PestPatrol Trouble (Help Please)

Hi,
I am having some trouble here. I have Spybot and Adaware loaded both updated. I ran those and they found nothing but I went on line and ran the Pest Patrol free scan and it found 4 different things (listed below). When it showed these things I was worried and immediately started trying to find and remove them. I turned off my system restore ran Adaware adn Spybot in safe mode but the only that was found on my sytem was statcounter which consistently shows up. Rebooted and ran PestPatrol again found the same 4 things. So I went to bulletproofsoft and dl'd their free trial (someone suggested tehm) it didnt find any of the things pestpatrol found either. So i had some friends go to pestpatrol and do the scan also pestpatrol reported the exact same 4 things on all of their machines so I thought that maybe it was just false positives but then after 2 days of downloading different spyware finders last night all of a sudden bulletproofsoft found the ezula top text but removed that ws the first time any of the things pest patrol found showed up. So I am not sure now if I have any of these or not can someone please help me to figure out if these are legitimate or not.

Pest Patrol Scan
System Spy - Key Logger (hkey_local_machine \software\microsoft\internet explorer\main

Fake CD .99 - Cracking Tool (hkey_local_machine \software\microsoft\internet explorer\main

Ezula TopText - Adware (hkey_local_machine \software\classes\.mfp

Ezula - Adware (hkey_current_user \software\microsoft\internet explorer\main

The reason I am being so psychotic about this is because I was going to use my credit card to purchase some X-mas gifts and the key logger really worried me.

Thanks for any help

psychotic and sleepless

 

Copy the command below and click start, then run, paste it in and hit enter.

regedit.exe /e c:\IE.txt "HKEY_Local_Machine\Software\Microsoft\Internet Explorer\Main "

Open the new IE.txt file in C: and copy/paste it here.

Check for Ezula here.

 

Thank You so much for your help. I pasted the reg. edit and here is the copy of the IE text file I think. I also went to your link and ran their scan before doing this and they said I do not have the Ezula or Spedia. But here here is the text file.Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL "= "http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome "
"Default_Search_URL "= "http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch "
"Search Page "= "http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch "
"Enable_Disk_Cache "= "yes "
"Cache_Percent_of_Disk "=hex:0a,00,00,00
"Delete_Temp_Files_On_Exit "= "yes "
"Local Page "=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,\
00,74,00,25,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,\
62,00,6c,00,61,00,6e,00,6b,00,2e,00,68,00,74,00,6d,00,00,00
"Anchor_Visitation_Horizon "=hex:01,00,00,00
"Use_Async_DNS "= "yes "
"Placeholder_Width "=hex:1a,00,00,00
"Placeholder_Height "=hex:1a,00,00,00
"Start Page "= "http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home "
"CompanyName "= "Microsoft Corporation "
"Custom_Key "= "MICROSO "
"Wizard_Version "= "6.0.2600.0000 "
"FullScreen "= "no "

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\ErrorThresholds]
"400 "=dword:00000200
"403 "=dword:00000100
"404 "=dword:00000200
"405 "=dword:00000100
"406 "=dword:00000200
"408 "=dword:00000200
"409 "=dword:00000200
"410 "=dword:00000100
"500 "=dword:00000200
"501 "=dword:00000200
"505 "=dword:00000200

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BEHAVIORS]
@=" "
"iexplore.exe "=dword:00000001
"explorer.exe "=dword:00000001
"msimn.exe "=dword:00000001
"* "=dword:00000001
"infopath.exe "=dword:00000000
"msn6.exe "=dword:00000000

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL]
@=" "
"SAPLOGON.exe "=dword:00000000
"SAPfewgsrv.exe "=dword:00000000
"iexplore.exe "=dword:00000001
"explorer.exe "=dword:00000001
"msimn.exe "=dword:00000001
"* "=dword:00000001

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]
@=" "
"iexplore.exe "=dword:00000001
"explorer.exe "=dword:00000001
"msimn.exe "=dword:00000001
"wmplayer.exe "=dword:00000001

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]
@=" "
"iexplore.exe "=dword:00000001
"explorer.exe "=dword:00000001
"msimn.exe "=dword:00000001

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]
@=" "
"iexplore.exe "=dword:00000001
"explorer.exe "=dword:00000001
"msimn.exe "=dword:00000001

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]
@=" "
"iexplore.exe "=dword:00000001
"explorer.exe "=dword:00000001
"msimn.exe "=dword:00000001

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]
@=" "
"iexplore.exe "=dword:00000000
"explorer.exe "=dword:00000000

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]
@=" "
"iexplore.exe "=dword:00000001
"explorer.exe "=dword:00000001

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]
@=" "
"iexplore.exe "=dword:00000001
"explorer.exe "=dword:00000001
"msimn.exe "=dword:00000001

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]
@=" "
"iexplore.exe "=dword:00000001
"explorer.exe "=dword:00000001
"msimn.exe "=dword:00000001

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]
@=" "
"iexplore.exe "=dword:00000001
"explorer.exe "=dword:00000001
"msimn.exe "=dword:00000001

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\UrlTemplate]
"1 "= "www.%s.com "
"2 "= "www.%s.org "
"3 "= "www.%s.net "
"4 "= "www.%s.edu "

Does this tell you anything about the keylogger or fake cd 99

 

I see nothing in that log to suggest any kind of an infection. I got the same results from the pestpatrol scan also. Looks like false positives.

 

Thank You ,
I was so worried and I thought that was what was going on but I just wasnt sure. So I will stay away from there and quit freaking myself out.
You have been a great help.

 

You're welcome. Glad to help.

 

Fulltime job

Pest Patrol is able to identify some threats that the freebee's dont' detect.
I use them all, Pest Patrol, Adaware SE, Spy Bot S+D, SpywareBlaster in conjunction with a Linksys Router set to block PopUps as well as ZA Pro.
I have no pop ups and a caution window appears each time spyware wants to install on my W98 machine. I use IE6.0.2800.1106, Mozilla 1.4.1 as well as Nestcape 4.79. Keeping your machine pest free is a fulltime job!

Len