View Full Version : AVG can't remove Downloader.Obfuskated
Steinhart
2007-03-16, 20:55
I Have AVG Anti-spyware and Anti-virus. As well as Spybot 1.4
I have removed this virus like 10 times and it still comes back like 1 day later sometimes 2 days later.
So here are my HijackThis, Spybot, Panda online Acitvescan, and AVG Virus Vault Reports.
Logfile of HijackThis v1.99.1
Scan saved at 1:23:41 PM, on 3/16/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\Explorer.EXE
D:\Program Files\Creative\SBAudigy4\DVDAudio\CTDVDDET.EXE
D:\Program Files\Creative\SBAudigy4\Surround Mixer\CTSysVol.exe
C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Java\jre1.6.0\bin\jusched.exe
D:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
C:\WINDOWS\system32\wuauclt.exe
D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
D:\Program Files\Creative\MediaSource\Go\CTCMSGo.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
D:\Documents\Christian\My Documents\Downloads\Utilities\Malware stuff\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://downloads.yahoo.com/internetexplorer/welcome.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer provided by Yahoo!
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - D:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - D:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [CTDVDDET] "D:\Program Files\Creative\SBAudigy4\DVDAudio\CTDVDDET.EXE"
O4 - HKLM\..\Run: [CTSysVol] D:\Program Files\Creative\SBAudigy4\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [AudioDrvEmulator] "C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" -1 AudioDrvEmulator "C:\Program Files\Creative\Shared Files\Module Loader\Audio Emulator\AudDrvEm.dll"
O4 - HKLM\..\Run: [RCSystem] "C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" RCSystem * -Startup
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0\bin\jusched.exe"
O4 - HKCU\..\Run: [Creative Detector] D:\Program Files\Creative\MediaSource\Detector\CTDetect.exe /R
O4 - HKCU\..\Run: [SpybotSD TeaTimer] D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Creative MediaSource Go] "D:\Program Files\Creative\MediaSource\Go\CTCMSGo.exe" /SCB
O4 - HKCU\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O11 - Options group: [INTERNATIONAL] International*
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
PANDA ACTIVESCAN
Incident Status Location
Spyware:Cookie/2o7 Not disinfected C:\Documents and Settings\Christian\Application Data\Mozilla\Firefox\Profiles\uxuhhbry.default\cookies.txt[.2o7.net/]
Spyware:Cookie/Adtech Not disinfected C:\Documents and Settings\Christian\Application Data\Mozilla\Firefox\Profiles\uxuhhbry.default\cookies.txt[.adtech.de/]
Spyware:Cookie/BurstNet Not disinfected C:\Documents and Settings\Christian\Application Data\Mozilla\Firefox\Profiles\uxuhhbry.default\cookies.txt[.burstnet.com/]
Spyware:Cookie/Overture Not disinfected C:\Documents and Settings\Christian\Application Data\Mozilla\Firefox\Profiles\uxuhhbry.default\cookies.txt[.overture.com/]
Spyware:Cookie/QuestionMarket Not disinfected C:\Documents and Settings\Christian\Application Data\Mozilla\Firefox\Profiles\uxuhhbry.default\cookies.txt[.questionmarket.com/]
Spyware:Cookie/Traffic Marketplace Not disinfected C:\Documents and Settings\Christian\Application Data\Mozilla\Firefox\Profiles\uxuhhbry.default\cookies.txt[.trafficmp.com/]
Spyware:Cookie/Tribalfusion Not disinfected C:\Documents and Settings\Christian\Application Data\Mozilla\Firefox\Profiles\uxuhhbry.default\cookies.txt[.tribalfusion.com/]
Spyware:Cookie/BurstBeacon Not disinfected C:\Documents and Settings\Christian\Application Data\Mozilla\Firefox\Profiles\uxuhhbry.default\cookies.txt[www.burstbeacon.com/]
Spyware:Cookie/Apmebf Not disinfected C:\Documents and Settings\Christian\Cookies\christian@apmebf[1].txt
Spyware:Cookie/Overture Not disinfected C:\Documents and Settings\Christian\Cookies\christian@perf.overture[1].txt
Potentially unwanted tool:Application/Processor Not disinfected C:\Documents and Settings\Christian\Desktop\SmitfraudFix\SmitfraudFix\Process.exe
Potentially unwanted tool:Application/Processor Not disinfected C:\Program Files\Mozilla Firefox\SmitfraudFix\Process.exe
Potentially unwanted tool:Application/PocketKillBox Not disinfected D:\Documents\Christian\My Documents\Downloads\Vista Beta\KillBox.exe
Adware:Adware/SaveNow Not disinfected D:\Documents\Mommy\My Documents\My Pictures\flowing waterfall.exe[wfalls.exe]
Spyware:Spyware/New.net Not disinfected D:\Documents\Mommy\My Documents\My Pictures\flowing waterfall.exe[wfalls.exe][FREEZE_388.EXE]
[B]AVG VIRUS VAULT
Virus found Downloader.Obfuskated C:\System Volume Information\_restore{AB8B2588-1061-4100-BA78-11E809BD85AF}\RP192\A0048715.exe 3/10/2007 19:02 A0048715.exe 498.5 KB
Virus found Downloader.Obfuskated C:\DOCUME~1\CHRIST~1\LOCALS~1\Temp\d9b4e9.exe 3/10/2007 15:00 d9b4e9.exe 279.5 KB
Virus found Downloader.Obfuskated C:\DOCUME~1\CHRIST~1\LOCALS~1\Temp\fa5026.exe 3/11/2007 23:00 fa5026.exe 279.5 KB
Virus found Downloader.Obfuskated C:\System Volume Information\_restore{AB8B2588-1061-4100-BA78-11E809BD85AF}\RP197\A0050246.exe 3/10/2007 15:40 A0050246.exe 445 KB
Virus found Downloader.Obfuskated C:\DOCUME~1\CHRIST~1\LOCALS~1\Temp\13cde19.exe 3/11/2007 0:00 13cde19.exe 279.5 KB
Virus found Downloader.Obfuskated C:\DOCUME~1\CHRIST~1\LOCALS~1\Temp\1504953.exe 3/13/2007 15:01 1504953.exe 279.5 KB
Virus found Downloader.Obfuskated C:\DOCUME~1\CHRIST~1\LOCALS~1\Temp\1b6af05.exe 3/14/2007 19:00 1b6af05.exe 279.5 KB
Virus found Downloader.Obfuskated C:\DOCUME~1\CHRIST~1\LOCALS~1\Temp\1cb7769.exe 3/15/2007 18:00 1cb7769.exe 279.5 KB
Steinhart
2007-03-16, 20:57
SPYBOT:
--- Search result list ---
--- System information ---
Windows XP (Build: 2600) Service Pack 2
/ Internet Explorer 6 / SP1: Windows XP Hotfix - KB834707
/ Microsoft .NET Framework 2.0: This Security Update is for Microsoft .NET Framework 2.0. \n
If you later install a more recent service pack, this Security Update will be uninstalled automatically. \n
For more information, visit http://support.microsoft.com/kb/917283
/ Microsoft .NET Framework 2.0: This Security Update is for Microsoft .NET Framework 2.0. \n
If you later install a more recent service pack, this Security Update will be uninstalled automatically. \n
For more information, visit http://support.microsoft.com/kb/922770
/ MSXML4SP2: FIX: ASP stops responding when calling Response.Redirect to another server using msxml4 sp2
/ Windows / SP1: Microsoft Internationalized Domain Names Mitigation APIs
/ Windows / SP1: Microsoft National Language Support Downlevel APIs
/ Windows Media Format 11 SDK: Hotfix for Windows Media Format 11 SDK (KB929399)
/ Windows Media Player 10: Security Update for Windows Media Player 10 (KB911565)
/ Windows Media Player 10: Security Update for Windows Media Player 10 (KB917734)
/ Windows XP / SP0: Security Update for Windows Internet Explorer 7 (KB928090)
/ Windows XP / SP0: Security Update for Windows Internet Explorer 7 (KB929969)
/ Windows XP / SP10: Microsoft Compression Client Pack 1.0 for Windows XP
/ Windows XP / SP2: Windows XP Service Pack 2
/ Windows XP / SP3: Windows XP Hotfix - KB873339
/ Windows XP / SP3: Windows XP Hotfix - KB885835
/ Windows XP / SP3: Windows XP Hotfix - KB885836
/ Windows XP / SP3: Windows XP Hotfix - KB886185
/ Windows XP / SP3: Windows XP Hotfix - KB887472
/ Windows XP / SP3: Windows XP Hotfix - KB888302
/ Windows XP / SP3: Security Update for Windows XP (KB890046)
/ Windows XP / SP3: Windows XP Hotfix - KB890859
/ Windows XP / SP3: Windows XP Hotfix - KB891781
/ Windows XP / SP3: Security Update for Windows XP (KB893756)
/ Windows XP / SP3: Windows Installer 3.1 (KB893803)
/ Windows XP / SP3: Update for Windows XP (KB894391)
/ Windows XP / SP3: Security Update for Windows XP (KB896358)
/ Windows XP / SP3: Security Update for Windows XP (KB896423)
/ Windows XP / SP3: Security Update for Windows XP (KB896424)
/ Windows XP / SP3: Security Update for Windows XP (KB896428)
/ Windows XP / SP3: Update for Windows XP (KB898461)
/ Windows XP / SP3: Security Update for Windows XP (KB899587)
/ Windows XP / SP3: Security Update for Windows XP (KB899589)
/ Windows XP / SP3: Security Update for Windows XP (KB899591)
/ Windows XP / SP3: Update for Windows XP (KB900485)
/ Windows XP / SP3: Security Update for Windows XP (KB900725)
/ Windows XP / SP3: Security Update for Windows XP (KB901017)
/ Windows XP / SP3: Security Update for Windows XP (KB901214)
/ Windows XP / SP3: Security Update for Windows XP (KB902400)
/ Windows XP / SP3: Security Update for Windows XP (KB904706)
/ Windows XP / SP3: Update for Windows XP (KB904942)
/ Windows XP / SP3: Security Update for Windows XP (KB905414)
/ Windows XP / SP3: Security Update for Windows XP (KB905749)
/ Windows XP / SP3: Security Update for Windows XP (KB908519)
/ Windows XP / SP3: Update for Windows XP (KB908531)
/ Windows XP / SP3: Update for Windows XP (KB910437)
/ Windows XP / SP3: Update for Windows XP (KB911280)
/ Windows XP / SP3: Security Update for Windows XP (KB911562)
/ Windows XP / SP3: Security Update for Windows XP (KB911567)
/ Windows XP / SP3: Security Update for Windows XP (KB911927)
/ Windows XP / SP3: Security Update for Windows XP (KB912919)
/ Windows XP / SP3: Security Update for Windows XP (KB913580)
/ Windows XP / SP3: Security Update for Windows XP (KB914388)
/ Windows XP / SP3: Security Update for Windows XP (KB914389)
/ Windows XP / SP3: Hotfix for Windows XP (KB914440)
/ Windows XP / SP3: Hotfix for Windows XP (KB915865)
/ Windows XP / SP3: Update for Windows XP (KB916595)
/ Windows XP / SP3: Security Update for Windows XP (KB917344)
/ Windows XP / SP3: Security Update for Windows XP (KB917422)
/ Windows XP / SP3: Security Update for Windows XP (KB917953)
/ Windows XP / SP3: Security Update for Windows XP (KB918118)
/ Windows XP / SP3: Security Update for Windows XP (KB918439)
/ Windows XP / SP3: Security Update for Windows XP (KB918899)
/ Windows XP / SP3: Security Update for Windows XP (KB919007)
/ Windows XP / SP3: Security Update for Windows XP (KB920213)
/ Windows XP / SP3: Security Update for Windows XP (KB920214)
/ Windows XP / SP3: Security Update for Windows XP (KB920670)
/ Windows XP / SP3: Security Update for Windows XP (KB920683)
/ Windows XP / SP3: Security Update for Windows XP (KB920685)
/ Windows XP / SP3: Update for Windows XP (KB920872)
/ Windows XP / SP3: Security Update for Windows XP (KB921398)
/ Windows XP / SP3: Security Update for Windows XP (KB921883)
/ Windows XP / SP3: Update for Windows XP (KB922582)
/ Windows XP / SP3: Security Update for Windows XP (KB922616)
/ Windows XP / SP3: Security Update for Windows XP (KB922819)
/ Windows XP / SP3: Security Update for Windows XP (KB923191)
/ Windows XP / SP3: Security Update for Windows XP (KB923414)
/ Windows XP / SP3: Security Update for Windows XP (KB923980)
/ Windows XP / SP3: Security Update for Windows XP (KB924191)
/ Windows XP / SP3: Security Update for Windows XP (KB924270)
/ Windows XP / SP3: Security Update for Windows XP (KB924496)
/ Windows XP / SP3: Security Update for Windows XP (KB924667)
/ Windows XP / SP3: Security Update for Windows XP (KB925486)
/ Windows XP / SP3: Hotfix for Windows XP (KB926239)
/ Windows XP / SP3: Security Update for Windows XP (KB926255)
/ Windows XP / SP3: Security Update for Windows XP (KB926436)
/ Windows XP / SP3: Security Update for Windows XP (KB927779)
/ Windows XP / SP3: Security Update for Windows XP (KB927802)
/ Windows XP / SP3: Security Update for Windows XP (KB928255)
/ Windows XP / SP3: Security Update for Windows XP (KB928843)
/ Windows XP / SP3: Update for Windows XP (KB929338)
/ Windows XP / SP3: Update for Windows XP (KB931836)
--- Startup entries list ---
Located: HK_LM:Run, !AVG Anti-Spyware
command: "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
file: C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
size: 6266880
MD5: 01d90ae5dccbce0c7b52874fec35a608
Located: HK_LM:Run, AudioDrvEmulator
command: "C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" -1 AudioDrvEmulator "C:\Program Files\Creative\Shared Files\Module Loader\Audio Emulator\AudDrvEm.dll"
file: C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe
size: 49152
MD5: 54b3827a5e5b2abd546d4cf059e4a742
Located: HK_LM:Run, AVG7_CC
command: C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
file: C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
size: 411648
MD5: 2a62570d13f14f49218ce7b03caa9cb2
Located: HK_LM:Run, CTDVDDET
command: "D:\Program Files\Creative\SBAudigy4\DVDAudio\CTDVDDET.EXE"
file: D:\Program Files\Creative\SBAudigy4\DVDAudio\CTDVDDET.EXE
size: 45056
MD5: db20fce248d269e1c396e70a91e587c8
Located: HK_LM:Run, CTSysVol
command: D:\Program Files\Creative\SBAudigy4\Surround Mixer\CTSysVol.exe /r
file:
Located: HK_LM:Run, RCSystem
command: "C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" RCSystem * -Startup
file: C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe
size: 49152
MD5: 54b3827a5e5b2abd546d4cf059e4a742
Located: HK_LM:Run, SunJavaUpdateSched
command: "C:\Program Files\Java\jre1.6.0\bin\jusched.exe"
file: C:\Program Files\Java\jre1.6.0\bin\jusched.exe
size: 77824
MD5: ab74aa8defc1ca82759788a55b673629
Located: HK_LM:Run, TkBellExe
command: "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
file: C:\Program Files\Common Files\Real\Update_OB\realsched.exe
size: 185896
MD5: 1eda1c63e0d2ae1aebdf98083454079c
Located: HK_CU:Run, Creative Detector
command: D:\Program Files\Creative\MediaSource\Detector\CTDetect.exe /R
file:
Located: HK_CU:Run, Creative MediaSource Go
command: "D:\Program Files\Creative\MediaSource\Go\CTCMSGo.exe" /SCB
file: D:\Program Files\Creative\MediaSource\Go\CTCMSGo.exe
size: 135168
MD5: e52049232ee2c84a3cb34d14f291b492
Located: HK_CU:Run, ctfmon.exe
command: C:\WINDOWS\system32\ctfmon.exe
file: C:\WINDOWS\system32\ctfmon.exe
size: 15360
MD5: 24232996a38c0b0cf151c2140ae29fc8
Located: HK_CU:Run, SpybotSD TeaTimer
command: D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
file: D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
size: 1415824
MD5: 70496eee0ddbe485f658693826f44d38
Steinhart
2007-03-16, 20:57
Located: HK_CU:Run, StartCCC
command: C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
file: C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
size: 90112
MD5: 033ff248550305ed52ed2d2844a8a11b
Located: Startup (disabled), Acrobat Assistant (DISABLED)
command: D:\PROGRA~1\Adobe\ACROBA~1.0\Distillr\acrotray.exe
file: D:\PROGRA~1\Adobe\ACROBA~1.0\Distillr\acrotray.exe
size: 217194
MD5: cfe5228556c93d03d6753e7953ccd4a9
Located: Startup (disabled), InterVideo WinCinema Manager (DISABLED)
command: D:\PROGRA~1\INTERV~1\Common\Bin\WINCIN~1.EXE
file: D:\PROGRA~1\INTERV~1\Common\Bin\WINCIN~1.EXE
size: 212992
MD5: bf8ea28ceda878ac4607b3d363d8237b
Located: Startup (disabled), Adobe Gamma (DISABLED)
command: C:\PROGRA~1\COMMON~1\Adobe\CALIBR~1\ADOBEG~1.EXE
file: C:\PROGRA~1\COMMON~1\Adobe\CALIBR~1\ADOBEG~1.EXE
size: 113664
MD5: c2ff17734176cd15221c10044ef0ba1a
Located: System.ini, AtiExtEvent
command: Ati2evxx.dll
file: Ati2evxx.dll
Located: System.ini, crypt32chain
command: crypt32.dll
file: crypt32.dll
Located: System.ini, cryptnet
command: cryptnet.dll
file: cryptnet.dll
Located: System.ini, cscdll
command: cscdll.dll
file: cscdll.dll
Located: System.ini, ScCertProp
command: wlnotify.dll
file: wlnotify.dll
Located: System.ini, Schedule
command: wlnotify.dll
file: wlnotify.dll
Located: System.ini, sclgntfy
command: sclgntfy.dll
file: sclgntfy.dll
Located: System.ini, SensLogn
command: WlNotify.dll
file: WlNotify.dll
Located: System.ini, termsrv
command: wlnotify.dll
file: wlnotify.dll
Located: System.ini, wlballoon
command: wlnotify.dll
file: wlnotify.dll
--- Browser helper object list ---
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (AcroIEHlprObj Class)
BHO name:
CLSID name: AcroIEHlprObj Class
description: Adobe Acrobat reader
classification: Legitimate
known filename: AcroIEhelper.ocx<br>AcroIEhelper.dll
info link: http://www.adobe.com/products/acrobat/readstep2.html
info source: TonyKlein
Path: D:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\
Long name: AcroIEHelper.dll
Short name: ACROIE~1.DLL
Date (created): 11/3/2003 5:17:44 PM
Date (last access): 3/16/2007 11:51:56 AM
Date (last write): 11/3/2003 5:17:44 PM
Filesize: 54248
Attributes: archive
MD5: FC7850324464E4D19A24A03D882B5CC4
CRC32: 452E8571
Version: 6.0.1.1091
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class)
BHO name:
CLSID name: SSVHelper Class
Path: C:\Program Files\Java\jre1.6.0\bin\
Long name: ssv.dll
Short name:
Date (created): 3/13/2007 4:36:40 PM
Date (last access): 3/16/2007 11:51:58 AM
Date (last write): 3/13/2007 4:36:40 PM
Filesize: 501384
Attributes: archive
MD5: 55A2F8AE42C4B347173F1AEDE5061BE3
CRC32: E41413E9
Version: 6.0.0.105
{AE7CD045-E861-484f-8273-0445EE161910} (AcroIEToolbarHelper Class)
BHO name:
CLSID name: AcroIEToolbarHelper Class
description: Adobe Acrobat
classification: Legitimate
known filename: AcroIEFavClient.dll
info link: http://www.adobe.com/products/acrobatpro/main.html
info source: TonyKlein
Path: D:\Program Files\Adobe\Acrobat 6.0\Acrobat\
Long name: AcroIEFavClient.dll
Short name: ACROIE~1.DLL
Date (created): 5/15/2003 2:03:46 AM
Date (last access): 3/16/2007 11:51:58 AM
Date (last write): 5/15/2003 2:03:46 AM
Filesize: 147456
Attributes: archive
MD5: 44BCFF08947790E74BD7CC7532D2B793
CRC32: 0C91890B
--- ActiveX list ---
{17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool)
DPF name:
CLSID name: Windows Genuine Advantage Validation Tool
Installer: C:\WINDOWS\Downloaded Program Files\LegitCheckControl.inf
Codebase: http://download.microsoft.com/download/b/e/5/be592e3e-4442-4588-b01e-8fe3a2e104ac/LegitCheckControl.cab
description:
classification: Legitimate
known filename: LegitCheckControl.DLL
info link:
info source: Safer Networking Ltd.
Path: C:\WINDOWS\System32\
Long name: LegitCheckControl.DLL
Short name: LEGITC~1.DLL
Date (created): 5/17/2006 11:23:38 AM
Date (last access): 3/12/2007 5:31:16 PM
Date (last write): 8/7/2006 9:50:22 AM
Filesize: 1484592
Attributes: archive
MD5: 5E700932C726D5F845AF03478B999749
CRC32: B7C379F2
Version: 1.5.708.0
{233C1507-6A77-46A4-9443-F871F945D258} (Shockwave ActiveX Control)
DPF name:
CLSID name: Shockwave ActiveX Control
Installer: C:\WINDOWS\Downloaded Program Files\erma.inf
Codebase: http://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab
description:
classification: Legitimate
known filename: SwDir.dll
info link:
info source: Safer Networking Ltd.
Path: C:\WINDOWS\system32\Macromed\Director\
Long name: SwDir.dll
Short name:
Date (created): 10/19/2006 11:09:02 AM
Date (last access): 3/12/2007 5:31:18 PM
Date (last write): 9/3/2006 11:10:30 PM
Filesize: 54960
Attributes: archive
MD5: EB271B21EA6104B7C6946EF32D558C91
CRC32: CEC4E0C2
Version: 10.1.4.20
{8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0)
DPF name: Java Runtime Environment 1.6.0
CLSID name: Java Plug-in 1.6.0
Installer:
Codebase: http://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
description: Sun Java
classification: Legitimate
known filename: %PROGRAM FILES%\JabaSoft\JRE\*\Bin\npjava131.dll
info link:
info source: Patrick M. Kolla
Path: C:\Program Files\Java\jre1.6.0\bin\
Long name: npjpi160.dll
Short name:
Date (created): 3/13/2007 4:36:40 PM
Date (last access): 3/13/2007 5:06:14 PM
Date (last write): 3/13/2007 4:36:40 PM
Filesize: 132744
Attributes: archive
MD5: 69AD062A99FF030285DE344BA8BF87C4
CRC32: 0695855F
Version: 6.0.0.105
{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} (Java Runtime Environment 1.6.0)
DPF name: Java Runtime Environment 1.6.0
CLSID name: Java Plug-in 1.6.0
Installer:
Codebase: http://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
description:
classification: Legitimate
known filename: npjpi160.dll
info link:
info source: Safer Networking Ltd.
Path: C:\Program Files\Java\jre1.6.0\bin\
Long name: npjpi160.dll
Short name:
Date (created): 3/13/2007 4:36:40 PM
Date (last access): 3/16/2007 1:18:04 PM
Date (last write): 3/13/2007 4:36:40 PM
Filesize: 132744
Attributes: archive
MD5: 69AD062A99FF030285DE344BA8BF87C4
CRC32: 0695855F
Version: 6.0.0.105
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} (Java Runtime Environment 1.6.0)
DPF name: Java Runtime Environment 1.6.0
CLSID name: Java Plug-in 1.6.0
Installer:
Codebase: http://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
description:
classification: Legitimate
known filename: npjpi150_06.dll
info link:
info source: Safer Networking Ltd.
Path: C:\Program Files\Java\jre1.6.0\bin\
Long name: npjpi160.dll
Short name:
Date (created): 3/13/2007 4:36:40 PM
Date (last access): 3/16/2007 1:18:04 PM
Date (last write): 3/13/2007 4:36:40 PM
Filesize: 132744
Attributes: archive
MD5: 69AD062A99FF030285DE344BA8BF87C4
CRC32: 0695855F
Version: 6.0.0.105
{D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object)
DPF name:
CLSID name: Shockwave Flash Object
Installer: C:\WINDOWS\Downloaded Program Files\swflash.inf
Codebase: http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
description: Macromedia Shockwave Flash Player
classification: Legitimate
known filename:
info link:
info source: Patrick M. Kolla
Path: C:\WINDOWS\system32\Macromed\Flash\
Long name: Flash9b.ocx
Short name:
Date (created): 11/9/2006 5:46:26 PM
Date (last access): 3/16/2007 12:11:22 PM
Date (last write): 11/9/2006 5:46:26 PM
Filesize: 2262648
Attributes: readonly archive
MD5: F3B3EE66CA76C94510555ABE9D00A353
CRC32: A51F3CB4
Version: 9.0.28.0
--- Process list ---
PID: 0 ( 0) [System]
PID: 152 ( 4) \SystemRoot\System32\smss.exe
PID: 200 ( 152) \??\C:\WINDOWS\system32\csrss.exe
PID: 224 ( 152) \??\C:\WINDOWS\system32\winlogon.exe
PID: 268 ( 224) C:\WINDOWS\system32\services.exe
size: 108032
MD5: C6CE6EEC82F187615D1002BB3BB50ED4
PID: 280 ( 224) C:\WINDOWS\system32\lsass.exe
size: 13312
MD5: 84885F9B82F4D55C6146EBF6065D75D2
PID: 432 ( 268) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 476 ( 268) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 516 ( 268) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 768 ( 748) C:\WINDOWS\Explorer.EXE
size: 1032192
MD5: A0732187050030AE399B241436565E64
PID: 856 ( 768) C:\WINDOWS\system32\NOTEPAD.EXE
size: 69120
MD5: 388B8FBC36A8558587AFC90FB23A3B99
PID: 1056 ( 768) D:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
size: 4393096
MD5: 09CA174A605B480318731E691DC98539
PID: 4 ( 0) System
--- Browser start & search pages list ---
Spybot - Search & Destroy browser pages report, 3/16/2007 1:18:03 PM
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Local Page
C:\windows\system32\blank.htm
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Page
http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Start Page
http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Default_Search_URL
http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\First Home Page
http://downloads.yahoo.com/internetexplorer/welcome.php
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl\@
http://home.microsoft.com/access/autosearch.asp?p=%s
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Local Page
C:\windows\system32\blank.htm
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Search Page
http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Start Page
http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Page_URL
http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Search_URL
http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\SearchAssistant
http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\CustomizeSearch
http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
--- Winsock Layered Service Provider list ---
Protocol 0: MSAFD Tcpip [TCP/IP]
GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IP protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip
Protocol 1: MSAFD Tcpip [UDP/IP]
GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IP protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip
Protocol 2: MSAFD Tcpip [RAW/IP]
GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IP protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip
Protocol 3: RSVP UDP Service Provider
GUID: {9D60A9E0-337A-11D0-BD88-0000C082E69A}
Filename: %SystemRoot%\system32\rsvpsp.dll
Description: Microsoft Windows NT/2k/XP RVSP
DB filename: %SystemRoot%\system32\rsvpsp.dll
DB protocol: RSVP * Service Provider
Protocol 4: RSVP TCP Service Provider
GUID: {9D60A9E0-337A-11D0-BD88-0000C082E69A}
Filename: %SystemRoot%\system32\rsvpsp.dll
Description: Microsoft Windows NT/2k/XP RVSP
DB filename: %SystemRoot%\system32\rsvpsp.dll
DB protocol: RSVP * Service Provider
Protocol 5: MSAFD NetBIOS [\Device\NetBT_Tcpip_{5A0B8014-860F-4B7F-8EF2-05B2B0BA315A}] SEQPACKET 3
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 6: MSAFD NetBIOS [\Device\NetBT_Tcpip_{5A0B8014-860F-4B7F-8EF2-05B2B0BA315A}] DATAGRAM 3
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 7: MSAFD NetBIOS [\Device\NetBT_Tcpip_{282CA0F4-B3E6-4383-AA4F-5A335ABD807A}] SEQPACKET 0
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 8: MSAFD NetBIOS [\Device\NetBT_Tcpip_{282CA0F4-B3E6-4383-AA4F-5A335ABD807A}] DATAGRAM 0
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 9: MSAFD NetBIOS [\Device\NetBT_Tcpip_{AB1B515D-5041-4F7A-865A-54E5EE538659}] SEQPACKET 1
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 10: MSAFD NetBIOS [\Device\NetBT_Tcpip_{AB1B515D-5041-4F7A-865A-54E5EE538659}] DATAGRAM 1
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 11: MSAFD NetBIOS [\Device\NetBT_Tcpip_{F0CB5527-728B-4B65-A465-23DFF2189DA5}] SEQPACKET 2
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 12: MSAFD NetBIOS [\Device\NetBT_Tcpip_{F0CB5527-728B-4B65-A465-23DFF2189DA5}] DATAGRAM 2
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Namespace Provider 0: Tcpip
GUID: {22059D40-7E9E-11CF-AE5A-00AA00A7112B}
Filename: %SystemRoot%\System32\mswsock.dll
Description: Microsoft Windows NT/2k/XP TCP/IP name space provider
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: TCP/IP
Namespace Provider 1: NTDS
GUID: {3B2637EE-E580-11CF-A555-00C04FD8D4AC}
Filename: %SystemRoot%\System32\winrnr.dll
Description: Microsoft Windows NT/2k/XP name space provider
DB filename: %SystemRoot%\system32\winrnr.dll
DB protocol: NTDS
Namespace Provider 2: Network Location Awareness (NLA) Namespace
GUID: {6642243A-3BA8-4AA6-BAA5-2E0BD71FDD83}
Filename: %SystemRoot%\System32\mswsock.dll
Description: Microsoft Windows NT/2k/XP name space provider
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: NLA-Namespace
--- Uninstall list ---
3ivx D4 4.5.1 (remove only) 4.5.1 (3ivx D4 4.5.1)
uninstall cmd: "C:\Program Files\3ivx\3ivx D4 4.5.1\uninstall.exe"
publisher: 3ivx Technologies, Pty. Ltd.
AC3Filter (remove only) (AC3Filter)
uninstall cmd: C:\Program Files\AC3Filter\uninstall.exe
Ad-Aware SE Personal 1.06 (Ad-Aware SE Personal)
uninstall cmd: D:\PROGRA~1\Lavasoft\AD-AWA~1\UNWISE.EXE D:\PROGRA~1\Lavasoft\AD-AWA~1\INSTALL.LOG
publisher: Lavasoft
help link: http://www.lavasoft.com
(AddressBook)
Adobe Atmosphere Player for Acrobat and Adobe Reader (Adobe Atmosphere Player)
uninstall cmd: C:\WINDOWS\atmoUn.exe
Adobe Photoshop CS2 9.0 (Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D})
version: 9
version (major): 9
install location: D:\Program Files\Adobe\Adobe Photoshop CS2\
uninstall cmd: msiexec /I {236BB7C4-4419-42FD-0409-1E257A25E34D}
publisher: Adobe Systems, Inc.
comments:
contact: Customer Support
help link: http://www.adobe.com/support/main.html
help telephone: 1-555-555-4505
Adobe Shockwave Player 10.1.4.20 (Adobe Shockwave Player)
uninstall cmd: C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
publisher: Adobe Systems, Inc.
help link: http://www.adobe.com/support/shockwave
AIM 6.0 (AIM_6.0)
uninstall cmd: C:\Program Files\AIM6\uninst.exe
ATI - Software Uninstall Utility 6.14.10.1016 (All ATI Software)
install location: C:\Program Files\ATI Technologies\UninstallAll
uninstall cmd: C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe
AOL Instant Messenger (AOL Instant Messenger)
uninstall cmd: D:\Program Files\AIM\uninstll.exe -LOG= D:\Program Files\AIM\install.log -OEM=
ATI Display Driver 8.342-070202a1-041238C-ATI (ATI Display Driver)
uninstall cmd: rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
Steinhart
2007-03-16, 21:00
(AudioConSole)
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7B9AE66C-2A8F-4FB2-85D7-416AFFAE8408}\setup.exe" -l0x9 /remove
AVG Free Edition (AVG7Uninstall)
uninstall cmd: C:\Program Files\Grisoft\AVG Free\setup.exe /UNINSTALL
AVG Anti-Spyware 7.5 (AVGAntiSpyware75)
install location: C:\Program Files\Grisoft\AVG Anti-Spyware 7.5
uninstall cmd: C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Uninstall.exe
publisher: Grisoft Ltd.
help link: http://www.grisoft.com
BitComet 0.70 0.70 (BitComet)
uninstall cmd: D:\Program Files\BitComet\uninst.exe
publisher: ~RnySmile~
(Branding)
(CADI)
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x9 /remove
CleanUp! (CleanUp!)
uninstall cmd: C:\Program Files\CleanUp!\uninstall.exe
(Connection Manager)
(Creative Audio Device Selection)
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CB99E420-8071-48F9-9567-4A53BE7569C4}\setup.exe" -l0x9 /remove
(Creative MediaSource)
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{103BCDA0-E063-46AC-8028-64E78722ABA7}\setup.exe" -l0x9 /remove
(Creative MediaSource CD-ROM Burner Plugin)
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{836612F0-1571-4C65-A4B7-58A39AA578EE}\setup.exe" -l0x9 /remove
(Creative MediaSource Detector)
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0B095086-7205-4D48-90DF-DCD16613C6D4}\setup.exe" -l0x9 /remove
(Creative MediaSource DVD-Audio Player)
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{44267176-A318-447F-A62A-0A5FD608C34F}\setup.exe" -l0x9 /remove
(Creative MediaSource Go!)
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8A3F2ADE-DEF2-4A50-866A-6B9357B5590F}\setup.exe" -l0x9 /remove
(Creative MediaSource MiniDisc Plugin)
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7AFFF09F-386B-4F7A-B3E0-EC24C13893AA}\setup.exe" -l0x9 /remove
(Creative MediaSource Player Skin Pack)
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2616B36E-38CE-4357-8AB5-8B3EE9B1C117}\setup.exe" -l0x9 /remove
(Creative Music Store Plugin)
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DAAC5938-8026-4D0C-A476-D1954917B7F5}\SETUP.EXE" -l0x9 /remove
(Creative RemoteCenter)
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{25E6EB3A-F696-41AB-96B6-D76ECE6446BF}\setup.exe" -l0x9 /remove
(Creative WaveStudio)
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{569A9538-86EC-44C3-8EE4-C68B165F2A75}\setup.exe" -l0x9 /remove
Creative DVD Audio Plugin for Audigy Series (CTDVDAudio Plugin)
uninstall cmd: "C:\Program Files\Creative\CTDPlugin\CTUIDVD.exe " -u
(Diagnostics 4_5)
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{84F573D3-0F71-4768-978A-D35310E3FBA6}\setup.exe" -l0x9 /remove
(DirectAnimation)
(DirectDrawEx)
DivX Content Uploader 1.1.0 (DivX Content Uploader)
install location: C:\Program Files\DivX
uninstall cmd: C:\Program Files\DivX\DivXContentUploaderUninstall.exe /CUPLOADER
publisher: DivX, Inc.
(DTSNeo6 Settings)
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B20EB9BE-3795-47BA-BDD6-889593E8FD55}\setup.exe" -l0x9 /remove
(DXM_Runtime)
(EAX)
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5B17E626-7885-4FC3-A66A-73548A4F01FD}\setup.exe" -l0x9 /remove
(Equalizer)
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{52338F65-A1C3-4CDC-B733-50051682B297}\setup.exe" -l0x9 /remove
(expinst)
(Fontcore)
Google Video Player (GoogleVideoPlayer)
uninstall cmd: "D:\Program Files\Google\Google Video Player\Uninstall.exe"
Guild Wars (Guild Wars)
uninstall cmd: "D:\Program Files\Guild Wars\Gw.exe" -uninstall
HijackThis 1.99.1 1.99.1 (HijackThis)
uninstall cmd: D:\Documents\Christian\My Documents\Downloads\Utilities\Malware stuff\HijackThis.exe /uninstall
publisher: Soeperman Enterprises Ltd.
(ICW)
Microsoft Internationalized Domain Names Mitigation APIs (IDNMitigationAPIs)
install date: 20061019
uninstall cmd: "C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
(IE40)
(IE4Data)
(IE5BAKEX)
Windows Internet Explorer 7 20061017.133151 (ie7)
install date: 20061019
uninstall cmd: "C:\WINDOWS\ie7\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://www.microsoft.com/ie
(IEData)
(IEREADME)
IGN Download Manager 2.3.4 2.3.4 (IGN Download Manager)
uninstall cmd: D:\Program Files\IGN\Download Manager\uninst.exe
publisher: IGN Entertainment, Inc.
(InstallShield Uninstall Information)
PowerQuest PartitionMagic 8.0 8.00.000 (InstallShield_{6BE2A4A4-99FB-48ED-AE1E-4E850389F804})
version: 134217728
version (major): 8
estimated size: 46018
install date: 20061019
install location: C:\Program Files\PowerQuest\PartitionMagic 8.0\
install source: C:\Temp\PM8\Partition Magic 8.0\Setup\
uninstall cmd: C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{6BE2A4A4-99FB-48ED-AE1E-4E850389F804}
publisher: PowerQuest
comments: PowerQuest Inc.
contact: Customer Support Department
help link: http://www.powerquest.com/support
help telephone: 1-801-226-6834
readme: Readme.txt
InterActual Player (InterActual Player)
uninstall cmd: C:\Program Files\InterActual\InterActual Player\inuninst.exe
IsoBuster 1.4 1.4 (IsoBuster_is1)
uninstall cmd: "D:\Program Files\Smart Projects\IsoBuster\Uninst\unins000.exe"
publisher: Smart Projects
Windows XP Hotfix - KB873339 20041117.092459 (KB873339)
uninstall cmd: C:\WINDOWS\$NtUninstallKB873339$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=873339
(KB884016)
(KB884267)
(KB885353)
Windows XP Hotfix - KB885835 20041027.181713 (KB885835)
uninstall cmd: C:\WINDOWS\$NtUninstallKB885835$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=885835
Windows XP Hotfix - KB885836 20041028.173203 (KB885836)
uninstall cmd: C:\WINDOWS\$NtUninstallKB885836$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=885836
Windows XP Hotfix - KB886185 20041021.090540 (KB886185)
uninstall cmd: C:\WINDOWS\$NtUninstallKB886185$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=886185
(KB886612)
(KB887078)
Windows XP Hotfix - KB887472 20041014.162858 (KB887472)
uninstall cmd: C:\WINDOWS\$NtUninstallKB887472$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=887472
(KB887626)
Windows XP Hotfix - KB888302 20041207.111426 (KB888302)
uninstall cmd: C:\WINDOWS\$NtUninstallKB888302$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=888302
(KB888656)
(KB889858)
Security Update for Windows XP (KB890046) 1 (KB890046)
install date: 20061019
uninstall cmd: "C:\WINDOWS\$NtUninstallKB890046$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=890046
Windows XP Hotfix - KB890859 1 (KB890859)
install date: 20061019
uninstall cmd: "C:\WINDOWS\$NtUninstallKB890859$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=890859
(KB891122)
Windows XP Hotfix - KB891781 20050110.165439 (KB891781)
uninstall cmd: C:\WINDOWS\$NtUninstallKB891781$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=891781
(KB892313)
(KB893240)
(KB893241)
Security Update for Windows XP (KB893756) 1 (KB893756)
install date: 20061019
uninstall cmd: "C:\WINDOWS\$NtUninstallKB893756$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=893756
(KB893803)
Windows Installer 3.1 (KB893803) 3.1 (KB893803v2)
uninstall cmd: "C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://go.microsoft.com/fwlink/?LinkId=42467
Update for Windows XP (KB894391) 1 (KB894391)
install date: 20061019
uninstall cmd: "C:\WINDOWS\$NtUninstallKB894391$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=894391
(KB895181)
(KB895316)
(KB895572)
Security Update for Windows XP (KB896358) 1 (KB896358)
install date: 20061019
uninstall cmd: "C:\WINDOWS\$NtUninstallKB896358$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=896358
Security Update for Windows XP (KB896423) 1 (KB896423)
install date: 20061019
uninstall cmd: "C:\WINDOWS\$NtUninstallKB896423$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=896423
Security Update for Windows XP (KB896424) 1 (KB896424)
install date: 20061019
uninstall cmd: "C:\WINDOWS\$NtUninstallKB896424$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=896424
Security Update for Windows XP (KB896428) 1 (KB896428)
install date: 20061019
uninstall cmd: "C:\WINDOWS\$NtUninstallKB896428$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=896428
(KB897586)
Update for Windows XP (KB898461) 1 (KB898461)
install date: 20061019
uninstall cmd: "C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=898461
(KB898549)
Security Update for Windows XP (KB899587) 1 (KB899587)
install date: 20061019
uninstall cmd: "C:\WINDOWS\$NtUninstallKB899587$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=899587
Security Update for Windows XP (KB899589) 1 (KB899589)
install date: 20061019
uninstall cmd: "C:\WINDOWS\$NtUninstallKB899589$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=899589
Security Update for Windows XP (KB899591) 1 (KB899591)
install date: 20061019
uninstall cmd: "C:\WINDOWS\$NtUninstallKB899591$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=899591
(KB900399)
Update for Windows XP (KB900485) 2 (KB900485)
install date: 20061019
uninstall cmd: "C:\WINDOWS\$NtUninstallKB900485$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=900485
Security Update for Windows XP (KB900725) 1 (KB900725)
install date: 20061019
uninstall cmd: "C:\WINDOWS\$NtUninstallKB900725$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=900725
Security Update for Windows XP (KB901017) 1 (KB901017)
install date: 20061019
uninstall cmd: "C:\WINDOWS\$NtUninstallKB901017$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=901017
Security Update for Windows XP (KB901214) 1 (KB901214)
install date: 20061019
uninstall cmd: "C:\WINDOWS\$NtUninstallKB901214$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=901214
(KB902344)
Security Update for Windows XP (KB902400) 1 (KB902400)
install date: 20061019
uninstall cmd: "C:\WINDOWS\$NtUninstallKB902400$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=902400
Security Update for Windows XP (KB904706) 2 (KB904706)
install date: 20061019
uninstall cmd: "C:\WINDOWS\$NtUninstallKB904706$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=904706
Update for Windows XP (KB904942) 2 (KB904942)
install date: 20061019
uninstall cmd: "C:\WINDOWS\$NtUninstallKB904942$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=904942
Security Update for Windows XP (KB905414) 1 (KB905414)
install date: 20061019
uninstall cmd: "C:\WINDOWS\$NtUninstallKB905414$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=905414
Security Update for Windows XP (KB905749) 1 (KB905749)
install date: 20061019
uninstall cmd: "C:\WINDOWS\$NtUninstallKB905749$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=905749
(KB907658)
Security Update for Windows XP (KB908519) 1 (KB908519)
install date: 20061019
uninstall cmd: "C:\WINDOWS\$NtUninstallKB908519$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=908519
Update for Windows XP (KB908531) 2 (KB908531)
install date: 20061019
uninstall cmd: "C:\WINDOWS\$NtUninstallKB908531$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=908531
Update for Windows XP (KB910437) 1 (KB910437)
install date: 20061019
uninstall cmd: "C:\WINDOWS\$NtUninstallKB910437$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=910437
Update for Windows XP (KB911280) 2 (KB911280)
install date: 20061019
uninstall cmd: "C:\WINDOWS\$NtUninstallKB911280$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=911280
Security Update for Windows XP (KB911562) 1 (KB911562)
install date: 20061019
uninstall cmd: "C:\WINDOWS\$NtUninstallKB911562$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=911562
Security Update for Windows Media Player (KB911564) (KB911564)
install date: 20061019
uninstall cmd: "C:\WINDOWS\$NtUninstallKB911564$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com/?kbid=911564
Security Update for Windows Media Player 10 (KB911565) (KB911565)
install date: 20061022
uninstall cmd: "C:\WINDOWS\$NtUninstallKB911565$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com/?kbid=911565
Security Update for Windows XP (KB911567) 1 (KB911567)
install date: 20061019
uninstall cmd: "C:\WINDOWS\$NtUninstallKB911567$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=911567
(KB911854)
Security Update for Windows XP (KB911927) 1 (KB911927)
install date: 20061019
uninstall cmd: "C:\WINDOWS\$NtUninstallKB911927$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=911927
Security Update for Windows XP (KB912919) 1 (KB912919)
install date: 20061019
uninstall cmd: "C:\WINDOWS\$NtUninstallKB912919$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=912919
Security Update for Windows XP (KB913580) 1 (KB913580)
install date: 20061019
uninstall cmd: "C:\WINDOWS\$NtUninstallKB913580$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=913580
Security Update for Windows XP (KB914388) 1 (KB914388)
install date: 20061019
uninstall cmd: "C:\WINDOWS\$NtUninstallKB914388$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=914388
Security Update for Windows XP (KB914389) 1 (KB914389)
install date: 20061019
uninstall cmd: "C:\WINDOWS\$NtUninstallKB914389$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=914389
Hotfix for Windows XP (KB914440) 10 (KB914440)
install date: 20061019
uninstall cmd: "C:\WINDOWS\$NtUninstallKB914440$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=914440
Hotfix for Windows XP (KB915865) 10 (KB915865)
install date: 20061019
uninstall cmd: "C:\WINDOWS\$NtUninstallKB915865$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=915865
Update for Windows XP (KB916595) 1 (KB916595)
install date: 20061019
uninstall cmd: "C:\WINDOWS\$NtUninstallKB916595$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=916595
Steinhart
2007-03-16, 21:00
Security Update for Microsoft .NET Framework 2.0 (KB917283) 1 (KB917283.T1_1ToU93_1)
uninstall cmd: C:\WINDOWS\system32\msiexec.exe /promptrestart /uninstall {967B098A-042D-4367-BAC9-8BC11684174F} /package {7131646D-CD3C-40F4-97B9-CD9E4E6262EF}
publisher: Microsoft Corporation
help link: http://support.microsoft.com/kb/917283
Security Update for Windows XP (KB917344) 1 (KB917344)
install date: 20061019
uninstall cmd: "C:\WINDOWS\$NtUninstallKB917344$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=917344
Security Update for Windows XP (KB917422) 1 (KB917422)
install date: 20061019
uninstall cmd: "C:\WINDOWS\$NtUninstallKB917422$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=917422
Security Update for Windows Media Player 10 (KB917734) (KB917734_WMP10)
install date: 20061019
uninstall cmd: "C:\WINDOWS\$NtUninstallKB917734_WMP10$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com/?kbid=917734
Security Update for Windows XP (KB917953) 1 (KB917953)
install date: 20061019
uninstall cmd: "C:\WINDOWS\$NtUninstallKB917953$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=917953
Security Update for Windows XP (KB918118) 1 (KB918118)
install date: 20070215
uninstall cmd: "C:\WINDOWS\$NtUninstallKB918118$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=918118
Security Update for Windows XP (KB918439) 1 (KB918439)
install date: 20061019
uninstall cmd: "C:\WINDOWS\$NtUninstallKB918439$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=918439
Security Update for Windows XP (KB918899) 1 (KB918899)
install date: 20061019
uninstall cmd: "C:\WINDOWS\$NtUninstallKB918899$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=918899
Security Update for Windows XP (KB919007) 1 (KB919007)
install date: 20061019
uninstall cmd: "C:\WINDOWS\$NtUninstallKB919007$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=919007
Security Update for Windows XP (KB920213) 1 (KB920213)
install date: 20061118
uninstall cmd: "C:\WINDOWS\$NtUninstallKB920213$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=920213
Security Update for Windows XP (KB920214) 1 (KB920214)
install date: 20061019
uninstall cmd: "C:\WINDOWS\$NtUninstallKB920214$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=920214
Security Update for Windows XP (KB920670) 1 (KB920670)
install date: 20061019
uninstall cmd: "C:\WINDOWS\$NtUninstallKB920670$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=920670
Security Update for Windows XP (KB920683) 1 (KB920683)
install date: 20061019
uninstall cmd: "C:\WINDOWS\$NtUninstallKB920683$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=920683
Security Update for Windows XP (KB920685) 1 (KB920685)
install date: 20061019
uninstall cmd: "C:\WINDOWS\$NtUninstallKB920685$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=920685
Update for Windows XP (KB920872) 1 (KB920872)
install date: 20061019
uninstall cmd: "C:\WINDOWS\$NtUninstallKB920872$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=920872
Security Update for Windows XP (KB921398) 1 (KB921398)
install date: 20061019
uninstall cmd: "C:\WINDOWS\$NtUninstallKB921398$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=921398
Security Update for Windows XP (KB921883) 1 (KB921883)
install date: 20061019
uninstall cmd: "C:\WINDOWS\$NtUninstallKB921883$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=921883
Update for Windows XP (KB922582) 1 (KB922582)
install date: 20061019
uninstall cmd: "C:\WINDOWS\$NtUninstallKB922582$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=922582
Security Update for Windows XP (KB922616) 1 (KB922616)
install date: 20061019
uninstall cmd: "C:\WINDOWS\$NtUninstallKB922616$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=922616
Security Update for Microsoft .NET Framework 2.0 (KB922770) 1 (KB922770.T1_1ToU168_1)
uninstall cmd: C:\WINDOWS\system32\msiexec.exe /promptrestart /uninstall {0E92DD42-76F5-4EF2-B381-F9C1D72BE23D} /package {7131646D-CD3C-40F4-97B9-CD9E4E6262EF}
publisher: Microsoft Corporation
help link: http://support.microsoft.com/kb/922770
Security Update for Windows XP (KB922819) 1 (KB922819)
install date: 20061019
uninstall cmd: "C:\WINDOWS\$NtUninstallKB922819$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=922819
Security Update for Windows XP (KB923191) 1 (KB923191)
install date: 20061019
uninstall cmd: "C:\WINDOWS\$NtUninstallKB923191$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=923191
Security Update for Windows XP (KB923414) 1 (KB923414)
install date: 20061019
uninstall cmd: "C:\WINDOWS\$NtUninstallKB923414$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=923414
Security Update for Windows XP (KB923980) 1 (KB923980)
install date: 20061118
uninstall cmd: "C:\WINDOWS\$NtUninstallKB923980$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=923980
Security Update for Windows XP (KB924191) 1 (KB924191)
install date: 20061019
uninstall cmd: "C:\WINDOWS\$NtUninstallKB924191$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=924191
Security Update for Windows XP (KB924270) 1 (KB924270)
install date: 20061118
uninstall cmd: "C:\WINDOWS\$NtUninstallKB924270$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=924270
Security Update for Windows XP (KB924496) 1 (KB924496)
install date: 20061019
uninstall cmd: "C:\WINDOWS\$NtUninstallKB924496$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=924496
Security Update for Windows XP (KB924667) 1 (KB924667)
install date: 20070215
uninstall cmd: "C:\WINDOWS\$NtUninstallKB924667$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=924667
Security Update for Windows XP (KB925486) 1 (KB925486)
install date: 20061019
uninstall cmd: "C:\WINDOWS\$NtUninstallKB925486$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=925486
Hotfix for Windows XP (KB926239) 2 (KB926239)
install date: 20061214
uninstall cmd: "C:\WINDOWS\$NtUninstallKB926239$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=926239
Security Update for Windows XP (KB926255) 1 (KB926255)
install date: 20061215
uninstall cmd: "C:\WINDOWS\$NtUninstallKB926255$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=926255
Security Update for Windows XP (KB926436) 1 (KB926436)
install date: 20070215
uninstall cmd: "C:\WINDOWS\$NtUninstallKB926436$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=926436
Security Update for Windows XP (KB927779) 1 (KB927779)
install date: 20070215
uninstall cmd: "C:\WINDOWS\$NtUninstallKB927779$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=927779
Security Update for Windows XP (KB927802) 1 (KB927802)
install date: 20070215
uninstall cmd: "C:\WINDOWS\$NtUninstallKB927802$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=927802
Security Update for Windows Internet Explorer 7 (KB928090) 20070117.120000 (KB928090-IE7)
install date: 20070215
uninstall cmd: "C:\WINDOWS\ie7updates\KB928090-IE7\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=928090
Security Update for Windows XP (KB928255) 1 (KB928255)
install date: 20070215
uninstall cmd: "C:\WINDOWS\$NtUninstallKB928255$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=928255
Security Update for Windows XP (KB928843) 1 (KB928843)
install date: 20070215
uninstall cmd: "C:\WINDOWS\$NtUninstallKB928843$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=928843
Update for Windows XP (KB929338) 1 (KB929338)
install date: 20070315
uninstall cmd: "C:\WINDOWS\$NtUninstallKB929338$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=929338
Hotfix for Windows Media Format 11 SDK (KB929399) (KB929399)
install date: 20070315
uninstall cmd: "C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com/?kbid=929399
Security Update for Windows Internet Explorer 7 (KB929969) 20061222.120000 (KB929969)
install date: 20070111
uninstall cmd: "C:\WINDOWS\ie7updates\KB929969\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=929969
Update for Windows XP (KB931836) 1 (KB931836)
install date: 20070215
uninstall cmd: "C:\WINDOWS\$NtUninstallKB931836$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=931836
Microsoft .NET Framework 2.0 (Microsoft .NET Framework 2.0)
install location: C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\
uninstall cmd: C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
publisher: Microsoft Corporation
help link: http://go.microsoft.com/fwlink/?LinkId=45396
(Microsoft NetShow Player 2.0)
(MobileOptionPack)
Move Networks Player for Firefox (Move Player_is1)
install date: 20070119
install location: C:\Program Files\Mozilla Firefox\plugins\
uninstall cmd: "C:\Program Files\Mozilla Firefox\plugins\unins000.exe"
publisher: Move Networks
help link: http://www.movenetworks.com
Mozilla Firefox (1.5.0.7) 1.5.0.7 (en-US) (Mozilla Firefox (1.5.0.7))
install location: D:\Program Files\Mozilla Firefox
uninstall cmd: D:\Program Files\Mozilla Firefox\uninstall\uninstall.exe /ua "1.5.0.7 (en-US)"
publisher: Mozilla
Mozilla Firefox (2.0.0.1) 2.0.0.1 (en-US) (Mozilla Firefox (2.0.0.1))
install location: C:\Program Files\Mozilla Firefox
uninstall cmd: C:\Program Files\Mozilla Firefox\uninstall\uninst.exe
publisher: Mozilla
Mozilla Firefox (2.0.0.2) 2.0.0.2 (en-US) (Mozilla Firefox (2.0.0.2))
install location: C:\PROGRA~1\Mozilla Firefox
uninstall cmd: C:\PROGRA~1\Mozilla Firefox\uninstall\helper.exe
publisher: Mozilla
comments: Mozilla Firefox
(MPlayer2)
Microsoft Compression Client Pack 1.0 for Windows XP 1 (MSCompPackV1)
install date: 20061214
uninstall cmd: "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://go.microsoft.com/fwlink/?LinkId=74087
(MSI30-Beta1)
(MSI30-Beta2)
(MSI30-KB884016)
(MSI30-RC1)
(MSI30-RC2)
(MSI30a-KB884016)
(MSI31-Beta)
(MSI31-RC1)
MSN Music Assistant (MSN Music Assistant)
uninstall cmd: rundll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\msninst.inf,Uninstall
Nero 6 Ultra Edition (Nero - Burning Rom!UninstallKey)
uninstall cmd: D:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
(NetMeeting)
Microsoft National Language Support Downlevel APIs (NLSDownlevelMapping)
install date: 20061019
uninstall cmd: "C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
NVIDIA Drivers (NVIDIA Drivers)
uninstall cmd: C:\WINDOWS\System32\NVUNINST.EXE UninstallGUI
(On Screen Display)
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1EF644C7-1A0D-4B94-9AF5-AD04702094A4}\setup.exe" -l0x9 /remove
(OutlookExpress)
Panda ActiveScan (Panda ActiveScan)
uninstall cmd: C:\WINDOWS\system32\ASUninst.exe Panda ActiveScan
publisher: Panda Software S.L.
(PCHealth)
uninstall cmd: rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Intel(R) PRO Network Connections Drivers (PROSet)
uninstall cmd: Prounstl.exe
(RealJukebox 1.0)
uninstall cmd: C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
RealPlayer (RealPlayer 6.0)
uninstall cmd: C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
(SchedulingAgent)
(SFBM)
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{73919E2B-725C-4FAA-8473-45E063A3575F}\setup.exe" -l0x9 /remove
(Shockwave)
Adobe Flash Player 9 ActiveX 9 (ShockwaveFlash)
uninstall cmd: C:\WINDOWS\system32\Macromed\Flash\FlashUtil9b.exe -uninstallDelete
publisher: Adobe Systems Incorporated
help link: http://www.adobe.com/go/flashplayer_support/
Skype 2.5 2.5 (Skype_is1)
install location: C:\Program Files\Skype\Phone\
uninstall cmd: "C:\Program Files\Skype\Phone\unins000.exe"
publisher: Skype Technologies S.A.
help link: http://ui.skype.com/ui/0/2.5.0.151/en/help
(Smart Recorder)
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BD6928A2-9F8F-4AA7-9A3A-FD4A271712EE}\setup.exe" -l0x9 /remove
(Sound Blaster Audigy 4)
(Sound Blaster Audigy 4 Windows Drivers)
uninstall cmd: "D:\Program Files\Creative\SBAudigy4\Program\SETUP.EXE" /S /U /W
(SPEAKER)
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{32B4B536-4443-42F0-9676-98373BE9114F}\setup.exe" -l0x9 /remove
(SPKR_CALIBRATOR)
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{55F63529-9E2F-46C0-A22C-8445B670BCFA}\setup.exe" -l0x9 /remove
Spybot - Search & Destroy 1.4 1.4 (Spybot - Search & Destroy_is1)
install location: D:\Program Files\Spybot - Search & Destroy\
uninstall cmd: "D:\Program Files\Spybot - Search & Destroy\unins000.exe"
publisher: Safer Networking Limited
Steinhart
2007-03-16, 21:03
Starcraft (Starcraft)
uninstall cmd: C:\WINDOWS\SCunin.exe C:\WINDOWS\SCunin.dat
(SURMIXER)
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DE4A4C48-2232-4CCB-AD61-490ACD29BA85}\setup.exe" -l0x9 /remove
Creative System Information (SysInfo)
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{63A317D0-60A6-43FC-848A-9FE4A53B29CE}\setup.exe" -l0x9 /remove
TeamSpeak 2 RC2 2.0.32.60 (TeamSpeak 2 RC2_is1)
uninstall cmd: "C:\Program Files\teamspeak2_RC2\unins000.exe"
publisher: Dominating Bytes Design
help link: http://www.teamspeak.org
Command & Conquer Tiberian Sun (Tiberian Sun)
uninstall cmd: D:\Westwood\SUN\Uninstll.EXE
Viewpoint Manager (Remove Only) (Viewpoint Manager)
uninstall cmd: C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgrInstaller.exe /u /k
Viewpoint Media Player (ViewpointMediaPlayer)
uninstall cmd: C:\Program Files\Viewpoint\Viewpoint Media Player\mtsAxInstaller.exe /u
Windows Genuine Advantage Validation Tool (KB892130) 1.5.0530.0 (WGA)
install date: 20061019
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=892130
Winamp (remove only) (Winamp)
uninstall cmd: "D:\Program Files\Winamp\UninstWA.exe"
Windows Media Format 11 runtime (Windows Media Format Runtime)
uninstall cmd: "C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
help link: http://go.microsoft.com/fwlink/?LinkId=62768
Windows Media Player 11 (Windows Media Player)
uninstall cmd: "C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Windows XP Service Pack 2 20040803.231319 (Windows XP Service Pack)
uninstall cmd: C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=811113
WinRAR archiver (WinRAR archiver)
uninstall cmd: D:\Program Files\WinRAR\uninstall.exe
(WMCSetup)
Windows Media Format 11 runtime (WMFDist11)
install date: 20061022
uninstall cmd: "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http:
Windows Media Player 11 (wmp11)
install date: 20061022
uninstall cmd: "C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http:
Westwood Shared Internet Components (WOLAPI)
uninstall cmd: D:\Westwood\Internet\UnstllAP.EXE
World of Warcraft (World of Warcraft)
uninstall cmd: C:\Program Files\Common Files\Blizzard Entertainment\World of Warcraft\Uninstall.exe
Microsoft User-Mode Driver Framework Feature Pack 1.0 (Wudf01000)
install date: 20061022
uninstall cmd: "C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
comments: Build Number 5716
iTunes 7.1.0.59 ({01B51908-02EF-453B-87A9-815182E8C2F2})
version: 117506048
version (major): 7
version (minor): 1
estimated size: 51630
install date: 20070309
install location: C:\Program Files\iTunes\
install source: C:\Program Files\Apple Software Update\Packages\
uninstall cmd: MsiExec.exe /I{01B51908-02EF-453B-87A9-815182E8C2F2}
publisher: Apple Inc.
contact: AppleCare Support
help link: http://www.apple.com/support/
help telephone: 1-800-275-2273
Catalyst Control Center Graphics Full New 2007.0202.1923.34565 ({03A26689-82BB-6FF9-1FDA-93B18547C8C8})
version (major): 2007
version (minor): 202
estimated size: 473
install date: 20070304
install location: C:\Program Files\ATI Technologies\
install source: C:\ATI\SUPPORT\7-2_xp_dd_ccc_wdm_enu_41238\CCC\CCC\Graphics-Full-New\
publisher: ATI
ATI Catalyst Control Center 1.007.2007.0202 ({055EE59D-217B-43A7-ABFF-507B966405D8})
version: 17237975
install location: C:\Program Files\ATI Technologies\ATI Catalyst Control Center
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{055EE59D-217B-43A7-ABFF-507B966405D8}\setup.exe" -l0x0
Macromedia Dreamweaver 8 8.0.0.2734 ({0837A661-FEC3-48B3-876C-91E7D32048A9})
version: 134217728
version (major): 8
estimated size: 169858
install date: 20061021
install location: D:\Program Files\Macromedia\Dreamweaver 8\
install source: C:\WINDOWS\Downloaded Installations\Macromedia Dreamweaver 8\
uninstall cmd: MsiExec.exe /I{0837A661-FEC3-48B3-876C-91E7D32048A9}
publisher: Macromedia
comments: Language: En
help link: http://www.macromedia.com/go/dreamweaver/support
3.00 ({0B095086-7205-4D48-90DF-DCD16613C6D4})
version: 50331648
install location: D:\Program Files\Creative\MediaSource\Detector
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0B095086-7205-4D48-90DF-DCD16613C6D4}\setup.exe" -l0x9
3.00 ({103BCDA0-E063-46AC-8028-64E78722ABA7})
version: 50331648
install location: D:\Program Files\Creative\MediaSource
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{103BCDA0-E063-46AC-8028-64E78722ABA7}\setup.exe" -l0x9
AutoUpdate 1.1 ({18D10072035C4515918F7E37EAFAACFC})
install location: C:\Program Files\DivX
HP PSC & OfficeJet 3.5 3.5 ({18E0918E-1060-48f3-925C-56C82E88551B})
uninstall cmd: "C:\Program Files\HP\Digital Imaging\{18E0918E-1060-48f3-925C-56C82E88551B}\setup\hpzscr01.exe" -datfile hposcr03.dat
publisher: HP
help link: http://www.hp.com/support
1.00 ({1EF644C7-1A0D-4B94-9AF5-AD04702094A4})
version: 16777216
install location: C:\Program Files\Creative\Shared Files\Module Loader\OSD
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1EF644C7-1A0D-4B94-9AF5-AD04702094A4}\setup.exe" -l0x9
Skins 2007.0202.1923.34565 ({21BC2871-0B96-9EC1-6CBF-A0B9BCBC0D89})
version (major): 2007
version (minor): 202
estimated size: 3380
install date: 20070304
install location: C:\Program Files\ATI Technologies\
install source: C:\ATI\SUPPORT\7-2_xp_dd_ccc_wdm_enu_41238\CCC\CCC\Skins\
publisher: ATI
Adobe Photoshop CS2 9.0 ({236BB7C4-4419-42FD-0409-1E257A25E34D})
version: 150994944
version (major): 9
estimated size: 639892
install date: 20061021
install location: D:\Program Files\Adobe\Adobe Photoshop CS2\
install source: D:\Program Files\BitComet\Downloads\Photoshop CS2 v9.0 + working KeyGen\Photoshop CS2\Adobe(R) Photoshop(R) CS2\
publisher: Adobe Systems, Inc.
comments:
contact: Customer Support
help link: http://www.adobe.com/support/main.html
help telephone: 1-555-555-4505
Scan 3.5.0.0 ({257EC58E-03FD-472B-A9B6-93F23A3C4CB0})
version: 50659328
version (major): 3
version (minor): 5
estimated size: 8036
install date: 20061022
install source: C:\temp\HP_WebRelease\Setup\scan\
publisher: Hewlett-Packard
comments: 0
contact: 0
help link: 0
help telephone: 0
readme: 0
Supreme Commander Demo 1.00.0000 ({25A1E6A4-2DBD-4AC0-8650-8EA9A45B1848})
version: 16777216
install date: 20070215
install location: D:\Program Files\THQ\Gas Powered Games\Demo
install source: D:\Mods\Downloads\supremecommanderdemo\
uninstall cmd: C:\Program Files\InstallShield Installation Information\{25A1E6A4-2DBD-4AC0-8650-8EA9A45B1848}\setup.exe -runfromtemp -l0x0009 -removeonly
publisher: Gas Powered Games
3.10 ({25E6EB3A-F696-41AB-96B6-D76ECE6446BF})
version: 50987008
install location: D:\Program Files\Creative\SBAudigy4\Entertainment Center
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{25E6EB3A-F696-41AB-96B6-D76ECE6446BF}\setup.exe" -l0x9
1.10 ({2616B36E-38CE-4357-8AB5-8B3EE9B1C117})
version: 17432576
install location: D:\Program Files\Creative\MediaSource
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2616B36E-38CE-4357-8AB5-8B3EE9B1C117}\setup.exe" -l0x9
Creative MediaSource 3.00 ({2E0C1913-886B-4C5C-8DAF-D1E649CE5FCC})
version: 50331648
install location: D:\Program Files\Creative\MediaSource
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2E0C1913-886B-4C5C-8DAF-D1E649CE5FCC}\SETUP.EXE" -l0x9 /remove
help link: http://www.creative.com/support
Java(TM) SE Runtime Environment 6 1.6.0.0 ({3248F0A8-6813-11D6-A77B-00B0D0160000})
version: 17170432
version (major): 1
version (minor): 6
estimated size: 90786
install date: 20070313
install source: http://javadl.sun.com/webapps/download/GetFile/1.6.0-b105/windows-i586/
uninstall cmd: MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160000}
publisher: Sun Microsystems, Inc.
contact: http://java.com
help link: http://java.com
readme: C:\Program Files\Java\jre1.6.0\README.txt
2.00 ({32B4B536-4443-42F0-9676-98373BE9114F})
version: 33554432
install location: D:\Program Files\Creative\SBAudigy4\Speaker Settings
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{32B4B536-4443-42F0-9676-98373BE9114F}\setup.exe" -l0x9
WebFldrs XP 9.50.5318 ({350C97B0-3D7C-4EE8-BAA9-00BCB3D54227})
version: 154277062
version (major): 9
version (minor): 50
estimated size: 2508
install date: 20061018
install source: C:\WINDOWS\System32\
publisher: Microsoft Corporation
help link: http://www.microsoft.com/windows
MSXML 4.0 SP2 (KB927978) 4.20.9841.0 ({37477865-A3F1-4772-AD43-AAFC6BCFF99F})
version: 68429425
version (major): 4
version (minor): 20
estimated size: 2625
install date: 20061118
install source: c:\78749be08783cdc82b\
uninstall cmd: MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
publisher: Microsoft Corporation
help link: http://support.microsoft.com/kb/927978
Command & Conquer 3 Tiberium Wars™ Demo 1.00.0000 ({39F7653F-3E82-4FED-9EE5-6B9253EA57E3})
version: 16777216
version (major): 1
estimated size: 1399612
install date: 20070309
install location: D:\Program Files\Electronic Arts\Command & Conquer 3 Tiberium Wars Demo\
install source: C:\DOCUME~1\CHRIST~1\LOCALS~1\Temp\WZSE0.TMP\
uninstall cmd: MsiExec.exe /I{39F7653F-3E82-4FED-9EE5-6B9253EA57E3}
publisher: Electronic Arts Inc.
ccc-core-static 2007.0202.1923.34565 ({3CBBEE47-C8F4-316A-92FF-ED7E3DFAE41E})
version (major): 2007
version (minor): 202
estimated size: 4156
install date: 20070304
install location: C:\Program Files\ATI Technologies\
install source: C:\ATI\SUPPORT\7-2_xp_dd_ccc_wdm_enu_41238\CCC\CCC\Core-Static\
publisher: ATI
Catalyst Control Center Graphics Previews Common 2007.0202.1923.34565 ({410DB4DE-354D-F472-F66D-FCFF345A8960})
version (major): 2007
version (minor): 202
estimated size: 2118
install date: 20070304
install location: C:\Program Files\ATI Technologies\
install source: C:\ATI\SUPPORT\7-2_xp_dd_ccc_wdm_enu_41238\CCC\CCC\Graphics-Previews-Common\
publisher: ATI
2.00 ({44267176-A318-447F-A62A-0A5FD608C34F})
version: 33554432
install location: D:\Program Files\Creative\SBAudigy4\DVDAudio
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{44267176-A318-447F-A62A-0A5FD608C34F}\setup.exe" -l0x9
AIOMinimal 40.0.115.000 ({47C25360-AEBC-4B21-B233-87CE653B3369})
version: 671088755
version (major): 40
estimated size: 327
install date: 20061022
install source: C:\temp\HP_WebRelease\Setup\AIOMinimal\
publisher: Hewlett-Packard
comments: 0
contact: 0
help link: 0
help telephone: 0
readme: 0
1.00 ({52338F65-A1C3-4CDC-B733-50051682B297})
version: 16777216
install location: D:\Program Files\Creative\SBAudigy4\Equalizer
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{52338F65-A1C3-4CDC-B733-50051682B297}\setup.exe" -l0x9
Macromedia Extension Manager 1.7.240 ({5546CDB5-2CE2-498B-B059-5B3BF81FC41F})
version: 17236208
version (major): 1
version (minor): 7
estimated size: 4997
install date: 20061021
install location: D:\Program Files\Macromedia\Extension Manager\
install source: C:\DOCUME~1\CHRIST~1\LOCALS~1\Temp\{0837A661-FEC3-48B3-876C-91E7D32048A9}\
uninstall cmd: MsiExec.exe /I{5546CDB5-2CE2-498B-B059-5B3BF81FC41F}
publisher: Macromedia, Inc.
comments: Language: En
contact: Customer Support Department
help link: http://www.macromedia.com/go/dreamweaver/support
1.60 ({55F63529-9E2F-46C0-A22C-8445B670BCFA})
version: 20709376
install location: D:\Program Files\Creative\SBAudigy4\CalibrationWizard
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{55F63529-9E2F-46C0-A22C-8445B670BCFA}\setup.exe" -l0x9
6.00 ({569A9538-86EC-44C3-8EE4-C68B165F2A75})
version: 100663296
install location: D:\Program Files\Creative\SBAudigy4\WaveStudio
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{569A9538-86EC-44C3-8EE4-C68B165F2A75}\setup.exe" -l0x9
Windows Live Messenger 8.1.0178.00 ({571700F0-DB9D-4B3A-B03D-35A14BB5939F})
version: 134283442
version (major): 8
version (minor): 1
estimated size: 31823
install date: 20070226
install source: C:\DOCUME~1\CHRIST~1\LOCALS~1\Temp\IXP000.TMP\
uninstall cmd: MsiExec.exe /I{571700F0-DB9D-4B3A-B03D-35A14BB5939F}
publisher: Microsoft Corporation
2.00 ({5B17E626-7885-4FC3-A66A-73548A4F01FD})
version: 33554432
install location: D:\Program Files\Creative\SBAudigy4\EAX
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5B17E626-7885-4FC3-A66A-73548A4F01FD}\setup.exe" -l0x9
({5CDDF96A-BC34-4D72-9ABA-E1FFF0C39977})
QuickTime 7.1.5.120 ({5E863175-E85D-44A6-8968-82507D34AE7F})
version: 117506053
version (major): 7
version (minor): 1
estimated size: 72139
install date: 20070309
install location: C:\Program Files\QuickTime\
install source: C:\Program Files\Apple Software Update\Packages\
uninstall cmd: MsiExec.exe /I{5E863175-E85D-44A6-8968-82507D34AE7F}
publisher: Apple Computer, Inc.
contact: AppleCare Support
help link: http://www.apple.com/support/
help telephone: 1-800-275-2273
ccc-utility 2007.0202.1923.34565 ({5F49D1B0-D558-F251-715E-A46CD0A30FED})
version (major): 2007
version (minor): 202
estimated size: 249
install date: 20070304
install location: C:\Program Files\ATI Technologies\
install source: C:\ATI\SUPPORT\7-2_xp_dd_ccc_wdm_enu_41238\CCC\CCC\Utility\
publisher: ATI
Catalyst Control Center Graphics Light 2007.0202.1923.34565 ({61BA2A5B-881D-EEF7-F5D2-5EFAF7CCBDA9})
version (major): 2007
version (minor): 202
estimated size: 3037
install date: 20070304
install location: C:\Program Files\ATI Technologies\
install source: C:\ATI\SUPPORT\7-2_xp_dd_ccc_wdm_enu_41238\CCC\CCC\Graphics-Light\
publisher: ATI
({62369F2F77534556AEF4C58152E3BDE5})
1.0 ({63A317D0-60A6-43FC-848A-9FE4A53B29CE})
version: 16777216
install location: C:\Program Files\Creative\Support\System Information
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{63A317D0-60A6-43FC-848A-9FE4A53B29CE}\setup.exe" -l0x9
Catalyst Control Center Core Implementation 2007.0202.1923.34565 ({651E5E05-3416-E761-B919-37EF1F4272F9})
version (major): 2007
version (minor): 202
estimated size: 6944
install date: 20070304
install location: C:\Program Files\ATI Technologies\
install source: C:\ATI\SUPPORT\7-2_xp_dd_ccc_wdm_enu_41238\CCC\CCC\Core-Implementation\
publisher: ATI
Steinhart
2007-03-16, 21:04
InterVideo WinDVD 6 6.0-B6.42 ({6ACA2FD2-4C4A-42F3-AFB5-7B433BBDF6DB})
version (major): 6
install location: D:\Program Files\InterVideo\DVD6
uninstall cmd: "C:\Program Files\InstallShield Installation Information\{6ACA2FD2-4C4A-42F3-AFB5-7B433BBDF6DB}\setup.exe" REMOVEALL
publisher: InterVideo Inc.
contact: support@intervideo.com
help link: http://www.intervideo.com/jsp/Support.jsp
PartitionMagic 8.00.000 ({6BE2A4A4-99FB-48ED-AE1E-4E850389F804})
version: 134217728
version (major): 8
estimated size: 46018
install date: 20061019
install location: C:\Program Files\PowerQuest\PartitionMagic 8.0\
install source: C:\Temp\PM8\Partition Magic 8.0\Setup\
publisher: PowerQuest
comments: PowerQuest Inc.
contact: Customer Support Department
help link: http://www.powerquest.com/support
help telephone: 1-801-226-6834
readme: Readme.txt
1.03 ({700932B3-A964-4878-82A2-96054622A1F7})
version: 16973824
install location: C:\Program Files\Creative\ShareDLL\CADI
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x9
Microsoft .NET Framework 2.0 2.0.50727 ({7131646D-CD3C-40F4-97B9-CD9E4E6262EF})
version: 33605159
version (major): 2
estimated size: 218792
install date: 20061019
install source: C:\DOCUME~1\CHRIST~1\LOCALS~1\Temp\IXP000.TMP\
publisher: Microsoft Corporation
CCC Help English 2007.0202.1922.34565 ({7191C910-3F72-B2CA-0FA5-F0E78F5F8FD2})
version (major): 2007
version (minor): 202
estimated size: 1037
install date: 20070304
install location: C:\Program Files\ATI Technologies\
install source: C:\ATI\SUPPORT\7-2_xp_dd_ccc_wdm_enu_41238\CCC\CCC\Help\en-US\
publisher: ATI
3.00 ({73919E2B-725C-4FAA-8473-45E063A3575F})
version: 50331648
install location: D:\Program Files\Creative\SBAudigy4\SFBM
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{73919E2B-725C-4FAA-8473-45E063A3575F}\setup.exe" -l0x9
6.2.1 ({7585478E9D9B42108671C12F8714CEFE})
install location: C:\Program Files\DivX
uninstall cmd: C:\Program Files\DivX\ConverterUninstall.exe /CONVERTER
publisher: DivX, Inc.
Ventrilo Client 2.3.0 ({789289CA-F73A-4A16-A331-54D498CE069F})
version: 33751040
version (major): 2
version (minor): 3
estimated size: 2392
install date: 20061019
install source: C:\Program Files\Common Files\Wise Installation Wizard\
uninstall cmd: MsiExec.exe /I{789289CA-F73A-4A16-A331-54D498CE069F}
publisher: Flagship Industries, Inc.
help link: http://www.ventrilo.com
3.00 ({7AFFF09F-386B-4F7A-B3E0-EC24C13893AA})
version: 50331648
install location: D:\Program Files\Creative\MediaSource
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7AFFF09F-386B-4F7A-B3E0-EC24C13893AA}\setup.exe" -l0x9
DivX Codec 6.5.1 ({7B63B2922B174135AFC0E1377DD81EC2})
install location: C:\Program Files\DivX
uninstall cmd: C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
publisher: DivX, Inc.
1.00 ({7B9AE66C-2A8F-4FB2-85D7-416AFFAE8408})
version: 16777216
install location: D:\Program Files\Creative\SBAudigy4\AudioConSole
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7B9AE66C-2A8F-4FB2-85D7-416AFFAE8408}\setup.exe" -l0x9
3.00 ({836612F0-1571-4C65-A4B7-58A39AA578EE})
version: 50331648
install location: D:\Program Files\Creative\MediaSource
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{836612F0-1571-4C65-A4B7-58A39AA578EE}\setup.exe" -l0x9
4.00 ({84F573D3-0F71-4768-978A-D35310E3FBA6})
version: 67108864
install location: D:\Program Files\Creative\SBAudigy4\Diagnostics
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{84F573D3-0F71-4768-978A-D35310E3FBA6}\setup.exe" -l0x9
Star Wars JK II Jedi Outcast ({8681B1E6-CD96-46EF-9065-CE0D1085ED99})
install location: D:\Program Files\LucasArts\Star Wars JK II Jedi Outcast
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8681B1E6-CD96-46EF-9065-CE0D1085ED99}\Setup.exe"
QFolder 1.00.0000 ({8777AC6D-89F9-4793-8266-DE406F343E89})
version: 16777216
version (major): 1
estimated size: 177
install date: 20061022
install source: C:\temp\HP_WebRelease\setup\QFolder\
publisher: Hewlett-Packard
3.0 ({8A3F2ADE-DEF2-4A50-866A-6B9357B5590F})
version: 50331648
install location: D:\Program Files\Creative\MediaSource\Go
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8A3F2ADE-DEF2-4A50-866A-6B9357B5590F}\setup.exe" -l0x9
DivX Player 6.4.2 ({8ADFC4160D694100B5B8A22DE9DCABD9})
install location: C:\Program Files\DivX
uninstall cmd: C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
publisher: DivXNetworks, Inc.
Adobe Common File Installer 1.00.0000 ({8EDBA74D-0686-4C99-BFDD-F894678E5B39})
version: 16777216
version (major): 1
estimated size: 136561
install date: 20061021
install location: C:\Program Files\Common Files\Adobe\
install source: D:\Program Files\BitComet\Downloads\Photoshop CS2 v9.0 + working KeyGen\Photoshop CS2\Adobe(R) Photoshop(R) CS2\commonfilesinstaller\
uninstall cmd: MsiExec.exe /I{8EDBA74D-0686-4C99-BFDD-F894678E5B39}
publisher: Adobe System Incorporated
comments: Your Comments
contact: Customer Support Department
help link: http://www.adobe.com/help
help telephone: 1-555-555-4505
Microsoft Office Professional Edition 2003 11.0.6361.0 ({90110409-6000-11D3-8CFE-0150048383C9})
version: 184555737
version (major): 11
estimated size: 648590
install date: 20061019
install location: D:\Program Files\Microsoft Office\
install source: D:\Share\Software\MS office\Office\
uninstall cmd: MsiExec.exe /I{90110409-6000-11D3-8CFE-0150048383C9}
publisher: Microsoft Corporation
help link: http://www.microsoft.com/support
readme: D:\Program Files\Microsoft Office\OFFICE11\1033\OFREADME.HTM
Apple Software Update 1.0.2.1 ({A50C25D7-62E9-4511-AD70-8E2DA5E79B7D})
version: 16777218
version (major): 1
estimated size: 2460
install date: 20061019
install location: C:\Program Files\Apple Software Update\
install source: C:\Program Files\Apple Software Update\Packages\
uninstall cmd: MsiExec.exe /I{A50C25D7-62E9-4511-AD70-8E2DA5E79B7D}
publisher: Apple Computer, Inc.
contact: AppleCare Support
help link: http://www.apple.com/support/
help telephone: 1-800-275-2273
2.00 ({A82F10CB-18B5-4EAC-AEF2-FA49CD565626})
version: 33554432
install location: C:\Program Files\Creative\Shared Files
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A82F10CB-18B5-4EAC-AEF2-FA49CD565626}\setup.exe" -l0x9
Sound Blaster Audigy 4 1.0 ({A8AD6CB8-DE96-43FA-9B73-5FB873DD1CAE})
version: 16777216
install location: D:\Program Files\Creative\SBAudigy4
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A8AD6CB8-DE96-43FA-9B73-5FB873DD1CAE}\SETUP.EXE" -l0x9 /remove
help link: http://www.creative.com/support
Adobe Acrobat - Reader 6.0.2 Update 6.0.2 ({AC76BA86-0000-0000-0000-6028747ADE01})
version: 100663298
version (major): 6
estimated size: 5780
install date: 20070301
install source: C:\Program Files\Adobe\{AC76BA86-0000-0000-7AC5-6028747ADE00}\
uninstall cmd: MsiExec.exe /I{AC76BA86-0000-0000-0000-6028747ADE01}
publisher: Adobe Systems
comments: Adobe Acrobat - Reader 6.0.2 Update
contact: Customer Support
help link: http://www.adobe.com/support/main.html
help telephone: 1-800-833-6687
Adobe Acrobat and Reader 6.0.3 Update 6.0.3 ({AC76BA86-0000-7EC8-7489-000000000603})
version: 100663299
version (major): 6
estimated size: 1305
install date: 20070301
install source: C:\Program Files\Adobe\{8312557B-FC01-4F06-AAC0-D1285ADBE94B}\
uninstall cmd: MsiExec.exe /I{AC76BA86-0000-7EC8-7489-000000000603}
publisher: Adobe Systems
comments: Adobe Acrobat - Reader 6.0.3 Update
contact: Customer Support
help link: http://www.adobe.com/support/main.html
help telephone: 1-800-833-6687
Adobe Acrobat and Reader 6.0.4 Update 6.0.4 ({AC76BA86-0000-7EC8-7489-000000000604})
version: 100663300
version (major): 6
estimated size: 313
install date: 20070301
install source: C:\Program Files\Adobe\{A1849F22-4417-4ECC-B720-297521B3F18A}\
uninstall cmd: MsiExec.exe /I{AC76BA86-0000-7EC8-7489-000000000604}
publisher: Adobe Systems
comments: Adobe Acrobat - Reader 6.0.4 Update
contact: Customer Support
help link: http://www.adobe.com/support/main.html
help telephone: 1-800-833-6687
Adobe Acrobat and Reader 6.0.5 Update 6.0.5 ({AC76BA86-0000-7EC8-7489-000000000605})
version: 100663301
version (major): 6
estimated size: 1189
install date: 20070301
install source: C:\Program Files\Adobe\{490A4339-AFA5-4098-A374-7752A1A30308}\
uninstall cmd: MsiExec.exe /I{AC76BA86-0000-7EC8-7489-000000000605}
publisher: Adobe Systems
comments: Adobe Acrobat - Reader 6.0.5 Update
contact: Customer Support
help link: http://www.adobe.com/support/main.html
help telephone: 1-800-833-6687
Adobe Acrobat and Reader 6.0.6 Update 6.0.6 ({AC76BA86-0000-7EC8-7489-000000000606})
version: 100663302
version (major): 6
estimated size: 525
install date: 20070301
install source: C:\Program Files\Adobe\{9074E407-55DC-4A4C-A591-6ADA60386EF4}\
uninstall cmd: MsiExec.exe /I{AC76BA86-0000-7EC8-7489-000000000606}
publisher: Adobe Systems
comments: Adobe Acrobat - Reader 6.0.6 Update
contact: Customer Support
help link: http://www.adobe.com/support/main.html
help telephone: 1-800-833-6687
Adobe Acrobat 6.0.1 Professional 006.000.001 ({AC76BA86-1033-0000-7760-000000000001})
version: 100663297
version (major): 6
estimated size: 526219
install date: 20070109
install source: D:\Documents\Christian\Adobe Acrobat 6.0 Professional\
uninstall cmd: MsiExec.exe /I{AC76BA86-1033-0000-7760-000000000001}
publisher: Adobe Systems
comments:
contact: Customer Support
help link: http://www.adobe.com/support/main.html
help telephone:
readme: D:\Program Files\Adobe\Acrobat 6.0\Readme.htm
AiO_Scan 40.0.115.000 ({AEC20FEC-47D8-4DEA-85D7-0B7E5D905D11})
version: 671088755
version (major): 40
estimated size: 242
install date: 20061022
install source: C:\temp\HP_WebRelease\Setup\AiO_Scan\
publisher: Hewlett-Packard
DivX Converter 6.2.1 ({B13A7C41581B411290FBC0395694E2A9})
install location: C:\Program Files\DivX
uninstall cmd: C:\Program Files\DivX\ConverterUninstall.exe /CONVERTER
publisher: DivX, Inc.
2.00 ({B20EB9BE-3795-47BA-BDD6-889593E8FD55})
version: 33554432
install location: D:\Program Files\Creative\SBAudigy4\DTSNeo6 Settings
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B20EB9BE-3795-47BA-BDD6-889593E8FD55}\setup.exe" -l0x9
DivX Web Player 1.3.0 ({B7050CBDB2504B34BC2A9CA0A692CC29})
install location: C:\Program Files\DivX
uninstall cmd: C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
publisher: DivX,Inc.
Adobe Bridge 1.0 001.000.004 ({B74D4E10-6884-0000-0000-000000000103})
version: 16777219
version (major): 1
estimated size: 214995
install date: 20061026
install location: C:\Program Files\Adobe\Adobe Bridge\
install source: C:\DOCUME~1\CHRIST~1\LOCALS~1\Temp\
uninstall cmd: MsiExec.exe /I{B74D4E10-6884-0000-0000-000000000103}
publisher: Adobe Systems
comments: Your Comments
contact: Customer Support Department
help link: http://www.adobe.com/support/main.html
2.20 ({BD6928A2-9F8F-4AA7-9A3A-FD4A271712EE})
version: 34865152
install location: D:\Program Files\Creative\SBAudigy4\Smart Recorder
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BD6928A2-9F8F-4AA7-9A3A-FD4A271712EE}\setup.exe" -l0x9
Microsoft .NET Framework 1.1 1.1.4322 ({CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1})
version: 16847074
version (major): 1
version (minor): 1
estimated size: 37963
install date: 20061019
install source: C:\DOCUME~1\CHRIST~1\LOCALS~1\Temp\IXP000.TMP\
uninstall cmd: MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
publisher: Microsoft
readme: file://C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\1033\RepairRedist.htm
1.01 ({CB99E420-8071-48F9-9567-4A53BE7569C4})
version: 16842752
install location: D:\Program Files\Creative\SBAudigy4\Audio Device Selection
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CB99E420-8071-48F9-9567-4A53BE7569C4}\setup.exe" -l0x9
Overland 2.1.4 ({D186329B-1B4D-408D-ABEC-EA5CE1F182C9})
version: 33619972
version (major): 2
version (minor): 1
estimated size: 6438
install date: 20061022
install source: C:\temp\HP_WebRelease\Setup\overland\
publisher: Hewlett-Packard
comments: 0
contact: 0
help link: 0
help telephone: 0
readme: 0
1.00 ({DAAC5938-8026-4D0C-A476-D1954917B7F5})
version: 16777216
install location: D:\Program Files\Creative\MediaSource
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DAAC5938-8026-4D0C-A476-D1954917B7F5}\SETUP.EXE" -l0x9
3.00 ({DE4A4C48-2232-4CCB-AD61-490ACD29BA85})
version: 50331648
install location: D:\Program Files\Creative\SBAudigy4\Surround Mixer
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DE4A4C48-2232-4CCB-AD61-490ACD29BA85}\setup.exe" -l0x9
Star Wars Republic Commando 1.0 ({DFAE9340-E8BB-4433-9A08-C8334DAFE1B9})
version: 16777216
install location: C:\Program Files\LucasArts\Star Wars Republic Commando
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DFAE9340-E8BB-4433-9A08-C8334DAFE1B9}\Setup.exe" -l0x9
Adobe Help Center 1.0 001.000.000 ({E9787678-1033-0000-8E67-000000000001})
version: 16777216
version (major): 1
estimated size: 21738
install date: 20061021
install location: C:\Program Files\Adobe\Adobe Help Center\
install source: D:\Program Files\BitComet\Downloads\Photoshop CS2 v9.0 + working KeyGen\Photoshop CS2\Adobe(R) Photoshop(R) CS2\Help Center\
uninstall cmd: MsiExec.exe /I{E9787678-1033-0000-8E67-000000000001}
publisher: Adobe Systems
comments: Your Comments
contact: Customer Support Department
help link: http://www.adobe.com
help telephone: 1-555-555-4505
Catalyst Control Center Graphics Full Existing 2007.0202.1923.34565 ({EC33A4E0-A500-D4A2-C1F8-DCA04496B053})
version (major): 2007
version (minor): 202
estimated size: 16161
install date: 20070304
install location: C:\Program Files\ATI Technologies\
install source: C:\ATI\SUPPORT\7-2_xp_dd_ccc_wdm_enu_41238\CCC\CCC\Graphics-Full-Existing\
publisher: ATI
Adobe Stock Photos 1.0 1.0.8 ({EE0D5DCD-2B97-4473-98DF-E93C0BD92F7A})
version: 16777224
version (major): 1
estimated size: 16046
install date: 20070101
install location: C:\Program Files\Adobe\Adobe Stock Photos\
install source: C:\DOCUME~1\CHRIST~1\LOCALS~1\Temp\
uninstall cmd: MsiExec.exe /I{EE0D5DCD-2B97-4473-98DF-E93C0BD92F7A}
publisher: Adobe Systems
comments: Your Comments
contact: Customer Support Department
help link: http://www.adobe.com
help telephone: 1-555-555-4505
Steinhart
2007-03-16, 21:07
SmitFraudFix v2.148
Scan done at 12:58:40.23, Fri 03/16/2007
Run from C:\Documents and Settings\Christian\Desktop\SmitfraudFix\SmitfraudFix
OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT
The filesystem type is NTFS
Fix run in safe mode
»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Before SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
»»»»»»»»»»»»»»»»»»»»»»»» Killing process
»»»»»»»»»»»»»»»»»»»»»»»» hosts
127.0.0.1 localhost
»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix
GenericRenosFix by S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» Deleting infected files
»»»»»»»»»»»»»»»»»»»»»»»» Deleting Temp Files
»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, following keys are not inevitably infected!!!
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""
»»»»»»»»»»»»»»»»»»»»»»»» Registry Cleaning
Registry Cleaning done.
»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler After SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
»»»»»»»»»»»»»»»»»»»»»»»» End
Steinhart
2007-03-16, 21:58
Since I know this is long and I read most of the "read this before you post threads"
I am not going to another site and will just wait my 4 days. Help sooner would be nice but w/e. yall are busy.
I will just check everyday for a reply.
Hello and welcome to the Forums :)
Sorry for the long delay...
You seem to have this Viewpoint software installed. It has a suspicious reputation and I recommend that you remove it via Control Panel, Add/Remove programs.
This is the folder to delete, C:\Program Files\Viewpoint
Please delete this file:
D:\Documents\Mommy\My Documents\My Pictures\flowing waterfall.exe
Then we'll need to clear your system restore from the malware that was left to there.
Click Start, click All Programs, click Accessories, click System Tools, and then click System Restore.
Click to add a check mark beside Turn off System Restore on all Drives, and click Apply.
When you are warned that all existing Restore Points will be deleted, click Yes to continue.
Restart your computer normally.
Then we'll enable system restore again.
Click Start, click All Programs, click Accessories, click System Tools, and then click System Restore.
Uncheck beside Turn off System Restore on all Drives, and click Apply.
Close the window
When you're ready, post a one more HijackThis log to here.
:bigthumb:
Steinhart
2007-03-25, 08:49
I did everything you said.
Logfile of HijackThis v1.99.1
Scan saved at 1:49:36 AM, on 3/25/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
D:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\svchost.exe
D:\Program Files\Creative\SBAudigy4\DVDAudio\CTDVDDET.EXE
D:\Program Files\Creative\SBAudigy4\Surround Mixer\CTSysVol.exe
C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe
C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.6.0\bin\jusched.exe
D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
D:\Program Files\Alwil Software\Avast4\ashWebSv.exe
D:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
D:\Program Files\Creative\MediaSource\Go\CTCMSGo.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
D:\Documents\Christian\My Documents\Downloads\Utilities\Malware stuff\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://downloads.yahoo.com/internetexplorer/welcome.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer provided by Yahoo!
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - D:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - D:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [CTDVDDET] "D:\Program Files\Creative\SBAudigy4\DVDAudio\CTDVDDET.EXE"
O4 - HKLM\..\Run: [CTSysVol] D:\Program Files\Creative\SBAudigy4\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [AudioDrvEmulator] "C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" -1 AudioDrvEmulator "C:\Program Files\Creative\Shared Files\Module Loader\Audio Emulator\AudDrvEm.dll"
O4 - HKLM\..\Run: [RCSystem] "C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" RCSystem * -Startup
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0\bin\jusched.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [avast!] D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [Creative Detector] D:\Program Files\Creative\MediaSource\Detector\CTDetect.exe /R
O4 - HKCU\..\Run: [SpybotSD TeaTimer] D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Creative MediaSource Go] "D:\Program Files\Creative\MediaSource\Go\CTCMSGo.exe" /SCB
O4 - HKCU\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - Unknown owner - D:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - D:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
Hi again :)
You have two (2) antiviruses installed and running, AVG Antivirus and Avast!. Running more that one antivirus at the same time may cause all kinds of problems and is NOT recommended.
You should leave only one (1) antivirus running. You should uninstall/disable either AVG Antivirus or Avast!. When you have decided, you can uninstall your choice through Control Panel, Add/Remove Programs..
You don't seem to have a third-party firewall (http://forum.malwareremoval.com/viewtopic.php?p=56#56) installed. You must install one firewall.
It is possible that you're using the Windows XP firewall. That is of course better than nothing but I recommend that you install a more advanced firewall that gives more protection. Windows firewall doesn't eg protect your computer from inbound threats. This means that any malware on your computer is free to "phone home" for more instructions. Remember to use only one firewall at the same time. I'll give you a few alternatives if you want to install a third-party firewall:
These are good (free) firewalls: Sunbelt-Kerio (http://www.sunbelt-software.com/Kerio.cfm)
ZoneAlarm (http://www.zonelabs.com/)
Sygate (http://http://www.majorgeeks.com/download.php?det=3356)
Outpost (http://www.majorgeeks.com/download.php?det=1056)
Comodo (http://www.personalfirewall.comodo.com)
How is the computer running?
Steinhart
2007-03-25, 20:56
OK I left only AVG. I am using windows firewall, and I have a router and it has a built in firewall.
I also just checked C:\Documents and Settings\Christian\Local Settings\Temp
and no new virus has been found, so I am guessing that its all fine now.
Would you suggest I still get a free one?
Here is a new log.
Logfile of HijackThis v1.99.1
Scan saved at 1:54:10 PM, on 3/25/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
D:\Program Files\Creative\SBAudigy4\DVDAudio\CTDVDDET.EXE
D:\Program Files\Creative\SBAudigy4\Surround Mixer\CTSysVol.exe
C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre1.6.0\bin\jusched.exe
D:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
D:\Program Files\Creative\MediaSource\Go\CTCMSGo.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
D:\Documents\Christian\My Documents\Downloads\Utilities\Malware stuff\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://downloads.yahoo.com/internetexplorer/welcome.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer provided by Yahoo!
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - D:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - D:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [CTDVDDET] "D:\Program Files\Creative\SBAudigy4\DVDAudio\CTDVDDET.EXE"
O4 - HKLM\..\Run: [CTSysVol] D:\Program Files\Creative\SBAudigy4\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [AudioDrvEmulator] "C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" -1 AudioDrvEmulator "C:\Program Files\Creative\Shared Files\Module Loader\Audio Emulator\AudDrvEm.dll"
O4 - HKLM\..\Run: [RCSystem] "C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" RCSystem * -Startup
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0\bin\jusched.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [Creative Detector] D:\Program Files\Creative\MediaSource\Detector\CTDetect.exe /R
O4 - HKCU\..\Run: [SpybotSD TeaTimer] D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Creative MediaSource Go] "D:\Program Files\Creative\MediaSource\Go\CTCMSGo.exe" /SCB
O4 - HKCU\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
Hello :)
Yes I would recommend that you install a free firewall because you don't have any inbound protection at the moment. (You can't control that which programs are allowed to connect to the internet)
=============
Now that you seem to be clean, please follow these simple steps in order to keep your computer clean and secure:
Clear your system restore (http://www.microsoft.com/windowsxp/using/helpandsupport/learnmore/tips/mcgill1.mspx)
This will clear the system restore folders from possible malware that was left behind during the cleaning process.
Use ATF Cleaner (http://www.atribune.org/ccount/click.php?id=1)
Download and install ATF Cleaner. Clean your temporary files & folders with it regularly.
Use Ad-Aware (http://www.bleepingcomputer.com/forums/?showtutorial=48)
Download and install Ad-Aware. Update it and scan your computer regularly with it.
Use AVG Anti-Spyware (http://www.ewido.net/en/)
Download and install AVG Anti-Spyware. Update it and scan your computer regularly with it.
Use Spybot S&D (http://www.bleepingcomputer.com/forums/?showtutorial=43)
Download and install Spybot S&D. Update it and scan your computer regularly with it.
Install SpywareBlaster (http://www.bleepingcomputer.com/tutorials/tutorial49.html)
SpywareBlaster will prevent spyware from being installed.
Install MVPS Hosts file (http://mvps.org/winhelp2002/hosts.htm)
This prevents your computer from connecting to harmful sites.
Use Firefox browser (http://www.mozilla.org)
Firefox is faster and more secure browser than Internet Explorer.
Keep your systen up-to-date (http://windowsupdate.microsoft.com)
Visit Windows Update regularly. How to enable Automatic Updates? (http://www.bleepingcomputer.com/tutorials/tutorial35.html)
Keep your antivirus (http://forum.malwareremoval.com/viewtopic.php?p=53#53) and firewall (http://forum.malwareremoval.com/viewtopic.php?p=56#56) up-to-date
Scan your computer regularly with you antivirus software.
Read this article by TonyKlein (http://forums.spybot.info/showthread.php?t=279)
So how did I get infected in the first place?
Stand Up and Be Counted ! (http://www.malwarecomplaints.info/index.php)
The site offers people who have been (or are) victims of malware the opportunity to document their story and, in that way, launch a complaint against the malware and the makers of the malware.
Stay clean and be safe ;)
Steinhart
2007-03-26, 23:24
Well thanks for all the help finally.
At least I'd say it was worth the wait :).
I did everything you recommended, and I choose Comodo Firewall.
Hopefully with all this I won't have another incident.
Thanks for all the help !!:bigthumb:
That's great news and you're very welcome :D:
As the problem appears to be resolved this topic has been archived.
If you need it re-opened please send a private message (pm) to a forum staff member and provide a link to the thread; this applies only to the original topic starter.
Glad we could help :2thumb: