View Full Version : smitfraudfix
SHALIK_TEX
2006-08-04, 16:23
I started getting these stupid pop-up windows in the bottom of my desktop. Here are my logs from smitfraudfix,ewido, spybot, and hijakthis.
SmitFraudFix v2.79
Scan done at 16:47:15.93, Thu 08/03/2006
Run from C:\Documents and Settings\Sabian\Desktop\smitRem\SmitfraudFix
OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT
Fix ran in safe mode
»»»»»»»»»»»»»»»»»»»»»»»» Before SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"bestreak"="{874443fe-aa33-4ebf-a6ac-73208787e62d}"
»»»»»»»»»»»»»»»»»»»»»»»» Killing process
»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix
GenericRenosFix by S!Ri
C:\WINDOWS\system32\viruxz.dll -> Missing File
»»»»»»»»»»»»»»»»»»»»»»»» Deleting infected files
C:\Program Files\IntCodec\ Deleted
»»»»»»»»»»»»»»»»»»»»»»»» Deleting Temp Files
»»»»»»»»»»»»»»»»»»»»»»»» Registry Cleaning
Registry Cleaning done.
»»»»»»»»»»»»»»»»»»»»»»»» After SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
»»»»»»»»»»»»»»»»»»»»»»»» End
--------------------------------------------------------
ewido anti-malware - Scan report
---------------------------------------------------------
+ Created on: 9:32:43 PM, 8/3/2006
+ Report-Checksum: A6BEC02C
+ Scan result:
HKU\S-1-5-21-725345543-1993962763-1343024091-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5753791B-F607-48CA-814E-91C14D081F9E} -> Adware.Generic : Cleaned with backup
::Report End
SHALIK_TEX
2006-08-04, 16:26
--- Search result list ---
Windows Security Center.FirewallDisableNotify: Settings (Registry change, fixed)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify!=dword:0
Windows Security Center.AntiVirusDisableNotify: Settings (Registry change, fixed)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify!=dword:0
--- Spybot - Search & Destroy version: 1.4 (build: 20050523) ---
2005-05-31 blindman.exe (1.0.0.1)
2005-05-31 SpybotSD.exe (1.4.0.3)
2005-05-31 TeaTimer.exe (1.4.0.2)
2006-08-03 unins000.exe (51.41.0.0)
2005-05-31 Update.exe (1.4.0.0)
2005-05-31 advcheck.dll (1.0.2.0)
2005-05-31 aports.dll (2.1.0.0)
2005-05-31 borlndmm.dll (7.0.4.453)
2005-05-31 delphimm.dll (7.0.4.453)
2005-05-31 SDHelper.dll (1.4.0.0)
2005-05-31 Tools.dll (2.0.0.2)
2005-05-31 UnzDll.dll (1.73.1.1)
2005-05-31 ZipDll.dll (1.73.2.0)
2006-07-28 Includes\Cookies.sbi (*)
2006-07-28 Includes\Dialer.sbi (*)
2006-07-28 Includes\Hijackers.sbi (*)
2006-07-28 Includes\Keyloggers.sbi (*)
2004-11-29 Includes\LSP.sbi (*)
2006-07-28 Includes\Malware.sbi (*)
2006-07-28 Includes\PUPS.sbi (*)
2006-07-28 Includes\Revision.sbi (*)
2006-07-28 Includes\Security.sbi (*)
2006-07-28 Includes\Spybots.sbi (*)
2005-02-17 Includes\Tracks.uti
2006-07-28 Includes\Trojans.sbi (*)
--- System information ---
Windows XP (Build: 2600) Service Pack 2
/ Windows Media Player 10: Security Update for Windows Media Player 10 (KB917734)
/ Windows Media Player 9: Security Update for Windows Media Player 9 (KB917734)
/ Windows XP / SP3: Windows XP Hotfix - KB873339
/ Windows XP / SP3: Windows XP Hotfix - KB885250
/ Windows XP / SP3: Windows XP Hotfix - KB885835
/ Windows XP / SP3: Windows XP Hotfix - KB885836
/ Windows XP / SP3: Windows XP Hotfix - KB885884
/ Windows XP / SP3: Windows XP Hotfix - KB886185
/ Windows XP / SP3: Windows XP Hotfix - KB887472
/ Windows XP / SP3: Windows XP Hotfix - KB887742
/ Windows XP / SP3: Windows XP Hotfix - KB888113
/ Windows XP / SP3: Windows XP Hotfix - KB888302
/ Windows XP / SP3: Security Update for Windows XP (KB890046)
/ Windows XP / SP3: Windows XP Hotfix - KB890859
/ Windows XP / SP3: Windows XP Hotfix - KB891781
/ Windows XP / SP3: Security Update for Windows XP (KB893756)
/ Windows XP / SP3: Windows Installer 3.1 (KB893803)
/ Windows XP / SP3: Update for Windows XP (KB894391)
/ Windows XP / SP3: Security Update for Windows XP (KB896358)
/ Windows XP / SP3: Security Update for Windows XP (KB896422)
/ Windows XP / SP3: Security Update for Windows XP (KB896423)
/ Windows XP / SP3: Security Update for Windows XP (KB896424)
/ Windows XP / SP3: Security Update for Windows XP (KB896428)
/ Windows XP / SP3: Update for Windows XP (KB898461)
/ Windows XP / SP3: Security Update for Windows XP (KB899587)
/ Windows XP / SP3: Security Update for Windows XP (KB899589)
/ Windows XP / SP3: Security Update for Windows XP (KB899591)
/ Windows XP / SP3: Update for Windows XP (KB900485)
/ Windows XP / SP3: Security Update for Windows XP (KB900725)
/ Windows XP / SP3: Security Update for Windows XP (KB901017)
/ Windows XP / SP3: Security Update for Windows XP (KB901214)
/ Windows XP / SP3: Security Update for Windows XP (KB902400)
/ Windows XP / SP3: Security Update for Windows XP (KB904706)
/ Windows XP / SP3: Security Update for Windows XP (KB905414)
/ Windows XP / SP3: Security Update for Windows XP (KB905749)
/ Windows XP / SP3: Security Update for Windows XP (KB908519)
/ Windows XP / SP3: Update for Windows XP (KB908531)
/ Windows XP / SP3: Update for Windows XP (KB910437)
/ Windows XP / SP3: Security Update for Windows XP (KB911280)
/ Windows XP / SP3: Security Update for Windows XP (KB911562)
/ Windows XP / SP3: Security Update for Windows XP (KB911567)
/ Windows XP / SP3: Security Update for Windows XP (KB911927)
/ Windows XP / SP3: Security Update for Windows XP (KB912812)
/ Windows XP / SP3: Security Update for Windows XP (KB912919)
/ Windows XP / SP3: Security Update for Windows XP (KB913446)
/ Windows XP / SP3: Security Update for Windows XP (KB913580)
/ Windows XP / SP3: Security Update for Windows XP (KB914388)
/ Windows XP / SP3: Security Update for Windows XP (KB914389)
/ Windows XP / SP3: Security Update for Windows XP (KB916281)
/ Windows XP / SP3: Update for Windows XP (KB916595)
/ Windows XP / SP3: Security Update for Windows XP (KB917159)
/ Windows XP / SP3: Security Update for Windows XP (KB917344)
/ Windows XP / SP3: Security Update for Windows XP (KB917953)
/ Windows XP / SP3: Security Update for Windows XP (KB918439)
--- Startup entries list ---
Located: HK_LM:Run, _AntiSpyware
command: c:\progra~1\mcafee\MCAFEE~2\masalert.exe
file: c:\progra~1\mcafee\MCAFEE~2\masalert.exe
size: 327680
MD5: 393d5d24a034946fb9e999fc21894cab
Located: HK_LM:Run, Adobe Photo Downloader
command: "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
file: C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
size: 57344
MD5: 617fa5be646b5e8d6670fd4710acd2d3
Located: HK_LM:Run, HP Component Manager
command: "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
file: C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
size: 241664
MD5: b75b654ee1da99876461b24597ae3ff3
Located: HK_LM:Run, HP Software Update
command: "C:\Program Files\HP\HP Software Update\HPWuSchd.exe"
file: C:\Program Files\HP\HP Software Update\HPWuSchd.exe
size: 49152
MD5: 4fea5b94c6a96860620a62e4a19bd07d
Located: HK_LM:Run, MCAgentExe
command: c:\PROGRA~1\mcafee.com\agent\mcagent.exe
file: c:\PROGRA~1\mcafee.com\agent\mcagent.exe
size: 303104
MD5: e8d2dcece015f4558aa3853514664f15
Located: HK_LM:Run, McRegWiz
command: c:\PROGRA~1\mcafee.com\agent\mcregwiz.exe /autorun
file: c:\PROGRA~1\mcafee.com\agent\mcregwiz.exe
size: 135168
MD5: f8d1d01fd4b97ec190011a5a1ce0190a
Located: HK_LM:Run, MCUpdateExe
command: c:\PROGRA~1\mcafee.com\agent\McUpdate.exe
file: c:\PROGRA~1\mcafee.com\agent\McUpdate.exe
size: 212992
MD5: dec79e9887924b82837b9b7730ecaa1f
Located: HK_LM:Run, MPFExe
command: C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
file: C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
size: 950272
MD5: c14da446ebbd90e15fb617bc70e0ebd8
Located: HK_LM:Run, MPSExe
command: "c:\PROGRA~1\mcafee.com\mps\mscifapp.exe" /embedding
file: c:\PROGRA~1\mcafee.com\mps\mscifapp.exe
size: 274432
MD5: 84628fdd432a743ca18025ecb11bba9b
Located: HK_LM:Run, MSKAGENTEXE
command: C:\PROGRA~1\McAfee\SPAMKI~1\MSKAgent.exe
file: C:\PROGRA~1\McAfee\SPAMKI~1\MSKAgent.exe
size: 126976
MD5: e1f528147ab89cbce6595e361be99efa
Located: HK_LM:Run, MSKDetectorExe
command: "C:\PROGRA~1\McAfee\SPAMKI~1\MskDetct.exe" /startup
file: C:\PROGRA~1\McAfee\SPAMKI~1\MskDetct.exe
size: 1111040
MD5: bae1b6bbe248ffa7f11b82329e40237d
Located: HK_LM:Run, OASClnt
command: "C:\Program Files\McAfee.com\VSO\oasclnt.exe"
file: C:\Program Files\McAfee.com\VSO\oasclnt.exe
size: 53248
MD5: 76e033f33912bfaca4a05be8d1f3a740
Located: HK_LM:Run, RoxioAudioCentral
command: "C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe"
file: C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe
size: 253952
MD5: 868031dc287f4c51642dcd4215ef1107
Located: HK_LM:Run, RoxioDragToDisc
command: "C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe"
file: C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe
size: 757760
MD5: 08c636d58074a15a1234c50b2fb13a1c
Located: HK_LM:Run, RoxioEngineUtility
command: "C:\Program Files\Common Files\Roxio Shared\System\EngUtil.exe"
file: C:\Program Files\Common Files\Roxio Shared\System\EngUtil.exe
size: 69632
MD5: a6500f81f5dc968827a391173bf0aba4
Located: HK_LM:Run, SpySweeper
command: "C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe" /startintray
file: C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe
size: 3871744
MD5: 7b5e4388491e08af5bee17fb0f83cca8
Located: HK_LM:Run, spywarebot
command: C:\Program Files\SpywareBot\SpywareBot.exe -boot
file:
Located: HK_LM:Run, TkBellExe
command: "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
file: C:\Program Files\Common Files\Real\Update_OB\realsched.exe
size: 180269
MD5: 1ac2c58b587c70de64582ad41ee79fba
Located: HK_LM:Run, VirusScan Online
command: "C:\Program Files\McAfee.com\VSO\mcvsshld.exe"
file: C:\Program Files\McAfee.com\VSO\mcvsshld.exe
size: 163840
MD5: b154ac6dbd82f96476003e58e1625bd8
Located: HK_LM:Run, VSOCheckTask
command: "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask
file: C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe
size: 151552
MD5: 3c943ceb913520f9981d82db93ba7a8a
Located: HK_CU:Run, MSKAGENTEXE
command: C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe
file: C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe
size: 126976
MD5: e1f528147ab89cbce6595e361be99efa
Located: HK_CU:Run, MSMSGS
command: "C:\Program Files\Messenger\msmsgs.exe" /background
file: C:\Program Files\Messenger\msmsgs.exe
size: 1694208
MD5: 74e6e96c6f0e2eca4edbb7f7a468f259
Located: HK_CU:Run, Window Washer
command: "C:\Program Files\Webroot\Washer\wwDisp.exe"
file: C:\Program Files\Webroot\Washer\wwDisp.exe
size: 1095680
MD5: 126c79568b2d3f729b72e04a0a8590f7
Located: HK_CU:Run, Yahoo! Pager
command: "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
file: C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
size: 3334144
MD5: e9181dd46f01a3936523ae46a264dd62
Located: Startup (common), Adobe Reader Speed Launch.lnk
command: C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
file: C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
size: 29696
MD5: 43362b96870ce8649f4f2ec893da93f0
Located: Startup (common), HP Digital Imaging Monitor.lnk
command: C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
file: C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
size: 237568
MD5: da6b945e561b1d1da67663bb45b4b868
Located: Startup (common), Microsoft Office.lnk
command: C:\Program Files\Microsoft Office\Office10\OSA.EXE
file: C:\Program Files\Microsoft Office\Office10\OSA.EXE
size: 83360
MD5: 5bc65464354a9fd3beaa28e18839734a
Located: Startup (common), WinZip Quick Pick.lnk
command: C:\Program Files\WinZip\WZQKPICK.EXE
file: C:\Program Files\WinZip\WZQKPICK.EXE
size: 122880
MD5: 6613e98493ec4a94395955b17f836cf9
Located: Startup (user), HotSync Manager.lnk
command: C:\Program Files\Handspring\HOTSYNC.EXE
file: C:\Program Files\Handspring\HOTSYNC.EXE
size: 299008
MD5: 7fb566c5816d8959c9f3ab918c00cd1f
Located: WinLogon, crypt32chain
command: crypt32.dll
file: crypt32.dll
Located: WinLogon, cryptnet
command: cryptnet.dll
file: cryptnet.dll
Located: WinLogon, cscdll
command: cscdll.dll
file: cscdll.dll
Located: WinLogon, ScCertProp
command: wlnotify.dll
file: wlnotify.dll
Located: WinLogon, Schedule
command: wlnotify.dll
file: wlnotify.dll
Located: WinLogon, sclgntfy
command: sclgntfy.dll
file: sclgntfy.dll
Located: WinLogon, SensLogn
command: WlNotify.dll
file: WlNotify.dll
Located: WinLogon, termsrv
command: wlnotify.dll
file: wlnotify.dll
Located: WinLogon, WgaLogon
command: WgaLogon.dll
file: WgaLogon.dll
Located: WinLogon, wlballoon
command: wlnotify.dll
file: wlnotify.dll
Located: WinLogon, WRNotifier
command: WRLogonNTF.dll
file: WRLogonNTF.dll
--- Browser helper object list ---
{02478D38-C3F9-4EFB-9B51-7695ECA05670} (Yahoo! Toolbar Helper)
BHO name:
CLSID name: Yahoo! Toolbar Helper
description: Yahoo Companion!
classification: Legitimate
known filename: Ycomp*_*_*_*.dll
info link: http://companion.yahoo.com/
info source: TonyKlein
Path: C:\Program Files\Yahoo!\Companion\Installs\cpn\
Long name: yt.dll
Short name:
Date (created): 5/24/2006 9:52:28 AM
Date (last access): 8/4/2006 8:24:04 AM
Date (last write): 4/17/2006 7:37:20 PM
Filesize: 438848
Attributes: archive
MD5: 833B12490D0627D4262EDB84D2F45B8B
CRC32: 730828A3
Version: 2006.4.17.1
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (AcroIEHlprObj Class)
BHO name:
CLSID name: AcroIEHlprObj Class
description: Adobe Acrobat reader
classification: Legitimate
known filename: AcroIEhelper.ocx<br>AcroIEhelper.dll
info link: http://www.adobe.com/products/acrobat/readstep2.html
info source: TonyKlein
Path: C:\Program Files\Adobe\Acrobat 7.0\ActiveX\
Long name: AcroIEHelper.dll
Short name: ACROIE~1.DLL
Date (created): 1/12/2006 8:38:22 PM
Date (last access): 8/4/2006 8:24:04 AM
Date (last write): 1/12/2006 8:38:22 PM
Filesize: 63128
Attributes: archive
MD5: F17B2B264072B921FC66A0BE16626BAB
CRC32: 5184CFEA
Version: 7.0.7.142
{227B8AA8-DAF2-4892-BD1D-73F568BCB24E} (McBrwHelper Class)
BHO name:
CLSID name: McBrwHelper Class
description: McAfee's Privacy Service
classification: Legitimate
known filename: mcbrhlpr.dll
info link: http://www.mcafee.com/myapps/mps/default.asp
info source: TonyKlein
Path: c:\PROGRA~1\mcafee.com\mps\
Long name: McBrHlpr.dll
Short name:
Date (created): 5/10/2006 3:37:20 PM
Date (last access): 8/4/2006 8:24:04 AM
Date (last write): 5/24/2005 4:52:20 PM
Filesize: 147456
Attributes: archive
MD5: 02C34A872CD9B2703925B607F0C19CDA
CRC32: 81C80F94
Version: 7.1.1.46
{3EC8255F-E043-4cae-8B3B-B191550C2A22} (McAfee Privacy Service Popup Blocker)
BHO name:
CLSID name: McAfee Privacy Service Popup Blocker
Path: c:\program files\mcafee.com\mps\
Long name: PopupKiller.dll
Short name: POPUPK~1.DLL
Date (created): 5/10/2006 3:37:22 PM
Date (last access): 8/4/2006 8:24:04 AM
Date (last write): 5/24/2005 4:51:46 PM
Filesize: 126976
Attributes: archive
MD5: 6A070A5A8D0DDA507E2DD685546EB48B
CRC32: 114419E8
Version: 7.1.1.46
{53707962-6F74-2D53-2644-206D7942484F} ()
BHO name:
CLSID name:
description: Spybot-S&D IE Browser plugin
classification: Legitimate
known filename: SDhelper.dll
info link: http://spybot.eon.net.au/
info source: Patrick M. Kolla
Path: C:\PROGRA~1\SPYBOT~1\
Long name: SDHelper.dll
Short name:
Date (created): 8/3/2006 10:39:00 AM
Date (last access): 8/4/2006 8:20:12 AM
Date (last write): 5/31/2005 1:04:00 AM
Filesize: 853672
Attributes: archive
MD5: 250D787A5712D7768DDC133B3E477759
CRC32: D4589A41
Version: 1.4.0.0
{AA58ED58-01DD-4d91-8333-CF10577473F7} (Google Toolbar Helper)
BHO name:
CLSID name: Google Toolbar Helper
description: Google toolbar
classification: Open for discussion
known filename: googletoolbar.dll<br>googletoolbar*.dll<br>(* = number)<br>googletoolbar_en_*.**-big.dll<br>Googletoolbar_en_*.*.**-deleon.dll
info link: http://toolbar.google.com/
info source: TonyKlein
Path: c:\program files\google\
Long name: GoogleToolbar1.dll
Short name: GOOGLE~1.DLL
Date (created): 5/10/2006 3:56:28 PM
Date (last access): 8/4/2006 8:24:06 AM
Date (last write): 5/10/2006 3:56:28 PM
Filesize: 1191424
Attributes: readonly archive
MD5: 677C42CD9FE9C13B4B7B601A2E4065B0
CRC32: 58231F90
Version: 3.0.131.0
SHALIK_TEX
2006-08-04, 16:30
--- ActiveX list ---
{17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool)
DPF name:
CLSID name: Windows Genuine Advantage Validation Tool
Installer: C:\WINDOWS\Downloaded Program Files\LegitCheckControl.inf
Codebase: http://go.microsoft.com/fwlink/?linkid=39204
Path: C:\WINDOWS\system32\
Long name: LegitCheckControl.dll
Short name: LEGITC~1.DLL
Date (created): 2/14/2006 9:20:14 AM
Date (last access): 8/4/2006 8:24:06 AM
Date (last write): 6/19/2006 4:19:42 PM
Filesize: 571184
Attributes: archive
MD5: 31BF58C9814F840EB10A2B7A410ABEA3
CRC32: DAFAE165
Version: 1.5.540.0
{193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control)
DPF name:
CLSID name: ewidoOnlineScan Control
Installer:
Codebase: http://download.ewido.net/ewidoOnlineScan.cab
Path: C:\WINDOWS\DOWNLO~1\
Long name: ewidoOnlineScan.dll
Short name: EWIDOO~1.DLL
Date (created): 1/3/2006 9:20:34 AM
Date (last access): 8/4/2006 8:24:06 AM
Date (last write): 1/3/2006 9:20:34 AM
Filesize: 327008
Attributes: archive
MD5: D40DBB08A55751B2A390813B0EA6955A
CRC32: 7D8648A3
Version: 1.0.0.1
{D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object)
DPF name:
CLSID name: Shockwave Flash Object
Installer: C:\WINDOWS\Downloaded Program Files\swflash.inf
Codebase: http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
description: Macromedia Shockwave Flash Player
classification: Legitimate
known filename:
info link:
info source: Patrick M. Kolla
Path: C:\WINDOWS\system32\Macromed\Flash\
Long name: Flash8b.ocx
Short name:
Date (created): 3/31/2006 11:45:12 AM
Date (last access): 8/4/2006 8:24:06 AM
Date (last write): 3/31/2006 11:45:12 AM
Filesize: 1443464
Attributes: readonly archive
MD5: 12719EDDAAB9CAEEF28C6E58192F594B
CRC32: 680E085C
Version: 8.0.24.0
--- Process list ---
PID: 0 ( 0) [System]
PID: 176 ( 4) \SystemRoot\System32\smss.exe
PID: 240 ( 176) \??\C:\WINDOWS\system32\csrss.exe
PID: 264 ( 176) \??\C:\WINDOWS\system32\winlogon.exe
PID: 308 ( 264) C:\WINDOWS\system32\services.exe
size: 108032
MD5: C6CE6EEC82F187615D1002BB3BB50ED4
PID: 320 ( 264) C:\WINDOWS\system32\lsass.exe
size: 13312
MD5: 84885F9B82F4D55C6146EBF6065D75D2
PID: 476 ( 308) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 536 ( 308) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 600 ( 308) C:\Program Files\Windows Defender\MsMpEng.exe
size: 14032
MD5: E7E81C6BCD697F5921DF6D6781D2673D
PID: 648 ( 308) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 716 ( 308) C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
size: 3063808
MD5: 0E6707919CD994BF22ACF431D16666F6
PID: 1656 (1448) C:\WINDOWS\explorer.exe
size: 1032192
MD5: A0732187050030AE399B241436565E64
PID: 1512 (1656) C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
size: 4393096
MD5: 09CA174A605B480318731E691DC98539
PID: 4 ( 0) System
--- Browser start & search pages list ---
Spybot - Search & Destroy browser pages report, 8/4/2006 8:25:24 AM
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Local Page
C:\windows\system32\blank.htm
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Page
http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Start Page
http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Default_Search_URL
http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl\@
http://home.microsoft.com/access/autosearch.asp?p=%s
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Local Page
C:\windows\system32\blank.htm
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Search Page
http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Start Page
http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Page_URL
http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Search_URL
http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\SearchAssistant
http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\CustomizeSearch
http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
--- Winsock Layered Service Provider list ---
Protocol 0: MC_LAYERED MSAFD Tcpip [TCP/IP]
GUID: {CD7F2449-15F8-40E5-B3F3-C09E5211947C}
Filename: C:\WINDOWS\system32\mclsp.dll
Protocol 1: MC_LAYERED MSAFD Tcpip [UDP/IP]
GUID: {08105D0C-9BF3-4692-A6D3-7C418D59B060}
Filename: C:\WINDOWS\system32\mclsp.dll
Protocol 2: MC_LAYERED MSAFD Tcpip [RAW/IP]
GUID: {DA02F7ED-BBA4-4AD1-909A-20AE789E116A}
Filename: C:\WINDOWS\system32\mclsp.dll
Protocol 3: MC_LAYERED RSVP UDP Service Provider
GUID: {71D5DA56-4B3B-413A-871F-5AAC737DFF3C}
Filename: C:\WINDOWS\system32\mclsp.dll
Protocol 4: MC_LAYERED RSVP TCP Service Provider
GUID: {69C78D91-5747-4885-81F8-7CB00933D8BF}
Filename: C:\WINDOWS\system32\mclsp.dll
Protocol 5: MC_LAYERED MSAFD NetBIOS [\Device\NetBT_Tcpip_{1EC6199B-964C-4107-8775-CE7BBCBB25EE}] SEQPACKET 0
GUID: {93690EF7-D1B4-4405-A4CF-49AC4310B212}
Filename: C:\WINDOWS\system32\mclsp.dll
Protocol 6: MC_LAYERED MSAFD NetBIOS [\Device\NetBT_Tcpip_{1EC6199B-964C-4107-8775-CE7BBCBB25EE}] DATAGRAM 0
GUID: {1B502945-5ACC-41F2-A34F-A539D1F401EE}
Filename: C:\WINDOWS\system32\mclsp.dll
Protocol 7: MC_LAYERED MSAFD NetBIOS [\Device\NetBT_Tcpip_{D9F863F7-412C-468A-886C-BA60AA85F1A1}] SEQPACKET 1
GUID: {DBD85131-88CB-4048-AE8B-919F53199706}
Filename: C:\WINDOWS\system32\mclsp.dll
Protocol 8: MC_LAYERED MSAFD NetBIOS [\Device\NetBT_Tcpip_{D9F863F7-412C-468A-886C-BA60AA85F1A1}] DATAGRAM 1
GUID: {8C3147BE-0FB5-45AF-B81E-C7D2155F80A2}
Filename: C:\WINDOWS\system32\mclsp.dll
Protocol 9: MC_LAYERED MSAFD NetBIOS [\Device\NetBT_Tcpip_{346B600C-DC68-49DA-9DCF-068487B679BF}] SEQPACKET 2
GUID: {4E03FDB4-AD5C-45E3-9A1D-997BC79E8E0F}
Filename: C:\WINDOWS\system32\mclsp.dll
Protocol 10: MC_LAYERED MSAFD NetBIOS [\Device\NetBT_Tcpip_{346B600C-DC68-49DA-9DCF-068487B679BF}] DATAGRAM 2
GUID: {0697600B-1AFE-4900-80F8-C8EA529015A5}
Filename: C:\WINDOWS\system32\mclsp.dll
Protocol 11: MSAFD Tcpip [TCP/IP]
GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IP protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip
Protocol 12: MSAFD Tcpip [UDP/IP]
GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IP protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip
Protocol 13: MSAFD Tcpip [RAW/IP]
GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IP protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip
Protocol 14: RSVP UDP Service Provider
GUID: {9D60A9E0-337A-11D0-BD88-0000C082E69A}
Filename: %SystemRoot%\system32\rsvpsp.dll
Description: Microsoft Windows NT/2k/XP RVSP
DB filename: %SystemRoot%\system32\rsvpsp.dll
DB protocol: RSVP * Service Provider
Protocol 15: RSVP TCP Service Provider
GUID: {9D60A9E0-337A-11D0-BD88-0000C082E69A}
Filename: %SystemRoot%\system32\rsvpsp.dll
Description: Microsoft Windows NT/2k/XP RVSP
DB filename: %SystemRoot%\system32\rsvpsp.dll
DB protocol: RSVP * Service Provider
Protocol 16: MSAFD NetBIOS [\Device\NetBT_Tcpip_{1EC6199B-964C-4107-8775-CE7BBCBB25EE}] SEQPACKET 0
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 17: MSAFD NetBIOS [\Device\NetBT_Tcpip_{1EC6199B-964C-4107-8775-CE7BBCBB25EE}] DATAGRAM 0
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 18: MSAFD NetBIOS [\Device\NetBT_Tcpip_{D9F863F7-412C-468A-886C-BA60AA85F1A1}] SEQPACKET 1
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 19: MSAFD NetBIOS [\Device\NetBT_Tcpip_{D9F863F7-412C-468A-886C-BA60AA85F1A1}] DATAGRAM 1
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 20: MSAFD NetBIOS [\Device\NetBT_Tcpip_{346B600C-DC68-49DA-9DCF-068487B679BF}] SEQPACKET 2
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 21: MSAFD NetBIOS [\Device\NetBT_Tcpip_{346B600C-DC68-49DA-9DCF-068487B679BF}] DATAGRAM 2
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 22: McAfee.com Layered Provider
GUID: {BEAA9090-2D12-11D4-9B80-00C04FF40D52}
Filename: C:\WINDOWS\system32\mclsp.dll
Namespace Provider 0: Tcpip
GUID: {22059D40-7E9E-11CF-AE5A-00AA00A7112B}
Filename: %SystemRoot%\System32\mswsock.dll
Description: Microsoft Windows NT/2k/XP TCP/IP name space provider
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: TCP/IP
Namespace Provider 1: NTDS
GUID: {3B2637EE-E580-11CF-A555-00C04FD8D4AC}
Filename: %SystemRoot%\System32\winrnr.dll
Description: Microsoft Windows NT/2k/XP name space provider
DB filename: %SystemRoot%\system32\winrnr.dll
DB protocol: NTDS
Namespace Provider 2: Network Location Awareness (NLA) Namespace
GUID: {6642243A-3BA8-4AA6-BAA5-2E0BD71FDD83}
Filename: %SystemRoot%\System32\mswsock.dll
Description: Microsoft Windows NT/2k/XP name space provider
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: NLA-Namespace
--- Uninstall list ---
(AddressBook)
Autodesk Express Viewer 3.1 (Autodesk Express Viewer)
install date: 2006-05-11 08:42:14
install location: C:\Program Files\Autodesk\Autodesk Express Viewer
install source: F:\autocad 2004 install\Bin\AcadFEUI\support\aev
uninstall cmd: C:\PROGRA~1\Autodesk\AUTODE~1\Setup.exe /remove
publisher: Autodesk, Inc.
help link: http://www.autodesk.com/viewers
Autodesk Symbols 2000 (Autodesk Symbols 2000)
uninstall cmd: C:\WINDOWS\uninst.exe -f"c:\Program Files\AutoCAD 2004\Sample\DesignCenter\DeIsL1.isu"
(Branding)
CADBlocks Edition 8.0 (CADBlocks (TR))
uninstall cmd: C:\WINDOWS\IsUninst.exe -f"c:\program files\autocad 2004\sample\designcenter\Uninst.isu" -c"c:\program files\autocad 2004\sample\designcenter\PpUninst.dll" -L=GB
SafeCast Shared Components (CdaC13Ba)
version (major): 2
version (minor): 20
install location: C:\Program Files\Common Files\Macrovision Shared\SafeCast\Install\
uninstall cmd: C:\Program Files\Common Files\Macrovision Shared\SafeCast\Install\CDAC13BA.EXE /uninstall
publisher: Macrovision
(Connection Manager)
CutePDF Writer 2.6 (CutePDF Writer Installation)
uninstall cmd: C:\WINDOWS\system32\uninscpw.exe C:\Program Files\
(DirectAnimation)
(DirectDrawEx)
(DXM_Runtime)
ewido anti-malware (ewidoantimalware)
install location: C:\Program Files\ewido anti-malware
uninstall cmd: C:\Program Files\ewido anti-malware\Uninstall.exe
publisher: ewido networks
help link: http://www.ewido.net
(Fontcore)
HijackThis 1.99.1 1.99.1 (HijackThis)
uninstall cmd: C:\Program Files\Hijackthis\HijackThis.exe /uninstall
publisher: Soeperman Enterprises Ltd.
Hijackthis 1.99.1 (Hijackthis_is1)
install location: C:\Program Files\Hijackthis\
uninstall cmd: "C:\Program Files\Hijackthis\unins000.exe"
publisher: Soeperman Enterprises Ltd
help link: http://www.merijn.org
HP Image Zone 3.5 3.5 (HP Photo & Imaging)
uninstall cmd: C:\Program Files\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat
publisher: HP
help link: http://www.hp.com/support
(ICW)
(IE40)
(IE4Data)
(IE5BAKEX)
(IEData)
ITE 887x PCI Multi-I/O Controller (ITE887X)
uninstall cmd: C:\WINDOWS\ITEREMOVE.EXE
Windows XP Hotfix - KB873339 20041117.092459 (KB873339)
uninstall cmd: C:\WINDOWS\$NtUninstallKB873339$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=873339
(KB884016)
SHALIK_TEX
2006-08-04, 16:31
Windows XP Hotfix - KB885250 20050118.202711 (KB885250)
uninstall cmd: C:\WINDOWS\$NtUninstallKB885250$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=885250
Windows XP Hotfix - KB885835 20041027.181713 (KB885835)
uninstall cmd: C:\WINDOWS\$NtUninstallKB885835$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=885835
Windows XP Hotfix - KB885836 20041028.173203 (KB885836)
uninstall cmd: C:\WINDOWS\$NtUninstallKB885836$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=885836
Windows XP Hotfix - KB885884 20040924.025457 (KB885884)
uninstall cmd: C:\WINDOWS\$NtUninstallKB885884$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=885884
Windows XP Hotfix - KB886185 20041021.090540 (KB886185)
uninstall cmd: C:\WINDOWS\$NtUninstallKB886185$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=886185
Windows XP Hotfix - KB887472 20041014.162858 (KB887472)
uninstall cmd: C:\WINDOWS\$NtUninstallKB887472$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=887472
Windows XP Hotfix - KB887742 20041103.095002 (KB887742)
uninstall cmd: C:\WINDOWS\$NtUninstallKB887742$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=887742
Windows XP Hotfix - KB888113 20041116.131036 (KB888113)
uninstall cmd: C:\WINDOWS\$NtUninstallKB888113$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=888113
Windows XP Hotfix - KB888302 20041207.111426 (KB888302)
uninstall cmd: C:\WINDOWS\$NtUninstallKB888302$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=888302
Security Update for Windows XP (KB890046) 1 (KB890046)
install date: 20060512
uninstall cmd: "C:\WINDOWS\$NtUninstallKB890046$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=890046
Windows XP Hotfix - KB890859 1 (KB890859)
install date: 20060512
uninstall cmd: "C:\WINDOWS\$NtUninstallKB890859$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=890859
Windows XP Hotfix - KB891781 20050110.165439 (KB891781)
uninstall cmd: C:\WINDOWS\$NtUninstallKB891781$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=891781
Security Update for Windows XP (KB893756) 1 (KB893756)
install date: 20060512
uninstall cmd: "C:\WINDOWS\$NtUninstallKB893756$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=893756
(KB893803)
Windows Installer 3.1 (KB893803) 3.1 (KB893803v2)
uninstall cmd: "C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://go.microsoft.com/fwlink/?LinkId=42467
Update for Windows XP (KB894391) 1 (KB894391)
install date: 20060512
uninstall cmd: "C:\WINDOWS\$NtUninstallKB894391$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=894391
Security Update for Windows XP (KB896358) 1 (KB896358)
install date: 20060512
uninstall cmd: "C:\WINDOWS\$NtUninstallKB896358$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=896358
Security Update for Windows XP (KB896422) 1 (KB896422)
install date: 20060512
uninstall cmd: "C:\WINDOWS\$NtUninstallKB896422$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=896422
Security Update for Windows XP (KB896423) 1 (KB896423)
install date: 20060510
uninstall cmd: "C:\WINDOWS\$NtUninstallKB896423$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=896423
Security Update for Windows XP (KB896424) 1 (KB896424)
install date: 20060512
uninstall cmd: "C:\WINDOWS\$NtUninstallKB896424$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=896424
Security Update for Windows XP (KB896428) 1 (KB896428)
install date: 20060512
uninstall cmd: "C:\WINDOWS\$NtUninstallKB896428$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=896428
Update for Windows XP (KB898461) 1 (KB898461)
install date: 20060510
uninstall cmd: "C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=898461
Security Update for Windows XP (KB899587) 1 (KB899587)
install date: 20060512
uninstall cmd: "C:\WINDOWS\$NtUninstallKB899587$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=899587
Security Update for Windows XP (KB899589) 1 (KB899589)
install date: 20060512
uninstall cmd: "C:\WINDOWS\$NtUninstallKB899589$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=899589
Security Update for Windows XP (KB899591) 1 (KB899591)
install date: 20060512
uninstall cmd: "C:\WINDOWS\$NtUninstallKB899591$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=899591
Update for Windows XP (KB900485) 2 (KB900485)
install date: 20060512
uninstall cmd: "C:\WINDOWS\$NtUninstallKB900485$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=900485
Security Update for Windows XP (KB900725) 1 (KB900725)
install date: 20060512
uninstall cmd: "C:\WINDOWS\$NtUninstallKB900725$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=900725
Security Update for Windows XP (KB901017) 1 (KB901017)
install date: 20060512
uninstall cmd: "C:\WINDOWS\$NtUninstallKB901017$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=901017
Security Update for Windows XP (KB901214) 1 (KB901214)
install date: 20060512
uninstall cmd: "C:\WINDOWS\$NtUninstallKB901214$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=901214
Security Update for Windows XP (KB902400) 1 (KB902400)
install date: 20060512
uninstall cmd: "C:\WINDOWS\$NtUninstallKB902400$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=902400
Security Update for Windows XP (KB904706) 2 (KB904706)
install date: 20060512
uninstall cmd: "C:\WINDOWS\$NtUninstallKB904706$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=904706
Security Update for Windows XP (KB905414) 1 (KB905414)
install date: 20060512
uninstall cmd: "C:\WINDOWS\$NtUninstallKB905414$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=905414
Security Update for Windows XP (KB905749) 1 (KB905749)
install date: 20060512
uninstall cmd: "C:\WINDOWS\$NtUninstallKB905749$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=905749
Security Update for Windows XP (KB908519) 1 (KB908519)
install date: 20060512
uninstall cmd: "C:\WINDOWS\$NtUninstallKB908519$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=908519
Update for Windows XP (KB908531) 2 (KB908531)
install date: 20060512
uninstall cmd: "C:\WINDOWS\$NtUninstallKB908531$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=908531
Update for Windows XP (KB910437) 1 (KB910437)
install date: 20060512
uninstall cmd: "C:\WINDOWS\$NtUninstallKB910437$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=910437
Security Update for Windows XP (KB911280) 1 (KB911280)
install date: 20060614
uninstall cmd: "C:\WINDOWS\$NtUninstallKB911280$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=911280
Security Update for Windows XP (KB911562) 1 (KB911562)
install date: 20060512
uninstall cmd: "C:\WINDOWS\$NtUninstallKB911562$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=911562
Security Update for Windows Media Player (KB911564) (KB911564)
install date: 20060512
uninstall cmd: "C:\WINDOWS\$NtUninstallKB911564$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com/?kbid=911564
Security Update for Windows Media Player 9 (KB911565) (KB911565)
install date: 20060512
uninstall cmd: "C:\WINDOWS\$NtUninstallKB911565$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com/?kbid=911565
Security Update for Windows XP (KB911567) 1 (KB911567)
install date: 20060512
uninstall cmd: "C:\WINDOWS\$NtUninstallKB911567$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=911567
Security Update for Windows XP (KB911927) 1 (KB911927)
install date: 20060512
uninstall cmd: "C:\WINDOWS\$NtUninstallKB911927$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=911927
Security Update for Windows XP (KB912812) 1 (KB912812)
install date: 20060512
uninstall cmd: "C:\WINDOWS\$NtUninstallKB912812$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=912812
Security Update for Windows XP (KB912919) 1 (KB912919)
install date: 20060512
uninstall cmd: "C:\WINDOWS\$NtUninstallKB912919$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=912919
Security Update for Windows XP (KB913446) 1 (KB913446)
install date: 20060512
uninstall cmd: "C:\WINDOWS\$NtUninstallKB913446$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=913446
Security Update for Windows XP (KB913580) 1 (KB913580)
install date: 20060512
uninstall cmd: "C:\WINDOWS\$NtUninstallKB913580$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=913580
Security Update for Windows XP (KB914388) 1 (KB914388)
install date: 20060713
uninstall cmd: "C:\WINDOWS\$NtUninstallKB914388$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=914388
Security Update for Windows XP (KB914389) 1 (KB914389)
install date: 20060614
uninstall cmd: "C:\WINDOWS\$NtUninstallKB914389$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=914389
Security Update for Windows XP (KB916281) 1 (KB916281)
install date: 20060614
uninstall cmd: "C:\WINDOWS\$NtUninstallKB916281$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=916281
Update for Windows XP (KB916595) 1 (KB916595)
install date: 20060713
uninstall cmd: "C:\WINDOWS\$NtUninstallKB916595$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=916595
Security Update for Windows XP (KB917159) 1 (KB917159)
install date: 20060713
uninstall cmd: "C:\WINDOWS\$NtUninstallKB917159$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=917159
Security Update for Windows XP (KB917344) 1 (KB917344)
install date: 20060614
uninstall cmd: "C:\WINDOWS\$NtUninstallKB917344$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=917344
Security Update for Windows Media Player 10 (KB917734) (KB917734_WMP10)
install date: 20060720
uninstall cmd: "C:\WINDOWS\$NtUninstallKB917734_WMP10$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com/?kbid=917734
Security Update for Windows Media Player 9 (KB917734) (KB917734_WMP9)
install date: 20060614
uninstall cmd: "C:\WINDOWS\$NtUninstallKB917734_WMP9$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com/?kbid=917734
Security Update for Windows XP (KB917953) 1 (KB917953)
install date: 20060614
uninstall cmd: "C:\WINDOWS\$NtUninstallKB917953$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=917953
Security Update for Windows XP (KB918439) 1 (KB918439)
install date: 20060614
uninstall cmd: "C:\WINDOWS\$NtUninstallKB918439$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=918439
SHALIK_TEX
2006-08-04, 16:31
McAfee AntiSpyware (McAfee AntiSpyware)
uninstall cmd: c:\PROGRA~1\mcafee.com\shared\mcappins.exe /v=3 /uninstall=1 /appid=mas /interact=1 /script_proactive=0 /start=c:\PROGRA~1\mcafee.com\agent\uninst\masrem.ui::uninstall.htm
McAfee Personal Firewall Plus 6144 (McAfee Personal Firewall Plus)
version (major): 6
version (minor): 6144
install location: C:\PROGRA~1\McAfee.com\PERSON~1
uninstall cmd: C:\PROGRA~1\McAfee.com\PERSON~1\MpfUninstall.exe
publisher: McAfee
McAfee Privacy Service (McAfee Privacy Service)
uninstall cmd: c:\PROGRA~1\mcafee.com\shared\mcappins.exe /v=3 /uninstall=1 /appid=mps /interact=1 /script_proactive=0 /start=c:\PROGRA~1\mcafee.com\agent\uninst\mpsrem.ui::uninstall.htm
McAfee SecurityCenter (Mcafee SecurityCenter)
uninstall cmd: c:\PROGRA~1\mcafee.com\shared\mcappins.exe /v=3 /uninstall=1 /appid=msc /interact=1 /script_proactive=0 /start=c:\PROGRA~1\mcafee.com\agent\uninst\screm.ui::uninstall.htm
McAfee SpamKiller (McAfee SpamKiller)
uninstall cmd: c:\PROGRA~1\mcafee.com\shared\mcappins.exe /v=3 /appid=MSK /uninstall=1 /interact=1 /script_proactive=0 /start="c:\PROGRA~1\mcafee.com\agent\uninst\mskremui.dll::uninstall.htm"
(MobileOptionPack)
(MPlayer2)
(MSI30-Beta1)
(MSI30-Beta2)
(MSI30-KB884016)
(MSI30-RC1)
(MSI30-RC2)
(MSI30a-KB884016)
(MSI31-Beta)
(MSI31-RC1)
MSN Music Assistant (MSN Music Assistant)
uninstall cmd: rundll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\msninst.inf,Uninstall
(NetMeeting)
(OutlookExpress)
(PCHealth)
uninstall cmd: rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
(RealJukebox 1.0)
uninstall cmd: C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
RealPlayer (RealPlayer 6.0)
uninstall cmd: C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
(SchedulingAgent)
Macromedia Flash Player 8 8 (ShockwaveFlash)
uninstall cmd: C:\WINDOWS\system32\Macromed\Flash\UninstFl.exe
publisher: Macromedia
help link: http://www.macromedia.com/go/flashplayer_support/
Spybot - Search & Destroy 1.4 1.4 (Spybot - Search & Destroy_is1)
install location: C:\Program Files\Spybot - Search & Destroy\
uninstall cmd: "C:\Program Files\Spybot - Search & Destroy\unins000.exe"
publisher: Safer Networking Limited
McAfee VirusScan (VirusScan Online)
uninstall cmd: c:\PROGRA~1\mcafee.com\shared\mcappins.exe /v=3 /uninstall=1 /appid=vso /interact=1 /script_proactive=0 /start=c:\PROGRA~1\mcafee.com\agent\uninst\vsoremui.dll::uninstall.htm
Windows Genuine Advantage Validation Tool (WGA)
install date: 20060510
publisher: Microsoft Corporation
help link: http://www.microsoft.com/genuine
Windows Genuine Advantage Notifications (KB905474) 1.5.0540.0 (WgaNotify)
install date: 20060712
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=905474
Window Washer (Window Washer)
uninstall cmd: C:\WINDOWS\Unwash6.exe
Windows Media Format Runtime (Windows Media Format Runtime)
uninstall cmd: "C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Player 10 (Windows Media Player)
uninstall cmd: "C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
WinZip 10.0 (6698) (WinZip)
version (major): 10
install location: C:\PROGRA~1\WINZIP\
uninstall cmd: "C:\Program Files\WinZip\WINZIP32.EXE" /uninstall
publisher: WinZip Computing LP
help link: http://www.winzip.com/xsupport.htm
Yahoo! Toolbar (Yahoo! Companion)
uninstall cmd: C:\PROGRA~1\Yahoo!\Common\unyt.exe
Yahoo! Messenger (Yahoo! Messenger)
uninstall cmd: C:\PROGRA~1\Yahoo!\MESSEN~1\UNWISE.EXE C:\PROGRA~1\Yahoo!\MESSEN~1\INSTALL.LOG
Yahoo! Toolbar (Yahoo! Toolbar)
HP PSC & OfficeJet 3.5 3.5 ({0FABD3D7-3036-4e78-B29D-58957ADB0A12})
uninstall cmd: "C:\Program Files\HP\Digital Imaging\{0FABD3D7-3036-4e78-B29D-58957ADB0A12}\setup\hpzscr01.exe" -datfile hposcr03.dat
publisher: HP
help link: http://www.hp.com/support
4200_Help 40.0.105.000 ({133CD5EF-A4A1-442a-8D50-910B5DEF76BD})
version: 671088745
version (major): 40
estimated size: 777
install date: 20060629
install source: C:\Program Files\HP\Digital Imaging\{0FABD3D7-3036-4e78-B29D-58957ADB0A12}\AiOHelp\
publisher: Hewlett-Packard
Palm Desktop and Synchronization Software 4.1 ({13EDFFFE-DCF2-448A-A653-3C4CD60D99B4})
version: 67174400
version (major): 4
version (minor): 1
estimated size: 14087
install date: 20060608
install source: C:\WINDOWS\Downloaded Installations\{45E59EFE-8893-44F4-98DD-78D98CF71C97}\
uninstall cmd: MsiExec.exe /X{13EDFFFE-DCF2-448A-A653-3C4CD60D99B4}
publisher: Handspring, Inc.
comments: For troubleshooting help try the Palm Knowledge Finder at support.handspring.com/support
contact: Handspring Customer Support
help link: http://support.handspring.com/esupport/start/hsWelcome.jsp
help telephone: None
readme: DesktopReadme.txt
DocProc 3.5.0.0 ({1F7473D9-6C0B-4F5A-8FA4-AB8AD78CBE54})
version: 50659328
version (major): 3
version (minor): 5
estimated size: 61074
install date: 20060629
install source: G:\Setup\DocProc\
publisher: Hewlett-Packard
comments: 0
contact: 0
help link: 0
help telephone: 0
readme: 0
Google Toolbar for Internet Explorer ({2318C2B1-4965-11d4-9B18-009027A5CD4F})
uninstall cmd: regsvr32 /u /s "c:\program files\google\googletoolbar1.dll"
AiO_Scan 40.0.105.000 ({24C8FBF7-26C6-48ca-834B-A4E5C09E362F})
version: 671088745
version (major): 40
estimated size: 242
install date: 20060629
install source: G:\Setup\AiO_Scan\
publisher: Hewlett-Packard
Scan 3.5.0.0 ({257EC58E-03FD-472B-A9B6-93F23A3C4CB0})
version: 50659328
version (major): 3
version (minor): 5
estimated size: 7546
install date: 20060629
install source: G:\Setup\scan\
publisher: Hewlett-Packard
comments: 0
contact: 0
help link: 0
help telephone: 0
readme: 0
SkinsHP1 5.35.0.043 ({29B50D30-EAFC-4cea-9F76-3A0E3729E9B0})
version: 86179840
version (major): 5
version (minor): 35
estimated size: 145
install date: 20060629
install source: G:\Setup\SkinsHP\
publisher: Hewlett-Packard
Rhapsody Player Engine 1.0.604 ({2DFF31F9-7893-4922-AF66-C9A1EB4EBB31})
version: 16777820
version (major): 1
estimated size: 1205
install date: 20060614
install source: C:\DOCUME~1\Sabian\LOCALS~1\Temp\~rnsetup\RHAPX\
uninstall cmd: MsiExec.exe /I{2DFF31F9-7893-4922-AF66-C9A1EB4EBB31}
publisher: RealNetworks
comments: The Rhapsody Player Engine is a Web browser plugin used for Rhapsody On The Web.
contact: RealNetworks
help link: http://www.rhapsody.com
AIOMinimal 40.0.105.000 ({300D9EF4-2721-4cb4-A6C3-FB2337CFEA2D})
version: 671088745
version (major): 40
estimated size: 327
install date: 20060629
install source: G:\Setup\AIOMinimal\
publisher: Hewlett-Packard
comments: 0
contact: 0
help link: 0
help telephone: 0
readme: 0
4200 40.0.105.000 ({34611BCF-3157-405b-A34E-879C7DC79142})
version: 671088745
version (major): 40
estimated size: 68
install date: 20060629
install source: C:\Program Files\HP\Digital Imaging\{0FABD3D7-3036-4e78-B29D-58957ADB0A12}\Product\
publisher: Hewlett-Packard
comments: 0
contact: 0
help link: 0
help telephone: 0
readme: 0
HP Software Update 1.0.22.20030804 ({34957B51-9676-41CE-9E52-44AE91B73F1C})
version: 16777238
version (major): 1
estimated size: 965
install date: 20060629
install source: G:\Setup\HPSoftwareUpdate\
uninstall cmd: MsiExec.exe /X{34957B51-9676-41CE-9E52-44AE91B73F1C}
publisher: Hewlett-Packard
help link: http://www.hp.com/support
WebFldrs XP 9.50.7523 ({350C97B0-3D7C-4EE8-BAA9-00BCB3D54227})
version: 154279267
version (major): 9
version (minor): 50
estimated size: 2472
install date: 20060510
install source: C:\WINDOWS\system32\
publisher: Microsoft Corporation
help link: http://www.microsoft.com/windows
HPSystemDiagnostics 1.5.0.0 ({3CF78481-FB7B-4B51-99A2-D5E0CD0B3AAF})
version: 17104896
version (major): 1
version (minor): 5
estimated size: 893
install date: 20060629
install source: G:\Setup\Sherlock\
publisher: Your Company Name
comments: 0
contact: 0
help link: 0
help telephone: 0
readme: 0
Unload 3.5.0 ({415B8A4E-0EA2-4C69-975C-EEE07B837FD7})
version: 50659328
version (major): 3
version (minor): 5
estimated size: 5132
install date: 20060629
install source: G:\Setup\UnloadIntent\
publisher: Hewlett-Packard
comments: 0
contact: 0
help link: 0
help telephone: 0
readme: 0
Copy 5.35.0.065 ({48242276-DB89-42e8-9678-BD4280D7B99A})
version: 86179840
version (major): 5
version (minor): 35
estimated size: 1339
install date: 20060629
install source: G:\Setup\Copy\
publisher: Hewlett-Packard
Adobe® Photoshop® Album Starter Edition 3.0 3.00.000 ({4BDFD2CE-6329-42E4-9801-9B3D1F10D79B})
version: 50331648
version (major): 3
estimated size: 16717
install date: 20060720
install location: C:\Program Files\Adobe\Photoshop Album Starter Edition\
install source: C:\WINDOWS\Downloaded Installations\{8379D168-79F6-4394-81A2-BB1944E8F892}\
uninstall cmd: MsiExec.exe /I{4BDFD2CE-6329-42E4-9801-9B3D1F10D79B}
publisher: Adobe Systems, Inc.
readme: C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\ReadMe.txt
AutoCAD 2004 16.0.0.086 ({5783F2D7-0201-0409-0002-0060B0CE6BBA})
version: 268435456
version (major): 16
estimated size: 263775
install date: 20060511
install source: F:\autocad 2004 install\Bin\AcadFEUI\
uninstall cmd: MsiExec.exe /I{5783F2D7-0201-0409-0002-0060B0CE6BBA}
publisher: Autodesk
AutoCAD Express Tools Volumes 1-9 1.0.0.0 ({5783F2D7-0211-0409-0000-0060B0CE6BBA})
version: 16777216
version (major): 1
estimated size: 4491
install date: 20060511
install source: F:\autocad 2004 install\Bin\AcadFEUI\Support\Express\
uninstall cmd: MsiExec.exe /X{5783F2D7-0211-0409-0000-0060B0CE6BBA}
publisher: Autodesk
PrintScreen 5.35.0.035 ({57C7C46A-D35D-492d-A328-4F8C9B5B4B52})
version: 86179840
version (major): 5
version (minor): 35
estimated size: 1702
install date: 20060629
install source: G:\Setup\printscreen\
publisher: Hewlett-Packard
Spy Sweeper 5.0 ({5AE68DC3-F16E-457D-947A-092D614C7ABD}_is1)
install location: C:\Program Files\Webroot\Spy Sweeper\
uninstall cmd: "C:\Program Files\Webroot\Spy Sweeper\unins000.exe"
publisher: Webroot Software, Inc.
McAfee Shredder 1.00.0000 ({625BD732-ACDF-4552-BF22-98EBB413B6F3})
version: 16777216
version (major): 1
estimated size: 1058
install date: 20060510
install location: C:\Program Files\McAfee\McAfee Shared Components\
install source: C:\DOCUME~1\Sabian\LOCALS~1\Temp\_is135\
publisher: McAfee, Inc
comments: This package contains McAfee QuickClean Lite and McAfee Shredder
contact: techsupport@mcafeehelp.com
help link: http://www.mcafeehelp.com
help telephone: (408)992-8599
AiOSoftware 40.0.105.000 ({63F2408D-A675-4d97-A256-70EACB6B9B4A})
version: 671088745
version (major): 40
estimated size: 4754
install date: 20060629
install source: G:\Setup\AiOSoftware\
publisher: Hewlett-Packard
Easy CD & DVD Creator 6 6.0.0.171 ({644F9DBE-CEDB-45AF-ACB8-E26692B74F62})
version: 100663296
version (major): 6
estimated size: 776310
install date: 20060510
install source: F:\
uninstall cmd: MsiExec.exe /I{644F9DBE-CEDB-45AF-ACB8-E26692B74F62}
publisher: Roxio Inc.,
comments:
contact: Tech Support
help link: http://support.roxio.com
help telephone: +1 408-367-5555
readme: C:\Program Files\Common Files\Roxio Shared\Support\Readme.txt
McAfee Shredder 1.00.0000 ({6774F0CF-C7DD-4CB4-BCB2-11C3E08BBA03})
version: 16777216
version (major): 1
estimated size: 1058
install date: 20060512
install location: C:\Program Files\McAfee\McAfee Shared Components\
install source: C:\WINDOWS\TEMP\_is47\
publisher: McAfee, Inc
comments: This package contains McAfee QuickClean Lite and McAfee Shredder
contact: techsupport@mcafeehelp.com
help link: http://www.mcafeehelp.com
help telephone: (408)992-8599
4200Trb 40.0.105.000 ({68A2A8FC-2CA0-4b6c-BE09-CC7ABE2A8DDC})
version: 671088745
version (major): 40
estimated size: 445
install date: 20060629
install source: C:\Program Files\HP\Digital Imaging\{0FABD3D7-3036-4e78-B29D-58957ADB0A12}\AiOHelp\
publisher: Hewlett-Packard
Director 5.35.0.051 ({723C033E-63EA-4227-BAB2-0AA8693C16EB})
version: 86179840
version (major): 5
version (minor): 35
estimated size: 1459
install date: 20060629
install source: G:\Setup\Director\
publisher: Hewlett-Packard
InstantShare 3.5.0.21 ({745A92AF-53B4-41A7-91C3-9B026B1D5897})
version: 50659328
version (major): 3
version (minor): 5
estimated size: 20014
install date: 20060629
install source: G:\Setup\InstantShare\
publisher: Hewlett-Packard
comments: 0
contact: 0
help link: 0
help telephone: 0
readme: 0
TrayApp 5.35.0.035 ({81DD5688-695A-4c1d-AE7D-368BF857725A})
version: 86179840
version (major): 5
version (minor): 35
estimated size: 391
install date: 20060629
install source: G:\Setup\TrayApp\
publisher: Hewlett-Packard
QFolder 1.00.0000 ({8777AC6D-89F9-4793-8266-DE406F343E89})
version: 16777216
version (major): 1
estimated size: 177
install date: 20060629
install source: G:\setup\QFolder\
publisher: Hewlett-Packard
Microsoft Office XP Professional with FrontPage 10.0.2627.0 ({90280409-6000-11D3-8CFE-0050048383C9})
version: 167774787
version (major): 10
estimated size: 244859
install date: 20060510
install location: INSTALLLOCATION
install source: F:\
uninstall cmd: MsiExec.exe /I{90280409-6000-11D3-8CFE-0050048383C9}
publisher: Microsoft Corporation
help link: http://www.microsoft.com/support
readme: C:\Program Files\Microsoft Office\Office10\1033\OFREAD10.HTM
SHALIK_TEX
2006-08-04, 16:32
4200Tour 40.0.105.000 ({9A0DCD97-9648-45ed-A52C-133C728AB2FF})
version: 671088745
version (major): 40
estimated size: 1897
install date: 20060629
install source: C:\Program Files\HP\Digital Imaging\{0FABD3D7-3036-4e78-B29D-58957ADB0A12}\Tour\
publisher: Hewlett-Packard
CreativeProjects 5.35.0.059 ({9B03C535-3AEA-4ef2-B326-0A01A2207034})
version: 86179840
version (major): 5
version (minor): 35
estimated size: 99477
install date: 20060629
install source: G:\Setup\CreativeProjects\
publisher: Hewlett-Packard
Readme 40.0.105.000 ({A2500497-FD32-493e-B8E5-28D6728DBEF5})
version: 671088745
version (major): 40
estimated size: 28
install date: 20060629
install source: G:\Setup\readme\
publisher: Hewlett-Packard
Windows Defender Signatures 1.20.0.0 ({A5CC2A09-E9D3-49EC-923D-03874BBD4C2C})
version: 18087936
version (major): 1
version (minor): 20
estimated size: 2892
install date: 20060606
install source: C:\Program Files\Windows Defender\
uninstall cmd: MsiExec.exe /I{A5CC2A09-E9D3-49EC-923D-03874BBD4C2C}
publisher: Microsoft Corporation
Adobe Reader 7.0.8 7.0.8 ({AC76BA86-7AD7-1033-7B44-A70700000002})
version: 117440520
version (major): 7
estimated size: 67299
install date: 20060720
install source: C:\Program Files\Adobe\Acrobat 7.0\Setup Files\RdrBig707\ENU\
uninstall cmd: MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A70700000002}
publisher: Adobe Systems Incorporated
comments:
contact:
help link: http://www.adobe.com/support/main.html
help telephone:
readme: C:\Program Files\Adobe\Acrobat 7.0\Reader\Readme.htm
Fax 40.0.105.000 ({AF226123-1A6F-4ec1-8DEF-E35E7A0D0127})
version: 671088745
version (major): 40
estimated size: 25561
install date: 20060629
install source: G:\Setup\fax\
publisher: Hewlett-Packard
Windows Defender 1.1.1347.6 ({B2D7CE29-614A-4ACC-8BFE-009EB3A244C9})
version: 16844099
version (major): 1
version (minor): 1
estimated size: 10644
install date: 20060606
install source: C:\Documents and Settings\Sabian\Local Settings\Temporary Internet Files\Content.IE5\XA8R9TI0\
uninstall cmd: MsiExec.exe /I{B2D7CE29-614A-4ACC-8BFE-009EB3A244C9}
publisher: Microsoft Corporation
help link: http://go.microsoft.com/fwlink/?LinkId=55273
SkinsHP2 5.35.0.043 ({BC339BFD-F550-471a-8D26-4D08126C62F7})
version: 86179840
version (major): 5
version (minor): 35
estimated size: 8497
install date: 20060629
install source: G:\Setup\SkinsHP\
publisher: Hewlett-Packard
Microsoft .NET Framework 1.1 1.1.4322 ({CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1})
version: 16847074
version (major): 1
version (minor): 1
estimated size: 37015
install date: 20060629
install source: C:\DOCUME~1\Sabian\LOCALS~1\Temp\
uninstall cmd: MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
publisher: Microsoft
readme: file://C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\1033\RepairRedist.htm
QuickProjects 5.35.0.047 ({CBE3E0AF-73BB-4c21-8B96-B09E003EDE7F})
version: 86179840
version (major): 5
version (minor): 35
estimated size: 21735
install date: 20060629
install source: G:\Setup\QuickProjects\
publisher: Hewlett-Packard
Overland 2.1.4 ({D186329B-1B4D-408D-ABEC-EA5CE1F182C9})
version: 33619972
version (major): 2
version (minor): 1
estimated size: 6438
install date: 20060629
install source: G:\Setup\overland\
publisher: Hewlett-Packard
comments: 0
contact: 0
help link: 0
help telephone: 0
readme: 0
PhotoGallery 5.35.0.059 ({E8BFBD0A-8002-4dc9-869C-E495FA9DCE7A})
version: 86179840
version (major): 5
version (minor): 35
estimated size: 43570
install date: 20060629
install source: G:\Setup\PhotoGallery\
publisher: Hewlett-Packard
WebReg 5.31.0.147 ({FBBF532A-47AC-457d-AC06-0D3163D8911E})
version: 85917696
version (major): 5
version (minor): 31
estimated size: 93
install date: 20060629
install source: G:\Setup\WebReg\
publisher: Hewlett-Packard
HIJACK LOG
Logfile of HijackThis v1.99.1
Scan saved at 8:34:35 AM, on 8/4/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\Program Files\ewido anti-malware\ewidoctrl.exe
c:\progra~1\mcafee\mcafee antispyware\massrv.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe
C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe
C:\Program Files\McAfee.com\VSO\mcvsshld.exe
C:\PROGRA~1\mcafee.com\mps\mscifapp.exe
C:\PROGRA~1\McAfee\SPAMKI~1\MSKAgent.exe
C:\PROGRA~1\mcafee.com\vso\mcvsescn.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
C:\progra~1\mcafee\MCAFEE~2\masalert.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\McAfee.com\VSO\oasclnt.exe
C:\Program Files\HP\HP Software Update\HPWuSchd.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe
C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\Playlist.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\Program Files\Webroot\Washer\wwDisp.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Handspring\HOTSYNC.EXE
C:\WINDOWS\system32\wwSecure.exe
c:\progra~1\mcafee.com\vso\mcvsftsn.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Webroot\Spy Sweeper\SSU.EXE
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Hijackthis\HijackThis.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: McBrwHelper Class - {227B8AA8-DAF2-4892-BD1D-73F568BCB24E} - c:\PROGRA~1\mcafee.com\mps\mcbrhlpr.dll
O2 - BHO: McAfee Privacy Service Popup Blocker - {3EC8255F-E043-4cae-8B3B-B191550C2A22} - c:\program files\mcafee.com\mps\popupkiller.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [RoxioEngineUtility] "C:\Program Files\Common Files\Roxio Shared\System\EngUtil.exe"
O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe"
O4 - HKLM\..\Run: [RoxioAudioCentral] "C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe"
O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [VirusScan Online] "C:\Program Files\McAfee.com\VSO\mcvsshld.exe"
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] c:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O4 - HKLM\..\Run: [MPSExe] "c:\PROGRA~1\mcafee.com\mps\mscifapp.exe" /embedding
O4 - HKLM\..\Run: [MSKAGENTEXE] C:\PROGRA~1\McAfee\SPAMKI~1\MSKAgent.exe
O4 - HKLM\..\Run: [MSKDetectorExe] "C:\PROGRA~1\McAfee\SPAMKI~1\MskDetct.exe" /startup
O4 - HKLM\..\Run: [MPFExe] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
O4 - HKLM\..\Run: [_AntiSpyware] c:\progra~1\mcafee\MCAFEE~2\masalert.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [OASClnt] "C:\Program Files\McAfee.com\VSO\oasclnt.exe"
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe" /startintray
O4 - HKLM\..\Run: [spywarebot] C:\Program Files\SpywareBot\SpywareBot.exe -boot
O4 - HKLM\..\Run: [McRegWiz] "c:\PROGRA~1\mcafee.com\agent\mcregwiz.exe" /autorun
O4 - HKLM\..\Run: [CleanUp] C:\PROGRA~1\McAfee.com\Shared\mcappins.exe /v=3 /cleanup
O4 - HKCU\..\Run: [MSKAGENTEXE] C:\PROGRA~1\McAfee\SPAMKI~1\MSKAgent.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [Window Washer] "C:\Program Files\Webroot\Washer\wwDisp.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Startup: HotSync Manager.lnk = C:\Program Files\Handspring\HOTSYNC.EXE
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://download.ewido.net/ewidoOnlineScan.cab
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: McAfee AntiSpyware Service - McAfee, Inc. - c:\progra~1\mcafee\mcafee antispyware\massrv.exe
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
O23 - Service: McAfee SpamKiller Server (MskService) - McAfee Inc. - C:\PROGRA~1\McAfee\SPAMKI~1\MSKSrvr.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
O23 - Service: Washer Security Access (wwSecSvc) - Webroot Software, Inc. - C:\WINDOWS\system32\wwSecure.exe
SHALIK_TEX
2006-08-04, 16:34
So far after doing the fix I found on another post I haven't gotten any popup junk at the bottom of the desktop. If anyone can look over the logs and let me know if there is anything else I need to know or fix please let me know.
thanks.
LonnyRJones
2006-08-09, 21:27
Welcome SHALIK_TEX
Those Logs look ok
Hows that PC acting ?
This topic has been closed to prevent others with similar issues posting in it.
If you need it re-opened please send me or your helper a pm and provide a link to the thread.
Applies only to the original topic starter.