View Full Version : Shakeys thread
Hi Lonny,
sorry, I couldn't find a way to open up a new thread. As this seems to be the best approriate existing thread, I am posting into this one.
Ive moved your posts here
Lonny
Four days ago, I was hit by something. A red circle with a white cross comne up with the measseg you are infected...as severla forums suggetsed this to by Spyaxe, I used the tool from noad to get rid of it -first unsucecsfully, then I deleted some files mentioned by Spyware docot (t.exe ,tt.exe and boot.inx) and the red circle went away.
Still (even after using Highjackthis, EWIDO etc. according to the protocol) my browser opens up and something wants to change by homepage to msn.com. Antivir prevents it from doing so and I cannot go into the Net with my Laptop, so I wonder whether anybody can help me.
Because of the lack of an Internet connection I could not make the Panda part. By transfering all data via USB from my office PC, I did the rest. AntiVir still deletes parts from teh highjackthis, when it is activated (hope this does not mean anything serious).
Here are the reports:
highjack before the scan +fix action:
Logfile of HijackThis v1.99.1
Scan saved at 14:41:58, on 24.01.2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\AVPersonal\AVGUARD.EXE
C:\Programme\AVPersonal\AVWUPSRV.EXE
C:\Programme\ewido anti-malware\ewidoctrl.exe
C:\Programme\ewido anti-malware\ewidoguard.exe
C:\Programme\CA\SharedComponents\CA_LIC\LogWatNT.exe
C:\Programme\Network Associates\Common Framework\FrameworkService.exe
C:\Programme\Network Associates\VirusScan\Mcshield.exe
C:\Programme\Network Associates\VirusScan\VsTskMgr.exe
C:\PROGRA~1\NETWOR~1\COMMON~1\naPrdMgr.exe
C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Programme\Spyware Doctor\sdhelp.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\Programme\Synaptics\SynTP\SynTPLpr.exe
C:\Programme\Synaptics\SynTP\SynTPEnh.exe
C:\Programme\Network Associates\VirusScan\SHSTAT.EXE
C:\Programme\Home Cinema\PowerCinema\PCMService.exe
C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
C:\Programme\Gemeinsame Dateien\Network Associates\TalkBack\TBMon.exe
C:\Programme\Network Associates\Common Framework\UpdaterUI.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe
C:\Programme\Microsoft AntiSpyware\gcasServ.exe
C:\Programme\Microsoft AntiSpyware\gcasDtServ.exe
C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Programme\AVPersonal\AVGNT.EXE
C:\Programme\Spyware Doctor\swdoctor.exe
C:\Programme\Spybot - Search & Destroy\TeaTimer.exe
C:\Programme\Hijackthis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.optusnet.com.au/search
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.optusnet.com.au/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.optusnet.com.au/search
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer from OptusNet
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programme\google\googletoolbar2.dll
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programme\google\googletoolbar2.dll
O4 - HKLM\..\Run: [SynTPLpr] C:\Programme\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Programme\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ShStatEXE] "C:\Programme\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [PCMService] "C:\Programme\Home Cinema\PowerCinema\PCMService.exe"
O4 - HKLM\..\Run: [Network Associates Error Reporting Service] "C:\Programme\Gemeinsame Dateien\Network Associates\TalkBack\TBMon.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Programme\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe
O4 - HKLM\..\Run: [gcasServ] "C:\Programme\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [ATIPTA] C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [AVGCtrl] "C:\Programme\AVPersonal\AVGNT.EXE" /min
O4 - HKCU\..\Run: [NBJ] "C:\Programme\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [Spyware Doctor] "C:\Programme\Spyware Doctor\swdoctor.exe" /Q
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Programme\Spybot - Search & Destroy\TeaTimer.exe
O8 - Extra context menu item: &Google-Suche - res://c:\programme\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Ins Deutsche übersetzen - res://c:\programme\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: Im Cache gespeicherte Seite - res://c:\programme\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Verweisseiten - res://c:\programme\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Ähnliche Seiten - res://c:\programme\google\GoogleToolbar2.dll/cmsimilar.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\j2re1.4.2_05\bin\npjpi142_05.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\j2re1.4.2_05\bin\npjpi142_05.dll
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra button: MedionShop - {7288F092-0E1C-48D7-852C-D5718D4EC435} - http://www.medionshop.de/ (file missing) (HKCU)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1099254598359
O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH - C:\Programme\AVPersonal\AVGUARD.EXE
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\Programme\AVPersonal\AVWUPSRV.EXE
O23 - Service: CA-Lizenz-Client (CA_LIC_CLNT) - Computer Associates - C:\Programme\CA\SharedComponents\CA_LIC\lic98rmt.exe
O23 - Service: CA-Lizenzserver (CA_LIC_SRVR) - Computer Associates - C:\Programme\CA\SharedComponents\CA_LIC\lic98rmtd.exe
O23 - Service: ewido security suite control - ewido networks - C:\Programme\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Programme\ewido anti-malware\ewidoguard.exe
O23 - Service: Ereignisprotokoll-Überwachung (LogWatch) - Computer Associates - C:\Programme\CA\SharedComponents\CA_LIC\LogWatNT.exe
O23 - Service: McAfee Framework-Dienst (McAfeeFramework) - Network Associates, Inc. - C:\Programme\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Programme\Network Associates\VirusScan\Mcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Programme\Network Associates\VirusScan\VsTskMgr.exe
O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - C:\Programme\Spyware Doctor\sdhelp.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
This is part 1, part 2 is coming!
SMITfile:
smitRem © log file
version 2.8
by noahdfear
Microsoft Windows XP [Version 5.1.2600]
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
checking for ShudderLTD key
ShudderLTD key not present!
checking for PSGuard.com key
PSGuard.com key not present!
checking for WinHound.com key
WinHound.com key not present!
spyaxe uninstaller NOT present
Winhound uninstaller NOT present
SpywareStrike uninstaller NOT present
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Existing Pre-run Files
~~~ Program Files ~~~
~~~ Shortcuts ~~~
~~~ Favorites ~~~
~~~ system32 folder ~~~
~~~ Icons in System32 ~~~
~~~ Windows directory ~~~
~~~ Drive root ~~~
~~~ Miscellaneous Files/folders ~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Command Line Process Viewer/Killer/Suspender for Windows NT/2000/XP V2.03
Copyright(C) 2002-2003 Craig.Peacock@beyondlogic.org
Killing PID 748 'explorer.exe'
Starting registry repairs
Deleting files
Remaining Post-run Files
~~~ Program Files ~~~
~~~ Shortcuts ~~~
~~~ Favorites ~~~
~~~ system32 folder ~~~
~~~ Icons in System32 ~~~
~~~ Windows directory ~~~
~~~ Drive root ~~~
~~~ Miscellaneous Files/folders ~~~
~~~ Wininet.dll ~~~
CLEAN! :)
Spybot:
--- Search result list ---
Gratulation!: Es wurden keine Spione gefunden. ()
--- Spybot - Search & Destroy version: 1.4 (build: 20050523) ---
2005-05-31 blindman.exe (1.0.0.1)
2005-05-31 SpybotSD.exe (1.4.0.3)
2005-05-31 TeaTimer.exe (1.4.0.2)
2006-01-24 unins000.exe (51.41.0.0)
2005-05-31 Update.exe (1.4.0.0)
2005-05-31 advcheck.dll (1.0.2.0)
2005-05-31 aports.dll (2.1.0.0)
2005-05-31 borlndmm.dll (7.0.4.453)
2005-05-31 delphimm.dll (7.0.4.453)
2005-05-31 SDHelper.dll (1.4.0.0)
2005-05-31 Tools.dll (2.0.0.2)
2005-05-31 UnzDll.dll (1.73.1.1)
2005-05-31 ZipDll.dll (1.73.2.0)
2006-01-20 Includes\Cookies.sbi (*)
2006-01-20 Includes\Dialer.sbi (*)
2006-01-20 Includes\Hijackers.sbi (*)
2006-01-20 Includes\Keyloggers.sbi (*)
2004-11-29 Includes\LSP.sbi (*)
2006-01-20 Includes\Malware.sbi (*)
2006-01-20 Includes\PUPS.sbi (*)
2006-01-20 Includes\Revision.sbi (*)
2006-01-20 Includes\Security.sbi (*)
2006-01-20 Includes\Spybots.sbi (*)
2005-02-17 Includes\Tracks.uti
2006-01-20 Includes\Trojans.sbi (*)
--- System information ---
Windows XP (Build: 2600) Service Pack 2
/ .NETFramework / 1.1: Microsoft .NET Framework 1.1 Hotfix (KB886903)
/ .NETFramework / 1.1: Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
--- Startup entries list ---
Located: HK_LM:Run, ATIPTA
command: C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe
file: C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe
size: 344064
MD5: 70bf5eee386574181e9b4e71c8166772
Located: HK_LM:Run, AVGCtrl
command: "C:\Programme\AVPersonal\AVGNT.EXE" /min
file: C:\Programme\AVPersonal\AVGNT.EXE
size: 180327
MD5: a9f455a03fa0fef8b85c68b123a5bb99
Located: HK_LM:Run, gcasServ
command: "C:\Programme\Microsoft AntiSpyware\gcasServ.exe"
file: C:\Programme\Microsoft AntiSpyware\gcasServ.exe
size: 473928
MD5: e8177b5150cab1509d2e9807c3f6366c
Located: HK_LM:Run, HPDJ Taskbar Utility
command: C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe
file: C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe
size: 188416
MD5: 2d9ce5dde52ceea539e0dd20735a0797
Located: HK_LM:Run, McAfeeUpdaterUI
command: "C:\Programme\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
file: C:\Programme\Network Associates\Common Framework\UpdaterUI.exe
size: 139320
MD5: e4a7b1aa1e40676153a824ac00ec3450
Located: HK_LM:Run, NeroFilterCheck
command: C:\WINDOWS\system32\NeroCheck.exe
file: C:\WINDOWS\system32\NeroCheck.exe
size: 155648
MD5: 3e4c03cefad8de135263236b61a49c90
Located: HK_LM:Run, Network Associates Error Reporting Service
command: "C:\Programme\Gemeinsame Dateien\Network Associates\TalkBack\TBMon.exe"
file: C:\Programme\Gemeinsame Dateien\Network Associates\TalkBack\TBMon.exe
size: 147514
MD5: 78915c3ad0024bacd46f41bf02ee4415
Located: HK_LM:Run, PCMService
command: "C:\Programme\Home Cinema\PowerCinema\PCMService.exe"
file: C:\Programme\Home Cinema\PowerCinema\PCMService.exe
size: 81920
MD5: 62ab47ed014c143ea9627ef7ae044eba
Located: HK_LM:Run, PinnacleDriverCheck
command: C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
file: C:\WINDOWS\system32\PSDrvCheck.exe
size: 406016
MD5: 39d31d333c39caa9a13b738804b43284
Located: HK_LM:Run, ShStatEXE
command: "C:\Programme\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
file: C:\Programme\Network Associates\VirusScan\SHSTAT.EXE
size: 94208
MD5: 7fdd96f93adbe7e986aabae0ca446011
Located: HK_LM:Run, SynTPEnh
command: C:\Programme\Synaptics\SynTP\SynTPEnh.exe
file: C:\Programme\Synaptics\SynTP\SynTPEnh.exe
size: 507904
MD5: bf35235d8c7840c8533414b81c5ed8e1
Located: HK_LM:Run, SynTPLpr
command: C:\Programme\Synaptics\SynTP\SynTPLpr.exe
file: C:\Programme\Synaptics\SynTP\SynTPLpr.exe
size: 98304
MD5: 74ac1d999fb14b095c66eebf0925b5e1
Located: HK_CU:Run, NBJ
command: "C:\Programme\Ahead\Nero BackItUp\NBJ.exe"
file: C:\Programme\Ahead\Nero BackItUp\NBJ.exe
size: 1916928
MD5: 55c4da6f3ed698e3c24d5d9cc38e7534
Located: HK_CU:Run, SpybotSD TeaTimer
command: C:\Programme\Spybot - Search & Destroy\TeaTimer.exe
file: C:\Programme\Spybot - Search & Destroy\TeaTimer.exe
size: 1415824
MD5: 70496eee0ddbe485f658693826f44d38
Located: HK_CU:Run, Spyware Doctor
command: "C:\Programme\Spyware Doctor\swdoctor.exe" /Q
file: C:\Programme\Spyware Doctor\swdoctor.exe
size: 1976544
MD5: 1775096a465e9a1f27b0a37e2bd9f9e5
Located: WinLogon, AtiExtEvent
command: Ati2evxx.dll
file: Ati2evxx.dll
Located: WinLogon, crypt32chain
command: crypt32.dll
file: crypt32.dll
Located: WinLogon, cryptnet
command: cryptnet.dll
file: cryptnet.dll
Located: WinLogon, cscdll
command: cscdll.dll
file: cscdll.dll
Located: WinLogon, ScCertProp
command: wlnotify.dll
file: wlnotify.dll
Located: WinLogon, Schedule
command: wlnotify.dll
file: wlnotify.dll
Located: WinLogon, sclgntfy
command: sclgntfy.dll
file: sclgntfy.dll
Located: WinLogon, SensLogn
command: WlNotify.dll
file: WlNotify.dll
Located: WinLogon, termsrv
command: wlnotify.dll
file: wlnotify.dll
Located: WinLogon, wlballoon
command: wlnotify.dll
file: wlnotify.dll
--- Browser helper object list ---
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (AcroIEHlprObj Class)
BHO name:
CLSID name: AcroIEHlprObj Class
description: Adobe Acrobat reader
classification: Legitimate
known filename: AcroIEhelper.ocx<br>AcroIEhelper.dll
info link: http://www.adobe.com/products/acrobat/readstep2.html
info source: TonyKlein
Path: C:\Programme\Adobe\Acrobat 6.0\Reader\ActiveX\
Long name: AcroIEHelper.dll
Short name: ACROIE~1.DLL
Date (created): 03.11.2003 23:47:44
Date (last access): 24.01.2006 14:38:40
Date (last write): 03.11.2003 23:47:44
Filesize: 54248
Attributes: archive
MD5: FC7850324464E4D19A24A03D882B5CC4
CRC32: 452E8571
Version: 6.0.1.1091
{53707962-6F74-2D53-2644-206D7942484F} ()
BHO name:
CLSID name:
description: Spybot-S&D IE Browser plugin
classification: Legitimate
known filename: SDhelper.dll
info link: http://spybot.eon.net.au/
info source: Patrick M. Kolla
Path: C:\PROGRA~1\SPYBOT~1\
Long name: SDHelper.dll
Short name:
Date (created): 24.01.2006 13:43:20
Date (last access): 24.01.2006 14:51:16
Date (last write): 31.05.2005 01:04:00
Filesize: 853672
Attributes: archive
MD5: 250D787A5712D7768DDC133B3E477759
CRC32: D4589A41
Version: 1.4.0.0
{5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} (PCTools Site Guard)
BHO name:
CLSID name: PCTools Site Guard
Path: C:\PROGRA~1\SPYWAR~1\tools\
Long name: iesdsg.dll
Short name:
Date (created): 22.01.2006 14:04:50
Date (last access): 24.01.2006 14:35:50
Date (last write): 09.12.2005 16:22:26
Filesize: 786656
Attributes: archive
MD5: 5687E0824D86BCD741FF316B2AAEC223
CRC32: A1216E9B
Version: 3.5.0.65
{AA58ED58-01DD-4d91-8333-CF10577473F7} (Google Toolbar Helper)
BHO name:
CLSID name: Google Toolbar Helper
description: Google toolbar
classification: Open for discussion
known filename: googletoolbar.dll<br>googletoolbar*.dll<br>(* = number)<br>googletoolbar_en_*.**-big.dll<br>Googletoolbar_en_*.*.**-deleon.dll
info link: http://toolbar.google.com/
info source: TonyKlein
Path: c:\programme\google\
Long name: GoogleToolbar2.dll
Short name: GOOGLE~2.DLL
Date (created): 19.12.2005 21:34:46
Date (last access): 24.01.2006 14:35:50
Date (last write): 08.11.2005 18:43:28
Filesize: 1180672
Attributes: readonly archive
MD5: 3984CC93CB957F555DE4942DBE98B4FD
CRC32: 9D860384
Version: 3.0.128.1
{B56A7D7D-6927-48C8-A975-17DF180C71AC} (PCTools Browser Monitor)
BHO name:
CLSID name: PCTools Browser Monitor
Path: C:\PROGRA~1\SPYWAR~1\tools\
Long name: iesdpb.dll
Short name:
Date (created): 22.01.2006 14:04:48
Date (last access): 24.01.2006 14:35:50
Date (last write): 06.01.2006 16:47:46
Filesize: 847608
Attributes: archive
MD5: F8095E0634238DB6681CF7661A2B2312
CRC32: D70B498A
Version: 3.5.0.276
--- ActiveX list ---
{166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control)
DPF name:
CLSID name: Shockwave ActiveX Control
Installer: C:\WINDOWS\Downloaded Program Files\erma.inf
Codebase: http://fpdownload.macromedia.com/get/shockwave/cabs/director/sw.cab
description: Macromedia ShockWave Flash Player 7
classification: Unknown
known filename: SWDIR.DLL
info link:
info source: Patrick M. Kolla
Path: C:\WINDOWS\system32\Macromed\Director\
Long name: SwDir.dll
Short name:
Date (created): 05.11.2004 13:16:14
Date (last access): 24.01.2006 11:30:58
Date (last write): 10.09.2004 00:15:18
Filesize: 54488
Attributes: archive
MD5: 12EF836DCCCDD0211F3E09D72812B9C6
CRC32: 8038F1E1
Version: 10.1.0.11
{3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} (Office Update Installation Engine)
DPF name:
CLSID name: Office Update Installation Engine
Installer: C:\WINDOWS\Downloaded Program Files\opuc.inf
Codebase: http://office.microsoft.com/officeupdate/content/opuc.cab
Path: C:\WINDOWS\
Long name: opuc.dll
Short name:
Date (created): 27.08.2003 13:40:30
Date (last access): 24.01.2006 14:53:42
Date (last write): 27.08.2003 13:40:30
Filesize: 314368
Attributes: archive
MD5: 1E32EC4A8A17B19926B49EA5F6B79A76
CRC32: E98FC293
Version: 11.0.5626.0
{6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class)
DPF name:
CLSID name: WUWebControl Class
Installer: C:\WINDOWS\Downloaded Program Files\wuweb.inf
Codebase: http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1099254598359
Path: C:\WINDOWS\system32\
Long name: wuweb.dll
Short name:
Date (created): 31.10.2004 11:01:32
Date (last access): 24.01.2006 11:30:48
Date (last write): 04.08.2004 21:30:00
Filesize: 120320
Attributes: archive
MD5: DE0F2B459D673BFB3E3BCC7D8FBB4B46
CRC32: 5E9F5398
Version: 5.4.3790.2180
{8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.4.1)
DPF name: Java Runtime Environment 1.4.1
CLSID name: Java Plug-in 1.4.1
Installer:
Codebase: http://java.sun.com/products/plugin/1.4/jinstall-14-windows-i586.cab
description: Sun Java
classification: Legitimate
known filename: %PROGRAM FILES%\JabaSoft\JRE\*\Bin\npjava131.dll
info link:
info source: Patrick M. Kolla
Path: C:\Programme\Java\j2re1.4.1\bin\
Long name: NPJPI141.dll
Short name:
Date (created): 15.01.2005 04:13:18
Date (last access): 24.01.2006 11:12:44
Date (last write): 29.08.2002 18:40:26
Filesize: 61545
Attributes: archive
MD5: F48925FF9366548745A62EB2BAC7DD9C
CRC32: C49EECE2
Version: 1.4.1.0
{CAFEEFAC-0014-0001-0000-ABCDEFFEDCBA} (Java Runtime Environment 1.4.1)
DPF name: Java Runtime Environment 1.4.1
CLSID name: Java Plug-in 1.4.1
Installer:
Codebase: http://java.sun.com/products/plugin/1.4/jinstall-14-windows-i586.cab
Path: C:\Programme\Java\j2re1.4.1\bin\
Long name: NPJPI141.dll
Short name:
Date (created): 15.01.2005 04:13:18
Date (last access): 24.01.2006 15:04:38
Date (last write): 29.08.2002 18:40:26
Filesize: 61545
Attributes: archive
MD5: F48925FF9366548745A62EB2BAC7DD9C
CRC32: C49EECE2
Version: 1.4.1.0
{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA} (Java Runtime Environment 1.4.2)
DPF name: Java Runtime Environment 1.4.2
CLSID name: Java Plug-in 1.4.2_05
Installer:
Codebase: http://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab
Path: C:\Programme\Java\j2re1.4.2_05\bin\
Long name: NPJPI142_05.dll
Short name: NPJPI1~1.DLL
Date (created): 04.06.2068 07:35:12
Date (last access): 24.01.2006 11:14:08
Date (last write): 04.06.2004 07:35:06
Filesize: 65650
Attributes: archive
MD5: 174488C8877FA852448D1937C322AABB
CRC32: 62C2460D
Version: 1.4.2.50
--- Process list ---
PID: 0 ( 0) [System]
PID: 148 ( 4) \SystemRoot\System32\smss.exe
PID: 196 ( 148) \??\C:\WINDOWS\system32\csrss.exe
PID: 220 ( 148) \??\C:\WINDOWS\system32\winlogon.exe
PID: 264 ( 220) C:\WINDOWS\system32\services.exe
size: 108544
MD5: EDB6B81761BD60F32F740BBC40AFB676
PID: 276 ( 220) C:\WINDOWS\system32\lsass.exe
size: 13312
MD5: 183805EB05BCA5A1E4AAAED4D2BE3690
PID: 424 ( 264) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 65A819B121EB6FDAB4400EA42BDFFE64
PID: 476 ( 264) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 65A819B121EB6FDAB4400EA42BDFFE64
PID: 516 ( 264) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 65A819B121EB6FDAB4400EA42BDFFE64
PID: 1952 ( 836) C:\WINDOWS\explorer.exe
size: 1035264
MD5: 22FE1BE02EADDE1632E478E4125639E0
PID: 416 (1952) C:\Programme\Spybot - Search & Destroy\SpybotSD.exe
size: 4393096
MD5: 09CA174A605B480318731E691DC98539
PID: 4 ( 0) System
--- Browser start & search pages list ---
Spybot - Search & Destroy browser pages report, 24.01.2006 15:04:37
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Local Page
\blank.htm
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Page
http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Bar
http://search.msn.com/spbasic.htm
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Start Page
http://www.optusnet.com.au/
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Default_Page_URL
about:blank
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Default_Search_URL
http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Local Page
%SystemRoot%\system32\blank.htm
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Search Page
http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Search Bar
http://www.optusnet.com.au/search
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Start Page
http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Page_URL
http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Search_URL
http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\SearchAssistant
http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\CustomizeSearch
http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
Oart 3 is following...
--- Winsock Layered Service Provider list ---
Protocol 0: MSAFD Tcpip [TCP/IP]
GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IP protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip
Protocol 1: MSAFD Tcpip [UDP/IP]
GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IP protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip
Protocol 2: MSAFD Tcpip [RAW/IP]
GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IP protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip
Protocol 3: RSVP UDP Service Provider
GUID: {9D60A9E0-337A-11D0-BD88-0000C082E69A}
Filename: %SystemRoot%\system32\rsvpsp.dll
Description: Microsoft Windows NT/2k/XP RVSP
DB filename: %SystemRoot%\system32\rsvpsp.dll
DB protocol: RSVP * Service Provider
Protocol 4: RSVP TCP Service Provider
GUID: {9D60A9E0-337A-11D0-BD88-0000C082E69A}
Filename: %SystemRoot%\system32\rsvpsp.dll
Description: Microsoft Windows NT/2k/XP RVSP
DB filename: %SystemRoot%\system32\rsvpsp.dll
DB protocol: RSVP * Service Provider
Protocol 5: MSAFD NetBIOS [\Device\NetBT_Tcpip_{7F073369-196E-431E-BD23-861DA10517AB}] SEQPACKET 6
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 6: MSAFD NetBIOS [\Device\NetBT_Tcpip_{7F073369-196E-431E-BD23-861DA10517AB}] DATAGRAM 6
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 7: MSAFD NetBIOS [\Device\NetBT_Tcpip_{59172414-0D3B-4228-B68A-19C1C6420C3D}] SEQPACKET 5
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 8: MSAFD NetBIOS [\Device\NetBT_Tcpip_{59172414-0D3B-4228-B68A-19C1C6420C3D}] DATAGRAM 5
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 9: MSAFD NetBIOS [\Device\NetBT_Tcpip_{0E352F4E-AC8E-4065-B4A4-E85A82F9D87F}] SEQPACKET 4
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 10: MSAFD NetBIOS [\Device\NetBT_Tcpip_{0E352F4E-AC8E-4065-B4A4-E85A82F9D87F}] DATAGRAM 4
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 11: MSAFD NetBIOS [\Device\NetBT_Tcpip_{E3ADBBCA-53AA-4ACB-B8A0-1369C25651E4}] SEQPACKET 1
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 12: MSAFD NetBIOS [\Device\NetBT_Tcpip_{E3ADBBCA-53AA-4ACB-B8A0-1369C25651E4}] DATAGRAM 1
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 13: MSAFD NetBIOS [\Device\NetBT_Tcpip_{250582C5-5698-465E-B7B3-7D1C8ADEF3FE}] SEQPACKET 0
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 14: MSAFD NetBIOS [\Device\NetBT_Tcpip_{250582C5-5698-465E-B7B3-7D1C8ADEF3FE}] DATAGRAM 0
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 15: MSAFD NetBIOS [\Device\NetBT_Tcpip_{1546DADE-992D-481E-BEFE-9567591CA338}] SEQPACKET 2
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 16: MSAFD NetBIOS [\Device\NetBT_Tcpip_{1546DADE-992D-481E-BEFE-9567591CA338}] DATAGRAM 2
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 17: MSAFD NetBIOS [\Device\NetBT_Tcpip_{F10AC5EE-8627-4940-B38E-6C8B0626875D}] SEQPACKET 3
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 18: MSAFD NetBIOS [\Device\NetBT_Tcpip_{F10AC5EE-8627-4940-B38E-6C8B0626875D}] DATAGRAM 3
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 19: MSAFD NetBIOS [\Device\NetBT_Tcpip_{DDDEE806-0DB6-4A4B-B978-10910B5A4D73}] SEQPACKET 7
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 20: MSAFD NetBIOS [\Device\NetBT_Tcpip_{DDDEE806-0DB6-4A4B-B978-10910B5A4D73}] DATAGRAM 7
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 21: MSAFD NetBIOS [\Device\NetBT_Tcpip_{CD47C7FD-963C-448B-A0DD-81B359080A17}] SEQPACKET 8
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 22: MSAFD NetBIOS [\Device\NetBT_Tcpip_{CD47C7FD-963C-448B-A0DD-81B359080A17}] DATAGRAM 8
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Namespace Provider 0: TCP/IP
GUID: {22059D40-7E9E-11CF-AE5A-00AA00A7112B}
Filename: %SystemRoot%\System32\mswsock.dll
Description: Microsoft Windows NT/2k/XP TCP/IP name space provider
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: TCP/IP
Namespace Provider 1: NTDS
GUID: {3B2637EE-E580-11CF-A555-00C04FD8D4AC}
Filename: %SystemRoot%\System32\winrnr.dll
Description: Microsoft Windows NT/2k/XP name space provider
DB filename: %SystemRoot%\system32\winrnr.dll
DB protocol: NTDS
Namespace Provider 2: NLA-Namespace
GUID: {6642243A-3BA8-4AA6-BAA5-2E0BD71FDD83}
Filename: %SystemRoot%\System32\mswsock.dll
Description: Microsoft Windows NT/2k/XP name space provider
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: NLA-Namespace
--- Uninstall list ---
Ad-Aware SE Personal 1.06 (Ad-Aware SE Personal)
uninstall cmd: C:\PROGRA~1\Lavasoft\AD-AWA~1\UNWISE.EXE C:\PROGRA~1\Lavasoft\AD-AWA~1\INSTALL.LOG
publisher: Lavasoft
help link: http://www.lavasoft.com
(AddressBook)
Agere Systems AC'97 Modem (Agere Systems Soft Modem)
uninstall cmd: agrsmdel
ATI - Dienstprogramm zur Deinstallation der Software 6.14.10.1010 (All ATI Software)
install location: C:\Programme\ATI Technologies\UninstallAll
uninstall cmd: C:\Programme\ATI Technologies\UninstallAll\AtiCimUn.exe
AOL Deutschland (America Online de)
uninstall cmd: C:\Programme\Gemeinsame Dateien\aolshare\Aolunins_de.exe
AntiVir/XP (AntiVir/XP)
uninstall cmd: C:\Programme\AVPersonal\AVUNINST.EXE
publisher: H+BEDV Datentechnik GmbH
comments: -
contact: Support Forum
help link: http://www.free-av.de/forum
AOL Meine Fotos Bildschirmschoner (AOL YGP Screensaver)
uninstall cmd: C:\Programme\Gemeinsame Dateien\AOL\Screensaver\uninst_ygpss.exe
ATI Display Driver 8.063-041006a-018877C-Mitac (ATI Display Driver)
uninstall cmd: rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
(Branding)
CCleaner (remove only) (CCleaner)
uninstall cmd: "C:\Programme\CCleaner\uninst.exe"
(Connection Manager)
(DirectAnimation)
(DirectDrawEx)
(DXM_Runtime)
EndNote 7.0 (EndNote)
uninstall cmd: C:\PROGRA~1\EndNote\UNWISE.EXE C:\PROGRA~1\EndNote\INSTALL.LOG
publisher: ISI ResearchSoft
contact: pc-support@endnote.com
help telephone: (408) 987-5609
ewido anti-malware (ewidoantimalware)
install location: C:\Programme\ewido anti-malware
uninstall cmd: C:\Programme\ewido anti-malware\Uninstall.exe
publisher: ewido networks
help link: http://www.ewido.net
Exhalyzer AddonTools (Exhalyzer AddonTools)
uninstall cmd: C:\WINDOWS\uninst.exe -fc:\nddmed\DeIsL3.isu -cc:\nddmed\_ISREG32.DLL
(expinst)
Microsoft Flight Simulator 2004 - Das Jahrhundert der Luftfahrt 9.0 (Flight Simulator 9.0)
version (major): 9
install location: C:\Programme\Microsoft Games\Flight Simulator 9
uninstall cmd: "C:\Programme\Microsoft Games\Flight Simulator 9\UNINSTAL.EXE" /runtemp /addremove
publisher: Microsoft
help link: http://www.microsoft.com/support
readme: C:\Programme\Microsoft Games\Flight Simulator 9\Info.rtf
(Fontcore)
freenet.de 4.0 (freenet.de Internet-by-Call)
uninstall cmd: C:\WINDOWS\system32\RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\frninbc2.INF, RemoveInstall.NTx86
publisher: Technology by Wildsoft
HijackThis 1.99.1 1.99.1 (HijackThis)
uninstall cmd: C:\Programme\Hijackthis\HijackThis.exe /uninstall
publisher: Soeperman Enterprises Ltd.
Hijackthis 1.99.1 (Hijackthis_is1)
install location: C:\Programme\Hijackthis\
uninstall cmd: "C:\Programme\Hijackthis\unins000.exe"
publisher: Soeperman Enterprises Ltd
help link: http://www.merijn.org
Pinnacle Hollywood FX 5 (Hollywood FX 5)
uninstall cmd: C:\WINDOWS\unvise32.exe C:\Programme\Pinnacle\Hollywood FX 5\uninstal.log
hp deskjet 3320 series (Remove only) (hp deskjet 3320 series)
uninstall cmd: C:\Programme\hp deskjet 3320 series\hpfiui.exe -c -vdivid=HPF -vpnum=95 -vinstport=USB001 -vproduct=3320 -huninstall
hp deskjet 3320 series (hp deskjet 3320 series_Driver)
uninstall cmd: rundll32 hpzcon07.dll,VendorJettison hp deskjet 3320 series
(ICW)
(IE40)
(IE4Data)
(IE5BAKEX)
(IEData)
(IEREADME)
(InstallShield Uninstall Information)
(InstallShield_{30C10EE3-EFB3-4B7A-9CDC-50790C2B5200})
ISI ResearchSoft - Export Helper (ISI ResearchSoft - Export Helper)
uninstall cmd: C:\PROGRA~1\GEMEIN~1\Risxtd\_UNINST.EXE
(KB884016)
Microsoft .NET Framework 1.1 Hotfix (KB886903) (M886903)
uninstall cmd: "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M886903\M886903Uninstall.msp"
Macromedia Shockwave Player (Macromedia Shockwave Player)
uninstall cmd: C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
Malware Remover Backdoor Guard 1.0.0.2 (Malware Remover Backdoor Guard_is1)
uninstall cmd: C:\Programme\MRBDG\unins000.exe
publisher: MalwareRemover.com
help link: http://www.MalwareRemover.com
Uninstall Malware Scanner (Malware Scanner_is1)
install location: C:\Programme\MalwareScanner\
uninstall cmd: "C:\Programme\MalwareScanner\unins000.exe"
publisher: Malwareremover.com
help link: http://www.Malwareremover.com
Microsoft .NET Framework 1.1 (Microsoft .NET Framework 1.1 (1033))
uninstall cmd: msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
readme: file://C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\1033\RepairRedist.htm
(Microsoft Interactive Training)
uninstall cmd: C:\WINDOWS\IsUn0407.exe -fC:\WINDOWS\orun32.isu
(MobileOptionPack)
(MPlayer2)
(MSI30-Beta1)
(MSI30-Beta2)
(MSI30-KB884016)
(MSI30-RC1)
(MSI30-RC2)
(MSI30a-KB884016)
(MSI31-Beta)
(MSI31-RC1)
MSN (MSNINST)
uninstall cmd: C:\Programme\MSN\MsnInstaller\msninst.exe /Action:ARP
(Nero - Burning Rom!UninstallKey)
uninstall cmd: C:\Programme\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
Nero Suite (NeroMultiInstaller!UninstallKey)
uninstall cmd: C:\Programme\Gemeinsame Dateien\Ahead\Uninstall\setup.exe /uninstall ExtraUninstallID=""
(NeroVision!UninstallKey)
uninstall cmd: C:\WINDOWS\UNNeroVision.exe /UNINSTALL
(NetMeeting)
Organ Preservation Surgery for Laryngeal Cancer (OpsDeinstKey)
uninstall cmd: C:\WINDOWS\uninst.exe -f"c:\dokumente und einstellungen\achim\eigene dateien\adelaide\forschung\laryngeal surgery\DeIsL1.isu"
OptusNet (OptusNet)
uninstall cmd: C:\PROGRA~1\ONLINE~1\Optus\UNWISE.EXE C:\PROGRA~1\ONLINE~1\Optus\INSTALL.LOG
(OutlookExpress)
PATRIZIER II (PATRIZIER II_is1)
uninstall cmd: "C:\Programme\PATRIZIER II\unins000.exe"
(PCHealth)
uninstall cmd: rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Microsoft Picture It! Foto Premium 10 10.0.0715 (PictureItPrem_v10)
install location: C:\Programme\Picture It! Premium 10\
install source: F:\pip\pod\
uninstall cmd: "C:\Programme\Gemeinsame Dateien\Microsoft Shared\Picture It!\RmvSuite.exe" ADDREMOVE=1 SKU=PREM
publisher: Microsoft Corporation
help link: http://go.microsoft.com/fwlink/?linkid=15513&clcid=0x407
QuickTime (QuickTime)
uninstall cmd: C:\WINDOWS\unvise32qt.exe C:\WINDOWS\system32\QuickTime\Uninstall.log
(SchedulingAgent)
Shockwave (Shockwave)
uninstall cmd: C:\WINDOWS\system32\Macromed\SHOCKW~2\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~2\Install.log
(ShockwaveFlash)
Skype 1.0 1.0 (Skype_is1)
uninstall cmd: C:\Programme\Skype\Phone\unins000.exe
publisher: Skype Software S.A.
help link: http://ui.skype.com/ui/0/1.0.0.97/en/help
spiroware (spiroware)
uninstall cmd: C:\WINDOWS\uninst.exe -fc:\NddMed\DeIsL2.isu -cc:\NddMed\_ISREG32.DLL
SPOT Camera for Windows (SPOT Camera for Windows)
uninstall cmd: C:\SPOTCam\UnSPOT.exe -fC:\SPOTCam\DeIsL1.isu
SPSS 11.0 for Windows (SPSS for Windows 11.0)
uninstall cmd: C:\WINDOWS\uninst.exe -fC:\Programme\SPSS\DeIsL1.isu -c"C:\Programme\SPSS\uninst.dll
Spybot - Search & Destroy 1.4 1.4 (Spybot - Search & Destroy_is1)
install location: C:\Programme\Spybot - Search & Destroy\
uninstall cmd: "C:\Programme\Spybot - Search & Destroy\unins000.exe"
publisher: Safer Networking Limited
Spyware Doctor 3.5 3.5 (Spyware Doctor_is1)
install location: C:\Programme\Spyware Doctor\
uninstall cmd: "C:\Programme\Spyware Doctor\unins000.exe"
publisher: PC Tools Research Pty. Ltd.
help link: http://www.pctools.com/spyware-doctor/support/
SurfCall (SurfCall)
uninstall cmd: C:\WINDOWS\IsUninst.exe -fC:\Programme\SurfCall\Uninst.isu
Synaptics Pointing Device Driver 7.10.8.0 (SynTPDeinstKey)
uninstall cmd: rundll32.exe "C:\Programme\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
Viewpoint Media Player (ViewpointMediaPlayer)
uninstall cmd: C:\Programme\Viewpoint\Viewpoint Experience Technology\mtsAxInstaller.exe /u
Windows Media Connect (Windows Media Connect)
uninstall cmd: msiexec.exe /I {F6869CD2-3DB4-476D-A4C7-B3AE7C3ACF7B}
Windows Media Format Runtime (Windows Media Format Runtime)
uninstall cmd: "C:\Programme\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Player 10 (Windows Media Player)
uninstall cmd: "C:\Programme\Windows Media Player\Setup_wm.exe" /Uninstall
Setup-Start von Microsoft Works 2005 (Works2005Setup)
uninstall cmd: C:\Programme\Microsoft Works Suite 2005\Setup\Launcher.exe /ARP F:\
help link: http://support.microsoft.com/
ElsterFormular 2004/2005 6.0.0.0 ({03EB79B7-2152-4C98-AEA0-254F881A3275})
version: 100663296
install date: 20050516
install location: C:\Programme\ElsterFormular2004
install source: C:\DOKUME~1\Achim\LOKALE~1\Temp\bye71.tmp\Disk1\
uninstall cmd: RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{03EB79B7-2152-4C98-AEA0-254F881A3275}\setup.exe" -l0x7 -removeonly
publisher: Steuerverwaltung des Bundes und der Länder
help link: www.faq.elster.de
help telephone: 01805 / 23 50 55
Microsoft Encarta Enzyklopädie 2005 2005 ({05440044-64A6-4248-A026-9745C1E9E159})
version (major): 2005
install date: 20041105
install location: C:\Programme\Encarta\Encarta Enzyklopädie - 2005\encarta.exe
uninstall cmd: MsiExec.exe /I{05440044-64A6-4248-A026-9745C1E9E159}
publisher: Microsoft Corporation
help link: http://support.microsoft.com
ANNO 1602 Königs-Edition 1.00 ({077A7810-A937-4465-AD08-ACED9807995F})
version: 16777216
install location: D:\Anno1602
uninstall cmd: RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{077A7810-A937-4465-AD08-ACED9807995F}\SETUP.exe" -l0x7
ATI Control Panel 6.14.10.5125 ({0BEDBD4E-2D34-47B5-9973-57E62B29307C})
uninstall cmd: RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{0BEDBD4E-2D34-47B5-9973-57E62B29307C}\setup.exe"
Stronghold 2 Deluxe 1.30 ({16D2C649-CBA8-44EE-B730-12584667D487})
version: 18743296
install date: 20060118
install location: C:\Programme\Firefly Studios\Stronghold 2
install source: F:\Disk1\
uninstall cmd: RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{16D2C649-CBA8-44EE-B730-12584667D487}\setup.exe" -l0x9 -removeonly
publisher: Firefly Studios
AutoUpdate 1.0 ({18D10072035C4515918F7E37EAFAACFC})
install location: C:\Programme\DivX
Last part will follow!
Google Toolbar for Internet Explorer ({2318C2B1-4965-11d4-9B18-009027A5CD4F})
uninstall cmd: regsvr32 /u /s "c:\programme\google\googletoolbar2.dll"
videon 3.5 ({261D0486-9127-4071-BA1D-FE784310752E})
version: 50659328
install location: C:\Programme\muvee Technologies\videon
uninstall cmd: RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{261D0486-9127-4071-BA1D-FE784310752E}\Setup.exe" -l0x7
publisher: muvee Technologies
help link: http://store.muvee.com/?f=support&k=UZHL3-RQJG5-8V2LX-6UZHL-3S6PC&w=02370192&l=1031
PowerCinema 3.0 ({2637C347-9DAD-11D6-9EA2-00055D0CA761})
uninstall cmd: RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{2637C347-9DAD-11D6-9EA2-00055D0CA761}\setup.exe" -uninstall
Two Thrones ({2C5E4E9E-A2BD-4303-A66D-860B913615B2})
uninstall cmd: RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{2C5E4E9E-A2BD-4303-A66D-860B913615B2}\setup.exe" -l0x9
OLYMPUS CAMEDIA Master 4.2 ({30BB4D60-81DB-11D5-BB77-00400536ABAC})
uninstall cmd: RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{30BB4D60-81DB-11D5-BB77-00400536ABAC}\setup.exe" CAMEDIA Master 4.2
CA Licensing 1.52 ({30C10EE3-EFB3-4B7A-9CDC-50790C2B5200})
version: 20185088
version (major): 1
version (minor): 52
estimated size: 1459
install date: 20041031
install source: D:\Tools\eTrust_AV\German\Bin\License\Lang\De\
publisher: Computer Associates International, Inc.
comments: 0
contact: 0
help link: http://esupport.ca.com
help telephone: Error Loading StringId: '0'
readme: 0
WebFldrs XP 9.50.7523 ({350C97B3-3D7C-4EE8-BAA9-00BCB3D54227})
version: 154279267
version (major): 9
version (minor): 50
estimated size: 2504
install date: 20041031
install source: C:\WINDOWS\system32\
publisher: Microsoft Corporation
help link: http://www.microsoft.com/windows
Informationen über Ihren PC ({3D1A6B70-3E02-49BC-88B0-916C80274632})
install date: 20041031
uninstall cmd: MsiExec.exe /I{3D1A6B70-3E02-49BC-88B0-916C80274632}
Microsoft Picture It!-Bibliothek 10 10.0.0715 ({3F262ADC-5AD2-48E5-A586-44315E04A9E2})
version: 167772875
version (major): 10
install date: 20041105
publisher: Microsoft Corporation
help link: http://go.microsoft.com/fwlink/?linkid=15513&clcid=0x407
help telephone: (425)
Microsoft Picture It! Foto Premium 10 10.0.0715 ({42756145-9997-4D28-809B-8756BFD00106})
version: 167772875
version (major): 10
install date: 20041105
publisher: Microsoft Corporation
comments: Microsoft Picture It! Foto Premium 10
help link: http://go.microsoft.com/fwlink/?linkid=15513&clcid=0x407
help telephone:
Microsoft Windows-Journal-Viewer 1.5.2315.3 ({43DCF766-6838-4F9A-8C91-D92DA586DFA7})
version: 17107211
version (major): 1
version (minor): 5
estimated size: 3555
install date: 20041031
install source: C:\DOKUME~1\Besitzer\LOKALE~1\Temp\IXP000.TMP\
uninstall cmd: MsiExec.exe /X{43DCF766-6838-4F9A-8C91-D92DA586DFA7}
publisher: Microsoft
comments: Ein Viewer für Windows-Journaldokumente.
contact: Microsoft
upapp 0.20.0000 ({4EF69D40-4DC9-485E-95D3-B1C22F218FC8})
version: 1310720
version (minor): 20
estimated size: 1165
install date: 20051024
install source: f:\upapp\
uninstall cmd: MsiExec.exe /I{4EF69D40-4DC9-485E-95D3-B1C22F218FC8}
publisher: Hewlett-Packard
comments: Your Comments
contact: Customer Support Department
help link: http://www.yourcompany.com/help
help telephone: 1-555-555-4505
readme: Readme.txt
Microsoft AntiSpyware 1.0 ({536F7C74-844B-4683-B0C5-EA39E19A6FE3})
version: 16777216
version (major): 1
estimated size: 16123
install date: 20060120
install location: C:\Programme\Microsoft AntiSpyware\
install source: C:\WINDOWS\Downloaded Installations\{C0FA7138-477B-4FEC-8F23-640C21C2287B}\
uninstall cmd: MsiExec.exe /I{536F7C74-844B-4683-B0C5-EA39E19A6FE3}
publisher: Microsoft Corporation
contact: Microsoft Support
help link: http://www.microsoft.com
Microsoft AutoRoute 2005 12.00.07.1200 ({67E4EE98-59F4-4220-89A6-A20AF5BEC689})
version: 201326599
version (major): 12
install date: 20041105
install location: C:\Programme\Microsoft AutoRoute\
uninstall cmd: MsiExec.exe /I{67E4EE98-59F4-4220-89A6-A20AF5BEC689}
publisher: Microsoft Corporation
PowerDVD ({6811CAA0-BF12-11D4-9EA1-0050BAE317E1})
uninstall cmd: RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\setup.exe" -uninstall
Home Cinema ({6B103F43-069C-11D6-9EA2-0050BAE317E1})
uninstall cmd: C:\Programme\Uninstall_PCM.exe
Java 2 Runtime Environment, SE v1.4.2_05 1.4.2_05 ({7148F0A8-6813-11D6-A77B-00B0D0142050})
version (major): 1
version (minor): 4
estimated size: 140840
install date: 20041105
install source: C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\{7148F0A6-6813-11D6-A77B-00B0D0142050}\
uninstall cmd: MsiExec.exe /I{7148F0A8-6813-11D6-A77B-00B0D0142050}
publisher: Sun Microsystems, Inc.
comments: http://www.java.com
contact: http://www.java.com
help link: http://www.java.com
help telephone: http://www.java.com
readme: Readme.txt
Windows-Sicherungsprogramm 5.1 ({76EFFC7C-17A6-479D-9E47-8E658C1695AE})
version: 83951616
version (major): 5
version (minor): 1
install date: 20041031
uninstall cmd: MsiExec.exe /I{76EFFC7C-17A6-479D-9E47-8E658C1695AE}
publisher: Microsoft Corporation
help link: http://www.microsoft.com/management
DivX Pro 5.2.1 ({7B63B2922B174135AFC0E1377DD81EC2})
install location: C:\Programme\DivX
uninstall cmd: C:\Programme\DivX\DivXCodecUninstall.exe /CODEC
publisher: DivXNetworks, Inc.
DivX Player 2.5.5 ({8ADFC4160D694100B5B8A22DE9DCABD9})
install location: C:\Programme\DivX
uninstall cmd: C:\Programme\DivX\DivXPlayerUninstall.exe /PLAYER
publisher: DivXNetworks, Inc.
Musicmatch® Jukebox 9.00.0156 ({8EF1122E-E90C-4EE9-AB0C-7FDE2BA42C26})
version: 150995100
install location: C:\Programme\MUSICMATCH\MUSICMATCH Jukebox
uninstall cmd: RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{8EF1122E-E90C-4EE9-AB0C-7FDE2BA42C26}\setup.exe" -l0x7 -uninst
Microsoft Office Professional Edition 2003 11.0.5614.0 ({90110407-6000-11D3-8CFE-0150048383C9})
version: 184554990
version (major): 11
estimated size: 636406
install date: 20050808
install source: C:\MSOCache\All Users\90000407-6000-11D3-8CFE-0150048383C9\
uninstall cmd: MsiExec.exe /I{90110407-6000-11D3-8CFE-0150048383C9}
publisher: Microsoft Corporation
help link: http://www.microsoft.com/germany/support
readme: C:\Programme\Microsoft Office\OFFICE11\1031\OFREADME.HTM
REALTEK Gigabit and Fast Ethernet NIC Driver 1.10 ({94FB906A-CF42-4128-A509-D353026A607E})
install location: C:\Programme\REALTEK Semiconductor Corporation\REALTEK Gigabit and Fast Ethernet NIC Driver
uninstall cmd: RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{94FB906A-CF42-4128-A509-D353026A607E}\SETUP.EXE" -l0x7 REMOVE
publisher: REALTEK Semiconductor Corp.
comments: REALTEK Gigabit/Fast Ethernet NIC Driver Installation Utility
contact: nicfae@realtek.com.tw
help link: www.realtek.com.tw
Studio 9 9.0 ({9E491AB7-4589-48CA-9CBB-874CB2788391})
version: 150994944
version (major): 9
install location: C:\Programme\Pinnacle\Studio 9
uninstall cmd: RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{9E491AB7-4589-48CA-9CBB-874CB2788391}\Setup.exe" -l0x7 UNINSTALL
publisher: Pinnacle Systems
Microsoft Digital Image Library 9 - Blocker 9.00.0000 ({9F7FC79B-3059-4264-9450-39EB368E3225})
version: 150994944
version (major): 9
publisher: Microsoft Corporation
MSN Messenger 6.2 6.2.0133 ({ABEB838C-A1A7-4C5D-B7E1-8B4314600133})
version: 100794501
version (major): 6
version (minor): 2
estimated size: 5723
install date: 20041103
install source: C:\DOKUME~1\Besitzer\LOKALE~1\Temp\IXP000.TMP\
uninstall cmd: MsiExec.exe /I{ABEB838C-A1A7-4C5D-B7E1-8B4314600133}
publisher: Microsoft Corporation
Adobe Acrobat - Reader 6.0.2 Update 6.0.2 ({AC76BA86-0000-0000-0000-6028747ADE01})
version: 100663298
version (major): 6
estimated size: 5780
install date: 20041103
install source: C:\Programme\Adobe\{AC76BA86-0000-0000-7AC5-6028747ADE00}\
uninstall cmd: MsiExec.exe /I{AC76BA86-0000-0000-0000-6028747ADE01}
publisher: Adobe Systems
comments: Adobe Acrobat - Reader 6.0.2 Update
contact: Customer Support
help link: http://www.adobe.com/support/main.html
help telephone: 1-800-833-6687
Adobe Reader 6.0.1 - Deutsch 006.000.001 ({AC76BA86-7AD7-1031-7B44-A00000000001})
version: 100663297
version (major): 6
estimated size: 53490
install date: 20041103
install location: C:\Programme\Adobe\Acrobat 6.0\Reader\
install source: C:\WINDOWS\Cache\Adobe Reader 6.0.1\DEUBIG\
uninstall cmd: MsiExec.exe /I{AC76BA86-7AD7-1031-7B44-A00000000001}
publisher: Adobe Systems Incorporated
comments:
contact: Abteilung für Technischen Support
help link: http://www.adobe.de/support/main.html
help telephone:
readme: C:\Programme\Adobe\Acrobat 6.0\Reader\Readme.htm
Victoria ({AE7CB755-7C0B-4D11-8E5D-D6B6C1090A7B})
uninstall cmd: RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{AE7CB755-7C0B-4D11-8E5D-D6B6C1090A7B}\setup.exe" -l0x9
Microsoft Works 08.04.0702 ({B26E3B0D-C2FA-4370-B068-7C476766F029})
version: 134480574
version (major): 8
version (minor): 4
install date: 20041105
uninstall cmd: MsiExec.exe /I{B26E3B0D-C2FA-4370-B068-7C476766F029}
publisher: Microsoft Corporation
comments: Installieren von Microsoft Works 8.0.
help link: http://support.microsoft.com
help telephone:
PowerProducer ({B7A0CE06-068E-11D6-97FD-0050BACBF861})
uninstall cmd: RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{B7A0CE06-068E-11D6-97FD-0050BACBF861}\setup.exe" -uninstall
Works Update 8.0.0.0000 ({C438DF2B-C5DF-4783-9CA5-9B89E501FA62})
version: 134217728
version (major): 8
install date: 20041105
publisher: Microsoft Corporation
help link: http://www.microsoft.com/germany/
help telephone:
eTrust Antivirus Registration 1.0.2 ({C5223522-2B12-4522-B165-99EE6C88771E})
version: 16777218
version (major): 1
estimated size: 232
install date: 20041110
install source: E:\MedionInstaller\
uninstall cmd: MsiExec.exe /I{C5223522-2B12-4522-B165-99EE6C88771E}
publisher: Antivirus Offer
contact: Excid.com
Microsoft Works Suite-Add-Ins für Microsoft Word 8.0.0.0000 ({C6A12D9B-D86A-4ee6-B980-95E4B26A2E13})
version: 134217728
version (major): 8
install date: 20041105
uninstall cmd: MsiExec.exe /I{C6A12D9B-D86A-4ee6-B980-95E4B26A2E13}
publisher: Microsoft Corporation
help link: http://www.microsoft.com/germany/support/
help telephone:
PowerDirector ({CB099890-1D5F-11D5-9EA9-0050BAE317E1})
uninstall cmd: RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\setup.exe" -uninstall
Microsoft .NET Framework 1.1 1.1.4322 ({CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1})
version: 16847074
version (major): 1
version (minor): 1
estimated size: 60751
install date: 20050306
install source: C:\DOKUME~1\Besitzer\LOKALE~1\Temp\IXP000.TMP\
uninstall cmd: MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
publisher: Microsoft
readme: file://C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\1033\RepairRedist.htm
Java 2 Runtime Environment, SE v1.4.1 ({CD0159C9-17FB-11D6-A76A-00B0D079AF64})
uninstall cmd: RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{CD0159C9-17FB-11D6-A76A-00B0D079AF64}\Setup.exe" Anytext
WISO Sparbuch 2005 12.04.0000 ({CEFD7155-9C9A-4D20-8DEC-3961BBBB0001})
version: 201588736
install date: 20050518
install location: C:\Programme\WISO\Sparbuch 2005
install source: C:\DOKUME~1\Achim\LOKALE~1\Temp\bye3.tmp\Disk1\
uninstall cmd: RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{CEFD7155-9C9A-4D20-8DEC-3961BBBB0001}\setup.exe" -l0x7 -removeonly
publisher: Buhl Data Service GmbH
PhotoNow! 1.0 ({D36DD326-7280-11D8-97C8-000129760CBE})
uninstall cmd: RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{D36DD326-7280-11D8-97C8-000129760CBE}\setup.exe" -uninstall
MediaShow 3.0 ({D5A9B7C0-8751-11D8-9D75-000129760D75})
uninstall cmd: RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{D5A9B7C0-8751-11D8-9D75-000129760D75}\setup.exe" -uninstall
Microsoft .NET Framework 1.1 German Language Pack 1.1.4322 ({E78BFA60-5393-4C38-82AB-E8019E464EB4})
version: 16847074
version (major): 1
version (minor): 1
estimated size: 3090
install date: 20041031
install source: C:\DOKUME~1\Besitzer\LOKALE~1\Temp\IXP000.TMP\
uninstall cmd: MsiExec.exe /X{E78BFA60-5393-4C38-82AB-E8019E464EB4}
publisher: Microsoft
readme: file://C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\1031\RepairRedist.htm
RhinoCycle 1.10.0001 ({E7902053-F1AE-4115-B4B9-A0A6737D6434})
version: 17432577
version (major): 1
version (minor): 10
estimated size: 7228
install date: 20050405
install source: F:\
uninstall cmd: MsiExec.exe /I{E7902053-F1AE-4115-B4B9-A0A6737D6434}
publisher: Interacoustics A/S
comments: Your Comments
contact: ***IS_STRING_NOT_DEFINED***
help link: ***IS_STRING_NOT_DEFINED***
help telephone: ***IS_STRING_NOT_DEFINED***
McAfee VirusScan Enterprise 8.0.0 ({F0856D1B-11EE-4652-8174-EAF3D5AB6C66})
version: 134217728
version (major): 8
estimated size: 38929
install date: 20060120
install location: C:\Programme\Network Associates\VirusScan\
install source: C:\Programme\Network Associates\VirusScan\RepairCache\
uninstall cmd: MsiExec.exe /I{F0856D1B-11EE-4652-8174-EAF3D5AB6C66}
publisher: Network Associates
contact: Support
help link: https://mysupport.nai.com/redir/default.asp?pCode=VSE&sRef=app&sDest=FAQ
help telephone: +1 (408) 988-3832
Windows Media Connect 1.0.0.0 ({F6869CD2-3DB4-476D-A4C7-B3AE7C3ACF7B})
version: 16777216
version (major): 1
estimated size: 8378
install date: 20041031
install source: C:\WINDOWS\Installer\
uninstall cmd: MsiExec.exe /I{F6869CD2-3DB4-476D-A4C7-B3AE7C3ACF7B}
publisher: Microsoft Corporation
help link: http://go.microsoft.com/fwlink/?LinkId=9647
Realtek AC'97 Audio ({FB08F381-6533-4108-B7DD-039E11FBC27E})
uninstall cmd: RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\setup.exe" REMOVE
HighMAT-Erweiterung für den Microsoft Windows XP-Assistenten zum Schreiben von CDs 1.1.1905.1 ({FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F})
version: 16844657
version (major): 1
version (minor): 1
estimated size: 2190
install date: 20041031
install location: C:\Programme\HighMAT CD Writing Wizard\
install source: C:\WINDOWS\Downloaded Installations\{355F3371-D168-4E3D-8E69-6316E174FFCC}\
uninstall cmd: MsiExec.exe /X{FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F}
publisher: Microsoft Corporation
readme: C:\Programme\HighMAT CD Writing Wizard\1031\\HighMAT_readme.htm
EWIDO:
---------------------------------------------------------
ewido anti-malware - Scan Report
---------------------------------------------------------
+ Erstellt am: 16:47:57, 24.01.2006
+ Report-Checksumme: 4278888E
+ Scanergebnis:
Keine infizierten Objekte gefunden.
::Report Ende
Any help is highly appreciated!
LonnyRJones
2006-01-27, 18:13
Hi Shakey
Tell us of any current problems and make , post a fresh hiajckthis log please
This topic will now be archived to prevent others with similar issues posting in it.
If you have not resolved the problem, please send me a pm to re-open the thread and provide a link to the topic.