Page 1 of 10 12345 ... LastLast
Results 1 to 10 of 99

Thread: Command Service

  1. #1
    Member
    Join Date
    May 2006
    Posts
    87

    Default Command Service

    Hi

    I'm getting 3 command service entries coming up when I run spybot. One can be removed, but the other two cannot as they apparently are linked files. When I run spybot again the other one comes back as well.

    I've run spybot in safe mode with no joy, but am a little hazy what else I need to do. Can you please help?

    Cheers.

  2. #2
    Security Expert: Emeritus
    Join Date
    Oct 2006
    Location
    Finland
    Posts
    29,374

    Default

    Hi brispie

    Use this link to get HijackThis.
    Save it to your desktop and then double-click to run it.
    It will install the program in c:\program files\HijackThis.
    Browse to that location with windows explorer, and double click on the HijackThis.exe program to run. Choose the 'Do a system scan and save a logfile'
    That will allow you to save the log to the desktop (or some other place) and leave open a notepad file with the HijackThis log in it.

    Now post your HijackThis log into this topic.
    Microsoft MVP Consumer Security 2008-2011

    Member of ASAP and UNITE since 2006

  3. #3
    Member
    Join Date
    May 2006
    Posts
    87

    Default

    Is this any good?

    Thanks for the swift response by the way Shaba.

    Logfile of HijackThis v1.99.1
    Scan saved at 21:47:54, on 16/05/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\Program Files\ASUS\Probe\AsusProb.exe
    C:\Program Files\Winamp\winampa.exe
    C:\PROGRA~1\BILLPS~1\WINPAT~1\winpatrol.exe
    C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
    C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
    C:\Program Files\Boots F2CD\Picture Suite\InsDetect.exe
    C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
    C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
    C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
    C:\PROGRA~1\Symantec\NORTON~1\GHOSTS~2.EXE
    C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
    C:\WINDOWS\system32\WgaTray.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\Hijackthis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by blueyonder
    F2 - REG:system.ini: UserInit=userinit.exe
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    O4 - HKLM\..\Run: [ASUS Probe] C:\Program Files\ASUS\Probe\AsusProb.exe
    O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
    O4 - HKLM\..\Run: [WinPatrol] C:\PROGRA~1\BILLPS~1\WINPAT~1\winpatrol.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
    O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
    O4 - HKCU\..\Run: [Boots Insert Detect] C:\Program Files\Boots F2CD\Picture Suite\InsDetect.exe
    O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\googletoolbar.dll/cmsearch.html
    O8 - Extra context menu item: Backward &Links - res://C:\Program Files\Google\googletoolbar.dll/cmbacklinks.html
    O8 - Extra context menu item: Cac&hed Snapshot of Page - res://C:\Program Files\Google\googletoolbar.dll/cmcache.html
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
    O8 - Extra context menu item: Si&milar Pages - res://C:\Program Files\Google\googletoolbar.dll/cmsimilar.html
    O8 - Extra context menu item: Translate into English - res://C:\Program Files\Google\googletoolbar.dll/cmtrans.html
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O14 - IERESET.INF: START_PAGE_URL=http://www.blueyonder.co.uk/dial
    O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english...an_unicode.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.co...?1110302565593
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
    O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
    O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
    O23 - Service: GhostStartService - Symantec Corporation - C:\PROGRA~1\Symantec\NORTON~1\GHOSTS~2.EXE
    O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

  4. #4
    Security Expert: Emeritus
    Join Date
    Oct 2006
    Location
    Finland
    Posts
    29,374

    Default

    Hi

    Please download delcmdservice (by Marckie), and save it to your Desktop.
    http://users.telenet.be/marcvn/tools/delcmdservice.zip

    • Unzip the content to your Desktop (a folder named delcmdservice)
    • Double-click on the delcmdservice folder
    • Double-click on delreg.bat to launch the tool
    • When the tool has finished, please reboot your computer.


    Scan again with Spybot and let me know if that has resolved the problem?
    Microsoft MVP Consumer Security 2008-2011

    Member of ASAP and UNITE since 2006

  5. #5
    Member
    Join Date
    May 2006
    Posts
    87

    Default

    A bit strange.

    I save the file to my desktop and then open it up, but when I double click on delreg.bat something briefly flickers on screen, but that's it.

    I did re-boot and run spybot, but no change.

  6. #6
    Security Expert: Emeritus
    Join Date
    Oct 2006
    Location
    Finland
    Posts
    29,374

    Default

    Hi

    Post then spybot report here, please
    Microsoft MVP Consumer Security 2008-2011

    Member of ASAP and UNITE since 2006

  7. #7
    Member
    Join Date
    May 2006
    Posts
    87

    Default

    Spybot Report? Sorry I'm not sure how to do that.

  8. #8
    Security Expert: Emeritus
    Join Date
    Oct 2006
    Location
    Finland
    Posts
    29,374

    Default

    Hi

    You can get a Spybot report, if you switch Spybot into advanced mode (Mode -> Advanced mode), then click on "Tools", and then "View Report". There confirm that the checkboxes are checked and click on the green button with the arrow labeled "View report" . Export the report to a text file and copy/paste it to your next post.
    Microsoft MVP Consumer Security 2008-2011

    Member of ASAP and UNITE since 2006

  9. #9
    Member
    Join Date
    May 2006
    Posts
    87

    Default

    It's a big one!


    --- Search result list ---


    --- System information ---
    Windows XP (Build: 2600) Service Pack 2
    / MSXML4SP2: FIX: ASP stops responding when calling Response.Redirect to another server using msxml4 sp2
    / Windows Media Player 10: Security Update for Windows Media Player 10 (KB911565)
    / Windows Media Player 10: Security Update for Windows Media Player 10 (KB917734)
    / Windows Media Player 6.4: Security Update for Windows Media Player 6.4 (KB925398)
    / Windows XP: Security Update for Windows XP (KB923689)
    / Windows XP / SP3: Windows XP Hotfix - KB867282
    / Windows XP / SP3: Windows XP Hotfix - KB873333
    / Windows XP / SP3: Windows XP Hotfix - KB873339
    / Windows XP / SP3: Security Update for Windows XP (KB883939)
    / Windows XP / SP3: Windows XP Hotfix - KB885250
    / Windows XP / SP3: Windows XP Hotfix - KB885835
    / Windows XP / SP3: Windows XP Hotfix - KB885836
    / Windows XP / SP3: Windows XP Hotfix - KB885884
    / Windows XP / SP3: Windows XP Hotfix - KB886185
    / Windows XP / SP3: Windows XP Hotfix - KB887472
    / Windows XP / SP3: Windows XP Hotfix - KB887742
    / Windows XP / SP3: Windows XP Hotfix - KB888113
    / Windows XP / SP3: Windows XP Hotfix - KB888302
    / Windows XP / SP3: Security Update for Windows XP (KB890046)
    / Windows XP / SP3: Windows XP Hotfix - KB890047
    / Windows XP / SP3: Windows XP Hotfix - KB890175
    / Windows XP / SP3: Windows XP Hotfix - KB890859
    / Windows XP / SP3: Windows XP Hotfix - KB890923
    / Windows XP / SP3: Windows XP Hotfix - KB891781
    / Windows XP / SP3: Security Update for Windows XP (KB893066)
    / Windows XP / SP3: Windows XP Hotfix - KB893086
    / Windows XP / SP3: Security Update for Windows XP (KB893756)
    / Windows XP / SP3: Windows Installer 3.1 (KB893803)
    / Windows XP / SP3: Windows Installer 3.1 (KB893803)
    / Windows XP / SP3: Update for Windows XP (KB894391)
    / Windows XP / SP3: Security Update for Windows XP (KB896358)
    / Windows XP / SP3: Security Update for Windows XP (KB896422)
    / Windows XP / SP3: Security Update for Windows XP (KB896423)
    / Windows XP / SP3: Security Update for Windows XP (KB896424)
    / Windows XP / SP3: Security Update for Windows XP (KB896428)
    / Windows XP / SP3: Security Update for Windows XP (KB896688)
    / Windows XP / SP3: Update for Windows XP (KB896727)
    / Windows XP / SP3: Update for Windows XP (KB898461)
    / Windows XP / SP3: Security Update for Windows XP (KB899587)
    / Windows XP / SP3: Security Update for Windows XP (KB899588)
    / Windows XP / SP3: Security Update for Windows XP (KB899589)
    / Windows XP / SP3: Security Update for Windows XP (KB899591)
    / Windows XP / SP3: Update for Windows XP (KB900485)
    / Windows XP / SP3: Security Update for Windows XP (KB900725)
    / Windows XP / SP3: Security Update for Windows XP (KB901017)
    / Windows XP / SP3: Security Update for Windows XP (KB901214)
    / Windows XP / SP3: Security Update for Windows XP (KB902400)
    / Windows XP / SP3: Security Update for Windows XP (KB903235)
    / Windows XP / SP3: Security Update for Windows XP (KB904706)
    / Windows XP / SP3: Security Update for Windows XP (KB905414)
    / Windows XP / SP3: Security Update for Windows XP (KB905749)
    / Windows XP / SP3: Security Update for Windows XP (KB905915)
    / Windows XP / SP3: Security Update for Windows XP (KB908519)
    / Windows XP / SP3: Security Update for Windows XP (KB908531)
    / Windows XP / SP3: Update for Windows XP (KB910437)
    / Windows XP / SP3: Update for Windows XP (KB911280)
    / Windows XP / SP3: Security Update for Windows XP (KB911562)
    / Windows XP / SP3: Security Update for Windows XP (KB911567)
    / Windows XP / SP3: Security Update for Windows XP (KB911927)
    / Windows XP / SP3: Security Update for Windows XP (KB912812)
    / Windows XP / SP3: Security Update for Windows XP (KB912919)
    / Windows XP / SP3: Security Update for Windows XP (KB913446)
    / Windows XP / SP3: Security Update for Windows XP (KB913580)
    / Windows XP / SP3: Security Update for Windows XP (KB914388)
    / Windows XP / SP3: Security Update for Windows XP (KB914389)
    / Windows XP / SP3: Security Update for Windows XP (KB916281)
    / Windows XP / SP3: Update for Windows XP (KB916595)
    / Windows XP / SP3: Security Update for Windows XP (KB917159)
    / Windows XP / SP3: Security Update for Windows XP (KB917344)
    / Windows XP / SP3: Security Update for Windows XP (KB917422)
    / Windows XP / SP3: Security Update for Windows XP (KB917953)
    / Windows XP / SP3: Security Update for Windows XP (KB918118)
    / Windows XP / SP3: Security Update for Windows XP (KB918439)
    / Windows XP / SP3: Security Update for Windows XP (KB918899)
    / Windows XP / SP3: Security Update for Windows XP (KB919007)
    / Windows XP / SP3: Security Update for Windows XP (KB920213)
    / Windows XP / SP3: Security Update for Windows XP (KB920214)
    / Windows XP / SP3: Security Update for Windows XP (KB920670)
    / Windows XP / SP3: Security Update for Windows XP (KB920683)
    / Windows XP / SP3: Security Update for Windows XP (KB920685)
    / Windows XP / SP3: Update for Windows XP (KB920872)
    / Windows XP / SP3: Security Update for Windows XP (KB921398)
    / Windows XP / SP3: Security Update for Windows XP (KB921883)
    / Windows XP / SP3: Update for Windows XP (KB922582)
    / Windows XP / SP3: Security Update for Windows XP (KB922616)
    / Windows XP / SP3: Security Update for Windows XP (KB922760)
    / Windows XP / SP3: Security Update for Windows XP (KB922819)
    / Windows XP / SP3: Security Update for Windows XP (KB923191)
    / Windows XP / SP3: Security Update for Windows XP (KB923414)
    / Windows XP / SP3: Security Update for Windows XP (KB923694)
    / Windows XP / SP3: Security Update for Windows XP (KB923980)
    / Windows XP / SP3: Security Update for Windows XP (KB924191)
    / Windows XP / SP3: Security Update for Windows XP (KB924270)
    / Windows XP / SP3: Security Update for Windows XP (KB924496)
    / Windows XP / SP3: Security Update for Windows XP (KB924667)
    / Windows XP / SP3: Security Update for Windows XP (KB925454)
    / Windows XP / SP3: Security Update for Windows XP (KB925486)
    / Windows XP / SP3: Security Update for Windows XP (KB925902)
    / Windows XP / SP3: Security Update for Windows XP (KB926255)
    / Windows XP / SP3: Security Update for Windows XP (KB926436)
    / Windows XP / SP3: Security Update for Windows XP (KB927779)
    / Windows XP / SP3: Security Update for Windows XP (KB927802)
    / Windows XP / SP3: Security Update for Windows XP (KB928090)
    / Windows XP / SP3: Security Update for Windows XP (KB928255)
    / Windows XP / SP3: Security Update for Windows XP (KB928843)
    / Windows XP / SP3: Update for Windows XP (KB929338)
    / Windows XP / SP3: Security Update for Windows XP (KB929969)
    / Windows XP / SP3: Security Update for Windows XP (KB930178)
    / Windows XP / SP3: Update for Windows XP (KB930916)
    / Windows XP / SP3: Security Update for Windows XP (KB931261)
    / Windows XP / SP3: Security Update for Windows XP (KB931768)
    / Windows XP / SP3: Security Update for Windows XP (KB931784)
    / Windows XP / SP3: Update for Windows XP (KB931836)
    / Windows XP / SP3: Security Update for Windows XP (KB932168)


    --- Startup entries list ---
    Located: HK_LM:Run, ASUS Probe
    command: C:\Program Files\ASUS\Probe\AsusProb.exe
    file: C:\Program Files\ASUS\Probe\AsusProb.exe
    size: 617984
    MD5: b7e260f00988380f72ff06d2fe181d70

    Located: HK_LM:Run, ATIPTA
    command: C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    file: C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    size: 339968
    MD5: 88e9fb3ffa53f65477dceaebc37a4189

    Located: HK_LM:Run, AVG7_CC
    command: C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
    file: C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
    size: 416256
    MD5: 2200c98c049de1a7638ea0edba1c8882

    Located: HK_LM:Run, QuickTime Task
    command: "C:\Program Files\QuickTime\qttask.exe" -atboottime
    file: C:\Program Files\QuickTime\qttask.exe
    size: 98304
    MD5: 9b4c1812595c389ab9ccf1ff3b315248

    Located: HK_LM:Run, SunJavaUpdateSched
    command: "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
    file: C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
    size: 83608
    MD5: 9c1c80bbf8e6044980890e2d2d91091c

    Located: HK_LM:Run, WinampAgent
    command: C:\Program Files\Winamp\winampa.exe
    file: C:\Program Files\Winamp\winampa.exe
    size: 33792
    MD5: 11aa6662a1be30375afd1a8407811e7e

    Located: HK_LM:Run, WinPatrol
    command: C:\PROGRA~1\BILLPS~1\WINPAT~1\winpatrol.exe
    file: C:\PROGRA~1\BILLPS~1\WINPAT~1\winpatrol.exe
    size: 230592
    MD5: e17fb7c097b651ae7b918da4151624f2

    Located: HK_CU:Run, Boots Insert Detect
    command: C:\Program Files\Boots F2CD\Picture Suite\InsDetect.exe
    file: C:\Program Files\Boots F2CD\Picture Suite\InsDetect.exe
    size: 262144
    MD5: b846143895f23bf8d434cf5000c0eda8

    Located: System.ini, AtiExtEvent
    command: Ati2evxx.dll
    file: Ati2evxx.dll

    Located: System.ini, crypt32chain
    command: crypt32.dll
    file: crypt32.dll

    Located: System.ini, cryptnet
    command: cryptnet.dll
    file: cryptnet.dll

    Located: System.ini, cscdll
    command: cscdll.dll
    file: cscdll.dll

    Located: System.ini, ScCertProp
    command: wlnotify.dll
    file: wlnotify.dll

    Located: System.ini, Schedule
    command: wlnotify.dll
    file: wlnotify.dll

    Located: System.ini, sclgntfy
    command: sclgntfy.dll
    file: sclgntfy.dll

    Located: System.ini, SensLogn
    command: WlNotify.dll
    file: WlNotify.dll

    Located: System.ini, termsrv
    command: wlnotify.dll
    file: wlnotify.dll

    Located: System.ini, WgaLogon
    command: WgaLogon.dll
    file: WgaLogon.dll

    Located: System.ini, wlballoon
    command: wlnotify.dll
    file: wlnotify.dll



    --- Browser helper object list ---
    {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (AcroIEHlprObj Class)
    BHO name:
    CLSID name: AcroIEHlprObj Class
    description: Adobe Acrobat reader
    classification: Legitimate
    known filename: AcroIEhelper.ocx<br>AcroIEhelper.dll
    info link: http://www.adobe.com/products/acrobat/readstep2.html
    info source: TonyKlein
    Path: C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\
    Long name: AcroIEHelper.dll
    Short name: ACROIE~1.DLL
    Date (created): 03/11/2003 15:17:44
    Date (last access): 19/05/2007 12:30:10
    Date (last write): 03/11/2003 15:17:44
    Filesize: 54248
    Attributes: archive
    MD5: FC7850324464E4D19A24A03D882B5CC4
    CRC32: 452E8571
    Version: 6.0.1.1091

    {53707962-6F74-2D53-2644-206D7942484F} ()
    BHO name:
    CLSID name:
    description: Spybot-S&D IE Browser plugin
    classification: Legitimate
    known filename: SDhelper.dll
    info link: http://spybot.eon.net.au/
    info source: Patrick M. Kolla
    Path: C:\PROGRA~1\SPYBOT~1\
    Long name: SDHelper.dll
    Short name:
    Date (created): 12/05/2004 02:03:00
    Date (last access): 19/05/2007 12:30:10
    Date (last write): 31/05/2005 01:04:00
    Filesize: 853672
    Attributes: archive
    MD5: 250D787A5712D7768DDC133B3E477759
    CRC32: D4589A41
    Version: 1.4.0.0

    {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class)
    BHO name:
    CLSID name: SSVHelper Class
    Path: C:\Program Files\Java\jre1.6.0_01\bin\
    Long name: ssv.dll
    Short name:
    Date (created): 23/04/2007 13:53:42
    Date (last access): 19/05/2007 12:30:10
    Date (last write): 14/03/2007 03:43:40
    Filesize: 501400
    Attributes: archive
    MD5: 70FD57D6EDBED8D80C1995257C99D27E
    CRC32: 3CE654AC
    Version: 6.0.10.6



    --- ActiveX list ---
    Microsoft XML Parser for Java (Microsoft XML Parser for Java)
    DPF name: Microsoft XML Parser for Java
    CLSID name:
    Installer:
    Codebase: file://C:\WINDOWS\Java\classes\xmldso.cab
    description:
    classification: Legitimate
    known filename: %WINDIR%\Java\classes\xmldso.cab
    info link:
    info source: Patrick M. Kolla

    {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object)
    DPF name:
    CLSID name: CKAVWebScan Object
    Installer: C:\WINDOWS\Downloaded Program Files\kavwebscan.inf
    Codebase: http://www.kaspersky.com/kos/english...an_unicode.cab
    description:
    classification: Legitimate
    known filename:
    info link:
    info source: Safer Networking Ltd.
    Path: C:\WINDOWS\system32\Kaspersky Lab\Kaspersky On-line Scanner\
    Long name: kavwebscan.dll
    Short name: KAVWEB~1.DLL
    Date (created): 13/10/2005 12:00:56
    Date (last access): 19/05/2007 09:03:20
    Date (last write): 13/10/2005 12:00:56
    Filesize: 790528
    Attributes: archive
    MD5: 46CE15B59AB422CAF3765DDC909A64F0
    CRC32: 606D97CC
    Version: 5.0.78.0

    {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class)
    DPF name:
    CLSID name: WUWebControl Class
    Installer: C:\WINDOWS\Downloaded Program Files\wuweb.inf
    Codebase: http://v5.windowsupdate.microsoft.co...?1110302565593
    description:
    classification: Legitimate
    known filename: wuweb.dll
    info link:
    info source: Safer Networking Ltd.
    Path: C:\WINDOWS\system32\
    Long name: wuweb.dll
    Short name:
    Date (created): 08/03/2005 15:34:40
    Date (last access): 19/05/2007 09:01:32
    Date (last write): 26/05/2005 04:16:30
    Filesize: 173536
    Attributes: archive
    MD5: C459F2D5E64C942F3F66E1CD7F1C4C00
    CRC32: EEF66B50
    Version: 5.8.0.2469

    {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0)
    DPF name: Java Runtime Environment 1.6.0
    CLSID name: Java Plug-in 1.6.0_01
    Installer:
    Codebase: http://java.sun.com/update/1.6.0/jin...ndows-i586.cab
    description: Sun Java
    classification: Legitimate
    known filename: %PROGRAM FILES%\JabaSoft\JRE\*\Bin\npjava131.dll
    info link:
    info source: Patrick M. Kolla
    Path: C:\Program Files\Java\jre1.6.0_01\bin\
    Long name: npjpi160_01.dll
    Short name: NPJPI1~1.DLL
    Date (created): 14/03/2007 02:04:46
    Date (last access): 19/05/2007 08:49:24
    Date (last write): 14/03/2007 03:43:42
    Filesize: 132760
    Attributes: archive
    MD5: F112FB2FD2EF66D439799E3F834DF000
    CRC32: D2B09219
    Version: 6.0.0.6

    {A8658086-E6AC-4957-BC8E-8D54A7E8A790} (GDIChk Object)
    DPF name:
    CLSID name: GDIChk Object
    Installer: C:\WINDOWS\Downloaded Program Files\gdichk.inf
    Codebase: http://www.microsoft.com/security/co...I/0/GDIChk.CAB
    description:
    classification: Legitimate
    known filename: GDIChk.dll
    info link:
    info source: Safer Networking Ltd.
    Path: C:\WINDOWS\Downloaded Program Files\
    Long name: GDIChk.dll
    Short name:
    Date (created): 09/09/2004 16:17:40
    Date (last access): 19/05/2007 08:57:50
    Date (last write): 09/09/2004 16:17:40
    Filesize: 65272
    Attributes: archive
    MD5: 56AF5FF66A5F8F927411B59B66107C84
    CRC32: 61E0CF2E
    Version: 1.0.0.0

    {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} (Java Runtime Environment 1.5.0)
    DPF name: Java Runtime Environment 1.5.0
    CLSID name: Java Plug-in 1.5.0_06
    Installer:
    Codebase: http://java.sun.com/update/1.5.0/jin...ndows-i586.cab
    description:
    classification: Legitimate
    known filename: npjpi150_06.dll
    info link:
    info source: Safer Networking Ltd.
    Path: C:\Program Files\Java\jre1.5.0_06\bin\
    Long name: NPJPI150_06.dll
    Short name: NPJPI1~1.DLL
    Date (created): 02/03/2006 13:52:58
    Date (last access): 19/05/2007 08:46:44
    Date (last write): 10/11/2005 13:22:12
    Filesize: 69746
    Attributes: archive
    MD5: D2CF6BB5E9020E6707B62575F8083954
    CRC32: 7F39DC54
    Version: 5.0.60.5

    {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} (Java Runtime Environment 1.5.0)
    DPF name: Java Runtime Environment 1.5.0
    CLSID name: Java Plug-in 1.5.0_09
    Installer:
    Codebase: http://java.sun.com/update/1.5.0/jin...ndows-i586.cab
    description:
    classification: Legitimate
    known filename: NPJPI150_09.dll
    info link:
    info source: Safer Networking Ltd.
    Path: C:\Program Files\Java\jre1.5.0_09\bin\
    Long name: NPJPI150_09.dll
    Short name: NPJPI1~1.DLL
    Date (created): 12/10/2006 04:10:58
    Date (last access): 19/05/2007 08:47:24
    Date (last write): 12/10/2006 04:25:44
    Filesize: 69746
    Attributes: archive
    MD5: A3CDEB59B6B8C2EA81B9ED2D3EF4C95E
    CRC32: 2A32A9A2
    Version: 5.0.90.3

    {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} (Java Runtime Environment 1.5.0)
    DPF name: Java Runtime Environment 1.5.0
    CLSID name: Java Plug-in 1.5.0_10
    Installer:
    Codebase: http://java.sun.com/update/1.5.0/jin...ndows-i586.cab
    Path: C:\Program Files\Java\jre1.5.0_10\bin\
    Long name: NPJPI150_10.dll
    Short name: NPJPI1~1.DLL
    Date (created): 09/11/2006 16:07:34
    Date (last access): 19/05/2007 08:48:04
    Date (last write): 09/11/2006 16:21:54
    Filesize: 75528
    Attributes: archive
    MD5: 635F4B3A0F1C661B5CEDE628BA85E46B
    CRC32: 0C9B7145
    Version: 5.0.100.3

  10. #10
    Member
    Join Date
    May 2006
    Posts
    87

    Default

    {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} (Java Runtime Environment 1.5.0)
    DPF name: Java Runtime Environment 1.5.0
    CLSID name: Java Plug-in 1.5.0_11
    Installer:
    Codebase: http://java.sun.com/update/1.5.0/jin...ndows-i586.cab
    Path: C:\Program Files\Java\jre1.5.0_11\bin\
    Long name: NPJPI150_11.dll
    Short name: NPJPI1~1.DLL
    Date (created): 15/12/2006 04:09:16
    Date (last access): 19/05/2007 08:48:44
    Date (last write): 15/12/2006 04:23:26
    Filesize: 75528
    Attributes: archive
    MD5: 3B3F6984DBF972DAFF1B7E9C44E2FE75
    CRC32: 4BDE2041
    Version: 5.0.110.3

    {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} (Java Runtime Environment 1.6.0)
    DPF name: Java Runtime Environment 1.6.0
    CLSID name: Java Plug-in 1.6.0_01
    Installer:
    Codebase: http://java.sun.com/update/1.6.0/jin...ndows-i586.cab
    Path: C:\Program Files\Java\jre1.6.0_01\bin\
    Long name: npjpi160_01.dll
    Short name: NPJPI1~1.DLL
    Date (created): 14/03/2007 02:04:46
    Date (last access): 19/05/2007 12:50:26
    Date (last write): 14/03/2007 03:43:42
    Filesize: 132760
    Attributes: archive
    MD5: F112FB2FD2EF66D439799E3F834DF000
    CRC32: D2B09219
    Version: 6.0.0.6

    {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} (Java Runtime Environment 1.6.0)
    DPF name: Java Runtime Environment 1.6.0
    CLSID name: Java Plug-in 1.6.0_01
    Installer:
    Codebase: http://java.sun.com/update/1.6.0/jin...ndows-i586.cab
    description:
    classification: Legitimate
    known filename: npjpi150_06.dll
    info link:
    info source: Safer Networking Ltd.
    Path: C:\Program Files\Java\jre1.6.0_01\bin\
    Long name: npjpi160_01.dll
    Short name: NPJPI1~1.DLL
    Date (created): 14/03/2007 02:04:46
    Date (last access): 19/05/2007 12:50:26
    Date (last write): 14/03/2007 03:43:42
    Filesize: 132760
    Attributes: archive
    MD5: F112FB2FD2EF66D439799E3F834DF000
    CRC32: D2B09219
    Version: 6.0.0.6

    {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object)
    DPF name:
    CLSID name: Shockwave Flash Object
    Installer: C:\WINDOWS\Downloaded Program Files\swflash.inf
    Codebase: http://download.macromedia.com/pub/s...sh/swflash.cab
    description: Macromedia Shockwave Flash Player
    classification: Legitimate
    known filename:
    info link:
    info source: Patrick M. Kolla
    Path: C:\WINDOWS\system32\Macromed\Flash\
    Long name: Flash8b.ocx
    Short name:
    Date (created): 31/03/2006 11:45:12
    Date (last access): 19/05/2007 12:28:08
    Date (last write): 31/03/2006 11:45:12
    Filesize: 1443464
    Attributes: readonly archive
    MD5: 12719EDDAAB9CAEEF28C6E58192F594B
    CRC32: 680E085C
    Version: 8.0.24.0



    --- Process list ---
    PID: 0 ( 0) [System]
    PID: 444 ( 4) \SystemRoot\System32\smss.exe
    PID: 500 ( 444) \??\C:\WINDOWS\system32\csrss.exe
    PID: 524 ( 444) \??\C:\WINDOWS\system32\winlogon.exe
    PID: 568 ( 524) C:\WINDOWS\system32\services.exe
    size: 108032
    MD5: C6CE6EEC82F187615D1002BB3BB50ED4
    PID: 580 ( 524) C:\WINDOWS\system32\lsass.exe
    size: 13312
    MD5: 84885F9B82F4D55C6146EBF6065D75D2
    PID: 740 ( 568) C:\WINDOWS\system32\Ati2evxx.exe
    size: 389120
    MD5: DF7CE16CFF3217E71742E3D700844C07
    PID: 756 ( 568) C:\WINDOWS\system32\svchost.exe
    size: 14336
    MD5: 8F078AE4ED187AAABC0A305146DE6716
    PID: 812 ( 568) C:\WINDOWS\system32\svchost.exe
    size: 14336
    MD5: 8F078AE4ED187AAABC0A305146DE6716
    PID: 880 ( 568) C:\WINDOWS\System32\svchost.exe
    size: 14336
    MD5: 8F078AE4ED187AAABC0A305146DE6716
    PID: 944 ( 568) C:\WINDOWS\system32\svchost.exe
    size: 14336
    MD5: 8F078AE4ED187AAABC0A305146DE6716
    PID: 1084 ( 568) C:\WINDOWS\system32\svchost.exe
    size: 14336
    MD5: 8F078AE4ED187AAABC0A305146DE6716
    PID: 1212 ( 524) C:\WINDOWS\system32\Ati2evxx.exe
    size: 389120
    MD5: DF7CE16CFF3217E71742E3D700844C07
    PID: 1288 (1248) C:\WINDOWS\Explorer.EXE
    size: 1032192
    MD5: A0732187050030AE399B241436565E64
    PID: 1388 ( 568) C:\WINDOWS\system32\spoolsv.exe
    size: 57856
    MD5: DA81EC57ACD4CDC3D4C51CF3D409AF9F
    PID: 1500 (1288) C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    size: 339968
    MD5: 88E9FB3FFA53F65477DCEAEBC37A4189
    PID: 1512 (1288) C:\Program Files\ASUS\Probe\AsusProb.exe
    size: 617984
    MD5: B7E260F00988380F72FF06D2FE181D70
    PID: 1520 (1288) C:\Program Files\Winamp\winampa.exe
    size: 33792
    MD5: 11AA6662A1BE30375AFD1A8407811E7E
    PID: 1532 (1288) C:\PROGRA~1\BILLPS~1\WINPAT~1\winpatrol.exe
    size: 230592
    MD5: E17FB7C097B651AE7B918DA4151624F2
    PID: 1552 (1288) C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
    size: 83608
    MD5: 9C1C80BBF8E6044980890E2D2D91091C
    PID: 1568 (1288) C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
    size: 416256
    MD5: 2200C98C049DE1A7638EA0EDBA1C8882
    PID: 1584 (1288) C:\Program Files\Boots F2CD\Picture Suite\InsDetect.exe
    size: 262144
    MD5: B846143895F23BF8D434CF5000C0EDA8
    PID: 1764 ( 568) C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    size: 100032
    MD5: B825F25B8FC988F18C2EAA6737E83512
    PID: 1796 ( 568) C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
    size: 353280
    MD5: 5F4ED1DBA7E1EAECBA443A53DA176485
    PID: 1812 ( 568) C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
    size: 49664
    MD5: 30A14F65DB477DC00A64A5A24E96919C
    PID: 1840 ( 568) C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
    size: 351744
    MD5: C6A162BEDAA82DBE9EBF8C7EEBD2929B
    PID: 1900 ( 568) C:\PROGRA~1\Symantec\NORTON~1\GHOSTS~2.EXE
    size: 200704
    MD5: BC9C77FAC763D84BFDF09B55D4B41AFA
    PID: 2000 ( 568) C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
    size: 1174152
    MD5: C1C706751F0499747DA9442C2679A0B7
    PID: 1236 ( 568) C:\WINDOWS\System32\alg.exe
    size: 44544
    MD5: F1958FBF86D5C004CF19A5951A9514B7
    PID: 1976 ( 524) C:\WINDOWS\system32\WgaTray.exe
    size: 336768
    MD5: 047CD344AC7B76BA3C224FAE1A4627C9
    PID: 1104 (1288) C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
    size: 4393096
    MD5: 09CA174A605B480318731E691DC98539
    PID: 2168 (1288) C:\Program Files\Internet Explorer\IEXPLORE.EXE
    size: 93184
    MD5: E7484514C0464642BE7B4DC2689354C8
    PID: 4 ( 0) System


    --- Browser start & search pages list ---
    Spybot - Search & Destroy browser pages report, 19/05/2007 12:50:26

    HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Local Page
    C:\WINDOWS\system32\blank.htm
    HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Page
    http://www.microsoft.com/isapi/redir...ie&ar=iesearch
    HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Bar
    http://www.google.com/ie
    HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Start Page
    http://www.google.co.uk/
    HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Local Page
    %SystemRoot%\system32\blank.htm
    HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Search Page
    http://www.microsoft.com/isapi/redir...ie&ar=iesearch
    HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Start Page
    http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
    HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Page_URL
    http://www.microsoft.com/isapi/redir...r=6&ar=msnhome
    HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Search_URL
    http://www.microsoft.com/isapi/redir...ie&ar=iesearch
    HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\SearchAssistant
    http://www.google.com/ie
    HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\CustomizeSearch
    http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm


    --- Winsock Layered Service Provider list ---
    Protocol 0: MSAFD Tcpip [TCP/IP]
    GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP IP protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD Tcpip[*]

    Protocol 1: MSAFD Tcpip [UDP/IP]
    GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP IP protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD Tcpip[*]

    Protocol 2: MSAFD Tcpip [RAW/IP]
    GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP IP protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD Tcpip[*]

    Protocol 3: RSVP UDP Service Provider
    GUID: {9D60A9E0-337A-11D0-BD88-0000C082E69A}
    Filename: %SystemRoot%\system32\rsvpsp.dll
    Description: Microsoft Windows NT/2k/XP RVSP
    DB filename: %SystemRoot%\system32\rsvpsp.dll
    DB protocol: RSVP * Service Provider

    Protocol 4: RSVP TCP Service Provider
    GUID: {9D60A9E0-337A-11D0-BD88-0000C082E69A}
    Filename: %SystemRoot%\system32\rsvpsp.dll
    Description: Microsoft Windows NT/2k/XP RVSP
    DB filename: %SystemRoot%\system32\rsvpsp.dll
    DB protocol: RSVP * Service Provider

    Protocol 5: MSAFD NetBIOS [\Device\NetBT_Tcpip_{CE5FA0D0-384D-4387-9E47-D25184030D99}] SEQPACKET 3
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 6: MSAFD NetBIOS [\Device\NetBT_Tcpip_{CE5FA0D0-384D-4387-9E47-D25184030D99}] DATAGRAM 3
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 7: MSAFD NetBIOS [\Device\NetBT_Tcpip_{AEC81411-BE1E-4DE1-BB79-D79261782333}] SEQPACKET 0
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 8: MSAFD NetBIOS [\Device\NetBT_Tcpip_{AEC81411-BE1E-4DE1-BB79-D79261782333}] DATAGRAM 0
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 9: MSAFD NetBIOS [\Device\NetBT_Tcpip_{EFAA1A20-1136-4A13-A53C-B1E4E4C52CBE}] SEQPACKET 1
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 10: MSAFD NetBIOS [\Device\NetBT_Tcpip_{EFAA1A20-1136-4A13-A53C-B1E4E4C52CBE}] DATAGRAM 1
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 11: MSAFD NetBIOS [\Device\NetBT_Tcpip_{95BBC455-0CBA-4ED3-B9D8-2AFCE18C49E7}] SEQPACKET 2
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 12: MSAFD NetBIOS [\Device\NetBT_Tcpip_{95BBC455-0CBA-4ED3-B9D8-2AFCE18C49E7}] DATAGRAM 2
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Namespace Provider 0: Tcpip
    GUID: {22059D40-7E9E-11CF-AE5A-00AA00A7112B}
    Filename: %SystemRoot%\System32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP TCP/IP name space provider
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: TCP/IP

    Namespace Provider 1: NTDS
    GUID: {3B2637EE-E580-11CF-A555-00C04FD8D4AC}
    Filename: %SystemRoot%\System32\winrnr.dll
    Description: Microsoft Windows NT/2k/XP name space provider
    DB filename: %SystemRoot%\system32\winrnr.dll
    DB protocol: NTDS

    Namespace Provider 2: Network Location Awareness (NLA) Namespace
    GUID: {6642243A-3BA8-4AA6-BAA5-2E0BD71FDD83}
    Filename: %SystemRoot%\System32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP name space provider
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: NLA-Namespace



    --- Uninstall list ---
    Ad-Aware SE Personal 1.06 (Ad-Aware SE Personal)
    uninstall cmd: C:\PROGRA~1\Lavasoft\AD-AWA~1\UNWISE.EXE C:\PROGRA~1\Lavasoft\AD-AWA~1\INSTALL.LOG
    publisher: Lavasoft
    help link: http://www.lavasoft.com

    (AddressBook)

    ATI - Software Uninstall Utility 6.14.10.1010 (All ATI Software)
    install location: C:\Program Files\ATI Technologies\UninstallAll
    uninstall cmd: C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe

    ASUS Probe V2.23.04 (ASUS Probe V2.23.04)
    uninstall cmd: C:\WINDOWS\uninst.exe -f"C:\Program Files\ASUS\Probe\DeIsL1.isu" -c"C:\Program Files\ASUS\Probe\probunis.dll"

    ATI Display Driver 8.05-040812a-017884C-Asus (ATI Display Driver)
    uninstall cmd: rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean

    AudibleManager 2089884432.-1.2089884374.2090320032 (AudibleManager)
    uninstall cmd: C:\Program Files\Audible\Bin\Upgrade.exe /Uninstall
    publisher: Audible, Inc.

    AVG 7.5 (AVG7Uninstall)
    uninstall cmd: C:\Program Files\Grisoft\AVG7\setup.exe /UNINSTALL

    5.0.2.4.asst_classic.asst_install (blueyonder Instant Support Tool)
    uninstall cmd: D:\BLUEYO~1\Uninstall.exe blueyonder
    publisher: Motive Communications, Inc.

    blueyonder Instant Support Tool (blueyonder.MCCInstall)
    uninstall cmd: C:\WINDOWS\Motive\blueyonder\MCCUninst.exe

    Boots F2CD Picture Suite 1.0.0.13 (Boots F2CD Picture Suite)
    uninstall cmd: "C:\Program Files\Boots F2CD\Picture Suite\Uninstal.exe" C:\PROGRA~1\BOOTSF~1\PICTUR~1\INSTALL.LOG
    contact: Boots@Pixology.com

    (Branding)

    (CADI)
    uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x9 /remove

    Championship Manager 00-01 (Championship Manager 00-01)
    uninstall cmd: C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Championship Manager 00-01\Uninst.isu"

    (Connection Manager)

    (Creative Audio CD Ripper)
    uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9A0B5225-B59B-4D72-B3FE-71AAA693A8E2}\setup.exe" -l0x9 /remove

    (Creative MediaSource 5)

    (Creative MediaSource CD-ROM Burner Plugin Unicode)
    uninstall cmd: "C:\Program Files\Creative Installation Information\E-CENTER_PLUGIN_CDBURNER_U\Setup.exe" /remove /l0x0009

    (Creative MediaSource Music Player (Mass Storage Series) Plugin Unicode)
    uninstall cmd: "C:\Program Files\Creative Installation Information\E-CENTER_PLUGIN_MUSICPLAYER_MSS_U\Setup.exe" /remove /l0x0009

    (Creative MediaSource Net Content Plugin Unicode)
    uninstall cmd: "C:\Program Files\Creative Installation Information\E-CENTER_NET_CONTENT_U\Setup.exe" /remove /l0x0009

    (Creative MediaSource NOMAD Jukebox 2/3/ZEN Plugin Unicode)
    uninstall cmd: "C:\Program Files\Creative Installation Information\E-CENTER_PLUGIN_NOMADJUKEBOXTYPE2_U\Setup.exe" /remove /l0x0009

    (Creative MediaSource Player Skin Pack Unicode)
    uninstall cmd: "C:\Program Files\Creative Installation Information\MEDIASOURCE_PLAYER_SKINPACK_U\Setup.exe" /remove /l0x0009

    (Creative MediaSource Plugin for PlaysForSure Unicode)
    uninstall cmd: "C:\Program Files\Creative Installation Information\E-CENTER_PLUGIN_MTP_U\Setup.exe" /remove /l0x0009

    (Creative MediaSource Unicode)
    uninstall cmd: "C:\Program Files\Creative Installation Information\CREATIVE_MEDIASOURCE_U\Setup.exe" /remove /l0x0009

    (Creative SmartFill)
    uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{19822917-61F6-4221-B1D0-1C3B8A06BE60}\setup.exe" -l0x9 /remove

    (Creative ZEN Nano Plus)

    (Creative Zen Nano Plus Media Explorer)
    uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9B7A778E-AF38-4341-9EA0-1FC981106ADA}\setup.exe" -l0x9 /remove

    (DirectAnimation)

    (DirectDrawEx)

    (DXM_Runtime)

    ewido anti-malware (ewidoantimalware)
    install location: C:\Program Files\ewido anti-malware
    uninstall cmd: C:\Program Files\ewido anti-malware\Uninstall.exe
    publisher: ewido networks
    help link: http://www.ewido.net

    (expinst)

    (Fontcore)

    GameSpy Arcade (GameSpy Arcade)
    uninstall cmd: C:\PROGRA~1\GAMESP~1\UNWISE.EXE C:\PROGRA~1\GAMESP~1\INSTALL.LOG

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •