View Full Version : Malaware Problem
maksimino
2006-07-22, 21:56
Hi guys, my PC was infected by malaware and the pop-ups on my taskbar is annoying. please help in fixing this problem. I did run my anti virus and number of anti-spywares but to no avail, problem still stays. Also read some previous threads and most of them you guys require hjt log. already did that and below is the datalog. kindly help what's the next step. thanks so much!!!
******************************************
Logfile of HijackThis v1.99.1
Scan saved at 1:27:00 AM, on 7/23/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\System32\PAStiSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\issearch.exe
C:\WINDOWS\system32\isnotify.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\D-Link\AirPlus XtremeG\AirPlusCFG.exe
C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Computer Alarm Clock\cac.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\VoipDiscount.com\VoipDiscount\VoipDiscount.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Webshots\webshots.scr
C:\WINDOWS\system32\wuauclt.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\hijackthis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customize/ycomp/defaults/sb/*http://www.yahoo.com/search/ie.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/customize/ycomp/defaults/sp/*http://www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/?.home=ytie
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?.home=ytie
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr7/*http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr7/*http://www.yahoo.com/ext/search/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr7/*http://www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/?.home=ytie
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/ycomp/defaults/su/*http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = cmlproxy.cspi.cypress.com:8080
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.cypress.com;<local>
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: IeCatch5 Class - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\PROGRA~1\FLASHGET\jccatch.dll
O2 - BHO: bho2gr Class - {31FF080D-12A3-439A-A2EF-4BA95A3148E8} - C:\Program Files\GetRight\xx2gr.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: (no name) - {873eb32d-ae1a-4183-89bd-45a77f761be4} - C:\WINDOWS\system32\ixt0.dll
O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~1\FlashFXP\IEFlash.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FLASHGET\fgiebar.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [D-Link AirPlus XtremeG] C:\Program Files\D-Link\AirPlus XtremeG\AirPlusCFG.exe
O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Computer Alarm Clock] C:\Program Files\Computer Alarm Clock\cac.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [VoipDiscount] "C:\Program Files\VoipDiscount.com\VoipDiscount\VoipDiscount.exe" -nosplash -minimized
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Atpu] "C:\WINDOWS\system32\SSEMBL~1\lsass.exe" -vt yazb
O4 - Startup: Webshots.lnk = C:\Program Files\Webshots\Launcher.exe
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Download All by FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: Download All with FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: Download using FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: Download with FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: Download with GetRight - C:\Program Files\GetRight\GRdownload.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Open with GetRight Browser - C:\Program Files\GetRight\GRbrowse.htm
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FLASHGET\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FLASHGET\flashget.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{24CB8CA3-A15D-4074-8B65-AD87719DF0E0}: NameServer = 203.144.207.49,203.144.207.29
O17 - HKLM\System\CCS\Services\Tcpip\..\{C7400326-81B0-460F-8FC5-321B64FB9D80}: NameServer = 203.144.207.49,203.144.207.29
O17 - HKLM\System\CS1\Services\Tcpip\..\{24CB8CA3-A15D-4074-8B65-AD87719DF0E0}: NameServer = 203.144.207.49,203.144.207.29
O17 - HKLM\System\CS2\Services\Tcpip\..\{24CB8CA3-A15D-4074-8B65-AD87719DF0E0}: NameServer = 203.144.207.49,203.144.207.29
O21 - SSODL: cinnamomum - {93ac7c30-3878-4eaa-9420-7977285df5b1} - (no file)
O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Alpha Networks Inc. - C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe" -k runservice (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe
pskelley
2006-07-23, 03:41
Hello and welcome to the forum. Follow the instructions in this link:
http://forums.spybot.info/showthread.php?t=4015
Copy/paste those three logs at the end of the instructions in this same topic. I will be notified and respond as soon as possible to see if there is more to do.
Thanks...pskelley
Safer Networking Forums
In case you want to express your thoughts about the lowlifes that commit this fraud, here is where you can do it:
If you have been infected by one of the SpyAxe family
http://forums.tomcoyote.org/index.php?showtopic=58063
http://www.malwarecomplaints.info/
maksimino
2006-07-23, 06:48
SmitFraudFix v2.74
Scan done at 9:56:47.50, Sun 07/23/2006
Run from C:\Documents and Settings\Administrator\Desktop\SmitfraudFix\SmitfraudFix
OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT
Fix ran in safe mode
»»»»»»»»»»»»»»»»»»»»»»»» Before SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
»»»»»»»»»»»»»»»»»»»»»»»» Killing process
»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix
GenericRenosFix by S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» Deleting infected files
»»»»»»»»»»»»»»»»»»»»»»»» Deleting Temp Files
»»»»»»»»»»»»»»»»»»»»»»»» Registry Cleaning
Registry Cleaning done.
»»»»»»»»»»»»»»»»»»»»»»»» After SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
»»»»»»»»»»»»»»»»»»»»»»»» End
maksimino
2006-07-23, 06:48
---------------------------------------------------------
ewido anti-spyware - Scan Report
---------------------------------------------------------
+ Created at: 2:11:08 AM 7/23/2006
+ Scan result:
C:\System Volume Information\_restore{1B30B6C4-C819-453F-A41D-018BD452D365}\RP150\A0050551.exe -> Adware.SaveNow : No action taken.
C:\System Volume Information\_restore{1B30B6C4-C819-453F-A41D-018BD452D365}\RP150\A0050549.exe -> Downloader.Zlob.zx : No action taken.
D:\System Volume Information\_restore{1B30B6C4-C819-453F-A41D-018BD452D365}\RP150\A0050550.exe -> Dropper.Agent.asl : No action taken.
C:\New Folder\Old Games\Folder\allure.zip/Allure.exe -> Not-A-Virus.BadJoke.Win32.CloseMouse : No action taken.
C:\New Folder\Old Games\Folder\CLick mE.exe -> Not-A-Virus.BadJoke.Win32.Delf.h : No action taken.
C:\New Folder\Old Games\Folder\CLick mE.zip/CLick mE.exe -> Not-A-Virus.BadJoke.Win32.Delf.h : No action taken.
C:\Documents and Settings\Administrator\Local Settings\Temp\temp.fr34F7 -> Not-A-Virus.Hoax.Win32.Renos.dw : No action taken.
C:\System Volume Information\_restore{1B30B6C4-C819-453F-A41D-018BD452D365}\RP150\A0049534.dll -> Not-A-Virus.Hoax.Win32.Renos.dw : No action taken.
C:\WINDOWS\system32\components\flx5.dll -> Not-A-Virus.Hoax.Win32.Renos.dw : No action taken.
:mozilla.18:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mhxsjk4y.default\cookies.txt -> TrackingCookie.Atdmt : No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\run\\kernel32.dll -> Trojan.Small : No action taken.
::Report end
maksimino
2006-07-23, 06:52
--- Search result list ---
Congratulations!: No immediate threats were found. ()
--- Spybot - Search & Destroy version: 1.4 (build: 20050523) ---
2006-07-01 unins000.exe (51.41.0.0)
2005-05-31 blindman.exe (1.0.0.1)
2005-05-31 SpybotSD.exe (1.4.0.3)
2005-05-31 TeaTimer.exe (1.4.0.2)
2005-05-31 Update.exe (1.4.0.0)
2005-05-31 aports.dll (2.1.0.0)
2005-05-31 borlndmm.dll (7.0.4.453)
2005-05-31 delphimm.dll (7.0.4.453)
2005-05-31 SDHelper.dll (1.4.0.0)
2005-05-31 UnzDll.dll (1.73.1.1)
2005-05-31 ZipDll.dll (1.73.2.0)
2006-02-06 advcheck.dll (1.0.2.0)
2006-02-20 Tools.dll (2.0.0.2)
2006-07-21 Includes\Cookies.sbi (*)
2006-07-21 Includes\Dialer.sbi (*)
2006-07-21 Includes\Hijackers.sbi (*)
2006-07-21 Includes\Keyloggers.sbi (*)
2006-07-21 Includes\Malware.sbi (*)
2006-07-21 Includes\Revision.sbi (*)
2006-07-21 Includes\Security.sbi (*)
2006-07-21 Includes\Spybots.sbi (*)
2006-07-21 Includes\Trojans.sbi (*)
2005-02-17 Includes\Tracks.uti
2006-07-21 Includes\PUPS.sbi (*)
--- System information ---
Windows XP (Build: 2600) Service Pack 2
/ Windows Media Player 10: Security Update for Windows Media Player 10 (KB911565)
/ Windows XP / SP3: Windows XP Hotfix - KB873339
/ Windows XP / SP3: Windows XP Hotfix - KB885250
/ Windows XP / SP3: Windows XP Hotfix - KB885835
/ Windows XP / SP3: Windows XP Hotfix - KB885836
/ Windows XP / SP3: Windows XP Hotfix - KB885884
/ Windows XP / SP3: Windows XP Hotfix - KB886185
/ Windows XP / SP3: Windows XP Hotfix - KB887472
/ Windows XP / SP3: Windows XP Hotfix - KB887742
/ Windows XP / SP3: Windows XP Hotfix - KB888113
/ Windows XP / SP3: Windows XP Hotfix - KB888302
/ Windows XP / SP3: Security Update for Windows XP (KB890046)
/ Windows XP / SP3: Windows XP Hotfix - KB890859
/ Windows XP / SP3: Windows XP Hotfix - KB891781
/ Windows XP / SP3: Security Update for Windows XP (KB893756)
/ Windows XP / SP3: Windows Installer 3.1 (KB893803)
/ Windows XP / SP3: Update for Windows XP (KB894391)
/ Windows XP / SP3: Security Update for Windows XP (KB896358)
/ Windows XP / SP3: Security Update for Windows XP (KB896422)
/ Windows XP / SP3: Security Update for Windows XP (KB896423)
/ Windows XP / SP3: Security Update for Windows XP (KB896424)
/ Windows XP / SP3: Security Update for Windows XP (KB896428)
/ Windows XP / SP3: Update for Windows XP (KB898461)
/ Windows XP / SP3: Security Update for Windows XP (KB899587)
/ Windows XP / SP3: Security Update for Windows XP (KB899589)
/ Windows XP / SP3: Security Update for Windows XP (KB899591)
/ Windows XP / SP3: Update for Windows XP (KB900485)
/ Windows XP / SP3: Security Update for Windows XP (KB900725)
/ Windows XP / SP3: Security Update for Windows XP (KB901017)
/ Windows XP / SP3: Security Update for Windows XP (KB901190)
/ Windows XP / SP3: Security Update for Windows XP (KB901214)
/ Windows XP / SP3: Security Update for Windows XP (KB902400)
/ Windows XP / SP3: Security Update for Windows XP (KB904706)
/ Windows XP / SP3: Security Update for Windows XP (KB905414)
/ Windows XP / SP3: Security Update for Windows XP (KB905749)
/ Windows XP / SP3: Security Update for Windows XP (KB905915)
/ Windows XP / SP3: Security Update for Windows XP (KB908519)
/ Windows XP / SP3: Security Update for Windows XP (KB908531)
/ Windows XP / SP3: Update for Windows XP (KB910437)
/ Windows XP / SP3: Security Update for Windows XP (KB911562)
/ Windows XP / SP3: Security Update for Windows XP (KB911567)
/ Windows XP / SP3: Security Update for Windows XP (KB911927)
/ Windows XP / SP3: Security Update for Windows XP (KB912812)
/ Windows XP / SP3: Security Update for Windows XP (KB912919)
/ Windows XP / SP3: Security Update for Windows XP (KB913446)
--- Startup entries list ---
Located: HK_LM:Run, !ewido
command: "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
file: C:\Program Files\ewido anti-spyware 4.0\ewido.exe
size: 6283264
MD5: 10c40f37ac87a18f624143d4fe6e8dec
Located: HK_LM:Run, ANIWZCS2Service
command: C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
file: C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
size: 49152
MD5: 2e72d7c07f48a8fba76241a43b19e3bf
Located: HK_LM:Run, avast!
command: C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
file: C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
size: 108160
MD5: 9c4db1f201c975b65fc4a83d4099a70e
Located: HK_LM:Run, Computer Alarm Clock
command: C:\Program Files\Computer Alarm Clock\cac.exe
file: C:\Program Files\Computer Alarm Clock\cac.exe
size: 694784
MD5: 97b24c285da2d4f9fc33b3c3acdfa120
Located: HK_LM:Run, D-Link AirPlus XtremeG
command: C:\Program Files\D-Link\AirPlus XtremeG\AirPlusCFG.exe
file: C:\Program Files\D-Link\AirPlus XtremeG\AirPlusCFG.exe
size: 1294336
MD5: eb4a872f35abf27b598a2d0cb4226a44
Located: HK_LM:Run, iTunesHelper
command: "C:\Program Files\iTunes\iTunesHelper.exe"
file: C:\Program Files\iTunes\iTunesHelper.exe
size: 278528
MD5: 00d20b701816bdd2cc2445e6c388ef70
Located: HK_LM:Run, QuickTime Task
command: "C:\Program Files\QuickTime\qttask.exe" -atboottime
file: C:\Program Files\QuickTime\qttask.exe
size: 282624
MD5: 383145864f6543c97a7e1b78505d2f1c
Located: HK_LM:Run, SoundMan
command: SOUNDMAN.EXE
file: C:\WINDOWS\SOUNDMAN.EXE
size: 77824
MD5: fbef9f9c97b6b93e2041e65d3cd81c9c
Located: HK_CU:Run, Atpu
command: "C:\WINDOWS\system32\SSEMBL~1\lsass.exe" -vt yazb
file:
Located: HK_CU:Run, ctfmon.exe
command: C:\WINDOWS\system32\ctfmon.exe
file: C:\WINDOWS\system32\ctfmon.exe
size: 15360
MD5: 24232996a38c0b0cf151c2140ae29fc8
Located: HK_CU:Run, Skype
command: "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
file: C:\Program Files\Skype\Phone\Skype.exe
size: 18577448
MD5: a30cf423ae0c6dbcd97c34efa3a88c29
Located: HK_CU:Run, VoipDiscount
command: "C:\Program Files\VoipDiscount.com\VoipDiscount\VoipDiscount.exe" -nosplash -minimized
file: C:\Program Files\VoipDiscount.com\VoipDiscount\VoipDiscount.exe
size: 5666368
MD5: cf2c45e4bcef9c304bf482029ede59f5
Located: HK_CU:Run, Yahoo! Pager
command: "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
file: C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE
size: 3334144
MD5: e9181dd46f01a3936523ae46a264dd62
Located: Startup (user), Webshots.lnk
command: C:\Program Files\Webshots\Launcher.exe
file: C:\Program Files\Webshots\Launcher.exe
size: 45056
MD5: b66f9f77dacea6dae5e799b03ec1cabc
Located: Startup (disabled), Adobe Reader Speed Launch (DISABLED)
command: C:\PROGRA~1\Adobe\ACROBA~2.0\Reader\READER~1.EXE
file: C:\PROGRA~1\Adobe\ACROBA~2.0\Reader\READER~1.EXE
size: 29696
MD5: 43362b96870ce8649f4f2ec893da93f0
Located: Startup (disabled), GetRight - Tray Icon (DISABLED)
command: C:\PROGRA~1\GetRight\getright.exe
file: C:\PROGRA~1\GetRight\getright.exe
size: 2215936
MD5: 2982c2f0ceb62033e075cf992c80406e
Located: Startup (disabled), Microsoft Office (DISABLED)
command: C:\PROGRA~1\MICROS~2\Office10\OSA.EXE -b -l
file:
Located: Startup (disabled), WinZip Quick Pick (DISABLED)
command: C:\PROGRA~1\WinZip\WZQKPICK.EXE
file: C:\PROGRA~1\WinZip\WZQKPICK.EXE
size: 118784
MD5: 67b2e7b6ae3b400d832f0456068ea83d
Located: System.ini, AtiExtEvent
command: Ati2evxx.dll
file: Ati2evxx.dll
Located: System.ini, crypt32chain
command: crypt32.dll
file: crypt32.dll
Located: System.ini, cryptnet
command: cryptnet.dll
file: cryptnet.dll
Located: System.ini, cscdll
command: cscdll.dll
file: cscdll.dll
Located: System.ini, ScCertProp
command: wlnotify.dll
file: wlnotify.dll
Located: System.ini, Schedule
command: wlnotify.dll
file: wlnotify.dll
Located: System.ini, sclgntfy
command: sclgntfy.dll
file: sclgntfy.dll
Located: System.ini, SensLogn
command: WlNotify.dll
file: WlNotify.dll
Located: System.ini, termsrv
command: wlnotify.dll
file: wlnotify.dll
Located: System.ini, wlballoon
command: wlnotify.dll
file: wlnotify.dll
--- Browser helper object list ---
{02478D38-C3F9-4EFB-9B51-7695ECA05670} (Yahoo! Toolbar Helper)
BHO name:
CLSID name: Yahoo! Toolbar Helper
description: Yahoo Companion!
classification: Legitimate
known filename: Ycomp*_*_*_*.dll
info link: http://companion.yahoo.com/
info source: TonyKlein
Path: C:\Program Files\Yahoo!\Companion\Installs\cpn0\
Long name: yt.dll
Short name:
Date (created): 5/2/2006 7:30:00 PM
Date (last access): 7/23/2006
Date (last write): 4/17/2006 7:37:20 PM
Filesize: 438848
Attributes: archive
MD5: 833B12490D0627D4262EDB84D2F45B8B
CRC32: 730828A3
Version: 2006.4.17.1
{2F364306-AA45-47B5-9F9D-39A8B94E7EF7} (IeCatch5 Class)
BHO name:
CLSID name: IeCatch5 Class
Path: C:\PROGRA~1\FLASHGET\
Long name: Jccatch.dll
Short name: JCCATCH.DLL
Date (created): 7/22/2006 9:51:32 PM
Date (last access): 7/23/2006
Date (last write): 5/16/2006 3:19:42 PM
Filesize: 81920
Attributes: archive
MD5: 8AB453E6168A5FEDFDDF44BC13F42E70
CRC32: 47363548
Version: 1.1.5.0
{31FF080D-12A3-439A-A2EF-4BA95A3148E8} (bho2gr Class)
BHO name:
CLSID name: bho2gr Class
description: GetRight
classification: Legitimate
known filename: msie2gr.dll
info link: http://www.getright.com/
info source: TonyKlein
Path: C:\Program Files\GetRight\
Long name: xx2gr.dll
Short name:
Date (created): 3/7/2006 8:14:54 PM
Date (last access): 7/23/2006
Date (last write): 12/6/2004 1:48:02 PM
Filesize: 233472
Attributes: archive
MD5: 23380D8A570B3C81E749327DED630F68
CRC32: 1EE4A4B6
Version: 5.2.0.3
{53707962-6F74-2D53-2644-206D7942484F} ()
BHO name:
CLSID name:
description: Spybot-S&D IE Browser plugin
classification: Legitimate
known filename: SDhelper.dll
info link: http://spybot.eon.net.au/
info source: Patrick M. Kolla
Path: C:\PROGRA~1\SPYBOT~1\
Long name: SDHelper.dll
Short name: SDHELPER.DLL
Date (created): 7/1/2006 11:04:10 PM
Date (last access): 7/23/2006
Date (last write): 5/31/2005 1:04:00 AM
Filesize: 853672
Attributes: archive
MD5: 250D787A5712D7768DDC133B3E477759
CRC32: D4589A41
Version: 1.4.0.0
{5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} (Yahoo! IE Services Button)
BHO name:
CLSID name: Yahoo! IE Services Button
Path: C:\Program Files\Yahoo!\Common\
Long name: yiesrvc.dll
Short name:
Date (created): 4/3/2006 10:09:04 PM
Date (last access): 7/23/2006
Date (last write): 1/6/2006 11:52:14 AM
Filesize: 181752
Attributes: archive
MD5: 90AAE04C4C2F05981FB7BF24E70AC0AA
CRC32: F7878D4F
Version: 2006.1.5.1
{E5A1691B-D188-4419-AD02-90002030B8EE} (FlashFXP Helper for Internet Explorer)
BHO name:
CLSID name: FlashFXP Helper for Internet Explorer
Path: C:\PROGRA~1\FlashFXP\
Long name: IEFlash.dll
Short name: IEFLASH.DLL
Date (created): 5/4/2005 12:46:46 PM
Date (last access): 7/23/2006
Date (last write): 5/4/2005 12:46:46 PM
Filesize: 191096
Attributes: archive
MD5: DEF399BD3D07FFF1E22CE791A965F0FA
CRC32: 77F168B8
Version: 3.0.0.1015
--- ActiveX list ---
{30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class)
DPF name:
CLSID name: YInstStarter Class
Installer: C:\Program Files\Yahoo!\Common\yinst.inf
Codebase: C:\Program Files\Yahoo!\Common\yinsthelper.dll
description: Yahoo! Installation helper
classification: Legitimate
known filename: %SystemRoot%\Downloaded Program Files\yinsthelper.dll
info link:
info source: Patrick M. Kolla
Path: C:\Program Files\Yahoo!\Common\
Long name: yinsthelper.dll
Short name: YINSTH~1.DLL
Date (created): 4/3/2006 10:09:04 PM
Date (last access): 6/3/2006
Date (last write): 11/7/2004 3:29:46 PM
Filesize: 173168
Attributes: archive
MD5: 4C0658E518FA9D08E884DB717A7087AE
CRC32: FFDA1549
Version: 2004.11.7.1
--- Process list ---
PID: 0 ( 0) [System]
PID: 140 ( 4) \SystemRoot\System32\smss.exe
PID: 192 ( 140) \??\C:\WINDOWS\system32\csrss.exe
PID: 216 ( 140) \??\C:\WINDOWS\system32\winlogon.exe
PID: 260 ( 216) C:\WINDOWS\system32\services.exe
size: 108032
MD5: C6CE6EEC82F187615D1002BB3BB50ED4
PID: 272 ( 216) C:\WINDOWS\system32\lsass.exe
size: 13312
MD5: 84885F9B82F4D55C6146EBF6065D75D2
PID: 408 ( 260) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 464 ( 260) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 504 ( 260) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 768 ( 752) C:\WINDOWS\Explorer.EXE
size: 1032192
MD5: A0732187050030AE399B241436565E64
PID: 1032 ( 768) C:\Program Files\ewido anti-spyware 4.0\ewido.exe
size: 6283264
MD5: 10C40F37AC87A18F624143D4FE6E8DEC
PID: 656 ( 768) C:\WINDOWS\system32\NOTEPAD.EXE
size: 69120
MD5: 388B8FBC36A8558587AFC90FB23A3B99
PID: 732 ( 768) C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
size: 4393096
MD5: 09CA174A605B480318731E691DC98539
PID: 4 ( 0) System
maksimino
2006-07-23, 07:01
SPYBOT con't.........
--- Browser start & search pages list ---
Spybot - Search & Destroy browser pages report, 7/23/2006 10:32:27 AM
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Local Page
C:\windows\system32\blank.htm
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Page
http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Start Page
http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Default_Search_URL
http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl\@
http://home.microsoft.com/access/autosearch.asp?p=%s
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Local Page
C:\windows\system32\blank.htm
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Search Page
http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Start Page
http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Page_URL
http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Search_URL
http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\SearchAssistant
http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\CustomizeSearch
http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
--- Winsock Layered Service Provider list ---
Protocol 0: NVIDIA App Filter over [MSAFD Tcpip [TCP/IP]]
GUID: {90191D0F-07AB-4B1B-9A90-FDE9D5CFC179}
Filename: %SYSTEMROOT%\system32\nvappfilter.dll
Protocol 1: NVIDIA App Filter over [MSAFD Tcpip [UDP/IP]]
GUID: {90191D0F-07AB-4B1B-9A90-FDE9D5CFC179}
Filename: %SYSTEMROOT%\system32\nvappfilter.dll
Protocol 2: NVIDIA App Filter over [MSAFD Tcpip [RAW/IP]]
GUID: {90191D0F-07AB-4B1B-9A90-FDE9D5CFC179}
Filename: %SYSTEMROOT%\system32\nvappfilter.dll
Protocol 3: NVIDIA App Filter over [RSVP UDP Service Provider]
GUID: {90191D0F-07AB-4B1B-9A90-FDE9D5CFC179}
Filename: %SYSTEMROOT%\system32\nvappfilter.dll
Protocol 4: NVIDIA App Filter over [RSVP TCP Service Provider]
GUID: {90191D0F-07AB-4B1B-9A90-FDE9D5CFC179}
Filename: %SYSTEMROOT%\system32\nvappfilter.dll
Protocol 5: NVIDIA App Filter over [MSAFD Tcpip [TCP/IPv6]]
GUID: {90191D0F-07AB-4B1B-9A90-FDE9D5CFC179}
Filename: %SYSTEMROOT%\system32\nvappfilter.dll
Protocol 6: NVIDIA App Filter over [MSAFD Tcpip [UDP/IPv6]]
GUID: {90191D0F-07AB-4B1B-9A90-FDE9D5CFC179}
Filename: %SYSTEMROOT%\system32\nvappfilter.dll
Protocol 7: NVIDIA App Filter over [MSAFD Tcpip [RAW/IPv6]]
GUID: {90191D0F-07AB-4B1B-9A90-FDE9D5CFC179}
Filename: %SYSTEMROOT%\system32\nvappfilter.dll
Protocol 8: NVIDIA App Filter over [MSAFD NetBIOS [\Device\NetBT_Tcpip6_{C7400326-81B0-460F-8FC5-321B64FB9D80}] SEQPACKET 6]
GUID: {90191D0F-07AB-4B1B-9A90-FDE9D5CFC179}
Filename: %SYSTEMROOT%\system32\nvappfilter.dll
Protocol 9: NVIDIA App Filter over [MSAFD NetBIOS [\Device\NetBT_Tcpip6_{C7400326-81B0-460F-8FC5-321B64FB9D80}] DATAGRAM 6]
GUID: {90191D0F-07AB-4B1B-9A90-FDE9D5CFC179}
Filename: %SYSTEMROOT%\system32\nvappfilter.dll
Protocol 10: NVIDIA App Filter over [MSAFD NetBIOS [\Device\NetBT_Tcpip6_{24CB8CA3-A15D-4074-8B65-AD87719DF0E0}] SEQPACKET 8]
GUID: {90191D0F-07AB-4B1B-9A90-FDE9D5CFC179}
Filename: %SYSTEMROOT%\system32\nvappfilter.dll
Protocol 11: NVIDIA App Filter over [MSAFD NetBIOS [\Device\NetBT_Tcpip6_{24CB8CA3-A15D-4074-8B65-AD87719DF0E0}] DATAGRAM 8]
GUID: {90191D0F-07AB-4B1B-9A90-FDE9D5CFC179}
Filename: %SYSTEMROOT%\system32\nvappfilter.dll
Protocol 12: NVIDIA App Filter over [MSAFD NetBIOS [\Device\NetBT_Tcpip6_{48B6E13F-B534-4056-92DD-708525CA8298}] SEQPACKET 10]
GUID: {90191D0F-07AB-4B1B-9A90-FDE9D5CFC179}
Filename: %SYSTEMROOT%\system32\nvappfilter.dll
Protocol 13: NVIDIA App Filter over [MSAFD NetBIOS [\Device\NetBT_Tcpip6_{48B6E13F-B534-4056-92DD-708525CA8298}] DATAGRAM 10]
GUID: {90191D0F-07AB-4B1B-9A90-FDE9D5CFC179}
Filename: %SYSTEMROOT%\system32\nvappfilter.dll
Protocol 14: NVIDIA App Filter over [MSAFD NetBIOS [\Device\NetBT_Tcpip6_{A194D758-A2F5-4181-B3C4-06DB2EE5F1B4}] SEQPACKET 11]
GUID: {90191D0F-07AB-4B1B-9A90-FDE9D5CFC179}
Filename: %SYSTEMROOT%\system32\nvappfilter.dll
Protocol 15: NVIDIA App Filter over [MSAFD NetBIOS [\Device\NetBT_Tcpip6_{A194D758-A2F5-4181-B3C4-06DB2EE5F1B4}] DATAGRAM 11]
GUID: {90191D0F-07AB-4B1B-9A90-FDE9D5CFC179}
Filename: %SYSTEMROOT%\system32\nvappfilter.dll
Protocol 16: NVIDIA App Filter over [MSAFD NetBIOS [\Device\NetBT_Tcpip_{C7400326-81B0-460F-8FC5-321B64FB9D80}] SEQPACKET 9]
GUID: {90191D0F-07AB-4B1B-9A90-FDE9D5CFC179}
Filename: %SYSTEMROOT%\system32\nvappfilter.dll
Protocol 17: NVIDIA App Filter over [MSAFD NetBIOS [\Device\NetBT_Tcpip_{C7400326-81B0-460F-8FC5-321B64FB9D80}] DATAGRAM 9]
GUID: {90191D0F-07AB-4B1B-9A90-FDE9D5CFC179}
Filename: %SYSTEMROOT%\system32\nvappfilter.dll
Protocol 18: NVIDIA App Filter over [MSAFD NetBIOS [\Device\NetBT_Tcpip_{65805F32-F3A4-405F-8B8B-4FFFC4951341}] SEQPACKET 14]
GUID: {90191D0F-07AB-4B1B-9A90-FDE9D5CFC179}
Filename: %SYSTEMROOT%\system32\nvappfilter.dll
Protocol 19: NVIDIA App Filter over [MSAFD NetBIOS [\Device\NetBT_Tcpip_{65805F32-F3A4-405F-8B8B-4FFFC4951341}] DATAGRAM 14]
GUID: {90191D0F-07AB-4B1B-9A90-FDE9D5CFC179}
Filename: %SYSTEMROOT%\system32\nvappfilter.dll
Protocol 20: NVIDIA App Filter over [MSAFD NetBIOS [\Device\NetBT_Tcpip_{48B6E13F-B534-4056-92DD-708525CA8298}] SEQPACKET 7]
GUID: {90191D0F-07AB-4B1B-9A90-FDE9D5CFC179}
Filename: %SYSTEMROOT%\system32\nvappfilter.dll
Protocol 21: NVIDIA App Filter over [MSAFD NetBIOS [\Device\NetBT_Tcpip_{48B6E13F-B534-4056-92DD-708525CA8298}] DATAGRAM 7]
GUID: {90191D0F-07AB-4B1B-9A90-FDE9D5CFC179}
Filename: %SYSTEMROOT%\system32\nvappfilter.dll
Protocol 22: NVIDIA App Filter over [MSAFD NetBIOS [\Device\NetBT_Tcpip_{24CB8CA3-A15D-4074-8B65-AD87719DF0E0}] SEQPACKET 3]
GUID: {90191D0F-07AB-4B1B-9A90-FDE9D5CFC179}
Filename: %SYSTEMROOT%\system32\nvappfilter.dll
Protocol 23: NVIDIA App Filter over [MSAFD NetBIOS [\Device\NetBT_Tcpip_{24CB8CA3-A15D-4074-8B65-AD87719DF0E0}] DATAGRAM 3]
GUID: {90191D0F-07AB-4B1B-9A90-FDE9D5CFC179}
Filename: %SYSTEMROOT%\system32\nvappfilter.dll
Protocol 24: NVIDIA App Filter over [MSAFD NetBIOS [\Device\NetBT_Tcpip_{74BBA91B-26F3-4EF4-ABAF-1AA5C72FBAB6}] SEQPACKET 0]
GUID: {90191D0F-07AB-4B1B-9A90-FDE9D5CFC179}
Filename: %SYSTEMROOT%\system32\nvappfilter.dll
Protocol 25: NVIDIA App Filter over [MSAFD NetBIOS [\Device\NetBT_Tcpip_{74BBA91B-26F3-4EF4-ABAF-1AA5C72FBAB6}] DATAGRAM 0]
GUID: {90191D0F-07AB-4B1B-9A90-FDE9D5CFC179}
Filename: %SYSTEMROOT%\system32\nvappfilter.dll
Protocol 26: NVIDIA App Filter over [MSAFD NetBIOS [\Device\NetBT_Tcpip_{C9807E7E-CD62-4284-AD0E-20CF708DB8E3}] SEQPACKET 1]
GUID: {90191D0F-07AB-4B1B-9A90-FDE9D5CFC179}
Filename: %SYSTEMROOT%\system32\nvappfilter.dll
Protocol 27: NVIDIA App Filter over [MSAFD NetBIOS [\Device\NetBT_Tcpip_{C9807E7E-CD62-4284-AD0E-20CF708DB8E3}] DATAGRAM 1]
GUID: {90191D0F-07AB-4B1B-9A90-FDE9D5CFC179}
Filename: %SYSTEMROOT%\system32\nvappfilter.dll
Protocol 28: NVIDIA App Filter over [MSAFD NetBIOS [\Device\NetBT_Tcpip_{DFCF18E6-CD71-48F3-A113-8D50AA761A8D}] SEQPACKET 2]
GUID: {90191D0F-07AB-4B1B-9A90-FDE9D5CFC179}
Filename: %SYSTEMROOT%\system32\nvappfilter.dll
Protocol 29: NVIDIA App Filter over [MSAFD NetBIOS [\Device\NetBT_Tcpip_{DFCF18E6-CD71-48F3-A113-8D50AA761A8D}] DATAGRAM 2]
GUID: {90191D0F-07AB-4B1B-9A90-FDE9D5CFC179}
Filename: %SYSTEMROOT%\system32\nvappfilter.dll
Protocol 30: NVIDIA App Filter over [MSAFD NetBIOS [\Device\NetBT_Tcpip_{9A94560B-8DB6-4CE0-B5AB-DB9DBFA29D04}] SEQPACKET 4]
GUID: {90191D0F-07AB-4B1B-9A90-FDE9D5CFC179}
Filename: %SYSTEMROOT%\system32\nvappfilter.dll
Protocol 31: NVIDIA App Filter over [MSAFD NetBIOS [\Device\NetBT_Tcpip_{9A94560B-8DB6-4CE0-B5AB-DB9DBFA29D04}] DATAGRAM 4]
GUID: {90191D0F-07AB-4B1B-9A90-FDE9D5CFC179}
Filename: %SYSTEMROOT%\system32\nvappfilter.dll
Protocol 32: NVIDIA App Filter over [MSAFD NetBIOS [\Device\NetBT_Tcpip_{551D8E3A-079A-43FF-9761-9165A81EFE1F}] SEQPACKET 5]
GUID: {90191D0F-07AB-4B1B-9A90-FDE9D5CFC179}
Filename: %SYSTEMROOT%\system32\nvappfilter.dll
Protocol 33: NVIDIA App Filter over [MSAFD NetBIOS [\Device\NetBT_Tcpip_{551D8E3A-079A-43FF-9761-9165A81EFE1F}] DATAGRAM 5]
GUID: {90191D0F-07AB-4B1B-9A90-FDE9D5CFC179}
Filename: %SYSTEMROOT%\system32\nvappfilter.dll
Protocol 34: MSAFD Tcpip [TCP/IP]
GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IP protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip
Protocol 35: MSAFD Tcpip [UDP/IP]
GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IP protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip
Protocol 36: MSAFD Tcpip [RAW/IP]
GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IP protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip
Protocol 37: RSVP UDP Service Provider
GUID: {9D60A9E0-337A-11D0-BD88-0000C082E69A}
Filename: %SystemRoot%\system32\rsvpsp.dll
Description: Microsoft Windows NT/2k/XP RVSP
DB filename: %SystemRoot%\system32\rsvpsp.dll
DB protocol: RSVP * Service Provider
Protocol 38: RSVP TCP Service Provider
GUID: {9D60A9E0-337A-11D0-BD88-0000C082E69A}
Filename: %SystemRoot%\system32\rsvpsp.dll
Description: Microsoft Windows NT/2k/XP RVSP
DB filename: %SystemRoot%\system32\rsvpsp.dll
DB protocol: RSVP * Service Provider
Protocol 39: MSAFD Tcpip [TCP/IPv6]
GUID: {F9EAB0C0-26D4-11D0-BBBF-00AA006C34E4}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IPv6 protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip
Protocol 40: MSAFD Tcpip [UDP/IPv6]
GUID: {F9EAB0C0-26D4-11D0-BBBF-00AA006C34E4}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IPv6 protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip
Protocol 41: MSAFD Tcpip [RAW/IPv6]
GUID: {F9EAB0C0-26D4-11D0-BBBF-00AA006C34E4}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IPv6 protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip
maksimino
2006-07-23, 07:02
SPYBOT Con't
Protocol 42: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{C7400326-81B0-460F-8FC5-321B64FB9D80}] SEQPACKET 6
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 43: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{C7400326-81B0-460F-8FC5-321B64FB9D80}] DATAGRAM 6
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 44: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{24CB8CA3-A15D-4074-8B65-AD87719DF0E0}] SEQPACKET 8
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 45: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{24CB8CA3-A15D-4074-8B65-AD87719DF0E0}] DATAGRAM 8
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 46: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{48B6E13F-B534-4056-92DD-708525CA8298}] SEQPACKET 10
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 47: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{48B6E13F-B534-4056-92DD-708525CA8298}] DATAGRAM 10
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 48: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{A194D758-A2F5-4181-B3C4-06DB2EE5F1B4}] SEQPACKET 11
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 49: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{A194D758-A2F5-4181-B3C4-06DB2EE5F1B4}] DATAGRAM 11
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 50: MSAFD NetBIOS [\Device\NetBT_Tcpip_{C7400326-81B0-460F-8FC5-321B64FB9D80}] SEQPACKET 9
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 51: MSAFD NetBIOS [\Device\NetBT_Tcpip_{C7400326-81B0-460F-8FC5-321B64FB9D80}] DATAGRAM 9
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 52: MSAFD NetBIOS [\Device\NetBT_Tcpip_{65805F32-F3A4-405F-8B8B-4FFFC4951341}] SEQPACKET 14
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 53: MSAFD NetBIOS [\Device\NetBT_Tcpip_{65805F32-F3A4-405F-8B8B-4FFFC4951341}] DATAGRAM 14
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 54: MSAFD NetBIOS [\Device\NetBT_Tcpip_{48B6E13F-B534-4056-92DD-708525CA8298}] SEQPACKET 7
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 55: MSAFD NetBIOS [\Device\NetBT_Tcpip_{48B6E13F-B534-4056-92DD-708525CA8298}] DATAGRAM 7
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 56: MSAFD NetBIOS [\Device\NetBT_Tcpip_{24CB8CA3-A15D-4074-8B65-AD87719DF0E0}] SEQPACKET 3
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 57: MSAFD NetBIOS [\Device\NetBT_Tcpip_{24CB8CA3-A15D-4074-8B65-AD87719DF0E0}] DATAGRAM 3
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 58: MSAFD NetBIOS [\Device\NetBT_Tcpip_{74BBA91B-26F3-4EF4-ABAF-1AA5C72FBAB6}] SEQPACKET 0
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 59: MSAFD NetBIOS [\Device\NetBT_Tcpip_{74BBA91B-26F3-4EF4-ABAF-1AA5C72FBAB6}] DATAGRAM 0
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 60: MSAFD NetBIOS [\Device\NetBT_Tcpip_{C9807E7E-CD62-4284-AD0E-20CF708DB8E3}] SEQPACKET 1
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 61: MSAFD NetBIOS [\Device\NetBT_Tcpip_{C9807E7E-CD62-4284-AD0E-20CF708DB8E3}] DATAGRAM 1
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 62: MSAFD NetBIOS [\Device\NetBT_Tcpip_{DFCF18E6-CD71-48F3-A113-8D50AA761A8D}] SEQPACKET 2
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 63: MSAFD NetBIOS [\Device\NetBT_Tcpip_{DFCF18E6-CD71-48F3-A113-8D50AA761A8D}] DATAGRAM 2
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 64: MSAFD NetBIOS [\Device\NetBT_Tcpip_{9A94560B-8DB6-4CE0-B5AB-DB9DBFA29D04}] SEQPACKET 4
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 65: MSAFD NetBIOS [\Device\NetBT_Tcpip_{9A94560B-8DB6-4CE0-B5AB-DB9DBFA29D04}] DATAGRAM 4
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 66: MSAFD NetBIOS [\Device\NetBT_Tcpip_{551D8E3A-079A-43FF-9761-9165A81EFE1F}] SEQPACKET 5
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 67: MSAFD NetBIOS [\Device\NetBT_Tcpip_{551D8E3A-079A-43FF-9761-9165A81EFE1F}] DATAGRAM 5
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 68: NVIDIA App Filter
GUID: {561A1E9F-D78B-40E3-866D-4CE5CF6BB83F}
Filename: %SYSTEMROOT%\system32\nvappfilter.dll
Namespace Provider 0: Tcpip
GUID: {22059D40-7E9E-11CF-AE5A-00AA00A7112B}
Filename: %SystemRoot%\System32\mswsock.dll
Description: Microsoft Windows NT/2k/XP TCP/IP name space provider
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: TCP/IP
Namespace Provider 1: NTDS
GUID: {3B2637EE-E580-11CF-A555-00C04FD8D4AC}
Filename: %SystemRoot%\System32\winrnr.dll
Description: Microsoft Windows NT/2k/XP name space provider
DB filename: %SystemRoot%\system32\winrnr.dll
DB protocol: NTDS
Namespace Provider 2: Network Location Awareness (NLA) Namespace
GUID: {6642243A-3BA8-4AA6-BAA5-2E0BD71FDD83}
Filename: %SystemRoot%\System32\mswsock.dll
Description: Microsoft Windows NT/2k/XP name space provider
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: NLA-Namespace
--- Uninstall list ---
Ace Utilities (Ace Utilities_is1)
install location: C:\Program Files\Ace Utilities
uninstall cmd: "C:\Program Files\Ace Utilities\uninstall.exe"
publisher: Acelogix
help link: http://www.acelogix.com
Ad-Aware SE Personal 1.06 (Ad-Aware SE Personal)
uninstall cmd: C:\PROGRA~1\LAVASOFT\AD-AWA~1\UNWISE.EXE C:\PROGRA~1\LAVASOFT\AD-AWA~1\INSTALL.LOG
publisher: Lavasoft
help link: http://www.lavasoft.com
(AddressBook)
ATI - ??????????????????????????????? 6.14.10.1012 (All ATI Software)
install location: C:\Program Files\ATI Technologies\UninstallAll
uninstall cmd: C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe
AsusUpdate (AsusUpdate)
uninstall cmd: C:\WINDOWS\IsUninst.exe -f"C:\Program Files\ASUS\AsusUpdate\Uninst.isu"
ASUS_Ai_Proactive_Screensaver (E) (ASUS_Ai_Proactive_Screensaver (E))
uninstall cmd: C:\WINDOWS\ASUS_Ai_Proactive_Screensaver (E).scr /u
ATI Display Driver 8.141-050524a-024066C-ATI (ATI Display Driver)
uninstall cmd: rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
maksimino
2006-07-23, 07:03
spybot con't
avast! Antivirus 4.7 (avast!)
version (major): 4
version (minor): 7
install location: C:\PROGRA~1\ALWILS~1\Avast4
install source: C:\PROGRA~1\ALWILS~1\Avast4\setup
uninstall cmd: rundll32 C:\PROGRA~1\ALWILS~1\Avast4\Setup\setiface.dll,RunSetup
publisher: Alwil Software
help link: http://www.avast.com
(Branding)
Chikka Txt Messenger V4 Chikka Instant Messenger v4.0 (Chikka Txt Messenger V4)
uninstall cmd: C:\PROGRA~1\ChikkaV4\Uninstaller.exe
publisher: Chikka Asia Inc.
comments: None
contact: Chikka Asia Inc.
help link: http://www.chikka.com/tutorial/
help telephone: None
Computer Alarm Clock (Computer Alarm Clock)
uninstall cmd: C:\PROGRA~1\COMPUT~1\UNWISE.EXE C:\PROGRA~1\COMPUT~1\INSTALL.LOG
(Connection Manager)
Creative WebCam Vista Pro Driver (1.00.05.0726) (Creative VF0100)
uninstall cmd: C:\WINDOWS\CtDrvIns.exe -uninstall -script Vf0100.uns -unsext NT -plugin V0100Pin.dll -pluginres V0100Pin.crl
Creative WebCam Center (Creative WebCam Center)
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{363435F2-7426-11D8-9966-00A0C9663221}\setup.exe" -l0x9 /remove
(Creative WebCam Vista Pro)
Creative WebCam Vista Pro User's Guide (English) (Creative WebCam Vista Pro User's Guide English)
uninstall cmd: C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Creative\Creative WebCam Vista Pro\Creative WebCam Vista Pro User's Guide\English\CTManual.isu"
dBpowerAMP Mp4 Codec (dBpowerAMP Mp4 Codec)
uninstall cmd: "C:\WINDOWS\system32\SpoonUninstall.exe" <uninstall>C:\WINDOWS\system32\SpoonUninstall-dBpowerAMP Mp4 Codec.dat
dBpowerAMP Music Converter (dBpowerAMP Music Converter)
uninstall cmd: "C:\WINDOWS\system32\SpoonUninstall.exe" <uninstall>C:\WINDOWS\system32\SpoonUninstall-dBpowerAMP Music Converter.dat
dBpowerAMP WMA V9.1 Codec (dBpowerAMP WMA V9.1 Codec)
uninstall cmd: "C:\WINDOWS\system32\SpoonUninstall.exe" <uninstall>C:\WINDOWS\system32\SpoonUninstall-dBpowerAMP WMA V9.1 Codec.dat
Digital Circuit Simulator (Digital Circuit Simulator)
uninstall cmd: C:\WINDOWS\uninst.exe -f"C:\Program Files\Zidar\Digital Circuit Simulator\DeIsL1.isu" -c"C:\Program Files\Zidar\Digital Circuit Simulator\_ISREG32.DLL"
(DirectAnimation)
(DirectDrawEx)
(DXM_Runtime)
ewido anti-spyware 4.0 (ewidoantispyware4)
install location: C:\Program Files\ewido anti-spyware 4.0
uninstall cmd: C:\Program Files\ewido anti-spyware 4.0\Uninstall.exe
publisher: ewido networks
help link: http://www.ewido.net
FlashGet(JetCar) (FlashGet(JetCar))
uninstall cmd: C:\PROGRA~1\FLASHGET\UNWISE.EXE C:\PROGRA~1\FLASHGET\INSTALL.LOG
(Fontcore)
Get Yahoo! Messenger (Get Yahoo! Messenger)
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AC067AB0-2594-4A7E-A1DE-ADEB7D15EB4B}\setup.exe" -l0x9 /remove
GetRight (GetRight)
uninstall cmd: C:\Program Files\GetRight\GETRIGHT.EXE /UNINSTALL
Half-Life (Half-Life)
uninstall cmd: C:\WINDOWS\IsUninst.exe -fd:\games\hal-life\Uninst.isu -c"d:\games\hal-life\HLUNINST.DLL"
(Halo Custom Edition)
version (major): 1
install location: D:\Games\Halo Games
publisher: Microsoft
HijackThis 1.99.1 1.99.1 (HijackThis)
uninstall cmd: C:\hijackthis\HijackThis.exe /uninstall
publisher: Soeperman Enterprises Ltd.
(ICW)
(IE40)
(IE4Data)
(IE5BAKEX)
(IEData)
(InstallShield Uninstall Information)
NVIDIA ForceWare Network Access Manager 2.03.467 (InstallShield_{1F6423DE-7959-4178-80E0-023C7EAA5347})
version: 33751507
version (major): 2
version (minor): 3
estimated size: 60196
install date: 20060226
install source: C:\WINDOWS\Downloaded Installations\{9DF687E7-381C-4882-A05F-4ADF1DD53394}\
uninstall cmd: C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{1F6423DE-7959-4178-80E0-023C7EAA5347} /l1033
publisher: NVIDIA Corporation
comments: 0
contact: 0
help link: 0
help telephone: 0
readme: 0
iPod for Windows 2006-03-23 4.7.0 (InstallShield_{2070F79D-46BC-4EEA-8F02-9B4DCABAE7CB})
version: 67567616
version (major): 4
version (minor): 7
estimated size: 51687
install date: 20060622
install location: C:\Program Files\iPod\
install source: C:\WINDOWS\Downloaded Installations\{D8C87B8A-0477-408A-AAE0-9FB4BEA3BF97}\
uninstall cmd: C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{2070F79D-46BC-4EEA-8F02-9B4DCABAE7CB} /l1033
publisher: Apple Computer, Inc.
contact: AppleCare
help link: http://www.info.apple.com
readme: http://www.info.apple.com/support/downloads.html
Nokia Connectivity Cable Driver 1.00.150.2 (InstallShield_{3D249F10-79EC-48D4-93E5-C470ABE523FA})
version: 16777366
version (major): 1
estimated size: 449
install date: 20060326
install source: C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\_is5E\
uninstall cmd: C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{3D249F10-79EC-48D4-93E5-C470ABE523FA}
publisher: Nokia
contact: 0
help link: http://www.nokia.com/pcsuite
help telephone: 0
readme: 0
MPLAB Tools v7.40 7.40 (InstallShield_{41AC41D5-6886-40F5-AC4A-1A15B9BB26D6})
version: 120061952
version (major): 7
version (minor): 40
estimated size: 692929
install date: 20060525
install location: D:\Med\MPLab\
install source: D:\Downloaded Files\MPLAB\
uninstall cmd: C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\10\INTEL3~1\IDriver.exe /M{41AC41D5-6886-40F5-AC4A-1A15B9BB26D6}
publisher: Microchip Technology Inc.
contact: Microchip Product Support
help link: http://support.microchip.com/scripts/slxweb.dll/external?name=webticketcust
iTunes 6.0.5.20 (InstallShield_{54C0D94A-F467-4ABC-9D02-6E58748668D4})
version: 100663301
version (major): 6
estimated size: 37370
install date: 20060715
install location: C:\Program Files\iTunes\
install source: C:\WINDOWS\Downloaded Installations\{54C0D94A-F467-4ABC-9D02-6E58748668D4}\
uninstall cmd: C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{54C0D94A-F467-4ABC-9D02-6E58748668D4} /l1033
publisher: Apple Computer, Inc.
contact: AppleCare Support
help link: http://www.info.apple.com/
help telephone: 1-800-275-2273
Nokia PC Suite 6.60.16 (InstallShield_{617095DB-B523-4D11-BBFD-2D74C2AD98B8})
version: 104595472
version (major): 6
version (minor): 60
estimated size: 36800
install date: 20060326
install source: C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\_is42\
uninstall cmd: C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{617095DB-B523-4D11-BBFD-2D74C2AD98B8}
publisher: Nokia
comments: -
contact: Customer Support Department
help link: http://www.nokia.com/pcsuite
help telephone: -
readme: C:\Program Files\Nokia\Nokia PC Suite 6\Readme.htm
AirPlus XtremeG (InstallShield_{79B92240-9C65-4DD7-B1AD-59910D2C1353})
version: 16777216
version (major): 1
estimated size: 6978
install date: 20060506
install source: C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\_is1B\
uninstall cmd: C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\10\INTEL3~1\IDriver.exe /M{79B92240-9C65-4DD7-B1AD-59910D2C1353} /l1033
publisher: D-Link
V-Gear TalkCam Messenger 0.1.3.73 (InstallShield_{89766926-09F7-4B82-B670-CBCB511E5FD9})
version: 65539
version (minor): 1
estimated size: 4993
install date: 20060305
install location: C:\Program Files\PC Camera\V-Gear TalkCam Messenger\
install source: C:\WINDOWS\Downloaded Installations\{D54F7F3B-17CE-4B56-9946-A964C5AE9572}\
uninstall cmd: C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{89766926-09F7-4B82-B670-CBCB511E5FD9} /l1033
publisher: PC Camera
QuickTime 7.1 (InstallShield_{C21D5524-A970-42FA-AC8A-59B8C7CDCA31})
version: 117506048
version (major): 7
version (minor): 1
estimated size: 77291
install date: 20060715
install location: C:\Program Files\QuickTime\
install source: C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\_is72\
uninstall cmd: C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{C21D5524-A970-42FA-AC8A-59B8C7CDCA31} /l1033
publisher: Apple Computer, Inc.
contact: AppleCare Support
help link: http://www.info.apple.com/
help telephone: 1-800-275-2273
InterActual Player (InterActual Player)
uninstall cmd: C:\Program Files\InterActual\InterActual Player\inuninst.exe
Windows XP Hotfix - KB873339 20041117.092459 (KB873339)
uninstall cmd: C:\WINDOWS\$NtUninstallKB873339$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=873339
(KB884016)
Windows XP Hotfix - KB885250 20050118.202711 (KB885250)
uninstall cmd: C:\WINDOWS\$NtUninstallKB885250$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=885250
Windows XP Hotfix - KB885835 20041027.181713 (KB885835)
uninstall cmd: C:\WINDOWS\$NtUninstallKB885835$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=885835
Windows XP Hotfix - KB885836 20041028.173203 (KB885836)
uninstall cmd: C:\WINDOWS\$NtUninstallKB885836$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=885836
Windows XP Hotfix - KB885884 20040924.025457 (KB885884)
uninstall cmd: C:\WINDOWS\$NtUninstallKB885884$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=885884
Windows XP Hotfix - KB886185 20041021.090540 (KB886185)
uninstall cmd: C:\WINDOWS\$NtUninstallKB886185$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=886185
Windows XP Hotfix - KB887472 20041014.162858 (KB887472)
uninstall cmd: C:\WINDOWS\$NtUninstallKB887472$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=887472
Windows XP Hotfix - KB887742 20041103.095002 (KB887742)
uninstall cmd: C:\WINDOWS\$NtUninstallKB887742$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=887742
Windows XP Hotfix - KB888113 20041116.131036 (KB888113)
uninstall cmd: C:\WINDOWS\$NtUninstallKB888113$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=888113
Windows XP Hotfix - KB888302 20041207.111426 (KB888302)
uninstall cmd: C:\WINDOWS\$NtUninstallKB888302$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=888302
Security Update for Windows XP (KB890046) 1 (KB890046)
install date: 20060303
uninstall cmd: "C:\WINDOWS\$NtUninstallKB890046$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=890046
Windows XP Hotfix - KB890859 1 (KB890859)
install date: 20060303
uninstall cmd: "C:\WINDOWS\$NtUninstallKB890859$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=890859
Windows XP Hotfix - KB891781 20050110.165439 (KB891781)
uninstall cmd: C:\WINDOWS\$NtUninstallKB891781$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=891781
Security Update for Windows XP (KB893756) 1 (KB893756)
install date: 20060303
uninstall cmd: "C:\WINDOWS\$NtUninstallKB893756$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=893756
(KB893803)
Windows Installer 3.1 (KB893803) 3.1 (KB893803v2)
uninstall cmd: "C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://go.microsoft.com/fwlink/?LinkId=42467
Update for Windows XP (KB894391) 1 (KB894391)
install date: 20060303
uninstall cmd: "C:\WINDOWS\$NtUninstallKB894391$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=894391
Security Update for Windows XP (KB896358) 1 (KB896358)
install date: 20060303
uninstall cmd: "C:\WINDOWS\$NtUninstallKB896358$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=896358
Security Update for Windows XP (KB896422) 1 (KB896422)
install date: 20060303
uninstall cmd: "C:\WINDOWS\$NtUninstallKB896422$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=896422
Security Update for Windows XP (KB896423) 1 (KB896423)
install date: 20060303
uninstall cmd: "C:\WINDOWS\$NtUninstallKB896423$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=896423
Security Update for Windows XP (KB896424) 1 (KB896424)
install date: 20060303
uninstall cmd: "C:\WINDOWS\$NtUninstallKB896424$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=896424
Security Update for Windows XP (KB896428) 1 (KB896428)
install date: 20060303
uninstall cmd: "C:\WINDOWS\$NtUninstallKB896428$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=896428
Update for Windows XP (KB898461) 1 (KB898461)
install date: 20060303
uninstall cmd: "C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=898461
Security Update for Windows XP (KB899587) 1 (KB899587)
install date: 20060303
uninstall cmd: "C:\WINDOWS\$NtUninstallKB899587$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=899587
Security Update for Windows XP (KB899589) 1 (KB899589)
install date: 20060303
uninstall cmd: "C:\WINDOWS\$NtUninstallKB899589$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=899589
Security Update for Windows XP (KB899591) 1 (KB899591)
install date: 20060303
uninstall cmd: "C:\WINDOWS\$NtUninstallKB899591$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=899591
Update for Windows XP (KB900485) 2 (KB900485)
install date: 20060426
uninstall cmd: "C:\WINDOWS\$NtUninstallKB900485$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=900485
Security Update for Windows XP (KB900725) 1 (KB900725)
install date: 20060303
uninstall cmd: "C:\WINDOWS\$NtUninstallKB900725$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=900725
Security Update for Windows XP (KB901017) 1 (KB901017)
install date: 20060303
uninstall cmd: "C:\WINDOWS\$NtUninstallKB901017$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
maksimino
2006-07-23, 07:05
spybot con't
help link: http://support.microsoft.com?kbid=901017
Security Update for Windows XP (KB901190) 1 (KB901190)
install date: 20060302
uninstall cmd: "C:\WINDOWS\$NtUninstallKB901190$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=901190
Security Update for Windows XP (KB901214) 1 (KB901214)
install date: 20060303
uninstall cmd: "C:\WINDOWS\$NtUninstallKB901214$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=901214
Security Update for Windows XP (KB902400) 1 (KB902400)
install date: 20060303
uninstall cmd: "C:\WINDOWS\$NtUninstallKB902400$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=902400
Security Update for Windows XP (KB904706) 2 (KB904706)
install date: 20060302
uninstall cmd: "C:\WINDOWS\$NtUninstallKB904706$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=904706
Security Update for Windows XP (KB905414) 1 (KB905414)
install date: 20060303
uninstall cmd: "C:\WINDOWS\$NtUninstallKB905414$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=905414
Security Update for Windows XP (KB905749) 1 (KB905749)
install date: 20060303
uninstall cmd: "C:\WINDOWS\$NtUninstallKB905749$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=905749
Security Update for Windows XP (KB905915) 1 (KB905915)
install date: 20060302
uninstall cmd: "C:\WINDOWS\$NtUninstallKB905915$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=905915
Security Update for Windows XP (KB908519) 1 (KB908519)
install date: 20060302
uninstall cmd: "C:\WINDOWS\$NtUninstallKB908519$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=908519
Security Update for Windows XP (KB908531) 1 (KB908531)
install date: 20060415
uninstall cmd: "C:\WINDOWS\$NtUninstallKB908531$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=908531
Update for Windows XP (KB910437) 1 (KB910437)
install date: 20060302
uninstall cmd: "C:\WINDOWS\$NtUninstallKB910437$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=910437
Security Update for Windows XP (KB911562) 1 (KB911562)
install date: 20060415
uninstall cmd: "C:\WINDOWS\$NtUninstallKB911562$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=911562
Security Update for Windows Media Player (KB911564) (KB911564)
install date: 20060302
uninstall cmd: "C:\WINDOWS\$NtUninstallKB911564$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com/?kbid=911564
Security Update for Windows Media Player 10 (KB911565) (KB911565)
install date: 20060302
uninstall cmd: "C:\WINDOWS\$NtUninstallKB911565$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com/?kbid=911565
Security Update for Windows XP (KB911567) 1 (KB911567)
install date: 20060415
uninstall cmd: "C:\WINDOWS\$NtUninstallKB911567$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=911567
Security Update for Windows XP (KB911927) 1 (KB911927)
install date: 20060302
uninstall cmd: "C:\WINDOWS\$NtUninstallKB911927$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=911927
Security Update for Windows XP (KB912812) 1 (KB912812)
install date: 20060415
uninstall cmd: "C:\WINDOWS\$NtUninstallKB912812$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=912812
Security Update for Windows XP (KB912919) 1 (KB912919)
install date: 20060302
uninstall cmd: "C:\WINDOWS\$NtUninstallKB912919$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=912919
Security Update for Windows XP (KB913446) 1 (KB913446)
install date: 20060302
uninstall cmd: "C:\WINDOWS\$NtUninstallKB913446$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=913446
LifeGlobe Goldfish Aquarium 1.0 (LifeGlobe Goldfish Aquarium_is1)
uninstall cmd: "C:\Program Files\Prolific Publishing, Inc.\Goldfish Aquarium\unins000.exe"
publisher: Prolific Publishing, Inc.
help link: http://www.LifeGlobe.com
LiveUpdate 2.5 (Symantec Corporation) 2.5.55.0 (LiveUpdate)
install location: C:\Program Files\Symantec\LiveUpdate
uninstall cmd: C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE /U
publisher: Symantec Corporation
(MobileOptionPack)
Mozilla Firefox (1.5.0.4) 1.5.0.4 (en-US) (Mozilla Firefox (1.5.0.4))
install location: C:\Program Files\Mozilla Firefox
uninstall cmd: C:\Program Files\Mozilla Firefox\uninstall\uninstall.exe /ua "1.5.0.4 (en-US)"
publisher: Mozilla
(MPlayer2)
(MSI30-Beta1)
(MSI30-Beta2)
(MSI30-KB884016)
(MSI30-RC1)
(MSI30-RC2)
(MSI30a-KB884016)
(MSI31-Beta)
(MSI31-RC1)
MSN (MSNINST)
uninstall cmd: C:\Program Files\MSN\MsnInstaller\msninst.exe /Action:ARP
NeoTheme 2.0 2.0 (NeoTheme)
uninstall cmd: C:\Program Files\NeoTheme\uninst.exe
publisher: unknown12
Nero 6 Ultra Edition (Nero - Burning Rom!UninstallKey)
uninstall cmd: C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
(NetMeeting)
NVIDIA Drivers (NVIDIA Drivers)
uninstall cmd: C:\WINDOWS\system32\NVUNINST.EXE UninstallGUI
Opera Plug-in for FlashGet (Opera Plug-in for FlashGet)
uninstall cmd: C:\PROGRA~1\OPERA\PLUGINS\FLASHGET\UNWISE.EXE C:\PROGRA~1\OPERA\PLUGINS\FLASHGET\INSTALL.LOG
(OutlookExpress)
(PCHealth)
uninstall cmd: rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Pocket Tanks Deluxe 1.00a (Pocket Tanks Deluxe_is1)
uninstall cmd: "D:\Games\Pocket Tanks\Pocket Tanks Deluxe\unins001.exe"
publisher: BlitWise Productions, LLC
help link: http://www.blitwise.com/support.html
Quake III Arena (Quake III Arena)
uninstall cmd: C:\WINDOWS\IsUninst.exe -fd:\games\qiii\QIII.isu
(RealJukebox 1.0)
uninstall cmd: C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
RealPlayer (RealPlayer 6.0)
uninstall cmd: C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
RepliGo Viewer (remove only) (RepliGo Viewer)
uninstall cmd: "C:\Program Files\Cerience\RepliGo Viewer\uninst.exe"
(SchedulingAgent)
SereneScreen Marine Aquarium 2.6 2.6 (SereneScreen Marine Aquarium 2.6_is1)
install location: C:\Program Files\SereneScreen\Marine Aquarium 2.6\
uninstall cmd: "C:\Program Files\SereneScreen\Marine Aquarium 2.6\unins000.exe"
publisher: Prolific Publishing, Inc.
help link: http://www.SereneScreen.com
Macromedia Flash Player 8 8 (ShockwaveFlash)
uninstall cmd: C:\WINDOWS\system32\Macromed\Flash\UninstFl.exe
publisher: Macromedia
help link: http://www.macromedia.com/go/flashplayer_support/
Sierra Utilities (Sierra Utilities)
uninstall cmd: C:\Program Files\Sierra On-Line\sutil32.exe uninstall
Skype 2.0 2.0 (Skype_is1)
install location: C:\Program Files\Skype\Phone\
uninstall cmd: "C:\Program Files\Skype\Phone\unins000.exe"
publisher: Skype Software S.A.
help link: http://ui.skype.com/ui/0/2.0.0.107/en/help
Spybot - Search & Destroy 1.4 1.4 (Spybot - Search & Destroy_is1)
install location: C:\Program Files\Spybot - Search & Destroy\
uninstall cmd: "C:\Program Files\Spybot - Search & Destroy\unins000.exe"
publisher: Safer Networking Limited
Super Pack v1.1 for Pocket Tanks Deluxe 1.1 (Super Pack for Pocket Tanks Deluxe_is1)
install location: D:\Games\Pocket Tanks\Pocket Tanks Deluxe\
uninstall cmd: "D:\Games\Pocket Tanks\Pocket Tanks Deluxe\unins000.exe"
publisher: BlitWise Productions, LLC
help link: http://www.blitwise.com/support.html
VoipDiscount 2.09 build 312 (VoipDiscount_is1)
install location: C:\Program Files\VoipDiscount.com\VoipDiscount\
uninstall cmd: "C:\Program Files\VoipDiscount.com\VoipDiscount\unins000.exe"
publisher: Finarea S.A. Switzerland
help link: http://www.VoipDiscount.com
Webshots Desktop (Webshots Desktop)
uninstall cmd: C:\PROGRA~1\WEBSHOTS\UNWISE.EXE C:\PROGRA~1\WEBSHOTS\INSTALL.LOG
Winamp (remove only) (Winamp)
uninstall cmd: "C:\Program Files\Winamp\UninstWA.exe"
Windows Media Format Runtime (Windows Media Format Runtime)
uninstall cmd: "C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Player 10 (Windows Media Player)
uninstall cmd: "C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
WinRAR archiver (WinRAR archiver)
uninstall cmd: C:\Program Files\WinRAR\uninstall.exe
WinZip 9.0 SR-1 (6224) (WinZip)
version (major): 9
install location: C:\PROGRA~1\WINZIP\
uninstall cmd: "C:\Program Files\WinZip\WINZIP32.EXE" /uninstall
publisher: WinZip Computing, Inc.
help link: http://www.winzip.com/xsupport.htm
maksimino
2006-07-23, 07:06
Spybot Con't.............
Yahoo! Anti-Spy (Yahoo! Anti-Spy)
uninstall cmd: C:\PROGRA~1\YAHOO!\COMMON\unypsr.exe
Yahoo! Toolbar (Yahoo! Companion)
uninstall cmd: C:\PROGRA~1\YAHOO!\COMMON\unyt.exe
Yahoo! Browser Services (Yahoo! Customizations)
uninstall cmd: C:\PROGRA~1\YAHOO!\COMMON\unyext.exe
Yahoo! Internet Mail (Yahoo! Internet Mail)
uninstall cmd: C:\WINDOWS\system32\regsvr32 /u /s C:\PROGRA~1\YAHOO!\COMMON\ymmapi.dll
Yahoo! Messenger (Yahoo! Messenger)
uninstall cmd: C:\PROGRA~1\YAHOO!\MESSEN~1\UNWISE.EXE C:\PROGRA~1\YAHOO!\MESSEN~1\INSTALL.LOG
Yahoo! Toolbar (Yahoo! Toolbar)
Yahoo! Install Manager (YInstHelper)
uninstall cmd: C:\WINDOWS\system32\regsvr32 /u C:\PROGRA~1\Yahoo!\Common\YINSTH~1.DLL
ATI Control Panel 6.14.10.5155 ({0BEDBD4E-2D34-47B5-9973-57E62B29307C})
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0BEDBD4E-2D34-47B5-9973-57E62B29307C}\setup.exe"
AutoUpdate 1.1 ({18D10072035C4515918F7E37EAFAACFC})
install location: C:\Program Files\DivX
NVIDIA ForceWare Network Access Manager 2.03.467 ({1F6423DE-7959-4178-80E0-023C7EAA5347})
version: 33751507
version (major): 2
version (minor): 3
estimated size: 60196
install date: 20060226
install source: C:\WINDOWS\Downloaded Installations\{9DF687E7-381C-4882-A05F-4ADF1DD53394}\
publisher: NVIDIA Corporation
comments: 0
contact: 0
help link: 0
help telephone: 0
readme: 0
iPod for Windows 2006-03-23 4.7.0 ({2070F79D-46BC-4EEA-8F02-9B4DCABAE7CB})
version: 67567616
version (major): 4
version (minor): 7
estimated size: 51687
install date: 20060622
install location: C:\Program Files\iPod\
install source: C:\WINDOWS\Downloaded Installations\{D8C87B8A-0477-408A-AAE0-9FB4BEA3BF97}\
publisher: Apple Computer, Inc.
contact: AppleCare
help link: http://www.info.apple.com
readme: http://www.info.apple.com/support/downloads.html
Ulead Photo Express 4.0 My Custom Edition ({21BCE515-D5A3-11D4-8E33-0010B53EC668})
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{21BCE515-D5A3-11D4-8E33-0010B53EC668}\Setup.exe"
J2SE Runtime Environment 5.0 Update 3 1.5.0.30 ({3248F0A8-6813-11D6-A77B-00B0D0150030})
version: 17104896
version (major): 1
version (minor): 5
estimated size: 147073
install date: 20060301
install source: http://java.sun.com/webapps/download/GetFile/1.5.0_03-b07/windows-i586/
uninstall cmd: MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150030}
publisher: Sun Microsystems, Inc.
contact: http://java.com
help link: http://java.com
readme: C:\Program Files\Java\jre1.5.0_03\README.txt
WebFldrs XP 9.50.7523 ({350C97B0-3D7C-4EE8-BAA9-00BCB3D54227})
version: 154279267
version (major): 9
version (minor): 50
estimated size: 2548
install date: 20060226
install source: C:\WINDOWS\system32\
publisher: Microsoft Corporation
help link: http://www.microsoft.com/windows
({363435F2-7426-11D8-9966-00A0C9663221})
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{363435F2-7426-11D8-9966-00A0C9663221}\setup.exe" -l0x9
Nokia Connectivity Cable Driver 1.00.150.2 ({3D249F10-79EC-48D4-93E5-C470ABE523FA})
version: 16777366
version (major): 1
estimated size: 449
install date: 20060326
install source: C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\_is5E\
publisher: Nokia
contact: 0
help link: http://www.nokia.com/pcsuite
help telephone: 0
readme: 0
ATI HydraVision ({3EA9D975-BFDC-4E8E-B88B-0446FBC8CA66})
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3EA9D975-BFDC-4E8E-B88B-0446FBC8CA66}\setup.exe"
MPLAB Tools v7.40 7.40 ({41AC41D5-6886-40F5-AC4A-1A15B9BB26D6})
version: 120061952
version (major): 7
version (minor): 40
estimated size: 692929
install date: 20060525
install location: D:\Med\MPLab\
install source: D:\Downloaded Files\MPLAB\
publisher: Microchip Technology Inc.
contact: Microchip Product Support
help link: http://support.microchip.com/scripts/slxweb.dll/external?name=webticketcust
ANIWZCS2 Service ({4C590030-7469-453E-8589-D15DA9D03F52})
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4C590030-7469-453E-8589-D15DA9D03F52}\Setup.exe"
iTunes 6.0.5.20 ({54C0D94A-F467-4ABC-9D02-6E58748668D4})
version: 100663301
version (major): 6
estimated size: 37370
install date: 20060715
install location: C:\Program Files\iTunes\
install source: C:\WINDOWS\Downloaded Installations\{54C0D94A-F467-4ABC-9D02-6E58748668D4}\
publisher: Apple Computer, Inc.
contact: AppleCare Support
help link: http://www.info.apple.com/
help telephone: 1-800-275-2273
Multisim 8 Trial 8.0.28 ({5CCBAA31-543C-414B-AA18-E95C5F7CF4C1})
version: 134217756
version (major): 8
estimated size: 5989
install date: 20060604
install location: C:\Program Files\Electronics Workbench\EWB8Trial\
install source: C:\Program Files\Electronics Workbench\EWB8Trial\{5CCBAA31-543C-414B-AA18-E95C5F7CF4C1}\
publisher: Electronics Workbench
contact: Customer Support Department
help link: http://www.electronicsworkbench.com
help telephone: 1-555-555-4505
({5CDDF96A-BC34-4D72-9ABA-E1FFF0C39977})
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5CDDF96A-BC34-4D72-9ABA-E1FFF0C39977}\setup.exe" -l0x9
Nokia PC Suite 6.60.16 ({617095DB-B523-4D11-BBFD-2D74C2AD98B8})
version: 104595472
version (major): 6
version (minor): 60
estimated size: 36800
install date: 20060326
install source: C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\_is42\
publisher: Nokia
comments: -
contact: Customer Support Department
help link: http://www.nokia.com/pcsuite
help telephone: -
readme: C:\Program Files\Nokia\Nokia PC Suite 6\Readme.htm
({62369F2F77534556AEF4C58152E3BDE5})
PowerDVD ({6811CAA0-BF12-11D4-9EA1-0050BAE317E1})
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -uninstall
AirPlus XtremeG ({79B92240-9C65-4DD7-B1AD-59910D2C1353})
version: 16777216
version (major): 1
estimated size: 6978
install date: 20060506
install source: C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\_is1B\
publisher: D-Link
ANIO Service ({7B5CE976-C7A9-4E38-A7F3-6C8EF025DD8E})
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7B5CE976-C7A9-4E38-A7F3-6C8EF025DD8E}\Setup.exe"
DivX 6.1.1 ({7B63B2922B174135AFC0E1377DD81EC2})
install location: C:\Program Files\DivX
uninstall cmd: C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
publisher: DivX, Inc.
EWB Support and Upgrade Utility 1.0.20 ({81FF9BF7-60D9-4538-8C2B-9F0EC8DDC507})
version: 16777236
version (major): 1
estimated size: 2536
install date: 20060604
install location: C:\Program Files\Electronics Workbench\Support and Upgrade Utility\
install source: E:\Electronics Workbench MultiSim Power Pro v8.028\setup\Support and Upgrade\
uninstall cmd: MsiExec.exe /I{81FF9BF7-60D9-4538-8C2B-9F0EC8DDC507}
publisher: Electronics Workbench
help telephone: 416-977-5550
V-Gear TalkCam Messenger 0.1.3.73 ({89766926-09F7-4B82-B670-CBCB511E5FD9})
version: 65539
version (minor): 1
estimated size: 4993
install date: 20060305
install location: C:\Program Files\PC Camera\V-Gear TalkCam Messenger\
install source: C:\WINDOWS\Downloaded Installations\{D54F7F3B-17CE-4B56-9946-A964C5AE9572}\
publisher: PC Camera
DivX Player 6.1.1 ({8ADFC4160D694100B5B8A22DE9DCABD9})
install location: C:\Program Files\DivX
uninstall cmd: C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
publisher: DivXNetworks, Inc.
Microsoft Office Professional Edition 2003 11.0.5614.0 ({90110409-6000-11D3-8CFE-0150048383C9})
version: 184554990
version (major): 11
estimated size: 579754
install date: 20060625
install location: C:\Program Files\Microsoft Office\
install source: E:\OFFICE11SP2\
uninstall cmd: MsiExec.exe /I{90110409-6000-11D3-8CFE-0150048383C9}
publisher: Microsoft Corporation
help link: http://www.microsoft.com/support
readme: C:\Program Files\Microsoft Office\OFFICE11\1033\OFREADME.HTM
VP6 VFW Codec ({A23866A0-738B-4091-9924-0B0DE3988A15})
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A23866A0-738B-4091-9924-0B0DE3988A15}\Setup.exe" -l0x9
({AC067AB0-2594-4A7E-A1DE-ADEB7D15EB4B})
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AC067AB0-2594-4A7E-A1DE-ADEB7D15EB4B}\setup.exe" -l0x9
Adobe Reader 7.0.7 7.0.7 ({AC76BA86-7AD7-1033-7B44-A70700000002})
version: 117440519
version (major): 7
estimated size: 73116
install date: 20060408
install location: C:\Program Files\Adobe\Acrobat 7.0\Reader\
install source: C:\Program Files\Adobe\Acrobat 7.0\Setup Files\RdrBig707\ENU\
uninstall cmd: MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A70700000002}
publisher: Adobe Systems Incorporated
comments:
contact:
help link: http://www.adobe.com/support/main.html
help telephone:
readme: C:\Program Files\Adobe\Acrobat 7.0\Reader\Readme.htm
({B13A7C41581B411290FBC0395694E2A9})
DivX Web Player 1.0.0 ({B7050CBDB2504B34BC2A9CA0A692CC29})
install location: C:\Program Files\DivX
uninstall cmd: C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
publisher: DivX,Inc.
Athlon 64 Processor Driver 1.1.0.14 ({C151CE54-E7EA-4804-854B-F515368B0798})
version: 16842752
install location: C:\Program Files\AMD\Athlon 64 Processor Driver
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C151CE54-E7EA-4804-854B-F515368B0798}\setup.exe" -l0x9
QuickTime 7.1 ({C21D5524-A970-42FA-AC8A-59B8C7CDCA31})
version: 117506048
version (major): 7
version (minor): 1
estimated size: 77291
install date: 20060715
install location: C:\Program Files\QuickTime\
install source: C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\_is72\
publisher: Apple Computer, Inc.
contact: AppleCare Support
help link: http://www.info.apple.com/
help telephone: 1-800-275-2273
Multisim 8 Trial 8.0.28 ({D30F029F-307F-4C20-BA23-B6A5C852E78B})
version: 134217756
install date: 20060604
install location: C:\Program Files\Electronics Workbench\EWB8Trial
install source: E:\Electronics Workbench MultiSim Power Pro v8.028\setup\
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D30F029F-307F-4C20-BA23-B6A5C852E78B}\setup.exe" -l0x9 -removeonly
publisher: Electronics Workbench
help link: http://www.electronicsworkbench.com
help telephone: 416-977-5550
FlashFXP v3 v3.2.0 build 1080 ({DBDFA37B-CFC7-4C37-98F8-04CF326CD327}_is1)
install location: C:\Program Files\FlashFXP\
uninstall cmd: "C:\Program Files\FlashFXP\unins000.exe"
publisher: IniCom Networks, Inc.
help link: http://www.flashfxp.com/support.php
ccCommon 103.0.2.10 ({DC367608-64A7-4BF7-92F4-8BAA25BA02DB})
version: 1728053250
version (major): 103
estimated size: 3267
install date: 20060310
install source: E:\Software\AntiVirus\Support\ccCommon\
uninstall cmd: MsiExec.exe /I{DC367608-64A7-4BF7-92F4-8BAA25BA02DB}
publisher: Symantec
ArcSoft Multimedia Email ({DD54CF66-090B-43E7-97C1-110EF526474D})
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DD54CF66-090B-43E7-97C1-110EF526474D}\Setup.exe" -l0x9 -uninst
Cypress Semiconductor VPN Client ({EF964A78-078C-11D1-B7A7-0000C0134CE6})
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EF964A78-078C-11D1-B7A7-0000C0134CE6}\setup.exe" Uninstall
VideoCAM Trek 1.00.000 ({F3220F3E-3B12-4B65-861D-B8EFCCA44A39})
version: 16777216
install location: C:\Program Files\Common Files\VCAMTrek
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F3220F3E-3B12-4B65-861D-B8EFCCA44A39}\setup.exe" -l0x9
({F64306A5-4C32-41bb-B153-53986527FAB4})
PC Probe II 1.00.38 ({F7338FA3-DAB5-49B2-900D-0AFB5760C166})
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F7338FA3-DAB5-49B2-900D-0AFB5760C166}\setup.exe" -l0x9
Realtek AC'97 Audio 5.12 ({FB08F381-6533-4108-B7DD-039E11FBC27E})
version: 84672512
install date: 20060226
install location: C:\Program Files\Realtek AC97\
install source: E:\Drivers\Audio\WHQL\
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\Setup.exe" -l0x1e -removeonly
publisher: Realtek Semiconductor Corp.
maksimino
2006-07-23, 07:10
hi pskelly...
thanks for the support. 'just paste everything base from the procedure you've povided. the spybot report is quite long so I pasted in portions. thanks again!!!
pskelley
2006-07-23, 13:49
:confused: Please take the time to read the instructions carefully, these are the instructions:
Ewido: You have taken no action on the junk it located. Run ewido again and follow the instructions, have ewido delete or quarantine anything it locates unless you know it is not bad.
Copy/paste into your own new topic.
c:\rapport.txt
Ewido log
The HJT log
For Spybot: Press export in the save in box, choose a place such as My Documents folder and save the report there
If we need to see the Spybot report, we will ask for it, would you please post the HJT report that is missing and the ewido scan report after you have it remove the bad stuff.
Thanks
Due to lack of a response this topic has been archived.
If you need it re-opened please send me a pm and provide a link to the thread.
Applies only to the original topic starter.