROGRAM FILES\YAHOO!\MESSENGER\YHEXBMES0527.DLL File Size = 316560 File MD5 = 79101e205a4a426ce3bac85949b7358e
<HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Explorer Bars>
CLSID = {EFA24E64-B078-11D0-89E4-00C04FC9E26E} FilePath = C:\WINDOWS\SYSTEM\SHDOCVW.DLL File Size = 1338368 File MD5 = 94f6961f9d85f00b4e160331f1e257d8
CLSID = {EFA24E62-B078-11D0-89E4-00C04FC9E26E} FilePath = C:\WINDOWS\SYSTEM\SHDOCVW.DLL File Size = 1338368 File MD5 = 94f6961f9d85f00b4e160331f1e257d8
CLSID = {32683183-48a0-441b-a342-7c2a440a9478} FilePath = C:\WINDOWS\SYSTEM\BROWSEUI.DLL File Size = 1026048 File MD5 = 6b923d17712b0f3ba71e5185ac632862
CLSID = {4528BBE0-4E08-11D5-AD55-00010333D0AD} FilePath = C:\PROGRAM FILES\YAHOO!\MESSENGER\YHEXBMES0527.DLL File Size = 316560 File MD5 = 79101e205a4a426ce3bac85949b7358e
<HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects>
CLSID = {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} FilePath = File Size = 0 File MD5 =
<HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Extensions>
CLSID = {6224f700-cba3-4071-b251-47cb894244cd} FilePath = File Size = 0 File MD5 =
CLSID = {4528BBE0-4E08-11D5-AD55-00010333D0AD} FilePath = C:\PROGRAM FILES\YAHOO!\MESSENGER\YHEXBMES0527.DLL File Size = 316560 File MD5 = 79101e205a4a426ce3bac85949b7358e
<HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions>
CLSID = CmdMapping FilePath = File Size = 0 File MD5 =
<HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks>
CLSID = {CFBFAE00-17A6-11D0-99CB-00C04FD64497} FilePath = C:\WINDOWS\SYSTEM\SHDOCVW.DLL File Size = 1338368 File MD5 = 94f6961f9d85f00b4e160331f1e257d8 Description =
##########################LSP CHAIN DATA##########################
<HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WINSOCK2\PARAMETERS>Sequence Num = SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000001 Filepath = C:\WINDOWS\SYSTEM\mswsosp.dll File Size = 45056 File MD5 = 3b23fb583569e42a004ecfb646f8dfaa
Sequence Num = SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000002 Filepath = C:\WINDOWS\SYSTEM\msafd.dll File Size = 45056 File MD5 = 143535c49ae413498f2a015aabb8be95
Sequence Num = SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000003 Filepath = C:\WINDOWS\SYSTEM\msafd.dll File Size = 45056 File MD5 = 143535c49ae413498f2a015aabb8be95
Sequence Num = SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000004 Filepath = C:\WINDOWS\SYSTEM\msafd.dll File Size = 45056 File MD5 = 143535c49ae413498f2a015aabb8be95
Sequence Num = SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000005 Filepath = C:\WINDOWS\SYSTEM\rsvpsp.dll File Size = 40960 File MD5 = c7b82174cb0ce69278296fe2b432fc8d
Sequence Num = SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000006 Filepath = C:\WINDOWS\SYSTEM\rsvpsp.dll File Size = 40960 File MD5 = c7b82174cb0ce69278296fe2b432fc8d
##########################UNINSTALL DATA##########################
<HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL>Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\DXM_Runtime
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\InetFind DisplayName = Find... On the Internet
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\MSJavaVM
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\MSTASK
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\OutlookExpress DisplayName = Microsoft Outlook Express 6
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\FrontPageExpress
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\NetMeeting
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\Shockwave
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\Shockwaveflash
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\Chlen-us
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\HTMLHelp
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\{C4BA56E6-3DA9-4454-AD39-81FB11810984} DisplayName = McAfee VirusScan Professional Bonus Pack InstallLocation = C:\Program Files\McAfee\McAfee Shared Components\
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\890175 DisplayName = Windows 98 Q890175 Update
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\888113 DisplayName = Windows 98 Q888113 Update
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\891711 DisplayName = Windows 98 KB891711 Update
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\840315 DisplayName = Windows 98 Q840315 Update
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\Q823559 DisplayName = Windows 98 Q823559 Update
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\IExpress
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} DisplayName = Microsoft .NET Framework 1.1 InstallLocation =
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\WinZip DisplayName = WinZip InstallLocation = C:\PROGRA~1\WINZIP\
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\Microsoft .NET Framework 1.1 (1033) DisplayName = Microsoft .NET Framework 1.1
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\TweakNow RegCleaner_is1 DisplayName = TweakNow RegCleaner InstallLocation = C:\Program Files\TweakNow RegCleaner\
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\fontcore
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\IEData
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\IE4Data
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\ADIELangPack
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\ARIELangPack DisplayName = Arabic Language Support
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\SchedulingAgent
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\128PATCH
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\IE40 DisplayName = Microsoft Internet Explorer 6 SP1 and Internet Tools
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\expinst
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\MobileOptionPack
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\IE5BAKEX
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\ICW
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\IE_EXTRA
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\AddressBook
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\VGX
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\IEREADME
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\Branding
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\{ABEB838C-A1A7-4C5D-B7E1-8B4314600816} DisplayName = MSN Messenger 7.0 InstallLocation =
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\ICQ DisplayName = ICQ
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\WinMX DisplayName = WinMX
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\WMP7 DisplayName = Windows Media Player 7.1
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\Y!TunnelPro 2.0 DisplayName = Y!TunnelPro 2.0 Build 368 InstallLocation = C:\Program Files\Digital Asphyxia\Y!TunnelPro 2.0
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\AVG7Uninstall DisplayName = AVG Free Edition
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\VBRunDLL DisplayName = VBRunDLL 3.0 InstallLocation = C:\Program Files\ZakFromAnotherPlanet\VBRunDLL
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\Yazak Chat DisplayName = Yazak Chat 7.64.2 InstallLocation = C:\Program Files\ZakFromAnotherPlanet\Yazak Chat
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\HijackThis DisplayName = HijackThis 1.99.1
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\Microsoft NetShow Player 2.0
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\MPlayer2
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\{EE5B8E34-973C-4FBE-AC83-99F064009FC7} DisplayName = SpyHunter InstallLocation = C:\Program Files\Enigma Software Group\SpyHunter

07-14-2005, 10:04 PM	#22 (permalink)
julzy Registered User Join Date: Jul 2005 Posts: 88 OS: xp	###########################Runnning Processes DATA########################### processName = C:\WINDOWS\SYSTEM\KERNEL32.DLL File Size = 548624 File Path = C:\WINDOWS\SYSTEM\COMCTL32.DLL ModuleMD5 = df6d458f396751ceae590e042cb10811 processName = C:\WINDOWS\SYSTEM\MSGSRV32.EXE File Size = 45056 File Path = C:\WINDOWS\SYSTEM\CFGMGR32.DLL ModuleMD5 = cb51fcec5eafc1ca1b55bd66414ac64f processName = C:\WINDOWS\SYSTEM\MPREXE.EXE File Size = 548624 File Path = C:\WINDOWS\SYSTEM\COMCTL32.DLL ModuleMD5 = df6d458f396751ceae590e042cb10811 processName = C:\WINDOWS\SYSTEM\MMTASK.TSK File Size = 471040 File Path = C:\WINDOWS\SYSTEM\KERNEL32.DLL ModuleMD5 = df25456bbb343e913e7eb54550f36267 processName = C:\WINDOWS\SYSTEM\MSTASK.EXE File Size = 786432 File Path = C:\WINDOWS\SYSTEM\OLE32.DLL ModuleMD5 = 2b580ec0af8b3104284ce3a6a8a71890 processName = C:\WINDOWS\SYSTEM\KB891711\KB891711.EXE File Size = 471040 File Path = C:\WINDOWS\SYSTEM\KERNEL32.DLL ModuleMD5 = df25456bbb343e913e7eb54550f36267 processName = C:\WINDOWS\EXPLORER.EXE File Size = 98816 File Path = C:\WINDOWS\SYSTEM\ACTXPRXY.DLL ModuleMD5 = f967fb3a8b05f93c3d736a8afb5d4e86processName = C:\WINDOWS\SYSTEM\SYSTRAY.EXE File Size = 786432 File Path = C:\WINDOWS\SYSTEM\OLE32.DLL ModuleMD5 = 2b580ec0af8b3104284ce3a6a8a71890 processName = C:\WINDOWS\LOADQM.EXE File Size = 57344 File Path = C:\WINDOWS\SYSTEM\RNR20.DLL ModuleMD5 = 40b13c04193acc6bf035f38eb5a4586e processName = C:\PROGRAM FILES\MSN APPS\UPDATER\01.03.0000.1005\EN-US\MSNAPPAU.EXE File Size = 45056 File Path = C:\WINDOWS\SYSTEM\MSAFD.DLL ModuleMD5 = 143535c49ae413498f2a015aabb8be95 processName = C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGCC.EXE File Size = 10806 File Path = C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGEMCPS.DLL ModuleMD5 = 4c4ce2cf97ed9c612aedece11466e8f3 processName = C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGEMC.EXE File Size = 10806 File Path = C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGEMCPS.DLL ModuleMD5 = 4c4ce2cf97ed9c612aedece11466e8f3 processName = C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGAMSVR.EXE File Size = 548624 File Path = C:\WINDOWS\SYSTEM\COMCTL32.DLL ModuleMD5 = df6d458f396751ceae590e042cb10811 processName = C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE processName = C:\WINDOWS\SYSTEM\DDHELP.EXE File Size = 407552 File Path = C:\WINDOWS\SYSTEM\TRID_D3D.DLL ModuleMD5 = 038865beb12f9cd1afe1e2b9475c3f37 processName = C:\WINDOWS\SYSTEM\RNAAPP.EXE File Size = 135168 File Path = C:\WINDOWS\SYSTEM\RNAUI.DLL ModuleMD5 = ff81e6d412e5b6a2eaf4a40f4c666d95 processName = C:\WINDOWS\SYSTEM\TAPISRV.EXE File Size = 24576 File Path = C:\WINDOWS\SYSTEM\UMDM32.DLL ModuleMD5 = 010eef2ad514cd779e38a95078d9426c processName = C:\PROGRAM FILES\ENIGMA SOFTWARE GROUP\SPYHUNTER\SPYHUNTER.EXE File Size = 49152 File Path = C:\PROGRAM FILES\ENIGMA SOFTWARE GROUP\SPYHUNTER\ESGI_MD5H.DLL ModuleMD5 = 825ef6e7a427885e9d0f1e994c92dc4f processName = C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE File Size = 160016 File Path = C:\WINDOWS\SYSTEM\MSLS31.DLL ModuleMD5 = fbd9b6e6a07fab5e83fb8b41c8468ad8 processName = C:\WINDOWS\NOTEPAD.EXE File Size = 53248 File Path = C:\WINDOWS\NOTEPAD.EXE ModuleMD5 = 0d2b84d0ee7955ac3bbe44e936723f9a ###########################REGISTRY MD5 DATA########################### <HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN> Name=SystemTray Data=SysTray.Exe FileSize = 36864 MD5= Name=LoadPowerProfile Data=Rundll32.exe powrprof.dll,LoadCurrentPwrScheme FileSize = MD5= Name=LoadQM Data=loadqm.exe FileSize = 7536 MD5= Name=msnappau Data="c:\program files\MSN Apps\Updater\01.03.0000.1005\en-us\msnappau.exe" FileSize = 86016 MD5=e377c992dfbb5837826ea311e436c66d Name=Mirabilis ICQ Data=C:\PROGRA~1\ICQ\ICQNet.exe FileSize = 38984 MD5=4e34897ac56fe596d9d445a82e392d57 Name=AVG7_CC Data=C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGCC.EXE /STARTUP FileSize = 352768 MD5=82f0d9baf07f7a63d6ca044251dd5598 Name=AVG7_EMC Data=C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGEMC.EXE FileSize = 272896 MD5=f4c4aabcca4ea3a675e5bbc3e821e7e1 Name=AVG7_AMSVR Data=C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGAMSVR.EXE FileSize = 330240 MD5=9dbd26d7d7967d918c507b1e2a93a37e Name=SpyHunter Data=C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter.exe FileSize = 2469888 MD5=b0966fa7fbc70d83e6bdbf7257247bff <HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNONCEEX> <HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNONCE> <HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN> Name=msnmsgr Data="C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE" /background FileSize = 6856704 MD5=79ac63592f9b6750f2026a2520c11bee <HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNONCE> <HKEY_USERS\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN> Name=msnmsgr Data="C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE" /background FileSize = 6856704 MD5=79ac63592f9b6750f2026a2520c11bee <HKEY_USERS\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNONCE>#############################FILE MD5 DATA############################# <C:\WINDOWS\Start Menu\Programs\StartUp> ##########################BROWSER ADD-ON DATA########################## <HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar> CLSID = {BA52B914-B692-46c4-B683-905236F6F655} FilePath = File Size = 0 File MD5 = Description = McAfee VirusScan CLSID = {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} FilePath = File Size = 0 File MD5 = Description = 0 CLSID = {8E718888-423F-11D2-876E-00A0C9082467} FilePath = C:\WINDOWS\SYSTEM\MSDXM.OCX File Size = 1676800 File MD5 = d3d8b0684ed7a88ffce4956880907827 Description = 0 <HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Explorer Bars> CLSID = {4D5C8C25-D075-11d0-B416-00C04FB90376} FilePath = C:\WINDOWS\SYSTEM\SHDOCVW.DLL File Size = 1338368 File MD5 = 94f6961f9d85f00b4e160331f1e257d8 CLSID = {4528BBE0-4E08-11D5-AD55-00010333D0AD} FilePath = C:\PROGRAM FILES\YAHOO!\MESSENGER\YHEXBMES0527.DLL File Size = 316560 File MD5 = 79101e205a4a426ce3bac85949b7358e <HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Explorer Bars> CLSID = {EFA24E64-B078-11D0-89E4-00C04FC9E26E} FilePath = C:\WINDOWS\SYSTEM\SHDOCVW.DLL File Size = 1338368 File MD5 = 94f6961f9d85f00b4e160331f1e257d8 CLSID = {EFA24E62-B078-11D0-89E4-00C04FC9E26E} FilePath = C:\WINDOWS\SYSTEM\SHDOCVW.DLL File Size = 1338368 File MD5 = 94f6961f9d85f00b4e160331f1e257d8 CLSID = {32683183-48a0-441b-a342-7c2a440a9478} FilePath = C:\WINDOWS\SYSTEM\BROWSEUI.DLL File Size = 1026048 File MD5 = 6b923d17712b0f3ba71e5185ac632862 CLSID = {4528BBE0-4E08-11D5-AD55-00010333D0AD} FilePath = C:\PROGRAM FILES\YAHOO!\MESSENGER\YHEXBMES0527.DLL File Size = 316560 File MD5 = 79101e205a4a426ce3bac85949b7358e <HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects> CLSID = {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} FilePath = File Size = 0 File MD5 = <HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Extensions> CLSID = {6224f700-cba3-4071-b251-47cb894244cd} FilePath = File Size = 0 File MD5 = CLSID = {4528BBE0-4E08-11D5-AD55-00010333D0AD} FilePath = C:\PROGRAM FILES\YAHOO!\MESSENGER\YHEXBMES0527.DLL File Size = 316560 File MD5 = 79101e205a4a426ce3bac85949b7358e <HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions> CLSID = CmdMapping FilePath = File Size = 0 File MD5 = <HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks> CLSID = {CFBFAE00-17A6-11D0-99CB-00C04FD64497} FilePath = C:\WINDOWS\SYSTEM\SHDOCVW.DLL File Size = 1338368 File MD5 = 94f6961f9d85f00b4e160331f1e257d8 Description = ##########################LSP CHAIN DATA########################## <HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WINSOCK2\PARAMETERS>Sequence Num = SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000001 Filepath = C:\WINDOWS\SYSTEM\mswsosp.dll File Size = 45056 File MD5 = 3b23fb583569e42a004ecfb646f8dfaa Sequence Num = SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000002 Filepath = C:\WINDOWS\SYSTEM\msafd.dll File Size = 45056 File MD5 = 143535c49ae413498f2a015aabb8be95 Sequence Num = SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000003 Filepath = C:\WINDOWS\SYSTEM\msafd.dll File Size = 45056 File MD5 = 143535c49ae413498f2a015aabb8be95 Sequence Num = SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000004 Filepath = C:\WINDOWS\SYSTEM\msafd.dll File Size = 45056 File MD5 = 143535c49ae413498f2a015aabb8be95 Sequence Num = SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000005 Filepath = C:\WINDOWS\SYSTEM\rsvpsp.dll File Size = 40960 File MD5 = c7b82174cb0ce69278296fe2b432fc8d Sequence Num = SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000006 Filepath = C:\WINDOWS\SYSTEM\rsvpsp.dll File Size = 40960 File MD5 = c7b82174cb0ce69278296fe2b432fc8d ##########################UNINSTALL DATA########################## <HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL>Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\DXM_Runtime Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\InetFind DisplayName = Find... On the Internet Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\MSJavaVM Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\MSTASK Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\OutlookExpress DisplayName = Microsoft Outlook Express 6 Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\FrontPageExpress Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\NetMeeting Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\Shockwave Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\Shockwaveflash Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\Chlen-us Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\HTMLHelp Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\{C4BA56E6-3DA9-4454-AD39-81FB11810984} DisplayName = McAfee VirusScan Professional Bonus Pack InstallLocation = C:\Program Files\McAfee\McAfee Shared Components\ Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\890175 DisplayName = Windows 98 Q890175 Update Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\888113 DisplayName = Windows 98 Q888113 Update Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\891711 DisplayName = Windows 98 KB891711 Update Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\840315 DisplayName = Windows 98 Q840315 Update Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\Q823559 DisplayName = Windows 98 Q823559 Update Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\IExpress Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} DisplayName = Microsoft .NET Framework 1.1 InstallLocation = Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\WinZip DisplayName = WinZip InstallLocation = C:\PROGRA~1\WINZIP\ Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\Microsoft .NET Framework 1.1 (1033) DisplayName = Microsoft .NET Framework 1.1 Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\TweakNow RegCleaner_is1 DisplayName = TweakNow RegCleaner InstallLocation = C:\Program Files\TweakNow RegCleaner\ Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\fontcore Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\IEData Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\IE4Data Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\ADIELangPack Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\ARIELangPack DisplayName = Arabic Language Support Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\SchedulingAgent Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\128PATCH Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\IE40 DisplayName = Microsoft Internet Explorer 6 SP1 and Internet Tools Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\expinst Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\MobileOptionPack Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\IE5BAKEX Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\ICW Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\IE_EXTRA Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\AddressBook Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\VGX Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\IEREADME Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\Branding Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\{ABEB838C-A1A7-4C5D-B7E1-8B4314600816} DisplayName = MSN Messenger 7.0 InstallLocation = Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\ICQ DisplayName = ICQ Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\WinMX DisplayName = WinMX Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\WMP7 DisplayName = Windows Media Player 7.1 Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\Y!TunnelPro 2.0 DisplayName = Y!TunnelPro 2.0 Build 368 InstallLocation = C:\Program Files\Digital Asphyxia\Y!TunnelPro 2.0 Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\AVG7Uninstall DisplayName = AVG Free Edition Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\VBRunDLL DisplayName = VBRunDLL 3.0 InstallLocation = C:\Program Files\ZakFromAnotherPlanet\VBRunDLL Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\Yazak Chat DisplayName = Yazak Chat 7.64.2 InstallLocation = C:\Program Files\ZakFromAnotherPlanet\Yazak Chat Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\HijackThis DisplayName = HijackThis 1.99.1 Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\Microsoft NetShow Player 2.0 Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\MPlayer2 Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\{EE5B8E34-973C-4FBE-AC83-99F064009FC7} DisplayName = SpyHunter InstallLocation = C:\Program Files\Enigma Software Group\SpyHunter